NAT Hairpin/Loopback issue on ER8411

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

NAT Hairpin/Loopback issue on ER8411

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
NAT Hairpin/Loopback issue on ER8411
NAT Hairpin/Loopback issue on ER8411
2024-03-07 15:51:13 - last edited 2024-03-07 19:00:25
Model: ER8411  
Hardware Version: V1
Firmware Version: 1.2.0

I have recently upgraded to 3/3gb internet from Bell (Canada) and bought a TP-LINK ER8411 Omada router to use as my main router.

 

My setup/connection is like this: Bell (ISP) --->First SFP+ on ER8411 (internet is working and getting full speed on all 10gb devices)

From Second SFP+ on ER8411--->First SFP+ on YuanLey Unmanaged switch (4x2.5gb+2x10G SFP+)

From Second SFP+ on YuanLey to Microtik CR305-1G-4S+ (Used as bridge to connect my 3 computers with 10g nics) On the Microtik CR305-1G-4S+ all the ports are connected: sfp-sfpplus1=WAN from YuanLey, sfp-sfpplus2=SERVER, sfp-sfpplus3=HTPC, sfp-sfpplus4=PC

 

Now the odd thing is I have a reverse proxy setup on my SERVER machine and for some reason I cannot access my domain and subdomain on the PC/SERVER/HTPC that are connected to the Microtik CR305-1G-4S+ switch.

 

I can ping my domain and subdomains and can also access my services with local IP and ports but cant access them from the LAN using my domain and subdomain names.

 

I know the issue is cause by the TP-LINK ER8411 router, because when I boot/restart the router, for a good 20-30min I can access my domains from all the devices connected to Microtik (10g ports), but after a while I can't access them with my domain names; only with local IP addresses and ports. Its like some function in the ER8411 is triggered after sometime to mess up the Loopback.

 

So in summary:

 

Access from outside -> works

Access by domain name inside (over LAN) -> doesn't work

Ping domain from inside -> Gives external IP address

Again as mentioned if I reboot the router everything works for good 20-30min but after that it goes back to the same issue.

 

Currently the ER8411 is controlled by OC200, but I have also tested in standalone mode with the same result.

 

Oh, BTW, just conneted my server directly to the second SFP+ port on the ER8411, and I can confirm I still can't access my domain on the LAN over that port; maybe that also eliminated the Mikrotik Switch from the whole equation!

 

Please help me figure out what is going on!

Thanks in advance.

 

  0      
  0      
#1
Options
2 Reply
Re:NAT Hairpin/Loopback issue on ER8411
2024-03-08 04:00:39

Hi @parhamsan 

Thanks for posting in our business forum.
Can you draw a diagram for this setup?

I don't understand when it comes to this part.

parhamsan wrote

 

From Second SFP+ on YuanLey to Microtik CR305-1G-4S+ (Used as bridge to connect my 3 computers with 10g nics) On the Microtik CR305-1G-4S+ all the ports are connected: sfp-sfpplus1=WAN from YuanLey, sfp-sfpplus2=SERVER, sfp-sfpplus3=HTPC, sfp-sfpplus4=PC

 

 

So, if the ER8411 can work and make a loopback for 30 minutes, it does not seem to be a problem with the router or firmware.

If there is a failure in the firmware, it should straightly fail after the reboot.

I don't see how it would fail after working for 30 minutes and failed. It seems to be more like a problem with your whole setup. Network environment. Not the router's fault.

 

With the diagram, please mark the IP address as well. I'll take a look.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#2
Options
Re:NAT Hairpin/Loopback issue on ER8411
2024-03-08 05:33:39 - last edited 2024-03-08 05:35:15

  @Clive_A 

 

Clive,

 

Thanks for taking the time to review and respond to my post:

I have attached a rough diagram of my setup:

 

I agree with you but to some extent.

 

As mentioned before I have disconnected everything from the router and tried connecting only the Desktop with Windows Server 2022 Desktop to the second SFP+ port on the ER8411 with same result; and that was without restarting or rebooting the router. Same thing is happening. This means the ER8411 is not able to resolve NAT Loopback, even taking all the other switches and devices out of the equation.

 

Do you have any suggestions?

 

Thanks.

  0  
  0  
#3
Options