Description | This article describes how to use of /31 subnet mask on FortiGate interface for point-to-point networks especially ISP connections. |
Scope | FortiGate v6.0 and above. |
Solution |
To preserve IPv4 address space, point-to-point networks can employ a 31-bit subnet mask, as outlined in RFC 3021. Unlike allocating four IP addresses with a 30-bit subnet mask in IPv4, a 31-bit subnet mask only utilizes two IP addresses: one with all bits set to zero and the other with all bits set to one in the host portion of the IP address. These two addresses are designated as host addresses and do not necessitate broadcast support. As each transmitted packet from one host is invariably received by the other host, directed broadcast on a point-to-point interface becomes unnecessary.
CLI Reference:
config system interface edit "port1"
No special command is required to assign a /31 IP address to an interface on FortiGate. Other IP addresses can be used as the gateway in static route configuration. In this case, that is 37.24.248.3.
The ARP entry of the gateway can be viewed on the FortiGate by running the command:
get system arp
FortiOS supports RFC 3021.
Related document: |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.