When I try to port forward on my router, nothing gets through making me think I am double natted?
when I go to I see the public ip referenced below but when I do a tracert, it seems to get a private ip quite early on as noted below.
What do you think is wrong?
tracert 8.8.8.8 1 <1 ms <1 ms <1 ms OpenWrt.lan [192.168.1.1] 2 <1 ms <1 ms <1 ms soOnAndSoFortth.net [148.77.1XX.XX] 3 <1 ms <1 ms <1 ms 10.2.200.1 4 1 ms 1 ms 1 ms 148.77.35.50 5 2 ms 2 ms 2 ms 148.77.24.157 6 2 ms 2 ms 2 ms 64.15.3.150 7 4 ms 3 ms 3 ms 64.15.6.8 8 4 ms 3 ms 4 ms 72.14.215.203 9 3 ms 3 ms 3 ms 108.170.225.8 10 3 ms 3 ms 3 ms 172.253.72.117 11 3 ms 3 ms 3 ms dns.google [8.8.8.8]2 Answers
Double NAT is likely not involved. What is happening at hop 3 is that you are connecting through a router interface that does not have a public IP. As you already likely have a public IP (as per hop 2), its just the router which does not have a public IP.
It is entirely practical for internal routers without a public IP to route between 2 routers with public IPs.
Similarly, if you were being routed via an ISP NAT, it would more likely be in the 100.x.x.x range as that is set aside for carrier grade NAT.
It is impossible to totally rule out double NAT - you can even NAT public IPs, but it is unlikely this is the case as this kind of setup wpuld be quite unusual in an ISP environment as it serves little valid purpose here.
3The third hop 10.2.200.1 is a private network address. The next hop 148.77.35.50 belong to "Cablevision Systems", is this possibly your ISP?
If yes, and given the ping times, my guess would be that your ISP uses carrier grade NAT, and these are the internal hops.
Which means you can make port forward settings as much as you like, your ISP just doesn't route anything incoming to you. At least in the EU, this is quite common (because IPv4 address have run out). It's also common that you can make a more expensive contract (often a "business contract") that gives you a public IPv4 address that gets routed to you.
3
