I do not completely understand your point. Why is it another point of failure? You need a routing device without NAT. NAT excemption would achieve this, I think. You can configure a VLAN interface on the LAN side with one address out of the /29 subnet.
... View more
