NAT Loopback Routers

From OpenSim

Jump to: navigation, search


Contents

INTRODUCTION

What is NAT Loopback and why is it needed to host a public Opensimulator Region?

Currently (as at August 2010), a hosted region on a home connection with a broadband router needs, what is known as NAT Loopback functionality.

Many DSL routers/modems prevent loopback connections as a security feature. This means that a machine on your local network (e.g. behind your DSL router/modem) cannot connect to a forward facing IP address (such as 199.149.252.44) of a machine that it also on your local network. Connecting to the local IP address (such as 192.168.2.40) of that same machine works fine.

This is an issue since each region has to specify an IP address for the client to connect. This is the ExternalHostName parameter in a regions config file (e.g. bin/Regions/Regions.ini). In the absence of NAT loopback, if a forward facing IP address is specified (such as 199.149.252.44) then external clients will be able to connect to the region but clients on your local network will not. If the internal address were put in ExternalHostName instead (e.g. 192.168.2.40) then viewers on the local network will be able to connect but viewers from an external network would not.

This page shows a list of routers supporting NAT Loopback. Please add both known working and non-working routers to the list.



Router/Modem Table

Router / Modem Table

(this information gathered from the OpenSimulator WIKI and OSGrid forums information collectively and assembled into this sortable formatted table for ease of use and quick access. Links provided are either to the Manufactures pages or Pages which can further assit in configuration and troubleshooting.)

Make Model Status Notes
Actiontec GT701-WG Works [1]
Actiontec Verizon FiOS Router Model # 424WR Works [2] Set TCP and UDP separately
Airlink Airlink 101 Super G Works older model, search for reference
Airlink Airlink 101 802.11G wireless Works older model, search for reference
Apple AirPort Extreme Works
Arris TM502b Works [3]
Astoria Networks Bright Box Wireless Router Not Working
Asus WL-520GC Works [4]
AVM FRITZ!Box Works [5] Except 3790 VDSL Router (old stock)
Belgacom BBox-2 BBox-2 Docs Works Also known as SAGEM 3464. BBox-1 work, BBox-2 = Method 1: flash the firmare (in this case we lose the guarantee provider) Method 2: Configure Bbox Bridge mode and put a second router for OpenSim-Sim. LOGICAMP tuto (in french)
BT BT Home Hub V2 Works [6]
BT BT Home Hub 3 (model B) Works [Tested using firmware V100R001C01B031SP12_L_B on standalone ]
BT BT2700HGV Works [ http://portforward.com/english/routers/port_forwarding/BT/BT2700HGV/defaultguide.htm]
Cisco RV042 Works
Dlink DGL-4500 Works [7]
Dlink DGL-4300 Works [8]
Dlink DI-524 Works [9]
Dlink DIR-600 Works [10]
Dlink DIR-601 Works [11]
Dlink DIR-635 Works [12]
Dlink DIR-655 Works [13] Current hardware version "B" doesn't work.
Dlink DSL-2680 Not Working
Draytek Vigor120 Works Nat Loopback out of the box. Great router.
Draytek Vigor2710 Works [14] firmware 3.2.4.3 (or higher).
Inventel / Livebox DV42190WA Works Sold as Livebox 3420 by Orange/SFR in Europe. Set port forwarding for UDP and TCP separately
Linksys/Cisco BEFSR41 Works [15]
Linksys/Cisco RT31P2 Works [16]
Linksys/Cisco AG241 Works [17]
Linksys/Cisco WAG200G Works [18] Firmware Version: 1.01.09 or better
Linksys/Cisco WRT54G Works [19]
Linksys/Cisco WAG160N Works [20]
Linksys/Cisco WAG54G v3 Works
Linksys/Cisco E3000 Works [21]
Linksys/Cisco WAG54G v2 - NZ/AU Works Faster processor, more memory and larger NAT table
Linksys/Cisco WAG120N Works
Linksys/Cisco Linksys RT31P2 Works
Netgear WNR834M Works
Netgear WNR2000 Works With firmware 1.2.3.7 Loop back now enabled 'out of the box'
Netgear WGR614 Works confirmed to work out of the box
Netgear RP614 Works Version 3 or better
Netgear DG834G Works v1, v2, v3 & v4 are end of line in most markets. The v3 & v4 are proven good performers.
Netgear Pro Safe VPN FVS318 Not Working [22]
Netgear WGR614 Not Working [23] does not work with ISP required gateway modems
Netgear WNR3500 Works [24] NB restart after configuration
Netgear RP614v3 and Newer revisions Works [25]
Netgear WNDR3700 Works [26]
SMC SMC-7004VBR Works [27]
Thomson SpeedTouch TG585 Works [28] new ver. Only
Thomson SpeedTouch ST-585i Works [29] May need to enable loopback through telnet
Thomson SpeedTouch ST-780 Works [30] May need to enable loopback through telnet
Thomson SpeedTouch ST-516 Works [31]May need to enable loopback through telnet
TP-Link TL-WR740N Works All TP-Link wired routers are said to support loopback, including the wifi ones. This one has been confirmed by support staff.
TP-Link TL-R470T+ Works All TP-Link wired routers are said to support loopback, including the wifi ones. This one has been confirmed by support staff.
Scientific Atlanta WebSTAR-DPR2320 Works [32] Google for more info
Ubee DDW2600 Works [33] Cable Router
3Com / HP 3CRWDR100A-72 Works [34]
3Com / HP 3CRWDR101A-75 Works [35]
2wire 2701hg-s Not Working
2wire 2701hg-B Works [36]
2wire 2701hg-D Works [37]

Notes on Some Routers

D-Link

D-Link DGL-4500 series of routers have the largest available nat table of any router on the market.  These routers range from 70$-180$ USD depending on where you live and purchase from.

When considering a purchase, consider performance against cost. Upper end ADSL 2+ routers can add several Mbs to your modems sync speed.

Wireless Routers - Access Point Only

These routers are Access Point devices, and contain no ADSL modem and hence need a separate adsl modem operating in Bridge mode.

Routers With ADSL modem No items to list currently

Note: The DGL-4100 & DGL-4300 have been discontinued, and the replacement model is the DIL-825 and DIL-855 - Loopback status unknown on these later models. The DGL-4300 may be available second hand.

Netgear

  • Netgear DG834G v3 with latest firmware & v4 upto firmware version v5.01.09 (according to this link, a later firmware update of v4 removed NAT loopback) NAT Loopback returned as menu option with latest v5.01.16 firmware for the v4 model. The latest model versions, marked v5 on the unit's label, has significantly different internals and is not currently Loopback capable(the v5 has the wireless aerial on the right, not the left, as looking from the front. The DG834G v1, v2, v3 & v4 are end of line in most markets. The v3 & v4 are proven good performers.
  • Netgear DGN1000 worked out of the box. Note this working item reports its firmware version as V2.1.00.19_VG which seems much newer than the version offered for download on netgear.com.
  • NETGEAR FVS338 : loopback issue with firmware v3.0.3-17 (2008). LAN address is incorrectly presented to simulator instead of WAN address. Fixed in latest update v3.0.6-25 (2010).

Other routers & Hardware

  • BT home hub V2
  • If you are using a ZyXEL DSL router/modem from Embarq, please read this configuration guide. This will show you how to reconfigure your DSL router/modem to fix this problem.

KNOWN non-functional for OpenSim:



REFERENCE LINKS:

More Information Related to Routers and Solutions @: osgrid.org/forums/viewtopic.php


Linux specific solutions

SETTING UP A LINUX COMPUTER TO ACT AS A ROUTER


For Linux based Netfilter (iptables) routers, you want to set up the NAT table with some extra entries The following script is something to get you started, you'll need to fix up the variables at the top to match your system and network.
#!/bin/bash
#
# vvvvv - Fix these! - vvvvv
IPTABLES=/usr/sbin/iptables
LAN_NETWORK=192.168.0.0/24
SERVER_IP=192.168.0.2
INTERNET_IP=100.100.100.100
REMOTING_PORT=8895
REGION_PORT=9000
# ^^^^^ - Fix these! - ^^^^^
 
# First, the Destination NAT, anything going to the external address on our ports, we redirect to the server
# Note, if you have a double NAT running and this router doesn't actually have the internet IP address, you'll
# need another set of PREROUTING-DNAT lines with the --destination (-d) set to the internet facing private address
$IPTABLES -t nat -I PREROUTING -d $INTERNET_IP -p tcp --dport $REMOTING_PORT --jump DNAT --to-destination $SERVER_IP
$IPTABLES -t nat -I PREROUTING -d $INTERNET_IP -p udp --dport $REGION_PORT --jump DNAT --to-destination $SERVER_IP
$IPTABLES -t nat -I PREROUTING -d $INTERNET_IP -p tcp --dport $REGION_PORT --jump DNAT --to-destination $SERVER_IP
 
# Second, the Source NAT, we need this so that returning packets to our LAN clients go back through the router first,
# otherwise, the server will try to talk directly to the client and the client will reject them
$IPTABLES -t nat -I POSTROUTING -s $LAN_NETWORK -d $SERVER_IP -p tcp --dport $REMOTING_PORT --jump SNAT --to-source $INTERNET_IP
$IPTABLES -t nat -I POSTROUTING -s $LAN_NETWORK -d $SERVER_IP -p udp --dport $REGION_PORT --jump SNAT --to-source $INTERNET_IP
$IPTABLES -t nat -I POSTROUTING -s $LAN_NETWORK -d $SERVER_IP -p tcp --dport $REGION_PORT --jump SNAT --to-source $INTERNET_IP

--Hell Fire

DNS solution

It's possible to host your own DNS-server, so you can prevent some of the dns-naming problems mentioned before. If http://example.org resolves to the external ip, and that loopback connection is prevented by your router, you could point your resolv.conf to a local nameserver like:

nameserver 192.168.2.2

Now you need bind/named installed in order to handle the dns-requests. You can find a bind example configfile here.

openWRT Routers:

If you use openWRT firmware on your router, check here: OpenWRT NATLoopback

Windows XP, Win7 Loopback Adapter Install:

Please see this -> Windows XP: http://www.windowsnetworking.com/articles-tutorials/windows-xp/Install-Microsoft-Loopback-adapter-Windows-XP.html

Windows 7: http://www.windowsreference.com/windows-7/how-to-install-a-loopback-adapter-in-windows-7/


See more potential loopback solutions here: http://opensimulator.org/wiki/Network_Settings#DynDNS_loopback

Personal tools
About This Wiki