NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
A Triple NAT Experiment
The conventional advice is that there should be only one "router" in a home network, either the ISP device or the user's WiFi router. We offer three solutions: (1) put ISP device into bridge mode, (2) put User WiFi into Access Point mode, or (3) create a DMZ for the user WiFi router.
It is really clear that having a "Double NAT" can interfere with numerous applications: internet gaming, port forwarding/triggering, UpNP, remote desktop, VPN access to the LAN, access to security cameras, potential QoS conflicts, etc.
I am bothered that when a user posts a problem, we often jump immediately into the "Double NAT" discussion before determining whether the problem is at all related to having more than one router. That seems to me like seeing a doctor because "my elbow really hurts," and having the doctor respond, "Well, you need to watch your weight, eat a balanced diet, quit smoking, get a flu shot, exercise 30 minutes a day, etc. etc." That is all good advice, but does it have anything to do with the problem?
As an experiment, I set up a "Triple NAT" by connecting a TP-Link Archer A7 to my Orbi, then connecting another Orbi to the A7. i.e. three routers in a row. Used a PC and smartphone connected to the last Orbi to verify that these operations "work just fine."
web browsing
play YouTube video
Thunderbird email
nslookup command
tracert command
(all of the above require DNS)
Android Facebook app
Android Nest Thermostat app
Android KASA smartplug app
Android Reolink security camera app (streaming video)
Android GMail app
Android Facebook app
What did NOT work?
Connecting to a printer that is attached to the "first router". This is one of the common "Double NAT" situations that people face when they connect their new Orbi to an ISP router that already has devices connected to it. I did not attempt any of the applications known to fail with Double NAT, such as gaming, VPN, port forwarding, etc.
I have long believed that hundreds (thousands) of people purchase a WiFi router, connected it to their existing ISP router, and never notice anything amiss. This experiment reinforces my conviction that we would be more helpful to people posting problems if we make at least a brief attempt to understand the problem before launching into the "Double NAT" discussion.
3 Replies
Double NAT is not a bad thing, as some continuously post. It might get confusing for a novice, but there are advantages as well. You might run into issues with services that require UPnP support or manual port forwarding.
My office building, until recently, had 3 routers, connected to the ISP router, all setup on separate subnets, (4 NATS), 1 for each leased floor. The 3 routers are now replaced with 3 separate WIFI 6 mesh systems, connected to the ISP router, all setup on separate subnets, (4 NATS), with switches connected for wired devices and the mesh nodes offering great WIFI coverage.
We also install many mesh systems, in homes, where customers want their TVs, Alexa devices, smart devices, etc connected to the main ISP router, and their laptops, PCs, printers, cameras and other network devices that continuously share their connections for access to shared hard drives, viewing local cameras on multiple PCs, print to different shared printers, etc., connected to the mesh system. We never have any problems or see slowdowns or disadvantages using this setup.
CrimpOn I agree with you for the most part. The only issue is the surprising amount of times that it does resolve the issue.
So I don't compare it to the health checkup analogy.
I more compare it to a check off list for troubleshooting.
1. is it plugged in?
2. did you reboot?
3. etc.
Because many times its the little things that get missed. I've done it myself where I'm fighting an issue and I stop, have a beer, and just look at it. And find out the cable wasn't seated all the way or a switch in the basement was turned off by one of my turd monkeys that run around.
And it could potentially be the nat issue but it could also be the steps to fix the nat issue, correct a different error. So while I don't consider it a "fix all", I do consider it reasonable to correct prior to moving on.
