Community discussions

 
icemannz
newbie
Topic Author
Posts: 27
Joined: Fri Jul 02, 2010 4:47 am

Feature Request /31 Subnet

Thu Feb 05, 2015 7:52 am

Hi all,
We are getting more and more ip addresses allocated that use a /31 subnet.
This is now an accepted practice and the other main players accept the /31 subnet.
If you try to use a /31 subnet on a Mikrotik Router though it will fail.
It will accept you putting in the ip addresses but when you put in the gateway address you will notice it will say unreachable and won't work.
Obviously the reason that the ISP's are giving out these addresses is to limit the number of IP Addresses required.
So it would be nice to see the /31 subnetting working in a Mikrotik.
Works in Cisco, Juniper etc....
 
jarda
Forum Guru
Forum Guru
Posts: 7604
Joined: Mon Oct 22, 2012 4:46 pm

Re: Feature Request /31 Subnet

Sat Feb 07, 2015 9:11 am

Maybe you do not need to use /31 address at all. You can put /32 address to your interface and gateway address to network address field:
add address=192.168.1.111/32 interface=ether6 network=192.168.1.1
Try it.
 
suran
just joined
Posts: 14
Joined: Fri Dec 16, 2011 9:43 pm

Re: Feature Request /31 Subnet

Fri Apr 03, 2015 4:10 am

Maybe you do not need to use /31 address at all. You can put /32 address to your interface and gateway address to network address field:
add address=192.168.1.111/32 interface=ether6 network=192.168.1.1
Try it.
While this does 'work', this is not the right solution. The routing table then contains 1 or 2 /32's instead of a /31. At best you are doubling the number of PtP routes you need to carry; at worst, your routing table is missing routes. This also does not vendor-interoperate well.


Please just implement RFC3021 support...
http://www.faqs.org/rfcs/rfc3021.html
http://packetlife.net/blog/2008/jun/18/ ... int-links/
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: Feature Request /31 Subnet

Fri Apr 03, 2015 4:41 am

Put /32 on interface, static route the "other" IP /32 with gateway=interface.

Eg, 192.0.2.176/31 = isp, 192.0.2.177/31 = you.
Try this:
/ip address add address=192.0.2.177/32 interface=ether1
/ip route add dst=192.0.2.176/32 gateway=ether1
/ip route add dst=0.0.0.0/0 gateway=192.0.2.176
Of course - natural support for a common-practice RFC is better than a workaround, all day long and twice on Sunday.
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
CelticComms
Forum Guru
Forum Guru
Posts: 1766
Joined: Wed May 02, 2012 5:48 am

Re: Feature Request /31 Subnet

Fri Apr 03, 2015 5:08 am

Implementing RFC3021 is long overdue.

I for one simply do not use the Mikrotik /32 method because IP designs should avoid depending on proprietary features when a perfectly good RFC is available, suitable and supported by multiple vendors.
Interlynx | Networking and Information Security Consultants & Trainers | Email: routerlynx@gmail.com
BGP | EIGRP | OSPF | MPLS | Firewall | VPN | IPsec | Multicast | QOS | IPv4/6 | STP | VLAN | PON | AE | M2M | and more!

 
NicolBolas
just joined
Posts: 12
Joined: Sat Jul 19, 2014 1:15 pm

Re: Feature Request /31 Subnet

Thu Apr 30, 2015 1:14 pm

Implementing RFC3021 is long overdue.

I for one simply do not use the Mikrotik /32 method because IP designs should avoid depending on proprietary features when a perfectly good RFC is available, suitable and supported by multiple vendors.
I second the feature request and would add that any mention to the /32 hack, as beeing against RFCs and proprietary to mikrotik's software, should be considered harmful and explicitely mentionned as discouraged in the documentation.
 
User avatar
bajodel
Long time Member
Long time Member
Posts: 545
Joined: Sun Nov 24, 2013 8:30 am
Location: Italy

Re: Feature Request /31 Subnet

Thu Apr 30, 2015 2:24 pm

Implementing RFC3021 is long overdue.

I for one simply do not use the Mikrotik /32 method because IP designs should avoid depending on proprietary features when a perfectly good RFC is available, suitable and supported by multiple vendors.
+1
I second the feature request and would add that any mention to the /32 hack, as beeing against RFCs and proprietary to mikrotik's software, should be considered harmful and explicitely mentionned as discouraged in the documentation.
+1
 
jarda
Forum Guru
Forum Guru
Posts: 7604
Joined: Mon Oct 22, 2012 4:46 pm

Feature Request /31 Subnet

Thu Apr 30, 2015 4:31 pm

Sure. You are all right. Just to mention, I am using it and do not see any problems with it. There is no better and working option so far.
 
jarda
Forum Guru
Forum Guru
Posts: 7604
Joined: Mon Oct 22, 2012 4:46 pm

Re: Feature Request /31 Subnet

Sun May 03, 2015 9:55 am

Maybe you do not need to use /31 address at all. You can put /32 address to your interface and gateway address to network address field:
add address=192.168.1.111/32 interface=ether6 network=192.168.1.1
Try it.
I do not understand why someone (NicolBolas) who did not helped here to anyone (http://forum.mikrotik.com/memberlist.ph ... le&u=72512) gave me -3 points with this justification:
That's no solution, merely a dangerous hack and an excuse for Mikrotik not to implement the RFC.

I just wanted to help with bypassing problem, and not to justify something that is not aligned in ros according to someones opinion. I am not responsible for ros and I am not justifying anything in it. I am just a user willing to share experience.

And I have good eperience with /32.
 
friction
newbie
Posts: 40
Joined: Sun Aug 26, 2012 1:27 pm
Location: Werchter, Belgium

Re: Feature Request /31 Subnet

Mon May 04, 2015 12:52 pm

Implementing RFC3021 is long overdue.

I for one simply do not use the Mikrotik /32 method because IP designs should avoid depending on proprietary features when a perfectly good RFC is available, suitable and supported by multiple vendors.
+1
I am not a complete idiot, some parts are missing. [CCNA Sec / CCNP / LPIC-1]
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5942
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: Feature Request /31 Subnet

Thu May 07, 2015 11:55 am

Implementing RFC3021 is long overdue.

I for one simply do not use the Mikrotik /32 method because IP designs should avoid depending on proprietary features when a perfectly good RFC is available, suitable and supported by multiple vendors.
I second the feature request and would add that any mention to the /32 hack, as beeing against RFCs and proprietary to mikrotik's software, should be considered harmful and explicitely mentionned as discouraged in the documentation.

32-bit prefix is not Mikrotik proprietary and is not against RFC and definitely is NOT harmful.
 
leroylim
just joined
Posts: 21
Joined: Tue Aug 07, 2012 7:57 am

Re: Feature Request /31 Subnet

Fri May 08, 2015 11:25 am

Implementing RFC3021 is long overdue.

I for one simply do not use the Mikrotik /32 method because IP designs should avoid depending on proprietary features when a perfectly good RFC is available, suitable and supported by multiple vendors.
I second the feature request and would add that any mention to the /32 hack, as beeing against RFCs and proprietary to mikrotik's software, should be considered harmful and explicitely mentionned as discouraged in the documentation.

32-bit prefix is not Mikrotik proprietary and is not against RFC and definitely is NOT harmful.
Hmm, mrz, ok, 32 bit prefix is not Mikrotik proprietary and not against RFC.
But still, /31 is useful to have to use on a PtP link to conserve IP addresses in the IP space.

Some ISPs I have seen also assign /31 addresses.
Also, a /31 also reduces routing table size which is nice when using any routing protocols, rather than 2 /32 addresses on the routing table, there's a single /31 in lieu.

So +2 in my opinion.
 
mhugo
newbie
Posts: 49
Joined: Mon Sep 19, 2005 11:48 am

Re: Feature Request /31 Subnet

Thu May 21, 2015 7:53 pm

Needed +1
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: Feature Request /31 Subnet

Thu May 21, 2015 11:41 pm

But still, /31 is useful to have to use on a PtP link to conserve IP addresses in the IP space.
/31 actually works on Mikrotik if the Mikrotik is the odd-numbered host.
I tested it in RoS v6.28 with a Cisco router as the even-numbered host, and it works great. OSPF forms adjacency just as it should.

If the Mikrotik is the "network" end, though, it does't work. For that end, you can use /32 as the local address, and set a static route /31 with gateway=etherX interface to put the route into the table. (it won't enter OSPF properly this way, of course)


The actual reason I replied, though, is because there's a way that gives double this amount of IP savings for customer attachment circuit assignments.

1: Black hole route some master network prefix, e.g. 192.0.2.0/24 --> black hole
2: Put 192.0.2.1/32 and 192.0.2.255/32 as IP addresses on a "loopback" bridge interface on ALL routers.
3: Set arp-type=proxy-arp on all interfaces that should participate in this /24.
4: Use normal /30 addresses on active OSPF interfaces - private IP if you want to really squeeze things.
5: For each connected customer, create a /32 route with gateway=etherX interface (or vlanX - whatever interface is the customer's unique interface) and pref-source=192.0.2.1

Note that each router has an anycasted copy of the .1 and .255 addresses, so "broadcast" traffic doesn't get shot all over your network, and pings to the default GW by your customers will be answered by their actual default GW router.

*EDIT: The above works, but Mikrotik has a slightly simpler way to achieve the same thing. Instead of a black hole route for 192.0.2.1/32, you assign each customer's interface IP as 192.0.2.1/32 and set network=192.0.2.X (where X is the customer's single IP). You do not need the /32 static route with gateway=etherX/vlanX. This /32 IP address method will create a normal "connected" route for the customer's /32 address automatically, and OSPF will detect it as a natural route, thus it won't need to be redistributed into OSPF. You still need to have arp=proxy-arp so that the customer can communicate with the other members of the /24 block.

We called this solution "secret sauce" at the job where I implemented this, and it has many benefits:

It creates no additional entries in the route table as compared with a /31 scheme - but it lets you pack a whopping 253 customers per /24.

Each customer is on their own private layer2 broadcast domain, so there's no way for the customers to attack each other's WAN interfaces with broadcast things like netcut, rogue dhcp, rogue RA (ipv6 equivalent), etc. In fact, IPv6 can be assigned with whatever mechanism you choose to use (/127, /64, link-local-only, etc)

You can assign addresses from this range on any router you choose. (although, keeping them in aggregated clumps is smart for many reasons)

The customer cannot arbitrarily configure any address from the /24 - only the one you created the /32 route for will work.

If the customer wants additional IP addresses, you can route them exactly as many as needed without wasting any on subnets. (add additional IPs to the circuit with more /32 routes to the interface or else route additional addresses using the existing /32 as the next hop)

Now the only wasted address space on P2P links is on your own infrastructure's core links - and there are vastly fewer of these so the lack of /31 shouldn't hurt so much if you use "secret sauce" on your attachment circuits.
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
Marten
just joined
Posts: 1
Joined: Fri Dec 04, 2015 2:25 pm

Re: Feature Request /31 Subnet

Fri Dec 04, 2015 2:48 pm

It seems that feature was added in some 6.x release:
[admin@MikroTik] > /ip address export 
# dec/04/2015 15:46:44 by RouterOS 6.29.1
# software id = RS8Z-V97X
#
/ip address
add address=192.168.88.1/24 comment="default configuration" interface=\
    ether2-master-local network=192.168.88.0
add address=10.10.0.95/24 interface=ether1-gateway network=10.10.0.0
add address=172.16.240.1/31 interface=tun1 network=172.16.240.0
add address=172.16.240.255 interface=lo0 network=172.16.240.255
 
robertik
just joined
Posts: 10
Joined: Tue Dec 04, 2012 2:45 pm

Re: Feature Request /31 Subnet

Sat Mar 12, 2016 9:19 pm

+1

All hacks are not working with BGP.
IP address assigned by ISP end up with .255/31, I'm getting BGP routes - but marked as inactive.
Solution?
 
ndoo
just joined
Posts: 7
Joined: Wed Apr 11, 2012 4:17 am

Re: Feature Request /31 Subnet

Wed Jun 15, 2016 8:40 am

I am using the /32 PtP route workarounds listed above to get my ISP-assigned /31 WAN working. However, L2TP does not work due to the missing WAN/31 route.

So there are good reasons to properly support /31 routes in RouterOS, as these missing routes break any services that rely on routes to work (BGP, L2TP, probably IPsec too)
 
craterman
just joined
Posts: 11
Joined: Tue Oct 14, 2014 1:26 pm

Re: Feature Request /31 Subnet

Sat Jun 18, 2016 3:49 pm

+ 1
 
mhugo
newbie
Posts: 49
Joined: Mon Sep 19, 2005 11:48 am

Re: Feature Request /31 Subnet

Wed Jul 13, 2016 4:25 am

We really need this since we are low on IPV4 and use a lot of /32
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 5942
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: Feature Request /31 Subnet

Wed Jul 13, 2016 12:11 pm

If you are low on IPv4 addresses then by using /32 you can  save more addresses than by switching to /31
 
matbic
just joined
Posts: 2
Joined: Sat Nov 21, 2015 8:57 pm

Re: Feature Request /31 Subnet

Thu Feb 23, 2017 2:31 am

Yes I too have had to give up on vpn access due to lack of /31 support. Please add it as soon as possible. The hacks are only a partial solution and /31 is very popular with ISPs now. Thanks
 
soomanyquestions
newbie
Posts: 34
Joined: Sat Aug 20, 2016 6:35 pm

Re: Feature Request /31 Subnet

Tue Feb 28, 2017 11:56 pm

Yeah, not supporting RFC3021 is really shoddy of mikrotik. This feature has been in Cisco IOS for like 15 years.
 
User avatar
DrEvil
just joined
Posts: 2
Joined: Sun Jun 04, 2017 6:40 pm

Re: Feature Request /31 Subnet

Mon Sep 25, 2017 10:18 am

Any update on official support for /31?

Many ISP's are now using these for leased lines in the UK, such as BTnet, TalkTalk Business and others. We really need a supported method of adding a /31.

Regards
 
andriys
Forum Guru
Forum Guru
Posts: 1187
Joined: Thu Nov 24, 2011 1:59 pm
Location: Kharkiv, Ukraine

Re: Feature Request /31 Subnet

Mon Sep 25, 2017 11:38 am

 
User avatar
DrEvil
just joined
Posts: 2
Joined: Sun Jun 04, 2017 6:40 pm

Re: Feature Request /31 Subnet

Mon Sep 25, 2017 7:38 pm

Thanks for the link.

So 2 Q's remain:

1. Will RouterOS be updated to natively support /31 without having to use workarounds? I would be grateful if Mikrotik would confirm.

2. Having done some testing, it appears that a /31 PtP link is actually working when added to the Mikrotik interface as a /8. Does this work because in fact it does not matter what subnet is specified, given the network and broadcast addresses are not in play, with only the 2x adjacent IP's being relevant. E.G. I could set it as a /16 /32 or anything maybe?
Any thoughts.

Thanks,

DrEvil
 
User avatar
ZeroByte
Forum Guru
Forum Guru
Posts: 4051
Joined: Wed May 11, 2011 6:08 pm

Re: Feature Request /31 Subnet

Tue Sep 26, 2017 6:45 pm

2. Having done some testing, it appears that a /31 PtP link is actually working when added to the Mikrotik interface as a /8. Does this work because in fact it does not matter what subnet is specified, given the network and broadcast addresses are not in play, with only the 2x adjacent IP's being relevant. E.G. I could set it as a /16 /32 or anything maybe?
Any thoughts.
This works if the other router has proxy-arp enabled (or if you don't want to ever talk to any of the other addresses in your /8 /16 etc workaround netmask)

The reason it works is that your router will ARP for any IP that it thinks is locally-connected. If the other router does proxy-arp then this will work. This solution would tend to burn up a lot of space in your router's ARP cache if you have a lot of traffic to/from other addresses in that range.

You may have missed my post above, but if your router is the odd (higher) IP in the /31, then it works just fine even for OSPF.
E.g. Your ISP gives you a link with the addressing 192.0.2.70/31 and your end is 192.0.2.71 with .70 being the default GW. . .
/ip address add interface=etherX address=192.0.2.71/32 network=192.0.2.70
When given a spoon,
you should not cling to your fork.
The soup will get cold.
 
User avatar
lovehz
just joined
Posts: 9
Joined: Tue May 17, 2016 10:45 pm

Re: Feature Request /31 Subnet

Wed May 09, 2018 10:55 pm

mrz:
If you are low on IPv4 addresses then by using /32 you can  save more addresses than by switching to /31
People who use upstream providers who supply /31 links need this to work. They don't have a choice in the matter, but yeah thanks for your valuable input, mrz. I wonder if the tone of these forums would be more positive if the replies from Mikrotik weren't mostly passive aggressive or "why would you want to?".

This thread continues to limp onward, but the requirement is still real. Is the RouterOS architecture so rigid that RFC 3021 can't be implemented? Do I have to hack a workaround forever? 18 years seems a while to wait since an RFC was published.
 
djdrastic
Member
Member
Posts: 305
Joined: Wed Aug 01, 2012 2:14 pm

Re: Feature Request /31 Subnet

Thu May 10, 2018 9:05 am

Ran into this issue yesterday.Had to pull a Tik from an environment and put in another brand to get the job done.


Really guys we need to have a look at this
 
mhugo
newbie
Posts: 49
Joined: Mon Sep 19, 2005 11:48 am

Re: Feature Request /31 Subnet

Mon May 14, 2018 4:54 pm

+1 for just fixing this. /31 and two /32s are different usecases.

We use /32s for end users but we would like /31 for core backbone links and uplinks - gets ugly injecting both /32s from MT and /31s from non MT equipment.
 
JimmyNyholm
Member Candidate
Member Candidate
Posts: 249
Joined: Mon Apr 25, 2016 2:16 am
Location: Sweden

Re: Feature Request /31 Subnet

Sun Jul 08, 2018 11:28 am

Actually it wont get ugly if you combine the fine /32 support with the fact that you can have the same ip och many interfaces in routerOS. Then you can do fully functional ospf. Assign a /28 for a 16 port router as to say router has the same IP on all its customer facing interfaces then carve /32 to each cpe fully functional ZERO waste of space and tidy if you are a network guy. Just tell routeros that the network on this interface is that other /32 address (IE. PTP link not PTMP link)

All things considered it of course depends on your kind of deployment BUT my point being /31 support may be good and all that, but I have not seen the real benefit of that when doing MT to MT. You will of course have to do a proper /30 to another manufacturer interoperability depending on their interpretation on networking. In our case we use CCR routers and HAPAC CPE's For 1G or lower. Then your IGP is up an running without any IP waste (Rely, you should use the net and broadcast adress from the cidr ass well we are not doing ptmp we are doing PTP -1 ip to the routers all interfaced being said). Set your OSPF interfaces to PTP even though the transport of the link is ethernet will get the most techs headache out.
The customer can of course have their own what efter prefix assigned downstream to the CPE, but this is another chapter in the ISP cookbook I'm afraid.
 
airbanduk
newbie
Posts: 45
Joined: Mon Jun 12, 2017 2:30 pm

Re: Feature Request /31 Subnet

Tue Oct 15, 2019 2:49 pm

Resurrecting this as I have a perfect use case for /31 support, that can't be fixed with a /32 kludge - BGP.

While /31 with MT side being the odd number does work for point to point connectivity, if you try and set up a BGP session between the two you will not be able to receive prefixes. Why? Because the BGP implementation will see the peer side as a network address, and therefore not a valid next hop.

There is no /32 fix for this. The only fix I could provide was to use a /29 prefix on the MT side. So one side is on /29, the other is /31. Not ideal.

Why has this still not been implemented?

Who is online

Users browsing this forum: MSN [Bot] and 115 guests