Community discussions

MikroTik App
 
Armitage
just joined
Topic Author
Posts: 3
Joined: Sat Aug 29, 2020 2:43 am

Loopback not working CRS305-1G-4S+IN

Sat Aug 29, 2020 3:43 am

I recently bought a new router, a TP-Link Archer C5400X. Downstream from it i have a CRS305-1G-4S+IN to which all my equipment are connected to. I drew a picture to illustrate it better:
Image
When i try to access TrueNAS or the Nextcloud instance i have running on it via the domain i am using from equipment connected to the CRS305-1G-4S+IN, the connection times out. I can still access it via the local ip but this throws SSL errors since the common name is wrong. If i connect my equipment directly to the C5400X it works when i try to access it both using the domain and the local ip. It seems like the CRS305-1G-4S+IN is interfering with NAT loopback, and i do not understand why it is not working.

Earlier i had an Asus RT-N66U and this worked without problem, and i had everything connected exactly the same way just with another router.
 
mkx
Forum Guru
Forum Guru
Posts: 5272
Joined: Thu Mar 03, 2016 10:23 pm

Re: Loopback not working CRS305-1G-4S+IN

Mon Aug 31, 2020 9:05 am

When you connect equipment directly to C5400X, you probably use separate port for NAS. Which might indicate that TP-Link supports hair-pin NAT only between different interfaces. In ROS world this would indicate partial implementation of functionality (without SRC-NAT part) which means that server (NAS) sees real client's LAN address as source and sends replies directly, bypassing TP-Link which can not rewrite DST-NAT-ed contents (dst-address and dst-port).

So nothing to do with CRS and you'd experience same problem when using just any ethernet switch in place of CRS.

The solution would be to run DNS server on LAN, which would return LAN IP address for your services. It works fine as long as you don't depend on port translation on WAN interface (e.g. running some secondary HTTP service on secondary LAN server, exposed to public via non-standard port such as 8000).
BR,
Metod
 
Armitage
just joined
Topic Author
Posts: 3
Joined: Sat Aug 29, 2020 2:43 am

Re: Loopback not working CRS305-1G-4S+IN

Mon Aug 31, 2020 7:47 pm

You might be on to something here. I tried switching to a Netgear GS105 unmanaged gigabit switch and the result was the same, i can only reach my NAS when i try to connect to the ip but no when i use the domain name. Thanks for pointing me in the right direction, i didn't expect to be able to get any clarity why this happened! I'll talk to TP Link support and maybe return it for an ASUS model instead since my last router came from them and worked without problem.
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1948
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Krugersdorp (Home town of Brad Binder)
Contact:

Re: Loopback not working CRS305-1G-4S+IN

Mon Aug 31, 2020 8:12 pm

You might be on to something here. I tried switching to a Netgear GS105 unmanaged gigabit switch and the result was the same, i can only reach my NAS when i try to connect to the ip but no when i use the domain name. Thanks for pointing me in the right direction, i didn't expect to be able to get any clarity why this happened! I'll talk to TP Link support and maybe return it for an ASUS model instead since my last router came from them and worked without problem.

Wow, is this not a bit "back hand" slap in the face

Come to Mikrotik forum, gets resolved and points out where problem is (not on Mikrotik), then want to replace the crappy device with different make crappy device, why not replace it with a Mikrotik???
MTCNA, MTCTCE, MTCRE & MTCINE
 
Armitage
just joined
Topic Author
Posts: 3
Joined: Sat Aug 29, 2020 2:43 am

Re: Loopback not working CRS305-1G-4S+IN

Mon Aug 31, 2020 8:18 pm

Woah, sorry, didn't mean anything bad i just think it is too advanced for me. I am really satisfied with the switch, but i am really just a consumer and what i saw from RouterOS during the short time it took me to change so the CRS305-1G-4S+IN to boot in SwOS, it is far far over what i can handle. If i could handle it, i would very well be open to replacing it with a Mikrotik, of course! Or is there a Mikrotik router that you think i could handle?

Again, sorry.
 
mkx
Forum Guru
Forum Guru
Posts: 5272
Joined: Thu Mar 03, 2016 10:23 pm

Re: Loopback not working CRS305-1G-4S+IN

Mon Aug 31, 2020 8:45 pm

Unfortunately (or fortunately, depends on point of view) all Mikrotik routers are configured the same way. Indeed that way is not the easiest one, e.g. before mentioned hair-pin NAT can not be simply enabled, one has to configure a few NAT rules. If you feel you're not up to such tasks, then RouterOS may in deed not be the right choice for you.

If you decide to bite the bullet, then you're most welcome to ask questions.
BR,
Metod

Who is online

Users browsing this forum: Extrems and 7 guests