Use a 31-bit or 32-bit Subnet Mask

To conserve IPv4 addresses, some Internet Service Providers assign IPv4 addresses with a /31 or /32 subnet mask. If your Firebox is configured in mixed routing mode, you can configure an external interface to use an IPv4 address with a 31-bit or 32-bit subnet mask.

31-bit and 32-bit subnet masks are supported in Fireware v11.9.4 and higher for primary external interfaces. 31-bit and 32-bit subnet masks are supported in Fireware v12.1 and higher for secondary external interfaces.

When you configure an IP address, you specify the subnet mask in slash notation. For information about slash notation, go to About Slash Notation.

31-bit Subnet Mask (/31)

In mixed routing mode, you can configure any external interface to use an IPv4 address with a 31-bit subnet mask. A 31-bit subnet mask is often used for an interface that is the endpoint of a point-to-point network. The use of 31-bit subnet masks for IPv4 point-to-point links is described in RFC 3021.

32-bit Subnet Mask (/32)

A 32-bit subnet mask defines a network with only one IP address. In mixed routing mode, you can only configure a 32-bit subnet mask for a physical external interface. Because you cannot configure a virtual external interface with a default gateway on a different subnet, you cannot use a /32 subnet mask for a virtual external interface, such as a VLAN or Link Aggregation interface.

Related Topics

Configure an External Interface