Saturday, March 16, 2019

[WORKS BUT SHOULDN'T] Why can a router take the same public IP address of the parent router without issue?

Fellow network administrators, I've got a weird issue to talk about today. I have a router (router A) that is assigned an automatic, public, routable IP address from our ISP via Ethernet (which then goes directly to a fiber media converter, etc.). This Router A configured for dynamic IP addressing and therefore it receives its IP address automatically from the ISP, which happens to be a static IP address FWIW. All is fine and dandy with this... devices connected to it successfully receive DHCP, DNS, Internet access, and other services as expected by this router.

Underneath this router, one of the devices is another router (Router B; connected via Router A's LAN port to Router B's WAN port). All sounds normal, less the potential double NAT, right? Unfortunately, this is where it gets funky. Router B's WAN port is set to a static configuration that matches Router A's configuration that it automatically receives from the ISP. Devices connected to Router B's LAN work perfectly fine, too.

Obviously, if our ISP were to change our IP address or other settings this configuration would break immediately. These are the facts and then my questions:

  • This configuration, while it doesn't seem as though it should work, works.
  • Nothing appears degraded or slow in the network as a result of this.
  • Devices in Router B's LAN can access the Router A LAN (specifically, the router web administration page).
  • Router A's DHCP service does not appear to be assigning Router B an IP address.
  • Router B is not [in] the DMZ of Router A. Router A, from its configuration pages, does not appear to know that Router B even exists.
  • Router B is successfully doing port forwarding without the same ports being opened through Router A. What even? 😂
  • Router A/B are confirmed to be in a double NAT environment, per the issue that this post is addressing.
  • Router A was provided by the ISP.
  • Router A and Router B have different DHCP ranges, scopes, but potentially the same subnet mask for their LAN's.
  • There are normally no other devices other than Router B on Router A's LAN ports, but they have been known to coexist without issue for short amounts of time... I can recall a particular situation where the router needed restarted before Internet access could be restored shortly following devices being connected and used on Router A's LAN though, unsure if this was a coincidence though.

So onwards to the question! How does this even work properly and what exactly is happening? How is traffic even routing properly back into Router B if Router A doesn't know to route the traffic in its direction? Am I confusing myself or something?

Cheers!



No comments:

Post a Comment