Predicament !!! 3 different IP's on my network !!!

[aiamuzz]

Hello,

I have a netgear JNR1010v2 (with 2 Linksys(running dd-wrt) routers working on repeater bridge in series i'e Linksys-repeating-Linksys-repeating-Netgear(Primary Router)) router running pppoe broadband internet connection at home.

The PREDICAMENT i am in, is my network has 3 subnet IP's, please note that i am not referring to the different subnets on the repeaters.

1. The LAN subnet which happens to be the 192.168.1.x series is normal

the predicament is with the public IP or external IP or my internet IP, here i can see 2 subnets.

Firstly i never thought this was possible until now.

Usually there is a LAN(ROuter) subnet and the other one an internet IP WAN subnet, one which is issued by the ISP.

BUT ... i have a 3rd subnet showing on the internet port of my netgear router. Ideally i thought this is the IP issued by my ISP and the same will be my public IP - my identity on the internet.

that's not the case ... when i google 'my ip' it shows a totally different IP ... which is actually my identity on the internet, this i say so bcos my dynamic DNS services record this IP and not the one showing/issued probably by the ISP showing on my netgears internet port.

The problem i am facing is i can't use my DynamicDNS hosts to enter my network.

I can only do that with the IP showing on my Netgear Routers internet port.

As the DynamicDNS services do not see the IP on my Netgear Internet Port ... THIS IS MY PREDICAMENT !!!

I am confused ... all i want is to use the devices on my network from the internet especially my Network Printer.

Help appreciated !

Thanks for looking

 

[VirtualLarry]

You may be behind a "Carrier Grade NAT". Meaning, that the "public" IP showing as your WAN IP in your primary router's WAN section, is not really a public internet IP, but in fact, is a NATted IP, with the public IP being controlled by your ISP. IOW, you aren't getting a real public IP address to use.

 

[aiamuzz]

You may be behind a "Carrier Grade NAT". Meaning, that the "public" IP showing as your WAN IP in your primary router's WAN section, is not really a public internet IP, but in fact, is a NATted IP, with the public IP being controlled by your ISP. IOW, you aren't getting a real public IP address to use.

I guessed as much, the same way a router manages the public IP across all devices connected to it ... BUT ... one odd thing is that i can enter my router and devices behind it through this WAN IP from the router ... but not through my true public IP !!!

This setup does not let me use DynamicDNS services and i can't access my local devices from outside.

 

[matricks]

This setup does not let me use DynamicDNS services and i can't access my local devices from outside.

I don't get it. Here you say you can:

one odd thing is that i can enter my router and devices behind it through this WAN IP from the router

And here you say you can't:

but not through my true public IP !!!

So is the issue that your dynamic DNS record should point to your "router WAN IP (address)" instead of your "true public IP (address)"? Most dynamic DNS updaters I've seen let you override what IP address is submitted to the service. If not, most services offer, or open up for, alternative clients with more features.

It would help if you could share the two first octets of your IP addresses. For e.g. 192.168.1.1, the first two octets are 192.168.

 

[aiamuzz]

;
So is the issue that your dynamic DNS record should point to your "router WAN IP (address)" instead of your "true public IP (address)"? Most dynamic DNS updaters I've seen let you override what IP address is submitted to the service. If not, most services offer, or open up for, alternative clients with more features.

It would help if you could share the two first octets of your IP addresses. For e.g. 192.168.1.1, the first two octets are 192.168.

Yes ... as you understood in the last part of your post ...

I am able to access devices through the WAN IP from the router.

I am NOT able to access devices through my public IP, the one which DynamicDNS records, one which google shows for the search term 'my ip'

Are there any FREE dynamicDNS services providers that can be configured to record my WAN IP from my router ?

on the octets ...

43.247.*.* is my public/external IP
10.1.*.* is my WAN IP from my router settings.(this has 255.255.255.255 as the mask, when i have almost always seen 255.255.255.0)

PS : So far i have come across two instances where (lucky for me) both the above have tallied(have been the same IP) and at those times i was able to test my network printer by printing over the internet with the use of DynamicDNS hosts.

 

[matricks]

Carrier NAT then, as VirtualLarry suggested. The subnet mask is normal for this kind of setup.

You can't connect to your devices from the Internet by using a 10.*.*.* address though. That range, and some others are reserved for private networks, i.e. your internal LAN, and should never be seen on the open Internet. Properly configured Internet routers will reject traffic to or from private address ranges passing on the open Internet. If you are at another location using the same ISP you might be able to reach your devices with this private address, but by the standards that shouldn't be possible (ISP should not allow it).

Your can just set up your own DNS server to point any name to your 10.* address. Eeach of your boxes has one, but it depends how configurable they are. A dynamic DNS provider might not accept a record pointing to an address in a private range.

 

[aiamuzz]

Carrier NAT then, as VirtualLarry suggested. The subnet mask is normal for this kind of setup.

You can't connect to your devices from the Internet by using a 10.*.*.* address though. That range, and some others are reserved for private networks, i.e. your internal LAN, and should never be seen on the open Internet. Properly configured Internet routers will reject traffic to or from private address ranges passing on the open Internet. If you are at another location using the same ISP you might be able to reach your devices with this private address, but by the standards that shouldn't be possible (ISP should not allow it).

Your can just set up your own DNS server to point any name to your 10.* address. Eeach of your boxes has one, but it depends how configurable they are. A dynamic DNS provider might not accept a record pointing to an address in a private range.

Thanks Matricks & VirtualLarry

So my worst fears have come true. so dynamicdns is a good bye and so is accessing my devices at home from outside.

But i've noticed when both the IP's tally(match) the dynamicdns updates promptly and pings to the correct IP and all works well.

I concur that a 10.*.*.* IP does not connect from outside, The other day while i was on a different ISP, i called back home and had my nephew read me the WAN IP from the router and tried connecting and failed. Well that explains what you just pointed.

So the only time i can access my devices is when both the IP's match and there is no way to tell when that could be. So its goodbye to smooth operation.

While i am at it(learning curve) i might as well learn things a little more than i already do.

About opening ports on the router

when we access our router through 192.168.1.1 it allows access through port 80, so 192.168.1.1 is actually 192.168.1.1:80 so does remote access through port 8080(i change it to a custom port though)

The above prompts for username password. My question is can't that be done with other ports that we open as well ?

192.168.1.1:80 or :8080 or custom :7680 all prompt for authentication.

but port 631 that i have opened for my printer directly opens my printers webgui. it would be great if i could get this port to seek authentication as well.

Any suggestions ?