Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




33 posts

Geek


# 20669 2-Apr-2008 16:14
Send private message


I've recently come across a couple of ADSL modems with NAT enabled. In both cases there are wireless routers involved too so the computers are effectively "double-NATted". I'm surprised the modems are using NAT - I thought the usual scenario was that the ISP allows for one IP, and if you have more than one device get a router. That's what TCL does. Quite what the need for NAT is in the modem I don't know.

Anyway, my question is: does anyone know if this is normal in NZ? How about with ADSL (or other) connections overseas?

Some background: I've developed a couple of products that make services available on the net; they're targeted at your average home or small office user. I use UPnP and NAT-PMP to open a port in the router for incoming connections. Great, usually, but this won't get through two layers of NAT of course.

Obviously there are ways around this with a bit of configuration - make the modem DMZ to the router, or put the router in bridge mode (the first being more useful because the modems seem not to do UPnP) - but I'm trying to take the burden of configuration away from the user. This NAT-behind-NAT scenario has me a little worried, so any advice as to how common it is would be great.

Adrian

Create new topic
652 posts

Ultimate Geek

Trusted
Subscriber

  # 120524 2-Apr-2008 16:20
Send private message

You'd be damn lucky to find an ADSL modem out there that isn't also a router - hence the ability for NAT...

I haven't seen a standalone ADSL modem in a long time. I'm not saying that you can't buy them (well maybe I am - can you still buy them??), it's just that i haven't physically handled one in a long time. And I deal with my fair share of ADSL routers



33 posts

Geek


  # 120531 2-Apr-2008 16:45
Send private message

Right. So I guess what I'm really interested in is whether the router functionality is turned on in your standard home ADSL installation.

It seems odd to act as a router when you can only have one device attached. Is it all about the firewall? Or perhaps there's something I'm missing about the way ADSL works?

 
 
 
 


652 posts

Ultimate Geek

Trusted
Subscriber

  # 120538 2-Apr-2008 16:57
Send private message

With some of the ADSL routers that have only a single RJ45 (LAN) port, then it's just simply a matter of sticking a simple network switch behind it and then you can connect PCs till your heart's content.

Other than the ridiculous basic, single-port ADSL routers that many ISPs hand out for free with new connections, I'd hazard a guess that the majority of all other ADSL routers have 4 LAN ports. But increasing the number of PCs that can connect to the router (regardless of whether it's only got 1 LAN port or 4) is simply a matter of connecting a network switch (or several!).


836 posts

Ultimate Geek

Trusted

  # 120542 2-Apr-2008 17:19
Send private message

You can setup your ADSL router as a half bridge if it supports it and then have it connected to your wireless router to prevent double NAT.



33 posts

Geek


  # 120556 2-Apr-2008 18:08
Send private message

bcourtney:

Other than the ridiculous basic, single-port ADSL routers that many ISPs hand out for free with new connections...


Ah, it's exactly these that I'm interested in - the experience of the average punter.

I was playing with a Telecom-provided one today. It was using NAT - my fear is that this is what they do for the standard installation.

6964 posts

Uber Geek

Trusted
Subscriber

  # 120558 2-Apr-2008 18:11
Send private message

Unforturnately not many ADSL modem/routers support half bridge, so I find normally its easier to just not use the router in the WiFi router, ie dont use the WAN port of the WiFi router and just connect a LAN port of that router to the ADSL modem, and turn the WiFi routers DHCP server off.

I have noted double nating is quite common, it seem more from ignorance than anything else. Bottom line is that for normal browsing and apps where LAN clients create connections with servers out on the Internet/Wan most users see no problems. As soon as you introduce anything more complex like SIP then the wheels fall off.

I was playing with a Telecom-provided one today. It was using NAT - my fear is that this is what they do for the standard installation.


Dont forget that NAT is the core of a basic Firewall for simple routers, so naturally its desired even in a single port modem/router.

Cyril

117 posts

Master Geek


  # 120559 2-Apr-2008 18:15
Send private message

Half bridge it mate

 
 
 
 


5545 posts

Uber Geek

Trusted
Lifetime subscriber

  # 120566 2-Apr-2008 18:46
Send private message

Dynalink RTA1320 or Linksys AM300 are two common routers here that do half-bridge mode. (NB: the Linksys requires the lastest firmware to work correctly).




Chorus has spent $1.4 billion on making their xDSL broadband network faster and even more now as they are upgrading their rural Conklins. If your still stuck on ADSL or VDSL, why not spend $195 on a master filter install to make sure you are getting the most out of your connection?
I install - Naked DSL, DSL Master Splitters, VoIP, data cabling and general computer support for home and small business.
Rural Broadband RBI installer for Ultimate Broadband and Full Flavour

 

Need help in Auckland, Waikato or BoP? Click my email button, or email me direct: [my user name] at geekzonemail dot com


637 posts

Ultimate Geek

Trusted

  # 120573 2-Apr-2008 19:06
Send private message

lyall:
I've recently come across a couple of ADSL modems with NAT enabled. In both cases there are wireless routers involved too so the computers are effectively "double-NATted". I'm surprised the modems are using NAT - I thought the usual scenario was that the ISP allows for one IP, and if you have more than one device get a router. That's what TCL does. Quite what the need for NAT is in the modem I don't know.

Anyway, my question is: does anyone know if this is normal in NZ? How about with ADSL (or other) connections overseas?

A NATing DSL gateway is common, given the PPPoA nature of the TNZ network.  Half-bridge is a kludgey work-around and not common.

The NATing wireless gateway sounds like the problem to me - this is obviously user error in using the wrong device (or wrong device config) for their topology.

You can expect to see about 99% of the DSL population in NZ sitting behind NAT, on the DSL device.



33 posts

Geek


  # 120577 2-Apr-2008 19:25
Send private message

Thanks a lot everyone. It sounds like the answer is yes, I definitely need to be aware of this situation.

A bummer, but better than not knowing about it!

637 posts

Ultimate Geek

Trusted

  # 120588 2-Apr-2008 20:01
Send private message

lyall: Thanks a lot everyone. It sounds like the answer is yes, I definitely need to be aware of this situation.

Yes, it's definitely worth knowing about.  It sounds like you've followed good development so far, but it's always worth it to keep on top of what the IETF BEHAVE working group is developing for NAT/multi NAT best practices.

There's been discussions inside IETF and other industry bodies about extending uPNP/NAT-PMP to support cross boundary port requests, which would resolve the issue you have raised.

22510 posts

Uber Geek

Trusted
Subscriber

  # 122828 11-Apr-2008 12:52
Send private message

This is because places are still telling people that they have a dsl modem.

There is no dsl modem that will operate on a pppoa network and present it on a ethernet interface currently available. The m1122 had its pptp to pppoa relay, which worked except there are stuff all routers that will do pptp on the wan interface.

The half bridge (ab)uses dhcp to hand out the wan address to a PC, it uses another valid internet IP as the gateway IP and that makes neighboring ips on the internet inaccessable since they are misused as the broadcast and network address on the lan segment.

There is internal and usb modems that will get the real ip onto the pc properly by running ppp on the computer, but they arent common, and are useless in your example since they wont connect to a standalone router that people buy anyway.

UDP and stun seems to be sweet as thru multiple nats, perhaps look into using that?




Richard rich.ms

637 posts

Ultimate Geek

Trusted

  # 122900 11-Apr-2008 17:22
Send private message

richms: The half bridge (ab)uses dhcp to hand out the wan address to a PC, it uses another valid internet IP as the gateway IP and that makes neighboring ips on the internet inaccessable since they are misused as the broadcast and network address on the lan segment.

Anything that implements the half-bridge "workaround" should also implement local-proxy-arp to make the neighboring IPs available.

Any device that doesn't is flawed.

Create new topic



Switch your broadband provider now - compare prices


Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Logitech introduces new Made for Google keyboard and mouse devices
Posted 16-Oct-2019 13:36


MATTR launches to accelerate decentralised identity
Posted 16-Oct-2019 10:28


Vodafone X-Squad powers up for customers
Posted 16-Oct-2019 08:15


D Link ANZ launches EXO Smart Mesh Wi Fi Routers with McAfee protection
Posted 15-Oct-2019 11:31


Major Japanese retailer partners with smart New Zealand technology IMAGR
Posted 14-Oct-2019 10:29


Ola pioneers one-time passcode feature to fight rideshare fraud
Posted 14-Oct-2019 10:24


Spark Sport new home of NZC matches from 2020
Posted 10-Oct-2019 09:59


Meet Nola, Noel Leeming's new digital employee
Posted 4-Oct-2019 08:07


Registrations for Sprout Accelerator open for 2020 season
Posted 4-Oct-2019 08:02


Teletrac Navman welcomes AI tech leader Jens Meggers as new President
Posted 4-Oct-2019 07:41


Vodafone makes voice of 4G (VoLTE) official
Posted 4-Oct-2019 07:36


2degrees Reaches Milestone of 100,000 Broadband Customers
Posted 1-Oct-2019 09:17


Nokia 1 Plus available in New Zealand from 2nd October
Posted 30-Sep-2019 17:46


Ola integrates Apple Pay as payment method in New Zealand
Posted 25-Sep-2019 09:51


Facebook Portal to land in New Zealand
Posted 19-Sep-2019 18:35



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.