AWS – View Allocated IPs in a Subnet

amazon-vpcamazon-web-servicesaws-cli

Is there any way of seeing what ip addresses AWS thinks have been allocated in a subnet? I've run a ping scan, and I've checked our internal ip management software, and there should be more than 8 ips free, however the Network Load Balancer creation wizard is insisting that I have less than 8 ips free.

It'd be super awesome if I could see what ips amazon thinks we're using, so I can see what the discrepancy is, but I don't see any way of doing that. Anyone know how I could do this? It needs to show all the allocated ips, not just the ones attached to ec2 instances.

Best Answer

Your count may be off because AWS reserves five IP addresses per subnet CIDR block. The first four IP addresses in a subnet CIDR block and the last IP address in that CIDR block for its internal networking.

For example in a 10.0.0.0/24 subnet AWS will reserve:

10.0.0.0: Network address.

10.0.0.1: Reserved by AWS for the VPC router.

10.0.0.2: Reserved by AWS. The IP address of the DNS server is the base of the VPC network range plus two. For VPCs with multiple CIDR blocks, the IP address of the DNS server is located in the primary CIDR. We also reserve the base of each subnet range plus two for all CIDR blocks in the VPC. For more information, see Amazon DNS server.

10.0.0.3: Reserved by AWS for future use.

10.0.0.255: Network broadcast address. We do not support broadcast in a VPC, therefore we reserve this address.

To get a list of the IP addresses in use from the command line:

aws ec2 describe-network-interfaces --filters Name=subnet-id,Values=<subnet id> |jq -r '.NetworkInterfaces[].PrivateIpAddress' |sort

Using the subnet-id filter allows you to exclude the subnets you're not concerned about.

If you want a count just replace sort with wc -l.

You can visually see the number of IP's free per subnet in the VPC -> Subnet section of the AWS Console.

References

Related Topic