Let AT&T help you elebrate your dad with Father's Day Gifts that connect us.
Get superfast AT&T Fiber internet
lana93's profile

New Member

 • 

7 Messages

Monday, February 27th, 2023 1:38 PM

Router misbehaves when port forwarding on multiple subdomains on the same host

On my home At&t network, I set up port forwarding where I'm serving a couple of subdomains, let's call them

service1.mydomain.com

service2.mydomain.com

service3.mydomain.com

When I try to access them from outside my home network, everything works as expected, I can open all of them individually and open them on multiple devices without any issue. So port forwarding works as expected.

The issue comes when I try to access them from inside the network. If I try accessing any of them, one of them works but the others become unavailable for about 5 minutes, which means that I can only access them one at a time and only on one device at a time.

It doesn't matter which one I start first, the others become unavailable and time out (only inside the network). The service that I accessed successfully is fully available and I can refresh as many times as I want and it works great. If I then wait for about minutes, I can access another service and the others become unavailable.

There appears to be some sort of caching at the router level that causes this strange behavior. This makes it clear that the issue is not with the port forwarding itself as that works great outside my home network but with the internal resolution inside the network.

I can't find any logs in the gateway on what's going on.

ACE - Expert

 • 

35.8K Messages

1 year ago

You are attempting to use the public IP from inside your network or the Private IP?


If the former, it's not reliable.  If the latter, that's very strange.

New Member

 • 

7 Messages

1 year ago

I have allocated a fixed IP to my server.

Then I set up port forwarding such that any request that comes into my network on a specific port gets routed to the server.

I set up the DNS on my domain registrar to point to my router.

So now when I access something.mydomain.com, it reaches my network and gets routed to the server.

All this works unless I'm inside the network. If I connect from a public wifi, I can access all services, if I connect from mobile data outside of my network, I can access everything. The only time that this is acting strange is when I'm accessing it from inside my network.

I can only access one subdomain on one device at a time and that puts some sort of lock on the router. Then when I try to access subdomain2.mydomain.com, the request doesn't even reach the server.

I want to stress the fact that this is not an issue if i try to access my own network from another network, it's only a problem inside my own network. 

ACE - Expert

 • 

35.8K Messages

1 year ago

Exactly.  You're trying to use your Public IP address while inside your private network.  This requires a feature called NAT Loopback to work properly, i.e. a request for your Public IP needs to be "looped back" through the Port Forwarding rules to be delivered properly.  While this appears to work sometimes in some situations, it is not reliably supported by the AT&T Gateways.

You could enter your something.mydomain.com names in your hosts. file (or equivalent) pointing to your local IP addresses for internal consumption.

 

New Member

 • 

7 Messages

1 year ago

I appreciate you taking your time to respond JefferMC

This is very unfortunate. I'm having a hard time believing that nokia didn't think about this when they designed their router.

I noticed that there is a `NAT Default Server` option that is turned off in Firewall, would that be the setting that needs to be turned on to enable loopback? 

Unfortunately, editing the hosts file is not an acceptable solution. For one, there are way too many devices and editing hosts requires superuser access which many phones do not have. More importantly, having these routes on your local hosts file will prevent me from accessing them from outside my home network.

Editing the hosts file manually every time that I connect to my home network then again every time that I leave is not acceptable.

ACE - Expert

 • 

35.8K Messages

1 year ago

Nokia?  Assuming we're talking about the BGW320-505, it differs from the BGW320-500 (which is made by Humax) only by who built the specific box.  AT&T developed the requirements for the BGW320 and has two different manufacturers produce them to their specs.  No AT&T Gateway has done this well.  Sometimes it sort of works, very slowly, turtle slowly, and then won't work at all.

Your other option is to provide you own router and operate the BGW320 in IP Passthrough mode to your Router and let it take care of the NAT loopback for you.

New Member

 • 

7 Messages

1 year ago

Thank you, JefferMC, I'm going to look into the option of buying another router as you suggested. It's a shame that AT&T doesn't have proper support for such a basic use case.

ACE - Expert

 • 

35.8K Messages

1 year ago

I won't argue that it's great or shouldn't be better.  I'm just telling you what it is.  

New Member

 • 

7 Messages

1 year ago

I appreciate your help.

To be honest, I was using this feature for so that it never even occurred to me that it isn't a standard feature on all routers. I didn't even know that it has a name (nat loopback), I just assumed that it's baked in.

Thanks to you, I now know what to look for when purchasing a router. I'm surprised how many routers don't support this feature.

New Member

 • 

7 Messages

1 year ago

@JefferMC 

I bought the most expensive router that I could find, the Netgear Nighthawk X10.

I then removed all the settings from my att router, and set up ip passthrough to the router.

I set up the ATT router to forward port 443 to the X10.

Inside X10, I allocated a fixed IP to my server, then I set up port forwarding so 443 goes to my server's 443.

I then connected all my devices to the X10 instead of ATT and I'm getting the same issue, it looks like the ATT router is not allowing this to go through, am I missing something?

ACE - Expert

 • 

35.8K Messages

1 year ago

Yes.   You're missing that you don't port forward 443 from the Gateway to your router.  I'd suggest a factory rest of the Gateway.  Then to go the IP Passthrough tab and configure it for IP Passthrough:Fixed, and give the address (below) as your router.  Then save and reboot your router.  Check that your router says its WAN address is the same as your Gateway.  If it doesn't, unplug it for 10 minutes and try again.

Not finding what you're looking for?
New to AT&T Community?
New to the AT&T Community? Start by visiting the Community How-To.
New to the AT&T Community?
Visit the Community How-To.