How to prevent double NAT on 2 routers
Solution 1
You cannot avoid Double NAT in your configuration. Your only alternative option is to unify both sub-networks into one, which conflicts with your wish to keep them isolated.
I would like to remark that Double NAT is usually presented as a major problem, but that's not so.
The problems that can arise from Double NAT are limited to the secondary subnet, and can be the following:
- UPNP, sometimes required for games and torrent clients.
- DMZ and in general any port-forwarding from the Internet
- Manual or automatic quality-of-service (QoS) controls to prioritize traffic.
If you have no need for doing any of the above for the second subnet, then you shouldn't worry excessively about Double NAT.
Solution 2
You have the wrong kind of routers to do what you want. Consumer routers want to use NAT on their WAN interface. You want a router that "routes" by IP address. Ergo, Router 1 knows that traffic with IPs in 192.168.1.0/24 need to be sent to Router 2. Router 2 knows that the whole universe outside of 192.168.1.0/24 needs to be sent to Router 1.
I would look for some videos under "CCNA routing and switching". That keyword will get you sources that will begin to explain how ipv4 routing works.
Related videos on Youtube
04 : 16
06 : 37
12 : 54
17 : 53
02 : 20
Javed Ahmadzai
Updated on September 18, 2022Comments
-
Javed Ahmadzai over 1 year
We have 2 routers the first one has the Internet connection and Internet to router 2 is provided in WAN port by first Router's Lan port, so these two are isolated networks, but Router 2 is double Natted I believe, Is there any solution to prevent double natting, I want to keep the networks isolated I could have made the 2nd router access point but then both will have same address space and I would not be able to control router 2's bandwidth.
Will this do the trick if I go with a subnet mask of 255.255.255.128 in both routers?
first router IP range 192.168.0.0-127 second router IP range 192.168.0.128-255Both routers have DHCP enabled.
Is there any way to prevent double Nat with static route ARP binding or whatever just the aim is to keep networks isolated and stop double nat? any trick?
{ ISP } | | (192.168.0.0/24) +------[Router 1]------+ | | | | | | | pc1 pc2 [Router 2] | (192.168.1.0/24) | +-----+------+ | | | pc3 pc4 pc5-
Akina over 4 yearsIf router 2 can act as non-NAT router, it is possible. Especially if router 1 can move router 2 to DMZ. -
Javed Ahmadzai over 4 yearsThe IP addresses don't matter? I don't know how can router 2 act as non Nat router but I have DMZ option in router 1 shall I put the ip address of router 2 in dmz of router 1 am I all done?
-
Daniel B over 4 yearsYou can’t isolate networks like this with consumer-grade hardware (well, software). The inner network will always have full access to the outer network.
-
-
Javed Ahmadzai over 4 yearsThanks for the answer, QoS won't work on router 2? The double NAT router won't be able to prioritize traffic or the root router won't prioritize traffic for the double NAT router? for the DMZ part, I guess my router has the option.
-
harrymc over 4 yearsQoS will work on routers 1 and 2, each for its own network. Devices on network 2 cannot be in the DMZ since router 1 cannot see them.
