View Categories

How to Use Routed Subnet

7 min read

When you order a dedicated server with an additional subnet, the server will come with a main IP and a routed subnet.

A routed subnet directs all IPs within the subnet to the main IP. This setup eliminates the need for an additional gateway and in some configurations allows the use of all IPs in the subnet for routing.

For instance, with a /29 routed subnet, you can utilise all 8 IPs as there is no requirement for network, broadcast, or gateway addresses.

To configure this, you can access the server via the main IP and set up the subnet within the operating system…

 

Example Setup #

Throughout the below OS setup guides, the following example IPs will be used:

Main IP: 172.16.1.100
Routed Subnet: 10.1.1.8/29

 

Ubuntu 22.04 / 24.04 (Netplan) #

In Ubuntu, network configurations are managed using Netplan, a modern utility that uses YAML files for declarative network configuration.

 

Create a backup of the initial configuration:

cp /etc/netplan/00-installer-config.yaml /etc/netplan/00-installer-config.yaml.bak

 

Open the config file in a text editor:

/etc/netplan/00-installer-config.yaml

 

The default configuration will look similar to this:

network:
  ethernets:
    all_interfaces:
      addresses:
      - 172.16.1.100/25
      gateway4: 172.16.1.1
      match:
        macaddress: 4F:43:D6:F9:7D:67
      nameservers:
        addresses:
        - 8.8.8.8
        - 1.1.1.1
  version: 2

 

Add each IP from the routed subnet as an individual /32 address below the main IP (note and check the indentation requirements of yaml files): 

network:
  ethernets:
    all_interfaces:
      addresses:
      - 172.16.1.100/25
      - 10.1.1.8/32
      - 10.1.1.9/32
      - 10.1.1.10/32
      - 10.1.1.11/32
      - 10.1.1.12/32
      - 10.1.1.13/32
      - 10.1.1.14/32
      - 10.1.1.15/32

      gateway4: 172.16.1.1
      match:
        macaddress: 4F:43:D6:F9:7D:67
      nameservers:
        addresses:
        - 8.8.8.8
        - 1.1.1.1
  version: 2

 

Save and exit the config file, use the netplan command to check for errors:

netplan generate

 

Use the netplan try command to temporarily apply the config to the system:

netplan try

If connection to the server is still established, press enter to commit to the new config, otherwise after 120 seconds configuration will revert back to the previous state.

 

Debian 11 / Debian 12 (ifupdown) #

In Debian, network configurations are typically managed using the ifupdown system, which relies on the /etc/network/interfaces file.

 

Create a backup of the initial configuration:

cp /etc/network/interfaces /etc/network/interfaces.bak

 

Open the config file in a text editor:

/etc/network/interfaces

 

The default configuration will look similar to this, make a note of the interface name (here it’s enp1s0f0):

allow-hotplug enp1s0f0
  iface enp1s0f0 inet static
  address 172.16.1.100/25
  gateway 172.16.1.1
  # dns-* options are implemented by the resolvconf package, if installed
  dns-nameservers 8.8.8.8
  dns-search unassigned-domain

 

Routed IPs are added by creating an interface alias for each IP of the range.

Add the following, making sure the interface name is correct and append :0 to it:

auto enp1s0f0:0
  iface enp1s0f0:0 inet static
  address 10.1.1.8
  netmask 255.255.255.255

 

Repeat for each additional IP, appending the next unique number for the interface alias (:1, :2 etc.). The final config should look similar to this:

allow-hotplug enp1s0f0
  iface enp1s0f0 inet static
  address 172.16.1.100/25
  gateway 172.16.1.1
  # dns-* options are implemented by the resolvconf package, if installed
  dns-nameservers 8.8.8.8
  dns-search unassigned-domain
 
 
auto enp1s0f0:0
  iface enp1s0f0:0 inet static
  address 10.1.1.8
  netmask 255.255.255.255
 
 
auto enp1s0f0:1
  iface enp1s0f0:1 inet static
  address 10.1.1.9
  netmask 255.255.255.255
 
 
auto enp1s0f0:2
  iface enp1s0f0:2 inet static
  address 10.1.1.10
  netmask 255.255.255.255
 
# etc…

 

Save and exit the config file, restart the networking service to commit the changes:

systemctl restart networking

 

Alma Linux 8 & 9 / Rocky Linux 8 & 9 (NetworkManager) #

Alma Linux and Rocky Linux uses NetworkManager for network configuration, and the nmcli command-line interface is provided for managing network connections.

 

The interface of the main IP can be found by running:

ip addr

 

For this example output, the main IP is attached to interface enp1s0f0:

1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
   link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
   inet 127.0.0.1/8 scope host lo
   valid_lft forever preferred_lft forever
   inet6 ::1/128 scope host
   valid_lft forever preferred_lft forever
2: enp1s0f0: mtu 1500 qdisc fq_codel state UP group default qlen 1000
   link/ether 4f:43:d6:f9:7d:67 brd ff:ff:ff:ff:ff:ff
   altname ens18
   inet 172.16.1.100/25 scope global noprefixroute enp1s0f0
   valid_lft forever preferred_lft forever
   inet6 fe80::be24:11ff:fe9a:2c5e/64 scope link noprefixroute
   valid_lft forever preferred_lft forever

 

Create a backup of the config file, this will be a file located in /etc/NetworkManager/system-connections/ and has a filename prefixed with the interface name. For example:

cp /etc/NetworkManager/system-connections/enp1s0f0.nmconnection /etc/NetworkManager/system-connections/enp1s0f0.nmconnection.bak

 

Starting with the first IP, routed IPs can be added via the nmcli command:

nmcli connection modify “enp1s0f0” +ipv4.addresses “10.1.1.8/32”

 

Repeat the command for all IPs in the subnet:

nmcli connection modify “enp1s0f0” +ipv4.addresses “10.1.1.9/32”
 
nmcli connection modify “enp1s0f0” +ipv4.addresses “10.1.1.10/32”
 
# etc…

 

Restart the service to load the new config:

systemctl restart NetworkManager

 

Windows Server 2022 #

To add a routed subnet on a Windows Server, IP forwarding must be enabled. Additionally, the IP addresses of the routed subnet need to be added to the IPv4 properties of the network adapter. This configuration allows the server to route additional IP’s traffic to the network.

 

Open regedit and navigate to folder HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

 

Right-click IPEnableRouter and select modify, in the Value data field, change 0 to 1:

Click OK to save this value, then reboot the server for changes to take effect.

 

After reboot, open the Network Connections window (ncpa.cpl) and enter the Properties window for your selected adapter.

Enter the Properties window for Internet Protocol Version 4 (IPv4), then click Advanced:

 

In the IP addresses section, click Add:

 

Enter the first IP of the routed subnet and a subnet mask of 255.255.255.255, then click Add:

 

Repeat this for all IPs in the subnet.

When all IPs are added, click OK on this and the other open dialog boxes.

On the last window the OK button has changed to Close, click this to apply the new IPs to the system.

 

Proxmox VE 8 #

Proxmox deployments are based on Debian 12, steps to configure the network are the same as a standard Debian install.

In this configuration, a servers main IP is for Proxmox host administration, and IP’s from the routed subnet can be utilised by the guest VMs:

 

Create a backup of the initial configuration:

cp /etc/network/interfaces /etc/network/interfaces.bak

 

Open the config file in a text editor:

/etc/network/interfaces

 

The default configuration will look similar to this:

allow-hotplug enp1s0f0
  iface enp1s0f0 inet static
  address 172.16.1.100/25
  gateway 172.16.1.1
  # dns-* options are implemented by the resolvconf package, if installed
  dns-nameservers 8.8.8.8
  dns-search unassigned-domain

 

At the bottom of the file add the following to create and configure the bridge.

A usuable IP from the subnet can be entered as the address, this will become the gateway for a VM:


auto vmbr0
iface vmbr0 inet static
    address 10.1.1.9/29
    bridge-ports none
    bridge-stp off
    bridge-fd 0

 

Next, IP forwarding needs to be enabled on the host, this can be achieved by editing the sysctl.conf file:

/etc/sysctl.conf

In the file, find the following line and uncomment to enable:

Next, IP forwarding needs to be enabled on the host, this can be achieved by editing the sysctl.conf file:

net.ipv4.ip_forward=1

 

Restart the networking service to commit the changes:

systemctl restart networking

 

vmbr0 will now appear as a Linux Bridge within the System >> Network of the Proxmox node settings:

 

When creating a VM, select vmbr0 for the guest to be able to use a public IP:

 

Proxmox Virtual Machines #

A VM can now be configured to use an IP from the subnet as normal, with the address set in the host network configuration as the gateway.

Below are a few configuration examples:

 

Ubuntu

network:
  ethernets:
    all_interfaces:
      addresses:
      - 10.1.1.10/29
      gateway4: 10.1.1.9
      match:
        macaddress: 4F:43:D6:F9:7D:67
      nameservers:
        addresses:
        - 8.8.8.8
        - 1.1.1.1
  version: 2

 

Debian

allow-hotplug ens18
  iface ens18 inet static
  address 10.1.1.10/29
  gateway 10.1.1.9
  # dns-* options are implemented by the resolvconf package, if installed
  dns-nameservers 8.8.8.8
  dns-search unassigned-domain

 

Alma / Rocky Linux

The IP configuration can be setup during installation, or via the nmtui command:

 

Windows