Simple Question
-
I'm using PFsense 2.1.5 and have been given a /30 address from my ISP. I am trying to manually configure my WAN and it will not accept a /30 subnet. When I enter 30 when it asks for the IPv4 subnet bit count, it tells me I cannot set network address to the interface. How can I set up my IPv4 WAN with a /30 subnet?
I am very new to configuring PFSense and searches of the forums and google have not yielded answers to my question. Thank you.
-
/30 should have 4 addresses in it, e.g:
1.2.3.4/30 = 1.2.3.4,5,6,7
In that example only 5 and 6 are used, at each end of a connection.
What is the last digit of the addresses you have been told to use for your IP and the gateway IP?
-
.240/30 and .241 is my gateway.
-
if x.x.x.241 is your gateway then your IP should be x.x.x.242 in this scenario. /30
-
" it tells me I cannot set network address to the interface"
Because .240/30 is the network, not the first host. In any mask be it /30 or /24 or /8, etc. there is the network address and the broadcast address. The first address in the range is the wire or the network, ie .240/30 .240 is the network address as pfsense tried to tell you. The two IP that can be hosts in that example is .241 – they are using this as their address, your gateway. So as mentioned by chpalmer .242 would be your host address (pfsense wan) .243 would be the broadcast address.
If someone gives you an address say 192.168.1.240/27 is that a network or a host address? Sometimes it can be hard to tell, you need to understand where the breaks are for each subnet - so in the case of /27 the network starting with .224 would include the .240 so you know that is a host address and not a network address. The network .224 - .255 includes that .240 as a host where .224 is the wire/network address and .255 would be the broadcast address.
-
Here's an invaluable tool for figuring out your network IP address layout, especially when an ISP gives you a /28, /29, or /30 somewhere in the middle of a /24:
http://www.subnet-calculator.com/cidr.php
It converts CIDR to netmask and back and shows you your IP address range, of which the first (network) and last (broadcast) IPs are not usable.