NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

FishDawg's avatar
FishDawg
Aspirant
Feb 11, 2022

Orbi NAT Hairpinning/Loopback Not Working

I have the Orbi RBR750 router. I set up port forwarding as well as dynamic DNS. Everything works as expected when connecting to servers on my local network using that DNS name and port number when c...
CrimpOn's avatar
CrimpOn
Guru - Experienced User
Feb 20, 2022

I can now confirm that both DDNS and IP works with my Orbi RBR50.  Rather than forwarding port 80 to Pi-hole, I forwarded port 80 to my Epson printer, which has a web interface.  With a browser on my PC, http://<DDNS> works. http://<public IP> works.

 

It might be worth a few minutes to confirm that the public IP being used by DDNS is the IP that the Orbi reports on the Advanced Tab, Internet panel for IP Address.  This is easy to do. Connect to any of the "what is my IP address?" web sites and compare the IP that they return against the Orbi.

 

I also like to use a web site to confirm "is this port open?", such as Gibson Research Shield's Up! https://www.grc.com/shieldsup 

 

So far, I am down to two alternatives:

 

  1. Port forwarding may be set up on the Orbi, but it is behind another router and does not have the true public IP. This means that NAT loopback cannot work. Or...
  2. Your Orbi does not work like my Orbi.  This is such a basic part of the code that it seems unlikely. but.....???
CrimpOn's avatar
CrimpOn
Guru - Experienced User
Feb 20, 2022

(beating dead horse....)

 

Did another packet capture of WAN/LAN traffic.

 

  • Forwarded port 80 to Epson printer, 192.168.1.4.
  • Flushed DNS cache on Windows
  • Connected web browser (Edge) on PC to http://DDNS (secretname.mynetgear.com)
  • The printer management page displays.  (It takes a bunch of GETs and responses to display one web page.  sheeesh.)
  • The WAN capture includes zero HTTP packets from the internet to the router.  (This is to be expected because no one on the web should expect me to be hosting a web site.)
  • The LAN capture includes zero packets (of any kind) directly between the PC and the printer.  (I was not printing anything.)
  • The LAN capture includes all of those HTTP GETs from the Orbi router to the printer and bunches of packets from the printer back to the router..

My conclusion is the NAT loopback is working as expected. The PC thinks that secretname.mynetgear.com is "out there" somewhere and sends HTTP packets to the router.  The router responds with HTTP information that it got "from somewhere", but none of those packets went farther than the router.

 

My money is still on one of two possibilities:

  1. There is a Double NAT which prevents port forwarding and NAT loopback, or
  2. The RBR750 is kerfluxed.