/30 network - This IPv4 address is the network address
-
@admin_axx 240 is the network, 241 and 242 are usable IPs, 243 is broadcast.
network and broadcast can't be used. -
@mcury
And where do/can I set the network?For the IPSec tunnel a need a Local Subnet 240/30 = network.
-
@admin_axx set your address to .241 vs .240, .240 is the wire/network if you set an address of .241/30 you are on the .240/30 network.
-
Actually, for a point to point link, even a /31 should be valid.
-
@JKnott said in /30 network - This IPv4 address is the network address:
Actually, for a point to point link, even a /31 should be valid.
I think only TNSR works with /31, please correct me if I'm wrong about this.
If not, we could ask for a feature request, it will save some IPs for p2p links. -
@mcury said in /30 network - This IPv4 address is the network address:
I think only TNSR works with /31, please correct me if I'm wrong about this.
pfSense does work too, at least with WireGuard. But no one else does, so I wouldn't do it.
-
@mcury said in /30 network - This IPv4 address is the network address:
it will save some IPs for p2p links.
why would it matter if your just using rfc1918?
-
@johnpoz said in /30 network - This IPv4 address is the network address:
why would it matter if your just using rfc1918?
Easier to organize..
I have a lot of ipsec tunnels in a hub and spoke that would be easier to manage, but yes, I don't think it's really necessary, or worth the open of a FR. -
@mcury assign a /24 for your tunnels and that gives you 64 /30s, or use a /23 ;) that is a lot of tunnels hehehe
-
@johnpoz said in /30 network - This IPv4 address is the network address:
assign a /24 for your tunnels and that gives you 64 /30s, or use a /23 ;)
you are right :) absolutely not necessary..
-
@mcury said in /30 network - This IPv4 address is the network address:
I think only TNSR works with /31
I don't know about pfSense, but it certainly works with Linux & Cisco. IIRC, Windows still chokes on it though. On point to point links you don't need a broadcast or network address. In fact, you can get by with as little and the interface of the link.
-
@Bob-Dig said in /30 network - This IPv4 address is the network address:
But no one else does
Linux & Cisco do.
-
@JKnott /31 can make sense if you have limited amount of public IPs - but seems pretty pointless to worry about it if your using rfc1918 for them..
Who cares if you loose 2 IPs when you create a /30 when its rfc1918..
-
@JKnott said in /30 network - This IPv4 address is the network address:
Linux & Cisco do.
I had no luck with that on Debian but maybe I did something wrong. And I did not try elsewhere so you are most probably right.