The premiere source of truth powering network automation. Open and extensible, trusted by thousands.

NetBox is now available as a managed cloud solution! Stop worrying about your tooling and get back to building networks.

Using /31 subnets on point-to-point links

By stretch | Wednesday, June 18, 2008 at 2:18 a.m. UTC

A recent post on /30 and /31 addressing prompted one reader to ask when 31-bit subnet masks are appropriate, or supported. It turns out they've been supported for a while.

Thirty-one-bit subnets were first proposed in RFC 3021, which was primarily motivated by the potential for public address space conservation. Recall that shrinking a /30 subnet to a /31 effectively doubles the number of point-to-point links you can address from a finite range. Cisco IOS has supported /31 subnets for point-to-point links since release 12.2(2)T. A thorough explanation of the feature is presented here.

We can put this theory into practice by addressing a point-to-point connection between two routers as Note that this even applies to Ethernet interfaces, technically a broadcast medium.

Router(config)# interface f0/0
Router(config-if)# ip address
% Warning: use /31 mask on non point-to-point interface cautiously

An ominous warning message, no doubt, but it works just fine. We can successfully ping the far-end interface (, and the subnet is accurately reflected in the routing table:

Router# ping

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/16/20 ms
Router# show ip route
... is subnetted, 1 subnets
C is directly connected, FastEthernet0/0

Posted in Design


Kevin Gillick
June 23, 2008 at 12:55 p.m. UTC

Nice, but I have never seen this in a production network!

July 7, 2008 at 11:05 a.m. UTC

Nice , never knew that Before

July 8, 2008 at 3:37 a.m. UTC

Cool. But what happens if there is similar route but with a /30 subnet mask in the routing table?

July 21, 2008 at 3:55 a.m. UTC

I think a directly connected network would win

May 22, 2009 at 1:56 p.m. UTC

Good one. thanks.

May 22, 2009 at 1:56 p.m. UTC

any known problems with using /31 subnets?

May 26, 2009 at 5:22 p.m. UTC

We use /31's almost exclusively in our very large international network. No problems discovered after years of usage.

August 8, 2009 at 9:45 p.m. UTC

"Cool. But what happens if there is similar route but with a /30 subnet mask in the routing table?" before we even get into the connected route winning, the longer match would be preferable thus the /31 would win

A guest
August 1, 2010 at 2:11 p.m. UTC

This goes against my CCNA training, I've been living a lie!

November 9, 2010 at 4:53 p.m. UTC

Sooooo wrong to be able to ping .0 !

April 18, 2011 at 2:49 p.m. UTC

This probably never caught on with providers because there was no mechanisim to roll it out whout readressing your existing customers' circuits. If you are using .0/20, then your usable hosts are .1 and .2, then .5 and .6 in the next block. /31 opens up .0/.1, .2/.3, /.4/.5. . . .If there was a way to keep your existing endpoint IPs and make available p-p circuits of .3/.4, so you could just change masks and then add circuits in the "dead space"

Think, not only of all the customer reconfiguration, but route table overhauls.

It was a good idea in theory.

August 13, 2011 at 3:37 p.m. UTC

Is there anyway to have this work up on an ASA? I've used it with sucess for point-to-point links on routers etc, but seems like both pix's and ASA's throw a "ERROR: /31 mask is not allowed"

I've raked for docs, and cant find anything!

(By the way, Loving the CAPTCHA, reduce spam, reduce fools :D )

October 25, 2011 at 10:13 a.m. UTC rollout.

January 23, 2012 at 5:05 a.m. UTC

Very nice. Never seen it in production networks yet, thou !

April 17, 2012 at 4:40 p.m. UTC

We use it in our network on many link. Will not mention company name but I will say we have over 9000 stores.

July 10, 2012 at 2:51 p.m. UTC

What about GARP reply.

Vikas B
September 19, 2012 at 10:44 a.m. UTC

check this excellent case study on 'Use of ‘/31 IP subnet’ on point to point links; and their effect on routing protocols'

August 12, 2013 at 5:55 p.m. UTC

Here is a clarification question / scenario. Would a /31 work here?

Router 1 ---> DumbSwitch ---> Router 2

Dumb switch has other traffic running on the same vlan from hosts and other devices (not a great scenario I agree buts there) the /31 would be a secondary address on Router 1 and Router 1 also has about 10 - 15 secondaries on it.

November 1, 2013 at 10:32 a.m. UTC

Great info, am starting to use this on production networks. Using x.x.x.0 as an address just seems wrong somehow, but it works, so I will have to get used to it.

Bob Zanis
December 12, 2013 at 6:22 p.m. UTC

Wish this worked in PacketTracer!

January 16, 2014 at 3:50 a.m. UTC

Providers use /31 as a point to point to connect an edge router to a premises router(example Voice Gateway of a PRI circuit). It first comes from the edge router to a switch installed at a MDU building for example( to provide Dedicated Fiber products, DIA and P2P, EPL, EVPL, ETREE and stuff in the MEF relm). Also this is where channels are seperated. They will use this address for management for example, coming from the ISP edge router as a 802.1q tag to a switch installed at the mpoe of the building(likely, and where the multiple clients are lid up from) and passed down to the router installed at the customer premises for that particular client's circuit. Within the channel this vlan will be set for this management of the circuit. Also keep in mind that providers use protocols at the layer 1 level such as DWDM to segment a fiber feed going to a building into different channel, each channel being a customer for example, and within each channel multiple vlans can pass for different service for example a DIA, and P2P circuits both being in different vlans within the single channel. This explanation is beyond the scope of day to day enterprise networking but it serves as an example of how it it used on a production network.

May 2, 2014 at 6:39 p.m. UTC

Good post! Thanks for writing :-)

August 22, 2014 at 1:55 p.m. UTC

WILD! I have been under the understanding that /31's were not possible for years. Go figure...

December 30, 2014 at 2:56 p.m. UTC

I think the /31 masking may have all been hinged on "ip subnet-zero". Without that the .0 was never available to be used based on rules of subnetting, and fact that you can use a /31 mask on and .0 is actually a usable WAN address (along with .1) that would make me think the /31 would not have been relevant without "ip subnet-zero".

April 7, 2016 at 8:41 a.m. UTC

This is something I will love to do in a production environment. But does it work on ASA?

June 10, 2016 at 8:45 a.m. UTC

It's interesting how the underlying ARP mechanism works. From what I've seen in debug, it is sending ARP requests asking about it's own L3 destination address and sends them to L2 broadcast address. I bet Cisco flags interfaces with /31 addressing differently and upon receipt of such ARP request, instead of discarding it, it's processed and relative ARP subblock is added into the database.

Comments have closed for this article due to its age.