NAT Hairpin/Loopback issue on ER8411
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
I have recently upgraded to 3/3gb internet from Bell (Canada) and bought a TP-LINK ER8411 Omada router to use as my main router.
My setup/connection is like this: Bell (ISP) --->First SFP+ on ER8411 (internet is working and getting full speed on all 10gb devices)
From Second SFP+ on ER8411--->First SFP+ on YuanLey Unmanaged switch (4x2.5gb+2x10G SFP+)
From Second SFP+ on YuanLey to Microtik CR305-1G-4S+ (Used as bridge to connect my 3 computers with 10g nics) On the Microtik CR305-1G-4S+ all the ports are connected: sfp-sfpplus1=WAN from YuanLey, sfp-sfpplus2=SERVER, sfp-sfpplus3=HTPC, sfp-sfpplus4=PC
Now the odd thing is I have a reverse proxy setup on my SERVER machine and for some reason I cannot access my domain and subdomain on the PC/SERVER/HTPC that are connected to the Microtik CR305-1G-4S+ switch.
I can ping my domain and subdomains and can also access my services with local IP and ports but cant access them from the LAN using my domain and subdomain names.
I know the issue is cause by the TP-LINK ER8411 router, because when I boot/restart the router, for a good 20-30min I can access my domains from all the devices connected to Microtik (10g ports), but after a while I can't access them with my domain names; only with local IP addresses and ports. Its like some function in the ER8411 is triggered after sometime to mess up the Loopback.
So in summary:
Access from outside -> works
Access by domain name inside (over LAN) -> doesn't work
Ping domain from inside -> Gives external IP address
Again as mentioned if I reboot the router everything works for good 20-30min but after that it goes back to the same issue.
Currently the ER8411 is controlled by OC200, but I have also tested in standalone mode with the same result.
Oh, BTW, just conneted my server directly to the second SFP+ port on the ER8411, and I can confirm I still can't access my domain on the LAN over that port; maybe that also eliminated the Mikrotik Switch from the whole equation!
Please help me figure out what is going on!
Thanks in advance.
Clive,
Thanks for taking the time to review and respond to my post:
I have attached a rough diagram of my setup:
I agree with you but to some extent.
As mentioned before I have disconnected everything from the router and tried connecting only the Desktop with Windows Server 2022 Desktop to the second SFP+ port on the ER8411 with same result; and that was without restarting or rebooting the router. Same thing is happening. This means the ER8411 is not able to resolve NAT Loopback, even taking all the other switches and devices out of the equation.
Do you have any suggestions?
Thanks.