Different Devices on LAN assigned to distinct external IP addresses

TL;DR Different devices on my LAN are showing different external IP addresses, and none of them are VPN clients.

I recently identified a weird issue where multiple devices attached on the same LAN interface show different external IP addresses. It seems that each unique physical port maps to a different external IP.

I'm not sure if this is some weird issue on my internal network config or an artifact of carrier grade NAT on ATT LTE (My ISP).

Details of my setup:

Using a Netgear LB1120 with ATT SIM Card as my WAN gateway.

Open-WRT (OpenWrt 18.06.2 r7676-cddd7b4c77 / LuCI openwrt-18.06 branch (git-19.020.41695-6f6641d)) configured with the LB1120 on the WAN interface. Configured both wireless and physical interfaces as part of the LAN firewall zone.

It seems like each physical interface is mapped to a different external IP (ie. on wifi I see IP A on icanhazip.com, on an ethernet connected computer I see IP B, on another ethernet connected computer (different port) I see IP C) Each of these devices are on the same internal LAN and can talk to each other with no problems. None of these are configured as vpn clients

Someone on another forum suggested this could be caused by VPN/IP Passthrough. I found that setting enabled on my LB1120 and have disabled it, but it doesn't appear to have resolved the issue.

Has anyone seen anything similar? Scratching my head on this. Please let me know if there are more details I can provide.

config interface 'lan'
        option type 'bridge'
        option proto 'static'
        option netmask '255.255.255.0'
        option ip6assign '60'
        option ipaddr '192.168.1.1'
        option dns '192.168.1.3'
        option ifname 'lan0 lan1 lan2 lan3'

config interface 'wan'
        option ifname 'eth2'
        option proto 'static'
        option ipaddr '192.168.5.2'
        option netmask '255.255.255.0'
        option gateway '192.168.5.1'
        option metric '1'

Different IPv4 addresses or IPv6? Or both?

I don´t think this is really the case...

Just a guess here -- it is possible that the CG-NAT ends up routing through a large cluster of border/edge gateways and may have a round-robin or other load balancing type of behavior in as it routes each new connection and/or device.

That said, is this just a curiosity, or does it matter (i.e. is it causing some sort of issue for your network)? If you're behind CG-NAT, you don't have a publicly routable IP, so this would be subject to change on the ISP side anyway, and you can't setup port forwarding and such.

1 Like

It seems like this could be the case.

It was causing an issue for me with activating a new home automation device which requires a first time setup which matches the device's external ip to the external ip of the browser I was using to activate the device. Since they didn't match the device wasn't being discovered.

I was just now able to work around this by connecting the device to an interface configured to use an external VPN to perform the activation from a browser on the same VPN.

This is no longer a blocking issue for me. I'll try to read up more on CG NAT to get more details about how this is happening. Thanks for the response!

What are these? And where is the rest of your config?

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.