I'm having trouble creating the subnet 100.72.3.0/23, as it shows up as an invalid range. The CIDR block 100.72.2.0 - 100.72.3.255 seems valid to me and it's within my VNet range. Interestingly, I can create 100.72.6.0/23 without issues, but not 100.72.5.0/23. Can anyone shed some light on why this is happening? If possible, could you provide some documentation to help clarify?
3 Answers
When you create a virtual network, make sure to specify a valid private IP address space, which should include the standard private IP ranges defined in RFC 1918. If you're unsure, there are some great resources available that can help explain it further.
The address 100.72.3.0/23 is not valid in terms of private addressing as it's actually assigned to ISPs for backend NAT. The shared address space defined by RFC 6598 means this address block is treated as a private address space in Azure, but you can't utilize it for subnets. That's why you're facing issues with it, but it's curious that you can create 100.72.6.0/23. That could mean Microsoft has reserved 100.72.3.0 for internal use.
You can't just start subnets at any point. With a /23 subnet, the third octet has to be even, so it can only be 0, 2, 4, 6, etc. If it was a /22, then it would be multiples of 4. There's plenty of documentation out there if you're curious to dive deeper into networking.
Your own quote suggests you're missing some details, man! Just saying—maybe double-check?