NAT Loopback Routers

From OpenSimulator

Jump to: navigation, search


Contents

INTRODUCTION

What is NAT Loopback and why is it needed to host a public Opensimulator Region?

Currently (as at August 2010), a hosted region on a home connection with a broadband router needs, what is known as NAT Loopback functionality.

Many DSL routers/modems prevent loopback connections as a security feature. This means that a machine on your local network (e.g. behind your DSL router/modem) cannot connect to a forward facing IP address (such as 199.149.252.44) of a machine that it also on your local network. Connecting to the local IP address (such as 192.168.2.40) of that same machine works fine.

This is an issue since each region has to specify an IP address for the client to connect. This is the ExternalHostName parameter in a regions config file (e.g. bin/Regions/Regions.ini). In the absence of NAT loopback, if a forward facing IP address is specified (such as 199.149.252.44) then external clients will be able to connect to the region but clients on your local network will not. If the internal address were put in ExternalHostName instead (e.g. 192.168.2.40) then viewers on the local network will be able to connect but viewers from an external network would not.

This page shows a list of routers supporting NAT Loopback. Please add both known working and non-working routers to the list.

If solving the problem by configuring your router turns out not to be possible, you can work around it by setting up some IPTable rules on the computer you're using to browse the web (assuming it's a GNU/Linux OS). For details see the NAT Loopback Iptables-script.

Modern routers

Modern routers designed for VDSL (Very High Bitrate Digital Subscriber Line), cable,

and fiber optic connections typically feature a wide range of functions to meet the demands of various broadband connections.

Through a DynDNS provider, your router can be reached under a fixed domain name from the internet, even if the router's public IP address changes regularly.

The corresponding domain names and account information are provided by your DynDNS provider.

This allows the user interface of your router as well as applications and services to be easily accessed once port forwarding has been set up in the router.

Regarding the DNS service for OpenSimulator (a platform for virtual 3D worlds), routers typically obtain DNS server information from your Internet Service Provider (ISP).

Alternatively, you can also use alternative DNS services such as Google DNS (8.8.8.8 and 8.8.4.4) or Cloudflare DNS (1.1.1.1 and 1.0.0.1).

For operating an OpenSimulator server, you can either set a static IP address for the server and configure the corresponding DNS settings or utilize Dynamic DNS (DDNS) services to manage a dynamic IP address.

These services enable assigning a hostname to your server that automatically updates when the IP address changes.

Router/Modem Table

Router / Modem Table

(this information gathered from the OpenSimulator WIKI and OSGrid forums information collectively and assembled into this sortable formatted table for ease of use and quick access. Links provided are either to the Manufactures pages or Pages which can further assist in configuration and troubleshooting.)

Make Model Status Notes
Actiontec GT701-WG Works [1] Verizon FIOS and Frontier networks with TV and Phone service may require bypassing the ActionTech with another router. Loopback does not work reliably between ports so teleports are unreliable without a loopback driver. OsGrid Forum post showing how to get it to work on Linux.
Actiontec Verizon FiOS Router Model # 424WR Works [2] Verizon FIOS and Frontier networks with TV and Phone service may require bypassing the ActionTech with another router. Loopback does not work reliably between ports so teleports are unreliable without a loopback driver.
Airlink Airlink 101 Super G Works older model, search for reference
Airlink Airlink 101 802.11G wireless Works older model, search for reference
Apple AirPort Extreme Works
Arris TM502b Works [3]
Arris TM1602G Not Working Arris Touchstone from Spectrum
Arris BGW210-700 Loopback is flaky Software Version 1.7.17 [4]
Astoria Networks Bright Box Wireless Router Not Working
Asus WL-520GC Works [5]
AVM FRITZ!Box Works [6] Except 3790 VDSL Router (old stock)
Belgacom BBox-2 BBox-2 Docs Works Also known as SAGEM 3464. BBox-1 work, BBox-2 = Method 1: flash the firmware (in this case we lose the guarantee provider) Method 2: Configure Bbox Bridge mode and put a second router for OpenSim-Sim. LOGICAMP tuto (in french)
Belgacom BBox-3 BBox-3 Docs Works The Technicolor Model of BBox-3 have Nat Loopback BUT the Sagem Model NOT. You can ask Belgacom to give you a Technicolor model or you can go change it in shop. (Last Update 01-01-2018).
BT BT Home Hub V2 Works [7]
BT BT Home Hub 3 (model B) Works [Tested using firmware V100R001C01B031SP12_L_B on standalone ]
BT BT2700HGV Works [ http://portforward.com/english/routers/port_forwarding/BT/BT2700HGV/defaultguide.htm]
Cisco RV042 Works
Cisco DPC3848VM No Loopback
Dlink DGL-4500 Works [8]
Dlink DGL-4300 Works [9]
Dlink DI-524 Works [10]
Dlink DIR-600 Works [11]
Dlink DIR-601 Works [12]
Dlink DIR-625 Not Working [13]
Dlink DIR-628 Works [14]
Dlink DIR-635 Works [15]
Dlink DIR-655 Works [16] Current hardware version "B" doesn't work.
Dlink DIR-835 Not working [17]
Dlink DSL-2680 Not Working
Dlink DSL-3680 Works Needs manual configuration. Guide at [18], backup at [19]
Draytek Vigor120 Works Nat Loopback out of the box. Great router.
Draytek Vigor2710 Works [20] firmware 3.2.4.3 (or higher).
Inventel / Livebox DV42190WA Works Sold as Livebox 3420 by Orange/SFR in Europe. Set port forwarding for UDP and TCP separately
Linksys/Cisco Linksys EA4500 Works
Linksys/Cisco BEFSR41 Works [21]
Linksys/Cisco RT31P2 Works [22]
Linksys/Cisco AG241 Works [23]
Linksys/Cisco WAG200G Works [24] Firmware Version: 1.01.09 or better
Linksys/Cisco WRT54G Works [25]
Linksys/Cisco WAG160N Works [26]
Linksys/Cisco WAG54G v3 Works
LinkSys/Cisco WRT1200AC Works
Linksys/Cisco E3000 Works [27]
Linksys/Cisco WAG54G v2 - NZ/AU Works Faster processor, more memory and larger NAT table
Linksys/Cisco WAG120N Works
Linksys/Cisco Linksys RT31P2 Works
Netgear Nighthawk Pro Gaming XR700 Works [28]
Netgear Nighthawk Pro Gaming XR500 Works [29]
Netgear Nighthawk Pro Gaming XR450 Works [30]
Netgear Nighthawk Pro Gaming XR300 Works [31]
Netgear Nighthawk RAX80/ RAX75 Works [32]
Netgear Nighthawk RAX50/ RAX45 Works [33]
Netgear Nighthawk RAX40/ RAX35 Works [34]
Netgear Nighthawk RAX20/ RAX15 Works [35]
Netgear Nighthawk RAX120 Works [36]
Netgear Nighthawk RAX200 Works [37]
Netgear Nighthawk RS400 Works [38]
Netgear Nighthawk R9000 Works [39]
Netgear Nighthawk R8900 Works [40]
Netgear Nighthawk R8500 Works [41]
Netgear Nighthawk R8300 Works [42]
Netgear Nighthawk R8000P Works [43]
Netgear Nighthawk R8000 Works [44]
Netgear Nighthawk R7960P Works [45]
Netgear Nighthawk R7900P Works [46]
Netgear Nighthawk R7900 Works [47]
Netgear Nighthawk R7850 Works [48]
Netgear Nighthawk R7800 Works [49]
Netgear Nighthawk R7500v2 Works [50]
Netgear Nighthawk R7300DST Works [51]
Netgear Nighthawk R7200/ R7350/ R7400/ R7450 Works [52]
Netgear Nighthawk R7000P Works [53]
Netgear Nighthawk R7000 Works [54]
Netgear Nighthawk R6900P Works [55]
Netgear Nighthawk R6900V1 Works [56]
Netgear Nighthawk R7100LG Works [57]
Netgear Nighthawk R6800 Works [58]
Netgear Nighthawk R6900v2 Works [59]
Netgear Nighthawk R6700v3 Works [60]
Netgear Nighthawk R6700v2 Works [61]
Netgear Nighthawk R6700v1 Works [62]
Netgear Nighthawk R6400v2 Works [63]
Netgear Nighthawk R6400v1 Works [64]
Netgear Nighthawk R6300v2 Works [65]
Netgear Nighthawk R6260/R6330/ R6350/ R6850 Works [66]
Netgear Nighthawk R6250 Works [67]
Netgear Nighthawk R6220/ R6230 Works [68]
Netgear Nighthawk R6120 Works [69]
Netgear Nighthawk R6080 Works [70]
Netgear Nighthawk R6050/JR6150 Works [71]
Netgear Nighthawk R6020 Works [72]
Netgear Orbi  RBR850 Works [73]
Netgear Orbi  RBR750 Works [74]
Netgear Orbi  RBR50v2 Works [75]
Netgear Orbi  RBR50v1 Works [76]
Netgear Orbi  RBR40 Works [77]
Netgear Orbi  RBR20 Works [78]
Netgear Orbi  RBR10 Works [79]
Netgear Cable Modem C3700v2 Works [80]
Netgear Cable Modem C6220 Works [81]
Netgear Cable Modem C7100V Works [82]
Netgear Cable Modem C7800 Works [83]
Netgear Cable Modem C6230 Works [84]
Netgear Nighthawk AC1750 Works [85]
Netgear Nighthawk AC1900 Works
Netgear WNR834M Works
Netgear WNR2000 Works With firmware 1.2.3.7 Loop back now enabled 'out of the box'
Netgear WGR614 Works confirmed to work out of the box
Netgear WGR614v9 Works with v9 firmware
Netgear RP614 Works Version 3 or better
Netgear DG834G Works v1, v2, v3 & v4 are end of line in most markets. The v3 & v4 are proven good performers. v5 unknown to work.
Netgear Pro Safe VPN FVS318 Not Working [86]
Netgear Pro Safe VPN FVS338 Works Firmware 3.0.6-25 or over
Netgear VMDG485 Works
Netgear WGR614 Not Working [87] does not work with ISP required gateway modems
Netgear WNR3500 Works [88] NB restart after configuration
Netgear RP614v3 and Newer revisions Works [89]
Netgear WNDR3700 Works [90]
Pace Plc 5268AC Works [91]
SMC SMC-7004VBR Works [92]
Telstra Technicolor TG799vac Works [93]
Thomson SpeedTouch TG585 Works [94] new ver. Only
Thomson SpeedTouch ST-585i Works [95] May need to enable loopback through telnet
Thomson SpeedTouch ST-780 Works [96] May need to enable loopback through telnet
Thomson SpeedTouch ST-516 Works [97]May need to enable loopback through telnet
TP_LINK TD-W8970 Works
TP-Link TL-WR740N Works All TP-Link wired routers are said to support loopback, including the wifi ones. This one has been confirmed by support staff.
TP-Link TL-R470T+ Works All TP-Link wired routers are said to support loopback, including the wifi ones. This one has been confirmed by support staff.
Tp-Link AC1750 Works uPnP forgets settings if port is not used - manually opening of ports works.
Tp-Link Archer C2 Not Working TCP does loop back, but not UDP. Firmware as of 2019-08-11.
Tp-Link AX1500 Wifi 6 Not Working TCP does loop back, but not UDP between regions. Works if you add one entry per port, (no 8004-8100) but its limited in the number of entries. Firmware as of 2019-08-11.
Scientific Atlanta WebSTAR-DPR2320 Works

[98] Google for more info

Ubee DDW2600 Works [99] Cable Router
Ubee DVW32CB Works [100] Cable Router
ZyXel C1000Z (CenturyLink) Not Working [101]
3Com / HP 3CRWDR100A-72 Works [102]
3Com / HP 3CRWDR101A-75 Works [103]
2wire 2701hg-s Not Working
2wire 2701hg-B Works [104]
2wire 2701hg-D Works [105]

Notes on Some Routers

D-Link

D-Link DGL-4500 series of routers have the largest available nat table of any router on the market.  These routers range from 70$-180$ USD depending on where you live and purchase from.

When considering a purchase, consider performance against cost. Upper end ADSL 2+ routers can add several Mbs to your modems sync speed.

Wireless Routers - Access Point Only

These routers are Access Point devices, and contain no ADSL modem and hence need a separate adsl modem operating in Bridge mode.

Routers With ADSL modem No items to list currently

Note: The DGL-4100 & DGL-4300 have been discontinued, and the replacement model is the DIL-825 and DIL-855 - Loopback status unknown on these later models. The DGL-4300 may be available second hand.

Netgear

  • Netgear DG834G v3 with latest firmware & v4 upto firmware version v5.01.09 (according to this link, a later firmware update of v4 removed NAT loopback) NAT Loopback returned as menu option with latest v5.01.16 firmware for the v4 model. The latest model versions, marked v5 on the unit's label, has significantly different internals and is not currently Loopback capable(the v5 has the wireless aerial on the right, not the left, as looking from the front. The DG834G v1, v2, v3 & v4 are end of line in most markets. The v3 & v4 are proven good performers.
  • Netgear DGN1000 worked out of the box. Note this working item reports its firmware version as V2.1.00.19_VG which seems much newer than the version offered for download on netgear.com.
  • NETGEAR FVS338 : loopback issue with firmware v3.0.3-17 (2008). LAN address is incorrectly presented to simulator instead of WAN address. Fixed in latest update v3.0.6-25 (2010).

Other routers & Hardware

  • BT home hub V2
  • If you are using a ZyXEL DSL router/modem from Embarq, please read this configuration guide. This will show you how to reconfigure your DSL router/modem to fix this problem.

KNOWN non-functional for OpenSim:



REFERENCE LINKS:

More Information Related to Routers and Solutions @: osgrid.org/forums/viewtopic.php


Linux specific solutions

SETTING UP A LINUX COMPUTER TO ACT AS A ROUTER


For Linux based Netfilter (iptables) routers, you want to set up the NAT table with some extra entries The following script is something to get you started, you'll need to fix up the variables at the top to match your system and network.
#!/bin/bash
#
# vvvvv - Fix these! - vvvvv
IPTABLES=/usr/sbin/iptables
LAN_NETWORK=192.168.0.0/24
SERVER_IP=192.168.0.2
INTERNET_IP=100.100.100.100
REMOTING_PORT=8895
REGION_PORT=9000
# ^^^^^ - Fix these! - ^^^^^
 
# First, the Destination NAT, anything going to the external address on our ports, we redirect to the server
# Note, if you have a double NAT running and this router doesn't actually have the internet IP address, you'll
# need another set of PREROUTING-DNAT lines with the --destination (-d) set to the internet facing private address
$IPTABLES -t nat -I PREROUTING -d $INTERNET_IP -p tcp --dport $REMOTING_PORT --jump DNAT --to-destination $SERVER_IP
$IPTABLES -t nat -I PREROUTING -d $INTERNET_IP -p udp --dport $REGION_PORT --jump DNAT --to-destination $SERVER_IP
$IPTABLES -t nat -I PREROUTING -d $INTERNET_IP -p tcp --dport $REGION_PORT --jump DNAT --to-destination $SERVER_IP
 
# Second, the Source NAT, we need this so that returning packets to our LAN clients go back through the router first,
# otherwise, the server will try to talk directly to the client and the client will reject them
$IPTABLES -t nat -I POSTROUTING -s $LAN_NETWORK -d $SERVER_IP -p tcp --dport $REMOTING_PORT --jump SNAT --to-source $INTERNET_IP
$IPTABLES -t nat -I POSTROUTING -s $LAN_NETWORK -d $SERVER_IP -p udp --dport $REGION_PORT --jump SNAT --to-source $INTERNET_IP
$IPTABLES -t nat -I POSTROUTING -s $LAN_NETWORK -d $SERVER_IP -p tcp --dport $REGION_PORT --jump SNAT --to-source $INTERNET_IP

--Hell Fire

DNS solution

It's possible to host your own DNS-server, so you can prevent some of the dns-naming problems mentioned before. If http://example.org resolves to the external ip, and that loopback connection is prevented by your router, you could point your resolv.conf to a local nameserver like:

nameserver 192.168.2.2

Now you need bind/named installed in order to handle the dns-requests. You can find a bind example configfile here.

openWRT Routers:

If you use openWRT firmware on your router, check here: OpenWRT NATLoopback

Table of openWRT supported Hardware, check here: openWRT

This may work for older WRT routers:

insmod ipt_mark 
 
insmod xt_mark 
 
iptables -t mangle -A PREROUTING -i ! `get_wanface` -d `nvram get wan_ipaddr` -j MARK --set-mark 0xd001 
 
iptables -t mangle -A PREROUTING -j CONNMARK --save-mark 
 
iptables -t nat -A POSTROUTING -m mark --mark 0xd001 -j MASQUERADE

Dahlia Trimble

Windows XP, Windows 7, 8, 8.1, 10 Loopback Adapter Install:

Windows 10 NAT Loopback notes

External links:

See also: Using DynDNS for NAT Loopback with Windows, MacOS, or Linux

Personal tools
General
About This Wiki