Help Center/ Virtual Private Cloud/ FAQs/ VPCs and Subnets/ Which CIDR Blocks Are Available for the VPC Service?
Updated on 2025-08-01 GMT+08:00
View PDF

Which CIDR Blocks Are Available for the VPC Service?

When creating a VPC, you need to specify an IPv4 CIDR block for it. Consider the following when selecting a CIDR block:
  • Reserve enough IP addresses for subsequent service expansion.
  • Avoid CIDR block conflicts. To enable communications between VPCs or between a VPC and an on-premises data center, ensure their CIDR blocks do not overlap.
When you create a VPC, we recommend that you use the private IPv4 address ranges specified in RFC 1918 as the CIDR block, as described in Table 1.
Table 1 VPC CIDR blocks (RFC 1918)

VPC CIDR Block

IP Address Range

Netmask

Example CIDR Block

10.0.0.0/8–24

10.0.0.0–10.255.255.255

8–24

10.0.0.0/8

172.16.0.0/12–24

172.16.0.0–172.31.255.255

12–24

172.30.0.0/16

192.168.0.0/16–24

192.168.0.0–192.168.255.255

16–24

192.168.0.0/24
In addition to these addresses, you can create a VPC with a publicly routable CIDR block that falls outside of the private IPv4 address ranges specified in RFC 1918. However, the reserved system and public CIDR blocks listed in Table 2 must be excluded:
Table 2 Reserved system and public CIDR blocks

Reserved System CIDR Blocks

Reserved Public CIDR Blocks
  • 100.64.0.0/10
  • 214.0.0.0/7
  • 198.18.0.0/15
  • 169.254.0.0/16
  • 0.0.0.0/8
  • 127.0.0.0/8
  • 240.0.0.0/4

The IPv4 CIDR block you specify when you create a VPC is the primary one. The primary CIDR block cannot be changed after the VPC is created. If IP addresses in the primary CIDR block are insufficient, you can add a secondary IPv4 CIDR block to the VPC. For details, see Adding or Removing a Secondary IPv4 CIDR Block from a VPC.

Parent topic: VPCs and Subnets