# point-to-point connection, /32 network



## tmc (Sep 30, 2021)

My ISP gave me connection details as follows:

a.b.c.d is just one valid public ip address

IP address: a.b.c.d
Netmask: 255.255.255.255
Gateway: a.b.c.1

so putting this into /etc/rc.conf

```
ifconfig_bge0="inet a.b.c.d netmask 255.255.255.255"
defaultrouter="a.b.c.1"
```
causes network unreachable, heard that linux has commands:


```
/bin/ip addr add a.b.c.d/32 dev eth0
/bin/ip route add default via a.b.c.1 dev eth0 onlink
/bin/ip link set up dev eth0
```

does anybody know how to achieve this /32 network connection with FreeBSD?

i also tried set static routing in /etc/rc.conf, but no success


```
ifconfig_bge0="inet a.b.c.d netmask 255.255.255.255"
defaultrouter="a.b.c.1"
static_routes="defgw"
route_defgw="-host a.b.c.1 -iface bge0"
```


----------



## SirDice (Sep 30, 2021)

It's a rather odd way they want you to configure the interface, on FreeBSD you can't add a route to an IP address that's outside of your subnet. Which is pretty much everything because the subnet mask is 32 bit. So setting the default gateway to a.b.c.1 will fail.

What happens if you issue the commands on the command line? I think the order in which those routes are applied might be important.

```
route add -host a.b.c.1 -iface bge0
route add default a.b.c.1
```


----------



## D-FENS (Sep 30, 2021)

I am not completely sure, but setting the ip address and the routing table should not use necessarily the same mask length. I have to check on this. If you use /32 bit subnet mask your host can communicate only with itself on a subnet with a single IP address - not particularly useful. /32 bit mask can be used mostly when matching packets in the netfilter or when setting the IP address, but I don't think it's useful when routing.

Can you try and set the IP address with a mask /32, but only in the routing table set the mask to something that would include BOTH a.b.c.d and a.b.c.1? For example if d=2 then you could set the address and routing as follows:

```
ifconfig_bge0="inet a.b.c.2 netmask 255.255.255.255"
defaultrouter="a.b.c.1"
/bin/ip addr add a.b.c.2/31 dev eth0
/bin/ip route add default via a.b.c.1 dev eth0 onlink
/bin/ip link set up dev eth0
```
In this example using a netmask of /31 for the routing tables would constitute a network with 4 addresses: a.b.c.0-4, in which the .0 and .3 would be reserved for the subnet and for broadcast respectively, so routing to those addresses would not work.
By the way, when you go this route, simply include a.b.c.1 in your subnet (it needs to be connected to the same Ethernet segment to work). You could simply set the IP address as: `inet a.b.c.2 netmask 255.255.255.254`?

1 comment: I noticed you use two distinct interface names: bge0 and eth0. Check if you have all interface names right.

Also, in case d != 2, adjust the mask accordingly. 
Edit: Can you try and set the mask, so that it includes BOTH a.b.c.d and a.b.c.1?
Use the program net-mgmt/ipcalc for easier calculations.

Edit: The ip and route commands for FreeBSD would look like this (if for example d=2):

```
ifconfig bge0 a.b.c.2/31 up
route add default a.b.c.1
```


----------



## D-FENS (Sep 30, 2021)

SirDice said:


> It's a rather odd way they want you to configure the interface, on FreeBSD you can't add a route to an IP address that's outside of your subnet. Which is pretty much everything because the subnet mask is 32 bit. So setting the default gateway to a.b.c.1 will fail.
> 
> What happens if you issue the commands on the command line? I think the order in which those routes are applied might be important.
> 
> ...


If a.b.c.1 and a.b.c.d are in different subnets, a.b.c.1 should still not be reachable via bge0, right? I have to check this.


----------



## gpw928 (Sep 30, 2021)

ppp uses a /32 IP address.  I don't have ppp running on any FreeBSD systems, but my Linux host with a ppp connection looks like this:
	
	



```
[pi4.753] $ ifconfig ppp0
ppp0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 10.153.180.113  netmask 255.255.255.255  destination 10.64.64.64
        ppp  txqueuelen 3  (Point-to-Point Protocol)
        RX packets 130144  bytes 111807849 (106.6 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 106792  bytes 17599308 (16.7 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[pi4.754] $ netstat -rn
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         0.0.0.0         0.0.0.0         U         0 0          0 ppp0
10.64.64.64     0.0.0.0         255.255.255.255 UH        0 0          0 ppp0
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 eth0
```
On that basis, I would think that this is worth a try:
	
	



```
ifconfig bge0 inet a.b.c.d netmask 255.255.255.255
route add default bge0
```


----------



## D-FENS (Sep 30, 2021)

gpw928 said:


> ppp uses a /32 IP address.  I don't have ppp running on any FreeBSD systems, but my Linux host with a ppp connection looks like this:


Good point. In this sense the /32 IP address is actually just a stub, so whatever is written to or read from it is simply sent via the modem to the other side. It's like an IP-to-modem protocol converter.
In the case we are discussing though, routing should happen between two distinct IP addresses and the host must have access to both of their subnet(s).
By the way, TUN interfaces used with OpenVPN for example, behave in a similar manner.
That's from my host:

```
tun2: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1500
        inet 10.0.x.x  netmask 255.255.255.255  destination 10.0.x.y
        ...
```


----------



## gpw928 (Sep 30, 2021)

OK.  I see that the gateway is a.b.c.1. I spoke without thinking it through. The post by SirDice looks to be on the mark.


----------



## tmc (Oct 5, 2021)

After some try-and-fail testing, seems that following lines in /etc/rc.conf are valid

```
ifconfig_bge0="inet a.b.c.d netmask 255.255.255.255"
defaultrouter="a.b.c.1"
static_routes="defgw"
route_defgw="-host a.b.c.1 -iface bge0"
```

A workaround is restart routing with some delay afterwards,

i put a line to crontab:

```
@reboot /root/scripts/restart_routing.sh
```

/root/scripts/restart_routing.sh

```
#!/bin/sh
#
# Server is back in business

sleep 30
/etc/rc.d/routing restart
```

netstat -rn

```
Routing tables

Internet:
Destination        Gateway            Flags     Netif Expire
default            a.b.c.1            UGS        bge0
127.0.0.1          link#3             UHS         lo0
a.b.c.1            link#1             UHS        bge0
a.b.c.d            link#1             UH         bge0
```

ifconfig bge0 | grep inet

```
inet a.b.c.d netmask 0xffffffff broadcast a.b.c.d
```

/etc/rc.d/routing restart

```
delete host 127.0.0.1: gateway lo0
delete host a.b.c.1: gateway bge0
route: route has not been found
delete net default: gateway a.b.c.1 fib 0: not in table
add host 127.0.0.1: gateway lo0
add host a.b.c.1: gateway bge0
add net default: gateway a.b.c.1
```

Thank You for responses! All works as expected!


----------



## SirDice (Oct 5, 2021)

tmc said:


> A workaround is restart routing with some delay afterwards,


Ok, that points to an order issue. Try this:

```
static_routes="iface defgw"
routes_iface="-host a.b.c.1 -iface bge0"
routes_defgw="default a.b.c.1"
```
Don't set `defaultrouter` at all. By using the `static_routes` we can enforce a specific order in which those routes are applied.


----------



## SirDice (Oct 5, 2021)

gpw928 said:


> ppp uses a /32 IP address. I don't have ppp running on any FreeBSD systems, but my Linux host with a ppp connection looks like this:


That's a point-to-point interface, it has only two end-points. When you route traffic to that interface it has nowhere else to go but the other side of the P-t-P connection. Think of a tube with both ends of that tube attached to something. When you pour water into one end of the tube the water can only come out at the other end of the tube. With an ethernet interface there's an entire broadcast domain attached to it that can have multiple systems on it (layer 2). There's no way to figure out which of those systems you need to route your layer 3 traffic to, that's what the routing table is for.


----------



## tmc (Oct 5, 2021)

tried this:

```
#defaultrouter="a.b.c.1"
static_routes="iface defgw"
routes_iface="-host a.b.c.1 -iface bge0"
routes_defgw="default a.b.c.1"
```

after reboot (missing default route):

```
netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags     Netif Expire
a.b.c.1            link#1             UHS        bge0
a.b.c.d            link#1             UH         bge0
127.0.0.1          link#2             UHS         lo0
```

after /etc/rc.d/routing restart
default route appears


```
netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags     Netif Expire
default            a.b.c.1            UGS        bge0
a.b.c.1            link#1             UHS        bge0
a.b.c.d            link#1             UH         bge0
127.0.0.1          link#2             UHS         lo0
```


----------



## SirDice (Oct 5, 2021)

Sigh, it's such an odd way to configure things. I don't understand why they're doing it like that either. What if you just ignore their suggesting of setting your IP address with a 32 bit subnet mask? Is there a /30, /29 or other subnet mask that has both a.b.c.d _and_ a.b.c.1 in it? It obviously depends a bit on the actual value of d. Use an IP calculator to find the smallest netmask that has both IP addresses and just use that instead of the /32. You're unlikely to be directly connecting to any of your network 'neighbors' so the mask itself is probably of little influence.


----------



## msplsh (Oct 5, 2021)

SirDice said:


> Use an IP calculator to find the smallest netmask that has both IP addresses and just use that instead of the /32.


Wikipedia also notes that /32 is particularly problematic for routing.  Ignore the ISP's netmask and create your own.  The worst that happens is that your machine puts routable traffic to nearby customers on the ethernet interface without the gateway in the ethernet frame and the modem can't figure out what it's supposed to do with it.  How likely is it that you care about that?


----------



## D-FENS (Oct 6, 2021)

SirDice said:


> Sigh, it's such an odd way to configure things. I don't understand why they're doing it like that either. What if you just ignore their suggesting of setting your IP address with a 32 bit subnet mask? Is there a /30, /29 or other subnet mask that has both a.b.c.d _and_ a.b.c.1 in it? It obviously depends a bit on the actual value of d. Use an IP calculator to find the smallest netmask that has both IP addresses and just use that instead of the /32. You're unlikely to be directly connecting to any of your network 'neighbors' so the mask itself is probably of little influence.


That was my point exactly. If a.b.c.1 and a.b.c.d need to talk directly via the same segment, they should be in the same subnet. I also don't see the point in setting the mask to 32 bits and then patching the behavior via the routing table.


----------



## Futura (Jun 21, 2022)

SirDice said:


> Ok, that points to an order issue. Try this:
> 
> ```
> static_routes="iface defgw"
> ...



Sorry for reactivation this thread,

but thank you very much SirDice!

I ordered a cloud server at the german company Hetzner and was facing the same issue. The reason they are doing this could be: reduction of broadcast and arp traffic.

What finally worked for me:

# static IPv4:
ifconfig_vtnet0="inet X.X.X.X netmask 255.255.255.255"
static_routes="iface defgw"
route_iface="-host 172.31.1.1 -iface vtnet0"
route_defgw="default 172.31.1.1"


For IPv6 the following settings were sufficient:

# static ipv6
ifconfig_vtnet0_ipv6="inet6 xxxx:xxx:xxxx:xxxx::1>/64"
ipv6_defaultrouter="fe80::1%vtnet0"


----------

