Why does my modem have an internal IP when the NAT translation is done behind the router?
-
I can, like most modems, log into the configuration file and monitor the coaxial cable signals over the 8 downstreams my ISP has allocated me using the 192.168.100.1 IP address. How is it that I'm able to access that IP address when the modem is technically the next hop after the router? Doesn't NAT restrict all local IP addresses to the 4 Ethernet ports on the router? So how can my WAN port allow access to private IP's? Or is it something that routers firmware, by default, allow because cable modems are so prevalent?
Thanks,
Josh
-
If I think about it your local subnet should be 24 bit and that 192.168.100.1 would be an off net wan address where the modem is just running a webserver.
so 192.168.1.100:80 NAT to 192.168.100.1:80 and back. -
You see this a lot with broadband connections. You are most likely getting NAT'ed on your way through the router, but the cable modem has an entry allowing connections from the IP (or MAC address) of your router. Routers like this typically only have two routes in their routing table. For example, let's assume you are using 192.168.0.0/24 on your internal network. Here's the two routes your router likely has:
192.168.0.0/24 -> Inside ethernet ports
0.0.0.0/0 -> Outside ethernet port
So, even traffic to private IP ranges (10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16) will get routed out to the external interface with the exception of whatever private range you are using for your internal network. After that, the cable company likely adds a rule that allows any connection to the modem if it is initiated from the inside interface. The outside interface would generally be secured.
I hope that makes sense. A picture would probably explain it better. Let me know if that doesn't answer your question and I'll draw one up.
Thanks,
Don
