|How To - (Tips and Tricks) & Computer Fun All the Help You Need and Tips & Tricks for your PC & some Humourous Stuff. If You Need Computer Help, Start a New Thread in the Computer Help Section Above|
|Hallo to All Members. As you can see we regularly Upgrade our Servers, (Sorry for any Downtime during this). We also have added more Forums to help you with many things and for you to enjoy. We now need you to help us to keep this site up and running. This site works at a loss every month and we appeal to you to donate what you can. If you would like to help us, then please just send a message to any Member of Staff for info on how to do this,,,, & Thank You for Being Members of this site.|
||LinkBack||Thread Tools||Display Modes|
Join Date: Feb 2011
Thanked 12,139 Times in 8,058 Posts
Avoid Double NAT Probs When Using Modem/Router Combo
How to Use Your Router and ISP’s Modem/Router Combo In Tandem
If you’re running your own router alongside the modem/router combo your ISP gave you, there’s a good chance you’re inadvertently giving yourself a huge headache and a host of difficult-to-pin-down network problems. Let’s look at why these issues arise, how to detect them, and how to fix them.
Why Double the Routers Equals Double the Headaches
The worst kind of tech problems are the ones that are difficult to pin down. If you get a new cable modem from your ISP, for example, and it simply won’t work, that’s an easy problem to troubleshoot. But what if you start seeing small but annoying problems over the course of several weeks? It becomes increasingly difficult to pin down exactly what is wrong with your network (or what is even causing it in the first place).
Running two routers simultaneously on your home network is exactly the kind of situation where these phantom problems can arise. Before we get into exactly why that can cause such a headache, let’s look at how you might end up in that situation without even realizing it.
The most common situation is this: your ISP gives you a modem that is actually a combination modem/router, and then you add in a router of your own. Now all your internet-bound traffic is passing through your new router and the ISP-supplied router.
While that’s the most common version of this problem, it can also happen if you use two routers in tandem. Maybe you use an older spare router as a switch for some extra Ethernet ports, or as an extra Wi-Fi access point without properly configuring it.
In all these instances, you end up in a situation where any given communication on your home network may (or even must) pass through two routers. Passing through two networking devices like that isn’t automatically bad, but if both devices are running a Network Address Translation (NAT) service, then you end up in networking bind known as a “Double NAT”.
The NAT service on your router is a very handy thing. In a nutshell, it’s the service that takes all the incoming requests directed at your singular public IP address, and deftly translates them to the internal private IP addresses of your computers and gadgets. When there are two of them, however, things get messy, as it forces all those network requests to traverse two translation events.
At best, it introduces latency into your network connections, which can cause lag in latency-sensitive applications like gaming. At worst, it completely wrecks UPnP (Universal Plug and Play) and any other router-based service that relies on the premise that the router will always be facing out towards the greater internet (and not facing into another internal network). UPnP, the most common victim of the double NAT, is a handy router service that automatically forwards ports on your router so applications that require specific or forwarded ports will work properly.
When a device connected to router (that is in turn connected to another router) attempts to set up a port forward arrangement via UPnP, it ends up forwarded not to the greater internet but to the other router. This forwarding-dead-end means a wide range of applications and services–communication apps like Skype, smart home apps and hardware like your Nest thermostat, and music hardware like your Sonos music system–either outright fail or require a lot of annoying trouble shooting on your behalf to fix.
At this point, more than a few of you are likely leaning back in your chair and saying “Yes. That. I plugged my own router into the combo-box my ISP gave me and now I have all sorts of headaches. What do I do?” Let’s look at how to detect if you’re experiencing a double NAT and how to fix it.
How to Detect a Double NAT
Network Address Translation (NAT) is such an ubiquitous feature in modern routers that if you’ve simply plugged one router into another router, it’s practically a given that you’ve accidentally created a double NAT.
Nonetheless, it’s handy to actually test whether or not you’re behind a double NAT, if for no other reason than it makes it easy to confirm when you’ve fixed the situation. The simplest test you can conduct is to check what the Wide-Area Network (WAN) IP address of your router(s) is. This is the IP address of what the router believes to be the outside world and may be labeled as the “WAN IP”, “Internet IP”, “Internet Address”, or “Public Address” depending on your router.
Log into the control panel of each of the routers on your home network. If, for example, you have a router you purchased and a router supplied by your ISP, then you will want to connect to both of them and check what they report as their WAN IPs. Here’s an example, via our D-Link router running DD-WRT firmware, of what you’re looking for.
In the above screenshot you can see that the “WAN IP” of the router is identified as 97.*.*.*. This is excellent, as it indicates that our public IP address is an IP address that belongs to our ISP. What we do not want to see here is an IP address like 192.168.0.1, 10.0.0.1, or 172.16.0.1 or slight variations thereof, as those address blocks are reserved for private networks. If the WAN IP address of your router is anywhere within those address blocks, it means your router is not connecting directly to the internet but is instead connecting to another piece of routing hardware.
How to Fix a Double NAT
There are several ways you can fix a double NAT problem, and thankfully they’re all pretty simple to employ. While we’d love to provide specific instructions for your exact situation, there are simply too many routers, too many firmware versions, and too many possible combinations there of, for us to possibly give you the exact combination of steps for your hardware. Nonetheless, if you combine our guidance with a Google search or two related to your specific hardware and firmware, we’re confident you’ll have the problem resolved in no time.
If messing around with network hardware is new territory for you, you may want to check out our straight forward guide to routers, switches, and network terminology before proceeding.
Remove the Extra Hardware
This is, by far, the simplest solution. In a scenario where there is truly a piece of redundant hardware then it is easiest to just remove it. Let’s say, for example, you (or the relative whose connection you’re trouble shooting) purchased a nice new router and promptly plugged it into the old router. Rather than deal with the logistics and wasted energy of running two routers, you can simply remove the old router to banish the double NAT.
Switch Your Primary (ISP) Router to Bridge Mode
When your problem exists because you have an ISP-supplied router/modem combination unit (in addition your own router), the best solution is to switch the ISP-supplied router to “bridge mode”. Bridging is simply an old networking technique that transparently links two different networks. By switching to bridge mode, you are instructing modem/router combo to essentially act as a modem only–turning off all routing functions.
While this is an excellent way to resolve the double NAT problem, there is one thing you need to be aware of: any devices, besides the router, that were previously connected to your ISP-supplied router/modem need to be moved to your actual router. If you have a computer plugged directly into the Ethernet port of the ISP unit, for example, when you switch to bridging mode, you’ll need to connect it to your personal router instead. Also, if the ISP-supplied unit has a Wi-Fi access point that some of your devices are connected to (say, your iPad) then that access point will no longer work and you will need to transition all Wi-Fi devices over to your personal router.
Try googling “bridge mode” along with the model number of your ISP-supplied router, and you may find instructions for enabling bridge mode. Sometimes you need to directly contact your ISP, though, to have them set your ISP-supplied router to bridge mode. In the screenshot below you can see an example of selecting “Router Mode” and “Bridge Mode” as it appears in the Cisco control panel found in dozens of different common router/modem combination units.
While we’re on the subject of bridge mode, although you can, technically, switch the router behind your ISP router to work as a bridge, we’re not recommending that on account of two things. First, customer purchased routers are almost always higher quality than ISP-supplied routers, so you’re better off using your own router than the one they give you. Second, although you can dumb a router down to the point that it’s just a network switch, it’s a waste to do so with a good router. (Unless, of course, you already had it lying around and need a few extra ports.)
Put Your Secondary Router Into the DMZ
This is a less common and less ideal, but still perfectly viable solution: you can put your router in the ISP-supplied router’s DMZ. Most routers have an option to place a device into the DMZ (aka the Demilitarized Zone) wherein all that device’s traffic is simply passed on to the greater internet (and vice versa). If your ISP-supplied router doesn’t offer a bridging mode but does offer a DMZ option, this may be your only solution. Search through the settings of your ISP-supplied router and plug in the IP address of your personal router into the DMZ list (reference support documentation for your particular model if you’re having trouble locating this feature).
Again, using the Cisco control panel found in some many ISP-supplied combo units, here’s what the DMZ interface looks like:
While putting a computer or other gadget in the DMZ is usually not an advisable course of action (as it leaves that device exposed to the internet), putting a router in the DMZ is perfectly fine (as the router was intended to connect directly to the internet anyway).
The only problems you may run into with this solution is if you fail to take all your equipment off the ISP-supplied router and put it on your personal router as the ISP-router’s network and your router’s network will function completely independently of each other. This means if your laser printer is hooked up to your ISP-supplied router, and you’re trying to print from your laptop on your personal router, the two devices simply won’t see each other.
"There’s a very good chance if you’re experiencing some sort of difficult-to-pin-down network problem and you’re running two routers on the same network, that the two router setup is to blame. With a little trouble shooting and a quick settings change on one of the routers you can, painlessly, banish your connection related headaches."
**Thanks to Geek Jason Fitzpatrick, who is a warranty-voiding DIYer who spends his days cracking opening cases and wrestling with code so you don't have to. If it can be modded, optimized, repurposed, or torn apart for fun he's interested (and probably already at the workbench taking it apart).
Nil Carborundum Illegitemi ... My Advice is Free... My Friendship is Priceless!
...PLEASE HELP US >>> Donate Something...
& THANK YOU For Being Members of ... 1...
|Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)|