Gateway address is a part of the subnet

Heimire

We are changing data center and the new data center gave us a new set of ip's.

The new set includes the gateway in the ip setup like this:

WAN IPv4:              x.xx.227.0/25 -
Peer IP (IPv4):        x.xx.227.2/25 – CARP ip address - we are using 2 pfSense boxes.  ip for each box will be x.xx.227.3 and .4
ISP Peer IP (IPv4): x.xx.227.1/25 – gateway they gave us.

We will 1-1 NAT a bunch of IP's to the carp address.

Never had IP addresses with the gateway as a part of it before.

Anyone see any scenario where this does not work or might cause a problem?

Harvy66

In some cases, the gateway is not part of the subnet, but this is not a correct setup. In theory, you can only communicate with IPs in your subnet and you use the gateway to communicate outside your subnet. If your gateway is not part of your subnet, how would you communicate with it?

My understanding. Practice may be a bit different. Hopefully someone with more practical knowledge can pipe up.

Heimire

Maybe I didnt explain this well.

This is the WAN setup.
These are WAN IP addresses.

I am used to a setup like this example:
WAN gateway: 66.150.139.65 - this is the device on the ISP side.
My firewall 66.150.139.66 - this is the first ip in the subnet.

the .65 does not belong to my subnet and it does not exist on my side.

The new ip set, the WAN gateway is an ip on my subnet.

Derelict

In my humble opinion, the datacenter should give you a /29 for your wan and route the /25 to an IP address on that /29 that you specify (your CARP IP).

Heimire

In my humble opinion, the datacenter should give you a /29 for your wan and route the /25 to an IP address on that /29 that you specify (your CARP IP).

They gave us a /30 at first.
Explained our setup then we got back what I listed above.

I thought they would come back with the /25 and wan gateway outside the /25 but they did not.

Derelict

Tell them what you want.