I'm working with an Azure Virtual Network (VNet) that has five subnets, and I've run into an issue where one of the subnets is completely used up. The only available space in my VNet is a /28 block (16 IPs). Currently, my setup is as follows: Subnet A is 10.x.x.x/27 and is fully utilized, while I have the available range of 10.x.x.200/28, which is free. I'm provisioning everything through Bicep, and I'm wondering what happens if I update my Bicep template to change the subnet CIDR from /27 to /28. Specifically, I'm curious if Azure will automatically reassign the existing resources to the new /28 range, or if those resources will retain their /27 IPs until they are deleted or redeployed. Also, is changing the CIDR for an existing subnet even supported when resources are attached? I'm looking for the safest way to handle this situation.
3 Answers
You can't change the CIDR of a subnet if there are resources using it. One option is to create a new subnet, or you could set up a temporary subnet for the existing resources to migrate to, delete the original resources, change the CIDR, and then move everything back.
You might want to consider just adding another IP range to the existing subnet instead of changing it completely. This documentation actually covers how to do that: https://learn.microsoft.com/en-us/azure/virtual-network/how-to-multiple-prefixes-subnet?tabs=powershell
We did this earlier this year when our subnet was maxing out because of our Kubernetes autoscaling. It worked perfectly!
Just a heads up, you won’t be able to change the address range if there are any resources attached to the subnet. Here’s more info: https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-manage-subnet?tabs=azure-portal#change-subnet-settings
Exactly! And now, with recent updates, the new CIDR doesn't even have to be contiguous with the existing range.