Drilett aws vpc_presentation_shared

770 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
770
On SlideShare
0
From Embeds
0
Number of Embeds
38
Actions
Shares
0
Downloads
30
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Drilett aws vpc_presentation_shared

  1. 1. Teaching Network Infrastructure, Database Concepts, and Web-Based Application Development using Cloud Services: An Introduction David Rilett John Russo
  2. 2. “The most radical and transformative of inventions are those that empower others to unleash their creativity - to pursue their dreams.” Jeff Bezos, Letter to Shareholders, 2012 Forbes #12
  3. 3. VPC Introductory Amazon EC2 AMI Elastic IP Amazon Elastic Compute Cloud Amazon Simple Storage Service Amazon S3 Amazon SimpleDB Amazon SimpleDB What’s in AWS Virtual Private Cloud anyway? (Mouse over screentips for answers)
  4. 4. VPC Intermediate Amazon Elastic Block Store Amazon Glacier AWS Elastic Beanstalk Amazon ElastiCache AWS Identity and Access Management
  5. 5. VPC Advanced Amazon Route 53 Elastic Load Balancing Amazon Route 53 route table AWS CloudFormation Amazon CloudWatch Amazon DynamoDBAmazon Relational Database Service Amazon Simple Queue Service
  6. 6. VPC Expert Amazon Virtual Private Cloud Amazon VPC router Internet gateway customer gateway virtual private gateway VPN connection Auto Scaling Amazon Redshift AWS OpsWorks
  7. 7. Use Case: "VPC with a Single Public Subnet Only" Host a simple, public-facing website Host a basic web application, such as a blog or simple website Secure the website by creating security group rules which allow the webserver to respond to inbound HTTP and SSL requests from the Internet while simultaneously prohibiting the webserver from initiating outbound connections to the Internet. http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario1.html
  8. 8. Use Case: "VPC with Public and Private Subnets" • Multi-tier web applications that strictly enforce access and security restrictions between your webservers, application servers, and databases. • Launch webservers in a publicly accessible subnet • Launch application servers and databases in non-publically accessible subnets. • Application servers and databases can’t be directly accessed from the Internet, but access the Internet via a NAT instance to download patches, for example. • Control access between the servers and subnets using inbound and outbound packet filtering by network access control lists and security groups. http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario2.html
  9. 9. "VPC with Public and Private Subnets" Extended for Security: Bastion Server http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/AWSHowTo-vpc-bh.html • In this case there are multiple instances in the private subnet. • The NAT blocks SSH to private subnet. • A Bastion or jump server can SSH to private network. • Bastion Server access is limited by ACL.
  10. 10. Use Case: "VPC with Public and Private Subnets and Hardware VPN Access" • Host scalable web applications in the AWS cloud that are connected to your local datacenter. • Create a VPC where instances in subnet one are webservers to communicate with the Internet. • Subnet two has application servers to communicate with databases on your corporate network with IPsec VPN connection between VPC and your local network to secure communication between cloud application servers and local. • Webservers and application servers in VPC implement Amazon EC2 elasticity and Auto Scaling. http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario3.html
  11. 11. Use Case: "VPC with a Private Subnet Only and Hardware VPN Access" • Move local applications to the cloud, launch additional webservers, or add more compute capacity to your network by connecting your VPC to your local network. • Because your VPC can be hosted behind a local firewall, IT resources can move into the cloud without changing how users access them. http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Scenario3.html
  12. 12. Use Case: Disaster Recovery • Backup mission-critical data from your datacenter to a small number of Amazon EC2 instances with Amazon Elastic Block Store (EBS) volumes • Import your virtual machine images to Amazon EC2. • In the event of a disaster in your own datacenter, quickly launch replacement compute capacity in AWS to ensure business continuity. • When the disaster is over, send mission-critical data back to your datacenter and terminate the Amazon EC2 instances. • All the benefits of a disaster recovery site at a fraction of the normal cost with no tapes etc. http://aws.amazon.com/disaster-recovery/
  13. 13. Project Collaboration GitHub and CloudFormation are tremendous innovations for collaboration. As engineering schools trend more towards interdisciplinary projects and external collaborations, tools such as these must play a central role. For networking, the CloudFormation JSON scripts become a project deliverable, particularly for external projects. Once a custom template is created, nearly anyone can instantiate the network and its components using their own AWS credentials and account. These scripts can be delivered and updated on Git. The skills needed for creating and administrating these projects are Git (strong learning curve for developers), JSON (easy for those familiar with Javascript), Ruby, networking fundamentals (TCP stack, CIDR notation, NAT, firewalls, port filtering, access control lists), web security, application configuration, operating systems (Ubuntu, CentOS, Windows), databases (Oracle, NoSQL, MySQL etc.), bash shell and powershell, AWS, VPC, and CloudFormation. There are also tools for big data analytics such as Redshift and Map/Reduce but these may be more relevant to large, commercial projects, unless big data is the project. There are other systems such as Microsoft Azure, EMC, Oracle and OpenStack.
  14. 14. Visual Studio 2013 AWS Plugin and Git AWS Explorer Git Team Explorer VS2013
  15. 15. AWS Solution Calculator (AWS Plugin)
  16. 16. AWS For Eclipse
  17. 17. Git on Eclipse
  18. 18. Introductory Lesson Plans • Use free private GitHub accounts to teach programming courses. • Create EC2 instances for each student to learn any OS. • Create individual EC2 instances for LAMP stack (MySQL dbase-backed web site). • Add NoMachine or Remote Desktop above to work in GUI. • Use Oracle for database concepts on individual EC2. • Configure course instance for programming specific subject (i.e.BioPerl for bioinformatics). • Configure course instance with AMI for specific subject (i.e. CloudBioLinux). • Scripts traded from GitHub. • Use micro-instances and free tier to limit costs.
  19. 19. Intermediate Lesson Plans • Combine Github and AWS instance for group project. • Use CloudFormation to configure “VPC with a Single Public Subnet Only” manually on VPC. • Use Cisco Cloud Services Router AMI to teach IOS XE command line etc. • Build "VPC with Public and Private Subnets" from template, make changes to NAT and security settings and test. Add and configure subdomain and submit CloudFormation script and test report. • Build any network and create a template from it to submit with Cloudformer. • Scripts traded from GitHub. • Use AWS educator grants to defray cost. AWS grant.
  20. 20. Advanced Lesson Plans • Build "VPC with Public and Private Subnets" and add and Bastion server and submit CloudFormation script and test report. • Send any CloudFormation script by GitHub have students build and test and submit revised script and test report. • Students build any VPC project, reverse engineer to script and submit on Git. • Pull any student script or branch into your Git repo on Visual Studio 2013 or Eclipse, build to test and deploy to test. • Create advanced database project and test (i.e. web site with stored procedures or NoSQL). • Scripts traded from GitHub. • Use AWS educator grants to defray cost. AWS grant.
  21. 21. Expert Lesson Plans • Build "VPC with Public and Private Subnets" and add load balancing to front end. Submit reverse engineered script and report. (HA) • Build "VPC with Public and Private Subnets" and add cache to backend end. Submit reverse engineered script and test report. • Build "VPC with Public and Private Subnets" and add VPN to local network and block SSH on NAT. Submit reverse engineered script and report. • Replace CF “user data” configuration with CHEF scripting on above. • Use CF “user data” to install Puppet and configure and test Puppet Master reconfiguration of servers. • Build "VPC with Public and Private Subnets" and add load balancing to front end. Submit reverse engineered script and report. • Build a multi-tiered web site configured by CHEF and Puppet. Submit reverse engineered script and report. • Build "VPC with Public and Private Subnets" and add auto scaling. Submit reverse engineered script and test report. • Scripts traded from GitHub. • Use AWS educator grants to defray cost.
  22. 22. Git and GitHub • “Git is a distributed revision control and source code management (SCM) system with an emphasis on speed. Git was initially designed and developed by Linus Torvalds for Linux kernel development in 2005.” Wikipedia • Git keeps copies of repositories locally and keeps history with pointers to a tree-like structure. • The GitHub site combines social networking with Git. Free access is public, paid access can be private and GitHub provides free private accounts for educators for lab work. Repos can be cloned, branched, pushed, pulled and merged and GitHub provides the communication backbone for pull requests and general collaboration. “Throughout my entire college career, all programming assignments have had to be submitted through BlackBoard. To be as diplomatic as possible, BlackBoard does a lot of things to help students & teachers. Unfortunately it does not do a single one of them well. The normal way to submit coding assignments is to have homework assigned through BlackBoard and to have to code up the solutions and then zip them up and submit them using the web interface. The best part about using GitHub for homework submissions is that it is incredibly easy to give feedback and help the students through learning the material.” Josh Davis, TA
  23. 23. Git and GitHub “There are two options for how to structure the repositories for your class: Forks Anyone who can see the base repository can see all forks, i.e. all students can see one another's work. Different solutions can be cross-referenced, encouraging peer learning. Pull requests can be used for submission and code review. Ideal for collaborative assignments, which can act like open source projects. Sandboxing Individuals can only see repositories when explicitly given access, i.e. students are blocked from seeing one another's work. Requires manual repository and permission setup.” source: https://education.github.com/guide From GitHub: Hey drilett, we have awesome news... We've upgraded @WIT-CSN to a Gold plan with free private repositories. If you need help getting started with GitHub in your class see: https://education.github.com/guide
  24. 24. Git and GitHub Git includes “diff” for comparing versions on GitHub, in local GUI and in bash shell.
  25. 25. Cloud Formation Template CloudFormation scripts and automates cloud deployment of servers, databases, firewalls, routers, applications and networks generally. Existing AWS VPC’s can be captured as scripts (reverse engineered) The process uses JSON templates. • There are six top level JSON objects: 1. AWS Template Format Version 2. Description 3. Parameters 4. Mappings 5. Resources 6. Outputs • A top-level object for the Resources object is required. • Must declare at least one resource. http://aws.amazon.com/cloudformation/aws-cloudformation-templates/
  26. 26. CloudFormation (JSON)
  27. 27. JSON (Used much like XML, perhaps faster) • JSON is built on the following two structures: • A collection of name/value pairs. In various languages, this is realized as an object, record, struct, dictionary, hash table, keyed list, or associative array. • An ordered list of values. In most languages, this is realized as an array, vector, list, or sequence. • These are universal data structures. Virtually all modern programming languages support them in one form or another. • In JSON, they take on these forms: • An object is an unordered set of name/value pairs. An object begins with { (left brace) and ends with } (right brace). Each name is followed by : (colon) and the name/value pairs are separated by , (comma). • An array is an ordered collection of values. An array begins with [ (left bracket) and ends with ] (right bracket). Values are separated by , (comma). • A value can be a string in double quotes, or a number, or true or false or null, or an object or an array. These structures can be nested. • A string is a sequence of zero or more Unicode characters, wrapped in double quotes, using backslash escapes. A character is represented as a single character string. A string is very much like a C or Java string. • A number is very much like a C or Java number, except no octal and hexadecimal formats. • JSON is a lightweight, plain-text alternative to XML used for client-server communication in web apps. source: json.org
  28. 28. CloudFormation + Chef • Repeatable builds • Known configuration • Source control of infrastructure "files" : { "/etc/chef/solo.rb" : { "content" : { "Fn::Join" : ["n", [ "log_level :info", "log_location STDOUT", "file_cache_path "/var/chef-solo"", "cookbook_path "/var/chef-solo/cookbooks"", "json_attribs "/etc/chef/node.json"", "recipe_url "https://s3.amazonaws.com/cloudformation-examples/wordpress.tar.gz"" ]] }, In “UserData” section of the JSON template after yum and pull on Ruby gems etc.”
  29. 29. Ruby Poignant Guide to Ruby • Interpretive programming: No compilation ; you edit and send your program to the interpreter. • Dynamic programming: Almost everything done at runtime. Types and class and method definitions are determined at runtime. • Write programs within programs and execute them. • Familiar syntax: Java, Perl, Python, C/C++ "ish" Simple factorial function: def factorial(n) if n == 0 return 1 else return n * factorial(n-1) end end • Iterators: loop abstraction is built in, blocks can be attached to method call which can call back the block. Array with each method example: ary = [1,2,3,4,5] ary.each do |i| puts i*2 end # prints 2,4,6,8,10 for each line • More: ... LearnToProgram
  30. 30. Puppet Puppet can automate the entire infrastructure lifecycle: discovery, provisioning, operating system and application configuration, management and reporting. Puppet is an open source, configuration management framework that knows how to configure all machines to a predetermined state automatically once provided the required “manifest” set. • Use to configure multiple machines similarly. • Use to set up infrastructure that requires dynamic scaling-up and scaling- down of machines to a pre-built configuration. • Use to control all configured machines so a centralized change gets propagated to all automatically according to type etc. Puppet Labs Learn
  31. 31. Database • Amazon Web Services provides several different database products. – MySQL, Oracle and MS SQL Instances • Deployed as pre-built Amazon Machine Images • Need to include Elastic Block Storage for persistance • Prices varies by size and type of DB – Amazon Relational Database Service • Fault-tolerant, scalable database management system – NoSQL databases AWS Simple Icons: Database new!
  32. 32. Typical Database Project
  33. 33. Database Project • Essentially, an entire Web-based database application hosted on AWS • Web servers, elastic load balancers and database servers • Students placed all static code on S3 storage for quick deployment of new servers • Could have been improved by using RDS instead of MySQL instance
  34. 34. Database Project • What students learned from this project – Reinforced database design learned in previous courses – Some networking concepts – Internet programming using HTML, JavaScript, Jquery, CSS and PHP – How to deploy an application in the cloud
  35. 35. Foundational Level Getting Started with AWS Session – Technical Audience Level: Foundational • Security • Credential management • Provisioning • Managing • Amazon EC2 • Amazon EBS • Amazon S3 • Elastic Load Balancing • Auto Scaling • Amazon CloudWatch • Amazon RDS. • Virtual Private Network (VPN) connection between your datacenter and your VPC https://aws.amazon.com/aws-summit-2014/amsterdam/ AWS Summits 2014 June 10,2014
  36. 36. Intermediate: HA Architecting Highly Available Applications on AWS Audience Level: Intermediate • High availability options for workloads • Architectural design patterns for automating fault tolerance • Architectural design patterns for high availability • Application security
  37. 37. Intermediate: Big Data Store, Manage and Analyze Big Data in the Cloud Audience Level: Intermediate • Big Data scenarios that merge structured and unstructured data into a data warehouse for analysis • Gather and store large quantities of data • Amazon Elastic Map Reduce to process raw data using the massive scale of Amazon EC2 • Amazon Redshift to analyze data and make it accessible to business users. AWS Data Pipeline and Amazon Kinesis.
  38. 38. NYC AWS Session “Levels” Introductory – “I’m new to this.” Gives an overview of the a service or feature with the assumption that attendees are new to the topic. These sessions highlight basic use cases, features, functions, and benefits. Advanced – “I get it and want to learn more.” Advanced sessions will dive deeper into the topic. Code may be shared but will not be the primary focus of the session. Expert – “I live and breathe this stuff.” Much of these sessions are code-based, covering best practices, advanced tricks, and future developments. July 10, 2014 https://aws.amazon.com/aws-summit-2014/new-york/
  39. 39. Sources: Cisco Cloud Services Router (IOS XE command line etc.) Josh Davis on GitHub ComS 342: Principles of Programming languages at Iowa State during Spring 2014. GitHub Educator Discount Github for Windows JSON Ruby Intro Road to the Whitehouse Bitly = TMuOpa
  40. 40. End See David Rilett on Google Scholar copyright 2014 David Rilett
  41. 41. • A virtual private cloud (VPC) of size /16 (example CIDR: 10.0.0.0/16). This provides 65,536 private IP addresses. • A subnet of size /24 (example CIDR: 10.0.0.0/24). This provides 256 private IP addresses. • An Internet gateway. This connects the VPC to the Internet and to other AWS products, such as Amazon Simple Storage Service (Amazon S3). • An instance with a private IP address in the subnet range (example: 10.0.0.6), which enables the instance to communicate with other instances in the VPC, and an Elastic IP address (example: 198.51.100.2), which enables the instance to be reached from the Internet. • A route table entry that enables instances in the subnet to communicate with other instances in the VPC, and a route table entry that enables instances in the subnet to communicate directly over the Internet.
  42. 42. • A virtual private cloud (VPC) of size /16 (example CIDR: 10.0.0.0/16). This provides 65,536 private IP addresses. • A public subnet of size /24 (example CIDR: 10.0.0.0/24). This provides 256 private IP addresses. • A private subnet of size /24 (example CIDR: 10.0.1.0/24). This provides 256 private IP addresses. • An Internet gateway. This connects the VPC to the Internet and to other AWS products, such as Amazon Simple Storage Service (Amazon S3). • Instances with private IP addresses in the subnet range (examples: 10.0.0.5, 10.0.1.5), which enables them to communicate with each other and other instances in the VPC. Instances in the public subnet also have Elastic IP addresses (example: 198.51.100.1), which enable them to be reached from the Internet. Instances in the private subnet are back-end servers that don't need to accept incoming traffic from the Internet; however, they can send requests to the Internet using the NAT instance (see the next bullet). • A network address translation (NAT) instance with its own Elastic IP address. This enables instances in the private subnet to send requests to the Internet (for example, for software updates). • A custom route table associated with the public subnet. This route table contains an entry that enables instances in the subnet to communicate with other instances in the VPC, and an entry that enables instances in the subnet to communicate directly with the Internet. • The main route table associated with the private subnet. The route table contains an entry that enables instances in the subnet to communicate with other instances in the VPC, and an entry that enables instances in the subnet to communicate with the Internet through the NAT instance.
  43. 43. • A virtual private cloud (VPC) of size /16 (example CIDR: 10.0.0.0/16). This provides 65,536 private IP addresses. • A public subnet of size /24 (example CIDR: 10.0.0.0/24). This provides 256 private IP addresses. • A VPN-only subnet of size /24 (example CIDR: 10.0.1.0/24). This provides 256 private IP addresses. • An Internet gateway. This connects the VPC to the Internet and to other AWS products, such as Amazon Simple Storage Service (Amazon S3). • A VPN connection between your VPC and your network. The VPN connection consists of a virtual private gateway located on the Amazon side of the VPN connection and a customer gateway located on your side of the VPN connection. • Instances with private IP addresses in the subnet range (examples: 10.0.0.5 and 10.0.1.5), which enables the instances to communicate with each other and other instances in the VPC. Instances in the public subnet also have Elastic IP addresses (example: 198.51.100.1), which enables them to be reached from the Internet. Instances in the VPN-only subnet are back-end servers that don't need to accept incoming traffic from the Internet, but can send and receive traffic from your network. • A custom route table associated with the public subnet. This route table contains an entry that enables instances in the subnet to communicate with other instances in the VPC, and an entry that enables instances in the subnet to communicate directly with the Internet. • The main route table associated with the VPN-only subnet. The route table contains an entry that enables instances in the subnet to communicate with other instances in the VPC, and an entry that enables instances in the subnet to communicate directly with your network.
  44. 44. CloudFormer supports: Amazon VPC (VPC, Subnets, RouteTables, Routes, etc.) Amazon CloudWatch Alarms Amazon DynamoDB Amazon ElastiCache Amazon SNS Amazon S3 Bucket Policy Amazon SQS Queue Policy Amazon SNS Topic Policy The CloudFormer tool allows you to select any of the AWS resources running in your account for inclusion in the template. If you select resources that have dependent resources (for example, an Amazon EC2 instance is associated with an EC2 security group), the tool will automatically select any dependent resources. You can override any of the pre-selected resources or add other resources as necessary . you have full control of the resources to be included in your template. Logical names are chosen based on the existing resource names, however, you can edit the names that will be included in the template and you can add output parameters based on the attributes available for any of the resources. The template can be uploaded to your S3 bucket and launched directly via the AWS CloudFormation stack creation wizard. The CloudFormer tool is intended to create a starting point for your template. Once created, you can customize, for example: Add Parameters to enable stacks to be configured at launch time. Add Mappings to allow the template to be customized to the specific environment. Replace static values with "Ref" and "Fn::GetAtt" functions to flow property data between resources where the value of one property is dependent on the value of a property from a different resource. Fill in your Amazon EC2 instance userdata to pass parameters to your EC2 instances at launch time. Customize your Amazon RDS DB instance database names and master passwords.
  45. 45. Class Leading bits Size of netwo rk number bit field Size of rest bit field Number of network s Address es per network Start address End address Class A 0 8 24 128 (27) 16,77 7,216 (224) 0.0.0.0 127.255. 255.255 Class B 10 16 16 16,38 4 (214) 65,53 6 (216) 128.0.0. 0 191.255. 255.255 Class C 110 24 8 2,097, 152 (221) 256 (28) 192.0.0. 0 223.255. 255.255 IP Addressing Reference
  46. 46. IPv4 CIDR Reference IP/CIDR Δ to last IP addr Mask Hosts (*) Size Notes a.b.c.d/32 +0.0.0.0 255.255.255.255 1 1/256 C a.b.c.d/31 +0.0.0.1 255.255.255.254 2 1/128 C d = 0 ... (2n) ... 254 a.b.c.d/30 +0.0.0.3 255.255.255.252 4 1/64 C d = 0 ... (4n) ... 252 a.b.c.d/29 +0.0.0.7 255.255.255.248 8 1/32 C d = 0 ... (8n) ... 248 a.b.c.d/28 +0.0.0.15 255.255.255.240 16 1/16 C d = 0 ... (16n) ... 240 a.b.c.d/27 +0.0.0.31 255.255.255.224 32 ⅛ C d = 0 ... (32n) ... 224 a.b.c.d/26 +0.0.0.63 255.255.255.192 64 ¼ C d = 0, 64, 128, 192 a.b.c.d/25 +0.0.0.127 255.255.255.128 128 ½ C d = 0, 128 a.b.c.0/24 +0.0.0.255 255.255.255.000 256 1 C a.b.c.0/23 +0.0.1.255 255.255.254.000 512 2 C c = 0 ... (2n) ... 254 a.b.c.0/22 +0.0.3.255 255.255.252.000 1,024 4 C c = 0 ... (4n) ... 252 a.b.c.0/21 +0.0.7.255 255.255.248.000 2,048 8 C c = 0 ... (8n) ... 248 a.b.c.0/20 +0.0.15.255 255.255.240.000 4,096 16 C c = 0 ... (16n) ... 240 a.b.c.0/19 +0.0.31.255 255.255.224.000 8,192 32 C c = 0 ... (32n) ... 224 a.b.c.0/18 +0.0.63.255 255.255.192.000 16,384 64 C c = 0, 64, 128, 192 a.b.c.0/17 +0.0.127.255 255.255.128.000 32,768 128 C c = 0, 128 a.b.0.0/16 +0.0.255.255 255.255.000.000 65,536 256 C = 1 B a.b.0.0/15 +0.1.255.255 255.254.000.000 131,072 2 B b = 0 ... (2n) ... 254 a.b.0.0/14 +0.3.255.255 255.252.000.000 262,144 4 B b = 0 ... (4n) ... 252 a.b.0.0/13 +0.7.255.255 255.248.000.000 524,288 8 B b = 0 ... (8n) ... 248 a.b.0.0/12 +0.15.255.255 255.240.000.000 1,048,576 16 B b = 0 ... (16n) ... 240 a.b.0.0/11 +0.31.255.255 255.224.000.000 2,097,152 32 B b = 0 ... (32n) ... 224 a.b.0.0/10 +0.63.255.255 255.192.000.000 4,194,304 64 B b = 0, 64, 128, 192 a.b.0.0/9 +0.127.255.255 255.128.000.000 8,388,608 128 B b = 0, 128 a.0.0.0/8 +0.255.255.255 255.000.000.000 16,777,216 256 B = 1 A a.0.0.0/7 +1.255.255.255 254.000.000.000 33,554,432 2 A a = 0 ... (2n) ... 254 a.0.0.0/6 +3.255.255.255 252.000.000.000 67,108,864 4 A a = 0 ... (4n) ... 252 a.0.0.0/5 +7.255.255.255 248.000.000.000 134,217,728 8 A a = 0 ... (8n) ... 248 a.0.0.0/4 +15.255.255.255 240.000.000.000 268,435,456 16 A a = 0 ... (16n) ... 240 a.0.0.0/3 +31.255.255.255 224.000.000.000 536,870,912 32 A a = 0 ... (32n) ... 224 a.0.0.0/2 +63.255.255.255 192.000.000.000 1,073,741,824 64 A a = 0, 64, 128, 192 a.0.0.0/1 +127.255.255.255 128.000.000.000 2,147,483,648 128 A a = 0, 128 0.0.0.0/0 +255.255.255.255 000.000.000.000 4,294,967,296 256 A

×