Double nat - loopback public ip

Installing and Using OpenWrt Network and Wireless Configuration
1

I've got a router from my ISP which has my public WAN address, let's call it "router 1". Then I've got another router showing an internal IP from router 1 on its WAN interface, let's call that one "router 2". My internal network starts at router 2, everything in the network is connected to it and all ports from router 1 are redirected to router 2.

Everything works, however when connecting to my public IP from behind router 2, the packets go from router 2 to router 1 and then to router 2 again.

Traceroute on router 2 shows three hops (router 2 --> router 1 --> router 2):

Bildschirmfoto vom 2023-07-13 18-17-02
Bildschirmfoto vom 2023-07-13 18-17-02737×106 4.86 KB

I'd like to kind of loop my public IP back at router 2 already, in a way that it routes everything according to the port forwards as if it came from outside.

Is that possible?

2

Yes. Your magic Google search terms are "openwrt nat reflection". Good luck.

3

Thank you, I've already tried a few ways I found the internet (though I mostly remember searching for "nat loopback", is there a difference?), however mine is a bit of a special case as I would like to reflect the wan address of router 1 at router 2 already, so that it is routed as if it came from the internet/router 1. Router 2 has no interface with the wan address of router 1, so I need to create it. I did manage to add a loopback for that address on router 2, however: It looped back to router 2, not to my port forwards set on router 2. So after I tried a few things and couldn't get it to work, I signed up here to ask what I might be missing.

4

It would be nice to know what the goal with your setup is?
If you just want to overcome double nat because you want to make services on your local network reachable from the internet or you need it to get an open nat for gaming you can simply create a static route on your ISP router if it supports static routes. Then you also have to disable masquerading on the wan of your downstream router (router 2).

1 Like
5

I observed your traceroute used a hostname. I'm completely lost at your attempt to assign the R1 WAN IP on R2, nonetheless I know it's possible to:

# in /etc/config/dhcp

config domain
        option ip '192.168.1.xxx'
        option name 'v22.emanuel-loos.eu'

Yes.

If the above example wont work:

It seems as if you're describing this to be done on R2. If I understood you correctly, you wanna redirect, here is an example.

config redirect
	option target 'DNAT'
	option src 'wan' #<---or interface with IP assigned
	option proto 'tcp'
	option src_dport '80'
	option dest_port '80'
	option src_ip '192.168.x.0/24' #<---SRC network
	option name 'REDIRECT_HTTP'
	option dest_ip '192.168.30.224"
	option dest 'xxx' #<---place packet in same network SRC packet
1 Like
6

Currently all traffic from behind my own router (2) to my own public IP first goes to the ISP router (1) and comes back from there to my own router (2). I have a Gigabit internet connection and the two routers are communicating over a Gigabit link. This means that any internal traffic sent on a detour through the ISP router (1) will reduce my outbound bandwidth. Therefore, I'm looking for a way to avoid that detour by already reflecting that traffic at my own router (2).

Any traffic from my router's (2) LAN network directed at the ISP router's (1) public WAN IP should be treated by my own router (2) as if it came from the ISP router (1)/outside/the internet.

1 Like