Community discussions

MikroTik App
 
User avatar
Techsystem
Member
Member
Topic Author
Posts: 337
Joined: Tue Dec 21, 2021 5:12 am

what is the most preferable subnet when we connect router to WAN /24 or /30 subnet

Sun Nov 27, 2022 10:01 am

Hello My friends ..!
so is it preferable to set the subnet mask as /30 in the case i have a WAN up link ..?
in more detail :
i have huawei router and mikrotik router, the huawei router is as an ISP in this example so the WAN connection from it to mikrotik.
is it preferable to reduce the subnet mask in huawei..?
i saw alot of people out there reduce the subnet range in this kind of connection, so does that make sence..?
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11383
Joined: Thu Mar 03, 2016 10:23 pm

Re: what is the most preferable subnet when we connect router to WAN /24 or /30 subnet

Sun Nov 27, 2022 10:55 am

It kind of depends on context. If your "WAN" is contained on the customer's side of CPE and you're free to choose WSN IP address on your Mikrotik, then you can go for /30 (with appropriately selected WAN IP). If you can't control MT's WAN IP, then you can't just invent the subnet mask because CPE might change some network settings and MT would loose internet access. In any case making subnetmask longer doesn't enhance LAN security by itself, you stil need sane firewall filter rules. It also doesn't reduce amount of ingress traffic (e.g. broadcasts) and most often doesn't change anything on egress either. And: sometimes it's necessary to squeeze another device in that subnet ... for some troubleshooting or configuration ... then a tad shorter subnet mask comes handy.

IMO the only reason for using long subnet masks on PtP links is to save IP addresses (with /30 one wastes 2 addresses while with /24 one wastes 254 addresses - comparing to using a pair of /32 addresses), which is most of times a non-issue when using RFC1918 address space anyway. And both sides have to be configured the same way to gain anything.

So I'd say KISS: do whatever can be done the easiest (i.e. whatever suits Huawei best).
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: what is the most preferable subnet when we connect router to WAN /24 or /30 subnet

Sun Nov 27, 2022 10:58 am

It is rarely a decision of "people out there" when configuring their WAN subnet - they have to accommodate to how the ISP has configured things on its end. The subnet size is a concern when the WAN address is a public one, because if you use the simplest method (direct assignment of the public address to the WAN on a point-to-multipoint type of interface), you waste 4 public addresses to provide a single public IP assigned to the customer - a /30 network contains a "network address", a "broadcast address", and two host addresses, one of which must represent the router at the ISP side. Even if you use a /31 subnet (which has a special RFC and is not directly supported by RouterOS), you still waste two addresses to deliver one. But this is rarely seen in reality, ISPs use larger subnets and port isolation, or use CGNAT addresses and route public ones via them rather than assigning the public ones directly to interfaces, or use PPPoE...

When your Mikrotik's WAN is connected to the LAN of the router provided by ISP to your home, this is only a concern if the ISP gives out public addresses on this LAN interface.

Large private networks are a different thing - there, the administrators may have to fit into a dedicated address range and partitioning it into smaller subnets may have some advantage for them.

Who is online

Users browsing this forum: BrateloSlava, dioeyandika, mtest001 and 44 guests