So I set up a simple network: first comes the modem, then comes the router and behind the router my end devices. I can access the modem network from my local area network behind the router, but when I try to access the local area network behind the router from my modem side, nothing happens. Why is that so? I don't quite understand this and am wondering if the router sees the modem as a device on its local network, so the connection works, but the modem doesn't see its own NAT as part of the local network? What should I do to be able to communicate from the modem to the local network behin the router?
Asked
Active
Viewed 986 times
1 Answers
0
tl;dr: Look at your routing table. Look at the routing tables of both routers. They show exactly which networks a router (or a host) is aware of, and they show where packets for any given address would be sent.
Your 1st router (the modem) is not automatically aware of networks behind the 2nd router. It's only aware of the two networks it's directly attached to (the 1st LAN subnet and the ISP's WAN subnet). For everything else, it only has a single "default" route telling it to reach all other networks via the ISP.
However, it does not have a correct route for the 2nd subnet (there is no commonly accepted way for it to learn one¹), so all packets you send towards the 2nd subnet actually follow the default route over the WAN.
(Your other devices in the 1st subnet are the same: they don't know about the 2nd subnet, they only have their local routes and a default route.)
The only reason your 2nd subnet has any sort of outbound access at all is because the 2nd router's outbound NAT hides that network. This layer of NAT makes all outbound packets look like they came from the 2nd router itself – which is part of the 1st subnet, so your 1st router and other 1st subnet devices already know how to reach it.
That's how 1st subnet devices are able to reply to packets from the 2nd subnet despite having no routes leading there – they think they're replying to a local device (the 2nd router).
The correct way to make this work without double NAT is to add routes on the 1st subnet (either on the 1st router and/or the individual devices) telling them to use the 2nd router to reach the 2nd subnet. Look for the "Static routes" section in the modem's configuration pages.
¹ There's no automatic "inner/outer" relationship between the two networks.
Larger networks use various protocols for exchanging routes automatically (OSPF, IS-IS, iBGP, RIP, Babel, and so on), but consumer gateway manufacturers have almost zero interest in that. Only some routers happen to include RIP, but it's only useful if both routers speak it...
In theory, IPv6-capable routers should be able to learn routes using DHCP Prefix Delegation (the mechanism by which they obtain the v6 subnet prefix in the first place), but that doesn't help IPv4.
grawity
- 501,077