NAT Loopback Routers
| This article or section contains incomplete information.
Please help us by completing the content on this page.
What is NAT Loopback and why is it needed to host a public Opensimulator Region?
Currently (as at August 2010), a hosted region on a home connection with a broadband router needs, what is known as NAT Loopback functionality.
Many DSL routers/modems prevent loopback connections as a security feature. This means that a machine on your local network (e.g. behind your DSL router/modem) cannot connect to a forward facing IP address (such as 184.108.40.206) of a machine that it also on your local network. Connecting to the local IP address (such as 192.168.2.40) of that same machine works fine.
This is an issue since each region has to specify an IP address for the client to connect. This is the ExternalHostName parameter in a regions config file (e.g. bin/Regions/Regions.ini). In the absence of NAT loopback, if a forward facing IP address is specified (such as 220.127.116.11) then external clients will be able to connect to the region but clients on your local network will not. If the internal address were put in ExternalHostName instead (e.g. 192.168.2.40) then viewers on the local network will be able to connect but viewers from an external network would not.
This page shows a list of routers supporting NAT Loopback. Please add both known working and non-working routers to the list.
Router / Modem Table
(this information gathered from the OpenSimulator WIKI and OSGrid forums information collectively and assembled into this sortable formatted table for ease of use and quick access. Links provided are either to the Manufactures pages or Pages which can further assit in configuration and troubleshooting.)
|Actiontec||Verizon FiOS Router Model # 424WR||Works|| Set TCP and UDP separately|
|Airlink||Airlink 101 Super G||Works||older model, search for reference|
|Airlink||Airlink 101 802.11G wireless||Works||older model, search for reference|
|Astoria Networks||Bright Box Wireless Router||Not Working|
|AVM||FRITZ!Box||Works|| Except 3790 VDSL Router (old stock)|
|Belgacom BBox-2||BBox-2 Docs||Works||Also known as SAGEM 3464. BBox-1 work, BBox-2 = Method 1: flash the firmare (in this case we lose the guarantee provider) Method 2: Configure Bbox Bridge mode and put a second router for OpenSim-Sim. LOGICAMP tuto (in french)|
|BT||BT Home Hub V2||Works|||
|BT||BT Home Hub 3 (model B)||Works||[Tested using firmware V100R001C01B031SP12_L_B on standalone ]|
|Dlink||DIR-655||Works|| Current hardware version "B" doesn't work.|
|Dlink||DSL-3680||Works||Needs manual configuration. Guide at , backup at |
|Draytek||Vigor120||Works||Nat Loopback out of the box. Great router.|
|Draytek||Vigor2710||Works|| firmware 18.104.22.168 (or higher).|
|Inventel / Livebox||DV42190WA||Works||Sold as Livebox 3420 by Orange/SFR in Europe. Set port forwarding for UDP and TCP separately|
|Linksys/Cisco||WAG200G||Works|| Firmware Version: 1.01.09 or better|
|Linksys/Cisco||WAG54G v2 - NZ/AU||Works||Faster processor, more memory and larger NAT table|
|Netgear||WNR2000||Works||With firmware 22.214.171.124 Loop back now enabled 'out of the box'|
|Netgear||WGR614||Works||confirmed to work out of the box|
|Netgear||RP614||Works||Version 3 or better|
|Netgear||DG834G||Works||v1, v2, v3 & v4 are end of line in most markets. The v3 & v4 are proven good performers. v5 unknown to work.|
|Netgear||Pro Safe VPN FVS318||Not Working|||
|Netgear||Pro Safe VPN FVS338||Works||Firmware 3.0.6-25 or over|
|Netgear||WGR614||Not Working|| does not work with ISP required gateway modems|
|Netgear||WNR3500||Works|| NB restart after configuration|
|Netgear||RP614v3 and Newer revisions||Works|||
|Thomson SpeedTouch||TG585||Works|| new ver. Only|
|Thomson SpeedTouch||ST-585i||Works|| May need to enable loopback through telnet|
|Thomson SpeedTouch||ST-780||Works|| May need to enable loopback through telnet|
|Thomson SpeedTouch||ST-516||Works||May need to enable loopback through telnet|
|TP-Link||TL-WR740N||Works||All TP-Link wired routers are said to support loopback, including the wifi ones. This one has been confirmed by support staff.|
|TP-Link||TL-R470T+||Works||All TP-Link wired routers are said to support loopback, including the wifi ones. This one has been confirmed by support staff.|
|Scientific Atlanta||WebSTAR-DPR2320||Works|| Google for more info|
|Ubee||DDW2600||Works|| Cable Router|
|ZyXel||C1000Z (CenturyLink)||Not Working|||
|3Com / HP||3CRWDR100A-72||Works|||
|3Com / HP||3CRWDR101A-75||Works|||
Notes on Some Routers
D-Link DGL-4500 series of routers have the largest available nat table of any router on the market. These routers range from 70$-180$ USD depending on where you live and purchase from.
When considering a purchase, consider performance against cost. Upper end ADSL 2+ routers can add several Mbs to your modems sync speed.
Wireless Routers - Access Point Only
These routers are Access Point devices, and contain no ADSL modem and hence need a separate adsl modem operating in Bridge mode.
Routers With ADSL modem No items to list currently
Note: The DGL-4100 & DGL-4300 have been discontinued, and the replacement model is the DIL-825 and DIL-855 - Loopback status unknown on these later models. The DGL-4300 may be available second hand.
- NETGEAR WNR834M : ftp://downloads.netgear.com/files/wnr834m_ref_manual.pdf
- Netgear DG834G v3 with latest firmware & v4 upto firmware version v5.01.09 (according to this link, a later firmware update of v4 removed NAT loopback) NAT Loopback returned as menu option with latest v5.01.16 firmware for the v4 model. The latest model versions, marked v5 on the unit's label, has significantly different internals and is not currently Loopback capable(the v5 has the wireless aerial on the right, not the left, as looking from the front. The DG834G v1, v2, v3 & v4 are end of line in most markets. The v3 & v4 are proven good performers.
- Netgear DGN1000 worked out of the box. Note this working item reports its firmware version as V2.1.00.19_VG which seems much newer than the version offered for download on netgear.com.
- NETGEAR FVS338 : loopback issue with firmware v3.0.3-17 (2008). LAN address is incorrectly presented to simulator instead of WAN address. Fixed in latest update v3.0.6-25 (2010).
Other routers & Hardware
- BT home hub V2
- If you are using a ZyXEL DSL router/modem from Embarq, please read this configuration guide. This will show you how to reconfigure your DSL router/modem to fix this problem.
KNOWN non-functional for OpenSim:
- Netgear Pro Safe VPN FVS318 : http://www.netgear.com/Products/VPNandSSL/WiredVPNFirewallRouters/FVS318.aspx
- NetGear WGR614 does not work with ISP required gateway modems
- Belkin F5D7230-4 (the router might work if 3rd party firmware is used, such as DD-WRT : http://www.dd-wrt.com/ )
More Information Related to Routers and Solutions @: osgrid.org/forums/viewtopic.php
Linux specific solutions
SETTING UP A LINUX COMPUTER TO ACT AS A ROUTER
For Linux based Netfilter (iptables) routers, you want to set up the NAT table with some extra entries The following script is something to get you started, you'll need to fix up the variables at the top to match your system and network.
#!/bin/bash # # vvvvv - Fix these! - vvvvv IPTABLES=/usr/sbin/iptables LAN_NETWORK=192.168.0.0/24 SERVER_IP=192.168.0.2 INTERNET_IP=100.100.100.100 REMOTING_PORT=8895 REGION_PORT=9000 # ^^^^^ - Fix these! - ^^^^^ # First, the Destination NAT, anything going to the external address on our ports, we redirect to the server # Note, if you have a double NAT running and this router doesn't actually have the internet IP address, you'll # need another set of PREROUTING-DNAT lines with the --destination (-d) set to the internet facing private address $IPTABLES -t nat -I PREROUTING -d $INTERNET_IP -p tcp --dport $REMOTING_PORT --jump DNAT --to-destination $SERVER_IP $IPTABLES -t nat -I PREROUTING -d $INTERNET_IP -p udp --dport $REGION_PORT --jump DNAT --to-destination $SERVER_IP $IPTABLES -t nat -I PREROUTING -d $INTERNET_IP -p tcp --dport $REGION_PORT --jump DNAT --to-destination $SERVER_IP # Second, the Source NAT, we need this so that returning packets to our LAN clients go back through the router first, # otherwise, the server will try to talk directly to the client and the client will reject them $IPTABLES -t nat -I POSTROUTING -s $LAN_NETWORK -d $SERVER_IP -p tcp --dport $REMOTING_PORT --jump SNAT --to-source $INTERNET_IP $IPTABLES -t nat -I POSTROUTING -s $LAN_NETWORK -d $SERVER_IP -p udp --dport $REGION_PORT --jump SNAT --to-source $INTERNET_IP $IPTABLES -t nat -I POSTROUTING -s $LAN_NETWORK -d $SERVER_IP -p tcp --dport $REGION_PORT --jump SNAT --to-source $INTERNET_IP
It's possible to host your own DNS-server, so you can prevent some of the dns-naming problems mentioned before. If http://example.org resolves to the external ip, and that loopback connection is prevented by your router, you could point your resolv.conf to a local nameserver like:
Now you need bind/named installed in order to handle the dns-requests. You can find a bind example configfile here.
If you use openWRT firmware on your router, check here: OpenWRT NATLoopback
Windows XP, Windows 7, 8, 8.1, 10 Loopback Adapter Install:
Please see this -> Windows XP: http://www.windowsnetworking.com/articles-tutorials/windows-xp/Install-Microsoft-Loopback-adapter-Windows-XP.html
Windows 8, 8.1, 10 https://www.youtube.com/watch?v=yIrDvVjyiMk
See more potential loopback solutions here: http://opensimulator.org/wiki/Network_Settings#DynDNS_loopback