rancid-lemon Posted December 13, 2011 Share Posted December 13, 2011 Guys, I would like to use NAT loopback to connect to things whilst in my network. Correct me if I am wrong but the aim is to connect to things in my LAN via my WAN address - at LAN speeds (hope that makes sense!). This should (?) allow me to have one setting that works for connecting both from LAN and *somewhere with internet*. Does this sound doable or have I misunderstood loopback? Cheers, rancid Link to comment Share on other sites More sharing options...
+BudMan MVC Posted December 13, 2011 MVC Share Posted December 13, 2011 Nat loopback, loopback forwarding or nat reflection it can be called a few different things. Nat Reflection is when your behind a nat, say your on 192.168.1.100, and you run a server on say 192.168.1.101 for http which you forward port 80 to when someone accesses 1.2.3.4. Which is public address and how say I would access it from starbucks at www.somedomain.com which points to 1.2.3.4 Now you resolve www.somedomain.com to that same 1.2.3.4 address which is the wan interface on your router. You want you router to reflect your access from 192.168.1.100 to 1.2.3.4 back into 192.168.1.101 Support for this is going to depend on your router. Some support, others do not. If you router does not support it, just setup either a host file on your machine to resolve www.somedomain.com or your local dns to the 192.168.1.101 address this way you never even have to touch your router. To be honest this is the better solution. What specific router do you have? Link to comment Share on other sites More sharing options...
rancid-lemon Posted December 14, 2011 Author Share Posted December 14, 2011 Hey BudMan cheers for the reply, I have the following network devices providing internets. Not sure where the actual loopback would take place so I'll give both: DrayTek Vigor 120 - adsl modem - http://www.draytek.co.uk/products/vigor120.html DrayTek Vigor 2920n - router - http://www.draytek.co.uk/products/vigor2920.html <-- This would be my guess for where loopback would be occuring, NAT is here. Hadn't thought about the hosts file, that will def be a possible solution, although not ideal as I would like this to work from all possible devices, most importantly, my android - not sure it has a hosts file?? (will look into that if necessary) Cheers, rancid Link to comment Share on other sites More sharing options...
+BudMan MVC Posted December 14, 2011 MVC Share Posted December 14, 2011 Ah --- yeah that is a true modem, you don't see those very often. Yup you would setup forwarding on the 2920, so your saying it not working if you have gthe forward setup already? Then that devices does not support loopback forwarding then. RTFM to see if supported.. Can you access your server from the outside currently?? If so and you can not from local using the public IP than I would guess not supported. I currently don't have time to RTFM for you ;) Link to comment Share on other sites More sharing options...
rancid-lemon Posted December 14, 2011 Author Share Posted December 14, 2011 Not entirely sure, tbh. I may not have opened the ports on the router. Would they need to be open for it to work, I had presumed that since It didn't actually leave NAT I could test without forwarding. Not correct? Lol, I didn't know what RTFM meant, had to google it - lucky I didn't ask :p Yeah, there is no mention of NAT reflection, Loopback or hairpin, which I understand is the same also. EDIT: although there seems to be evidence of loopback on the 120?! (albeit not official proof by any means) Think I will get in touch with DrayTek support and see if they know what the deal is. Failing that, hosts file looks like it could be a goer, after a brief look see android does appear to have a hosts file. Looks like root access is required and that people are using it to block ads. rancid Link to comment Share on other sites More sharing options...
rancid-lemon Posted December 14, 2011 Author Share Posted December 14, 2011 Also, it has just occurred to me that the host file route won't work as required. If I understand it correctly anyway. Reason being, if I set up hf to resolve domain to internal ip, this will work from inside lan, but not externally. What am I missing? Link to comment Share on other sites More sharing options...
+BudMan MVC Posted December 14, 2011 MVC Share Posted December 14, 2011 You mean if you take your device outside your lan, yeah that would be a problem -- if the device leaves your local network, then use dns. Again I currently don't have time to read your routers manual for you, or its capabilities for DNS.. You are clearly running some server you need access to from the outside and inside, so this "server" could be your dns -- you could run bind on it for example, or whatever other dns server you want, unbound is good, etc. etc.. So I quickly created an example using my local dns, that all devices on my network use. took www.slashdot.org as example if you ask an public dns server for this ; <<>> DiG 9.8.1-P1 <<>> @4.2.2.2 www.slashdot.org ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21492 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.slashdot.org. IN A ;; ANSWER SECTION: www.slashdot.org. 3230 IN A 216.34.181.48 ;; Query time: 13 msec ;; SERVER: 4.2.2.2#53(4.2.2.2) ;; WHEN: Wed Dec 14 08:13:41 2011 ;; MSG SIZE rcvd: 50 See it returns public IP 216.34.181.48 Say I was hosting that site on a box on my my network 192.168.1.13 for example. Now if router supported nat reflection I could access 216.34.181.48 and since I have a forward setup my router would send me back into .13 Well if my router does not support loopback, I could just use a host file to point www.slashdot.org to 192.168.1.13, or I could setup my local name server to point to it so all devices on my local network resolve to .13 example currently my dns server asks the roots and returns the public IP ; <<>> DiG 9.8.1-P1 <<>> www.slashdot.org ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 23772 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: ;; QUESTION SECTION: ;www.slashdot.org. IN A ;; ANSWER SECTION: www.slashdot.org. 3600 IN A 216.34.181.48 ;; Query time: 295 msec ;; SERVER: 192.168.1.253#53(192.168.1.253) ;; WHEN: Wed Dec 14 08:18:08 2011 ;; MSG SIZE rcvd: 50 but simple enough to put in a record for that and now ; <<>> DiG 9.8.1-P1 <<>> p4-28g.local.lan ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24161 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.slashdot.org. IN A ;; ANSWER SECTION: www.slashdot.org. 3600 IN A 192.168.1.13 ;; Query time: 2 msec ;; SERVER: 192.168.1.253#53(192.168.1.253) ;; WHEN: Wed Dec 14 08:21:26 2011 ;; MSG SIZE rcvd: 50 Now clearly when my devices are off my local lan they would not be using my local 192.168.1.253 box for dns and would resolve the normal public IP address. Link to comment Share on other sites More sharing options...
Recommended Posts