Tutorials, deep dives, and real-world guides for network engineers and cloud architects.
VLSM lets you allocate different-sized subnets from one parent network without wasting addresses. This worked example shows the largest-first allocation method, alignment rules, and common mistakes that cause re-IPing later.
Read article →A deep dive into AWS VPC reserved addresses, why minimum subnet size is /28, and how to avoid running out of IPs in production.
FundamentalsStop wasting IPs with uniform subnet sizes. Learn how to allocate different-sized subnets from one parent network — with worked examples.
IPv6If you understand IPv4 subnetting, IPv6 is actually simpler. /64s, prefix delegation, ULA vs GUA, link-local — explained without jargon.
SecurityThe non-obvious IP ranges that should never appear in your ACLs, firewall rules, or peering setups — and how to detect them.
CloudThe most common multi-cloud mistake: overlapping CIDRs across AWS, Azure, and GCP. Here's how to plan IP allocations that scale.
KubernetesGet your pod CIDR wrong and you can't grow the cluster. A practical guide to sizing for 1K, 10K, and 100K pod clusters.
FundamentalsCGNAT range is a hidden gem for large private networks. Here's when to use it instead of 10.0.0.0/8 — and the pitfalls to avoid.
DevOpsGoing from a whiteboard subnet plan to production Terraform without copy-paste errors. Tools, patterns, and common mistakes.
CareerIf you're studying for the CCNA, here are the eight subnetting question patterns that consistently cause failure — and how to solve them quickly.
FundamentalsFull reference table from /0 to /32: prefix, dotted decimal, host count, AWS usable counts, and common use cases. Printable for daily reference.
FundamentalsFind any subnet, broadcast address, or host count in under 30 seconds without binary math. Worked examples and the patterns that work every time.
CloudAzure has reserved subnet names with specific size requirements that trip up first-time deployments. Here are the correct sizes and the rules behind them.
CloudGCP VPCs differ from AWS and Azure: regional subnets, only 4 reserved IPs, and online subnet expansion. Here's the practical guide.
IPv6What /48 vs /56 vs /60 vs /64 mean for your business or home network, and why /64 is never enough for any real deployment.
FundamentalsRFC 3021 lets you use /31 for point-to-point links — 2 usable hosts with no waste. When to use /31 vs /30, and the platforms that support each.
KubernetesWithout prefix delegation, an m5.large EKS node tops out at 29 pods. Turning it on raises the limit to 110+. Here's how it works.
CloudThree different ways to give private subnet workloads access to outside services in AWS. Cost, throughput, and operational tradeoffs explained.
CloudWhat actually makes an AWS subnet public or private, and how to design tiers so workloads have the right combination of internet access and isolation.
FundamentalsHow prefix announcements, longest prefix match, and AS path selection actually work. The protocol that holds the global internet together.
FundamentalsCisco ACLs use wildcard masks, the inverse of subnet masks. Exactly what wildcard masks mean, how to convert, and when non-contiguous bits matter.
DevOpsYou don't need a $100k IPAM platform to track network allocations. From spreadsheets to NetBox — when each option makes sense.
CloudVPC peering is point-to-point and free. Transit Gateway is hub-and-spoke and costs $36+/month. When each is the right choice as VPC count grows.
FundamentalsThe two ways to approach a subnetting problem. Same answers usually, but the math is different and one is easier for certain questions.
SecurityTwo VPCs need to peer but CIDRs overlap. A new acquisition uses your space. The playbook for detecting, isolating, and resolving conflicts.