Each cloud provider reserves a different number of IPs per subnet. Pick yours and we'll do the math.
Paste CIDRs from different clouds to detect VPC peering / VNet peering conflicts.
Compute the gateway subnet for an Azure VNet using the recommended /27 prefix.
| Provider | Minimum /prefix | Usable IPs at minimum | Recommended |
|---|---|---|---|
| AWS | /28 | 11 (16 − 5) | /24 or larger |
| Azure | /29 | 3 (8 − 5) | /27 for GatewaySubnet |
| Google Cloud | /29 | 4 (8 − 4) | /24 or larger |
| Oracle Cloud | /30 | 1 (4 − 3) | /24 or larger |
Every major cloud provider reserves a few IP addresses from each subnet for its own infrastructure. A /28 in your home network gives you 14 usable hosts; the same /28 in AWS gives you 11. Mis-sizing because you forgot the reservation is one of the most common production network bugs — you build the subnet, it works for the first 11 instances, and then the 12th fails to launch with an inscrutable error.
The cloud-aware calculator on this page builds the reservation table into every host-count calculation. Pick AWS, Azure, GCP, or OCI and the usable-host count is what your cloud provider will actually let you allocate.
Once you've sized your subnets correctly, the IaC export tool emits Terraform, CloudFormation, Pulumi, CDK, Ansible, or Bicep for your chosen cloud — using exactly the CIDRs you planned here. For more complex layouts with multiple subnet sizes, run them through the VLSM planner first.
The full mechanics of AWS VPC reserved IPs and Azure VNet subnet sizing are covered in depth in the blog. For Google Cloud, see the GCP VPC subnet guide. If you're operating in two or more clouds at once, multi-cloud CIDR planning covers how to keep their address spaces from colliding. For Kubernetes on these clouds, see Kubernetes pod CIDR sizing and EKS VPC CNI prefix delegation.
AWS reserves the first 4 IPs and the last IP of every subnet: the network address, the VPC router, the DNS server, a fourth address reserved for future use, and the broadcast address. This is why a /28 in AWS gives you 11 usable hosts rather than the 14 you would get in an on-premises network. The minimum AWS subnet size is /28.
Azure reserves 5 IPs per subnet: the network address, the default gateway, two reserved for Azure DNS, and the broadcast address. The minimum subnet size is /29 for most services, and /27 for subnets hosting a VirtualNetworkGateway. Reservation counts are identical to AWS but the assignment is slightly different.
GCP reserves 4 IPs per subnet: the network address, the default gateway, the second-to-last address, and the broadcast address. This is one fewer than AWS or Azure. The minimum subnet size is /29.
OCI reserves 3 IPs per subnet: the network address, the gateway, and the broadcast address. This is the fewest reservations among the major clouds. The minimum subnet size is /30.
A /28 contains 16 total addresses. AWS reserves 5 (network, router, DNS, future, broadcast), leaving 16 - 5 = 11 usable. This is one of the most common causes of unexpected subnet capacity issues — engineers compute 14 usable hosts based on the standard formula (2^n - 2) but the actual usable count in AWS is 11. The cloud-aware calculator on this page handles the math for you.
Technically yes, but only if those clouds are not connected to each other. If you have AWS-to-Azure VPN, Transit Gateway peering, or any other inter-cloud connectivity, overlapping CIDRs cause routing failures. The recommended practice is to allocate distinct, non-overlapping address space per cloud and per environment so that connectivity remains a future option.