/31 – Using 31-Bit Prefixes on IPv4 Point-to-Point Links
This all comes down to IP Addressing efficiency. This is from the RFC3021:
With ever-increasing pressure to conserve IP address space on the Internet, it makes sense to consider where relatively minor changes can be made to fielded practice to improve numbering efficiency. One such change, proposed by this document, is to halve the amount of address space assigned to point-to-point links (common throughout the Internet infrastructure) by allowing the use of 31-bit subnet masks in a very limited way.
Quickly, here’s a break down difference between a /30 and /31. What you will see is that the /30 takes up 2 additional IP Addresses for both the Subnet/Network and the Broadcast.
Inverse Mask: 0.0.0.1
Subnet Size: 2
Host Range: 192.168.1.0 to 192.168.1.1
Total # of IPs: 2 (192.168.1.0 - 192.168.1.1)
Inverse Mask: 0.0.0.3
Subnet Size: 2
Host Range: 192.168.1.1 to 192.168.1.2
Total # of IPs: 4 (192.168.1.0 - 192.168.1.3)
The primary motivation for using /31’s was to help conserve the “PUBLIC” address space. Let’s go back to RFC1918. These are the private IP Address spaces you’re allowed to use:
As you can see you have over 17 million IPs/Hosts to use. If your IP Addressing is efficient, then there’s no reason to use /31’s in my opinion. I’ve work for some very large international companies and never had to use /31’s. All the places I’ve worked to date did not use /31’s. Didn’t need to because we properly and efficiently assigned IP subnets.
If you know me, I like to keep things simple. /31’s could be confusing to some because they’ll ask questions like:
Can I route it?
What if I get a route with that block in it?
Do all ISP support it?
Do all vendors support it? If so what code do I need to be one? Or which models support it?
What’s the point?
One example that could get you. Below is from Palo Alto’s site:
If you’re using a /31 subnet mask for the Layer 3 interface address, the interface must be configured with the .1/31 address in order for utilities such as ping to work properly.
So now you have situation, if you didn’t read this on Palo’s website, you’re going to be wasting valuable time troubleshooting. Network guys are used to using .0 for the subnet/network and it doesn’t work now because you accidentally used .0/31. You have pay special attention to the subnetting to see what’s usable and what’s not. Again, I would avoid all this. You have to remember the reason why /31’s exist in the first place, conserve IP Addresses. That should not be an issue if you’re properly assigning RFC1918’s within your organization.
One last thing, I had a buddy of mine who tried using /31’s on some Palo Alto firewalls and he had nothing but issues. His SE recommended that he just stick with /30’s. I also know that some ISP’s will not use /31’s and some Vendors don’t support it. KISS, avoid using them.