Time for /31 WAN subnet mask (255.255.255.254)?



  • I saw this thread:
    https://forum.pfsense.org/index.php?topic=44512.msg231267#msg231267

    saying that pfsense could support /31 WAN networks from pfsense 2.1 since it is supported from FreeBSD 9.x… that is good because I was just given an IP an a /31 subnet mask fro mmy ISP.

    Is there a work around for a /31 WAN subnet? Patch, hack, anything?



  • That should, in theory, work with the base OS in 2.2. Nothing before that. We haven't implemented it GUI-side, though it might be as simple as allowing 31 in interfaces.php. It'll require some hacking at a minimum to make work. Not a priority for us at the moment as it's a very unusual circumstance.



  • Sorry… I actually first noticed now that the 2.1 is not on the FreeBSD 9.0. Then off cause it will not work yet, when the underlying OS does not support it.

    It will hopefully work more or less out-of-the-box with 2.2 when the underlying FreeBSD supports it.

    I have never encounterd a /31 before so I turn to Google. There is quite a few discussions. And all seem to be in favor of /31 over a /30 for point to point since it conservers IPv4 addresses by double the available number of customers on any given range. Something many ISP's may find necessary as we run out of IPv4.

    Here is a Cicsos thread:
    https://learningnetwork.cisco.com/thread/70937



  • I work for an ISP that is rolling out IP-VPN service to our customers very soon. We hand off point-to-point IP addresses in the form of /31's. As cmb stated, you can modify interfaces.php to make this work as long as you are running the nightly build which uses FreeBSD 10.1.

    I edited /usr/local/www/interfaces.php and removed lines 1771 and 1775 (the portion of the for-loop that excludes 31). After reloading the page, the subnet selection of 31 was visible and it correctly calculated the subnet as 255.255.255.254.



  • Thanks for sharing your experience. Great to hear that you made it work on the nightly build with only a minor modification! It is good news for my ISP that really wants me to use /31 and not /30 for our fiber connections



  • Yes thank you for the info!  I have fiber through a local independent ISP and they offered me a /31 or two PPPoE accounts when I had asked for two static IPs.  I didn't want the two PPPoE accounts as it turns it into a dual wan router which adds more complexity vs virtual IPs.  I passed on the whole idea…

    /31 is supported by Cisco now and with the conservation of IPv4 address, it will only become more popular to use a /31 where ever it seems like a good idea.  StateTel charges 6 dollars per static IP so a /31 vs a /30 is a difference of 12 dollars a month.



  • @electro47h:

    I work for an ISP that is rolling out IP-VPN service to our customers very soon. We hand off point-to-point IP addresses in the form of /31's. As cmb stated, you can modify interfaces.php to make this work as long as you are running the nightly build which uses FreeBSD 10.1.

    I edited /usr/local/www/interfaces.php and removed lines 1771 and 1775 (the portion of the for-loop that excludes 31). After reloading the page, the subnet selection of 31 was visible and it correctly calculated the subnet as 255.255.255.254.

    Thanks for the confirmation. I made this change in 2.2. While there I also noticed the same situation with IPv6 unnecessarily and similarly added /127s.
    https://redmine.pfsense.org/issues/4190 - v4
    https://redmine.pfsense.org/issues/3657 - v6



  • FEATURE ADDED in pfsense 2.2  :)