Problem with NAT Loopback after update

I've been using a old version of OpenWRT on a WRT1900ACS for many years, and I just updated to 23.05.

I set up port forwarding to a HTTPS server running on the LAN:

config redirect
        option dest 'lan'
        option target 'DNAT'
        option name 'HTTPS'
        option src 'wan'
        option src_dport '443'
        option dest_ip ''
        option dest_port '443'

I can access the HTTPS server from WAN, but not from LAN. NAT Loopback is enabled. This worked out of the box on OpenWRT 19.07(?).

However, if I set reflection_src to external, it does work.

        option reflection_src 'external'

Does anyone know why it works with external and not internal? What exactly changed so that it now requires the reflection_src set to external?

Summary with the config posted, without reflection_src set to external:

  • WAN -> SERVER works using the routers public IP
  • LAN -> SERVER does not work using the routers public IP
  • LAN -> SERVER does work using the servers LAN IP