Tried to NAT hole punch the router in a loop, why didn't it work?

Comments on this answer indicate, that the NAT is not consulted if the destination is in the same network. But what if the destination is the public IP of the router, not 192.168.x.x or similar? I mean, the destination has to be rewritten, so why isn’t NAT done? Or doesn’t it even get routed in this case?

What I was doing:

ncat.exe -p 33333 84.x.x.x 55555

Which terminated after some seconds with:

Ncat: .

While I briefly saw:

TCP    192.168.178.36:33333   84.x.x.x:55555   SYN_GESENDET
[ncat.exe]

In the Netstat output. So far, kinda as expected. Then I fired up XAMPP with listening port on 33333 as quick as possible, opened the browser, entered: 84.x.x.x:33333, but it timed out.

Andi Cox

Posted 2015-10-10T00:31:26.247

Reputation: 5

1@JakeGould Thanks for editing my question. Why is there a difference between "isn’t" and "isn't"? I do not even have the "’" on my keyboard. – Andi Cox – 2015-10-10T12:06:23.110

Answers

NAT translates packets from your internal machines to appear as your external IP to the external network (port doesn't matter). On the way back, it translates them again so the packets go to the right internal computer.

If you target your external IP from inside, it gets confused trying to do NAT (to and from the same external address).

So if your router doesn't support hairpin/loopback NAT as a feature, it fails to route it properly because it can't figure out how to translate. If the router supports hairpin, it'll be smart enough to just route/re-direct traffic back inside (with out actually NATing it).

Ƭᴇcʜιᴇ007

Posted 2015-10-10T00:31:26.247

Reputation: 103 763

So, what I was trying to do wouldn't work either with or without my router supporting loopback? Is it safe to say, that my router doesn't support loopback because otherwise I could access my http through 84.x.x.x:33333? – Andi Cox – 2015-10-10T11:58:43.560