Migrating IP ranges to AWS
There are a few common questions in this space when customers are migrating their public IP addresses to AWS. This process is known as Bring Your Own IP address - hence BYOIP.
First is: I have a /24 and I want to use it across multiple regions - can I do that? The second is: I have a range that is smaller than /24, can I migrate that to AWS? The short answer to both of those question is "no" but to find out why we need to dig a little deeper into IP addressing and how things are done on the internet - because this isn't something that AWS controls.
Let's pick apart the /24
part of the question. IPv4 addresses are 32 bits long. You've probably seen an IP address that looks like 172.16.54.195
which comes with a subnet mask of 255.255.255.0
. This is a private IP address but it works the same for public IP addresses (those used on the internet) so I'm going to use this here as an example. The IP address and the subnet mask are both 32 bits - the subnet mask lets us determine which part of the IP address is the network and which part is the node on the network. Both of these are important to the computer that we assign the IP address to.
For this example, only the subnet mask is of interest - and if we converted it to binary we would see that the first 24 bits of the subnet mask are "ones" and the last 8 bits are "zeroes". To put it another way - each number (separated by full stops) is 8 bits - so 255.255.255 is eight times 3 which equals 24. That can also be written as /24. Sometimes you might see this same IP address written as 172.16.54.195/24
which is exactly the same thing, just a different notation.
From this we can see that a /16 mask (which means the subnet mask is 255.255.0.0
) is different (and is a larger network) to (say) a /28 mask (which would be 255.255.255.240
) which is a smaller network. A /16 means there are 65,536 possible addresses on each network; a /24 means there are 256 addresses on each network; and a /28 means there are 16 addresses on each network.
The important thing here is that by convention a /24 is the smallest IP range that is advertised on the internet. This is a human decision and not a limitation of the protocol that is used (BGP). The reason for this decision is that it is a balance between the size of the networks advertised and the number of network advertised. The smallest network that can be advertised is 256 addresses (because a /24 allows for 256 addresses on each network). Larger networks can be advertised too, this is merely the smallest one.
If the limit was smaller it would mean that more networks could be advertised. This would have an impact on the amount of memory used in routers across the world to store the internet routing table. If the limit was changed to /25 (allowing networks of 128 addresses) then potentially the amount of memory required in every device that had the internet routing table would double. That's not quite true - there are always larger networks advertised and summarisation happens but it would still be a significant jump. So /24 is a compromise that everyone accepts when connected to the internet.
So how does this affect BYOIP? It means that the smallest range that AWS can advertise on your behalf to the internet is a /24 - a single network of 256 addresses. If a customer owned a smaller range (say, a /26 - 64 addresses) there would be no way for AWS to advertise that to the internet because it smaller than the minimum size that is allowed.
This also applies to multi-region: Each IP range can only be advertised from a single region. And because a /24 is the smallest network that can be advertised we can't split it into smaller networks and advertise them from different regions because the internet won't allow that. Note that in this case, Global Accelerator may be able to help by using a tool called Anycast.