/32 point-to-point routing

Dedicated Server Farms have been provisioning /32 extra IP addresses lately.

Here are my notes on setting up a virtual network with the Linux bridge utilities to route /32 addresses to virtual hosts.

When I first got such IP address I immediately asked them to take them back and give me IP address within a larger subnet-LAN that includes an Internet Gateway.

Before they answer my ticket I thought that it may be better to route the extra IP addresses myself instead of bridging everything and I had a setup working. I did set a virtual LAN on private IP space in between the host and the virtual machines and added to the host /32 routes with gateway the private IP address on the virtual machine. Well, that worked fine for all traffic going to the virtual machines but I had a hard time making the source address stick for outgoing virtual machine traffic and since the nexthop was not routed ICMP and some other stuff had a tough time. At the end I made it work but I did not like it.

1st setup
 Internet IP        Private IP               Private IP        Internet IP
 203.0.113.115/26 - 192.168.45.1/24   <-x->  192.168.45.2/24 - 192.0.2.66/32
|                                  |        |                - 198.51.100.67/32 |
|________  Host  __________________|        |_____ Virtual Host_________________|



Then, I remembered /32 point-to-point networking, start searching the internetz, and start trying out stuff :P.

This is the pointopoint routed setup I ended up using. Same with the 1st but no need for the Private Network Segment and messing with routing tables and source IP addresses.

Host
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
  address 203.0.113.115
  netmask 255.255.255.192
  broadcast 203.0.113.127
  gateway 203.0.113.65

auto br0
iface br0 inet static
  address 203.0.113.115
  netmask 255.255.255.255
  bridge_ports none
  bridge_stp off
  bridge_fd 0 
  pre-up brctl addbr br0
  
  up ip route add 192.0.2.66/32 dev br0 
  down ip route del 192.0.2.66/32 dev br0 
 
  up ip route add 198.51.100.67/32 dev br0 
  down ip route del 198.51.100.67/32 dev br0 

#not needed but I kept it
auto br0:1
allow-hotplug br0:1
iface br0:1 inet static
      address 192.168.45.1
      netmask 255.255.255.0
      broadcast 192.168.45.255 



Virtual Machine with network=bridge:br0
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
 address 192.0.2.66
 netmask 255.255.255.255
 pointopoint 85.25.199.115
 gateway 203.0.113.115

auto eth0:1
iface eth0:1 inet static
 address 198.51.100.67
 netmask 255.255.255.255
 pointopoint 85.25.199.115
 gateway 203.0.113.115

#not needed but I kept it
auto eth0:2
iface eth0:2 inet static
 address 192.168.45.2
 netmask 255.255.255.0
        broadcast 192.168.45.255 




http://alog.ipduh.com/2013/02/32-point-to-point-routing.html