What's new

Asus AC88U loopback, Dnsmasq and Port Forwarding

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Ionesco

Occasional Visitor
Hi everybody, and thanks in advance for your help.

I have put a sensor in my mailbox, and I receive notifications when I got a mail (with HomeKit and IFTTT). But, I want to receive a picture from my outdoor camera when the mailbox is opened. So, I've found so local url that give me that snapshot : 192.168.1.78/code/snapshot.jpg.

It works well when I'm inside my local network. But when I'm outside, I can't get the picture. So I have configured a dynamic DNS and a port forwarding. Here is the result : myname.com:3141/code/snapshot.jpg.
It works perfectly from outside my network. But when I'm inside, it doesn't because of the loopback, I think.
(I though my Asus AC88U would success to manage it, but it doesn't)

So, I tried to play with Dnsmasq in order to "redirect" this address to my local IP when I'm inside the network.
In my Dnsmasq.conf file, I tried :
address=/myname.com/192.168.1.78
And it works if I enter this url : www.myname.com/code/snapshot.jpg (so, without the port)

BUT, as I want a unique URL in my automatisation, I can't forget the port !
So I tried :
address=/myname.com:3141/192.168.1.78

And it doesn't work ... I presume Dnsmasq can't read the port ?

Is there a way to succeed ?

Thank you !
 
DNS does not care about ports, so you don’t need it in dnsmasq.conf (do not want it either).

Is 3141 a port forward to 80 or 443? When on your LAN your request won’t be routed, it will be switched since you are returning a local IP, so if you want to use the same url, you would need something listening on port 3141 on 192.168.1.78.
 
What do you mean by "something listening on port 3141 on 192.168.1.78" ?

Oh, ok, I get it. As my "redirection" will join 192.168.1.78:3141, something should listen ... But how ?
 
So I have configured a dynamic DNS and a port forwarding. Here is the result : myname.com:3141/code/snapshot.jpg.
It works perfectly from outside my network. But when I'm inside, it doesn't because of the loopback, I think.
(I though my Asus AC88U would success to manage it, but it doesn't)
This (NAT loopback) works for me so I don't know why it doesn't for you.

As my "redirection" will join 192.168.1.78:3141, something should listen ... But how ?
As Dave said, dnsmasq cannot redirect ports. To use port 3141 with IP address 192.168.1.78 you would need to configure the camera to listen on that port.
 
Sadly, that's not possible, I can't configure the camera (Netatmo Presence), it's a closed system.
 
I don't know why the Loopback doesn't work, maybe because my router is after an internet box (configured in DMZ). I know that the Internet Box (Livebox 4) has a loopback fonction, but to configure it, I have to make a NAT forward from 80 to 80 on the concerned equipment. But, as my internet box is on 192.168.0.X network, and all others equipments are on 192.168.1.X, I can't active the internet box loopback function.
 
Yes the loopback would have to be done on the Internet Box as that is the device that has the IP address associated with myname.com. (NAT loopback is not the same as port forwarding)
 
Yes I had already seen that link (with google translate ;)).

At the beginning it makes a general statement about NAT loopback ("Le loopback c'est la possibilité, depuis son réseau interne, d'accéder à une ressource du LAN en utilisant l’IP WAN externe du routeur ou son DNS associé, de chez soi comme à l'extérieur").

But then everything that follows is just a description of how to setup port forwarding (which is also necessary). The "activate" box is to activate the port forwarding rule.

There is nothing in those instructions about activating NAT loopback specifically. But I wouldn't expect there to be, either the router supports it or it doesn't. It's the same as on the Asus, there's no specific option to enable or disable NAT loopback.
 
I agree with you. So, loopback should be already "activated" on the internet box (as on my AC88U with Merlin).
If loopback is supported by my internet box and my router, I don't get why it doesn't work :(
 
What do your port forwarding rules look like?

I'd guess that on the Livebox it is:

3141 -> 3141 (Asus_WAN_IP)

and on the Asus it is:

3141 -> 80 (192.168.1.78)

EDIT: corrected port number
 
Last edited:
On the Livebox, I'm in DMZ, so I don't have particular port forwarding.
On the Asus, I have 3134 -> 80 (192.168.1.78
 
The Asus address, as seen from the box internet, is 192.168.0.3. But when I go directly to this address, I have a 404.
That's expected. You should not get a response.
When I want to go to my router, I use 192.168.1.1.
That's also correct.

Well that's good. At least that is working.

Sorry, I keep mis-typing the port number as 3134 instead of 3141. Is 3141 the correct port?

Maybe try turning off the DMZ on the Livebox temporarily and creating an explicit port forwarding rule. Maybe there's a difference.
 
It's 3141, but I just copied your mistake ;)

OK, I'm pretty surprised by what happen next !

I tried to turn off DMZ. Then, I add a NAT rule on my Internet box : 3141 to 3141 (192.168.0.3)
I also delete my dnsmasq line where myname.com redirect to 192.168.1.78.

And now, and it's pretty weird, this url works from inside and outside the network : myname.com/code/snapshot.jpg
Without the port ! And I don't get why !! Because the snapshot is located on 192.168.1.78. If I'm outside the network, the myname.com = my WAN IP , there is no reason that it lead to the camera IP without port ...

Assuming that dnsmasq is already in use (I just restart the dnsmasq service, I don't have rebooted the router), so from inside the network, I get it. But it doesn't explain why it works from outside.

Do you understand something ? o_O
 
No I don't understand why that is happening. I would,

a) use the external IP address instead of the DDNS name for testing. Just to eliminate DNS as an issue

b) reboot both routers before testing to ensure that the changes have been removed/applied correctly
 
a) I tried with external IP, it works too
b) I'm pretty afraid of rebooting, as it works as I want now ;), but I will
 
Oh, I think I understand !
I've made some tests before, and I still have a NAT rule on my Asus router : 80 to 80 (192.168.1.78).
I don't know if it true, but if I don't put port in my URL, as it's HTTP, it listen on 80, right ?

So, if it is, you were right about DMZ, it was interfering with loopback.

Knowing that, I tried externalIP:3141/code/snapshot.jpg, and it works (outside and inside). But myname.com:3141/code/snapshot.jpg doesn't (it works outside only). Strange

Edit 2 : it seems that my dnsmasq still working, it explain why myname.com:3141/code/snapshot.jpg doesn't work inside
 
Last edited:

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top