Reviews:
 ·Optimum Online
 ·Callcentric
 ·Verizon FiOS
| Downsides of double NAT for VOIP What are the downsides of double NAT for VOIP (and possibly other applications)? I often see opinions that it may cause problems but not exactly what these problems are.
FWIW I have OBi-202 (which may end up behind double-nat) with Anveo and CallCentric as providers. |
|
Reviews:
·Anveo
| said by JoeSchmoe007:What are the downsides of double NAT for VOIP (and possibly other applications)? I often see opinions that it may cause problems but not exactly what these problems are.
FWIW I have OBi-202 (which may end up behind double-nat) with Anveo and CallCentric as providers.
I don't double NAT, but I have in the past and everything worked as normal.
--
DPC3825 (bridged mode) - WRT610N + Tomato - Panasonic KX-TGP500 - Asterisk 1.8.10 on Virtual Server
Anveo - FreePhoneLine - Voxbeam - Numbergroup - Callcentric - VoIP.MS - Localphone - UKDDI |
|
MartinMVoIP.msPremium,VIP
join:2008-07-21 | said by grand total:I don't double NAT, but I have in the past and everything worked as normal.
Same here, currently on Double NAT at home with various IP Phones and OBIHAI 100, no problems at all. Double Nat'ed router is an Apple Airport Extreme with 2 Airport Express wifi extensions.
--
Martin - VoiP.ms |
|
Mangowww.toao.net
join:2008-12-25
Alberta
kudos:11 Reviews:
·Anveo
·Shaw
·AcroVoice
·Callcentric
·callwithus
·voip.ms
·FreePhoneLine
 ·TELUS
| reply to JoeSchmoe007
Double NAT can work properly; the only problem is it adds an additional point of failure that may make troubleshooting more difficult. Instead of troubleshooting one router, now you have to troubleshoot two. Also, now you have double the chances of one of the routers having a corrupted NAT table. If both routers are VoIP-friendly and stable, it should theoretically work (as the other posters have mentioned.)
On the other hand I've done double NAT with a Tomato router behind a D-Link router. That was a recipe for failure. |
|
Reviews:
·Optimum Online
·Callcentric
·Verizon FiOS
| said by Mango:...
On the other hand I've done double NAT with a Tomato router behind a D-Link router. That was a recipe for failure.
Can you elaborate? How did it manifest itself? |
|
|
|
Mangowww.toao.net
join:2008-12-25
Alberta
kudos:11 Reviews:
·Anveo
·Shaw
·AcroVoice
·Callcentric
·callwithus
·voip.ms
·FreePhoneLine
·TELUS
| The D-Link router in question was one of a few that has a bug that classifies normal internet traffic as "attack traffic" and blocks it. This manifested occasionally as ~30 seconds of no audio. The problem wasn't specifically related to the double-NAT but it took me a while to figure it out because I wasn't sure which router was causing the problem. |
|
mdseuss
join:2012-05-27
Worcester, MA | Double the NAT, double the FUN 
As Mango said, two very well behaved routers will probably work. Otherwise you amplify the bad behaviors of both and get call setup or audio issues. |
|
| reply to JoeSchmoe007
It should be fine. I had one client who would daisy chain vonage adapters. I think at one point they had up to 4 devices daisy chained to each other.
--
»www.reverse.net |
|
garys_2kPremium
join:2004-05-07
Farmington, MI Reviews:
·callwithus
·Callcentric
| reply to JoeSchmoe007
said by JoeSchmoe007:What are the downsides of double NAT for VOIP (and possibly other applications)?
I try my best to avoid double NAT if at all possible, but I had to do that to get my Roku working properly. It wouldn't work with my router's Squid proxy, even running "invisibly." I had to set up a new subnet behind my LAN with a different IP range. Since a Roku box has to have DHCP service (it cannot be manually set to an IP, DNS, gateway) I had to stack on another router to provide that service.
Anyway, no problems at all. I get the videos just fine despite the two layers of NAT. |
|
cb14
join:2013-02-04
Miami Beach, FL Reviews:
·localphone.com
·Callcentric
·AT&T U-Verse
 ·T-Mobile US
·Google Voice
·magicjack.com
| reply to Mango
I know that this is an old thread, but do you think that setting up a second router would cause problems if you put the settings on the first router in DMZ and in addition to that manually disable anything what could block traffic, thus letting the first router just as pass through? |
|
Reviews:
·Callcentric
| said by cb14:I know that this is an old thread, but do you think that setting up a second router would cause problems if you put the settings on the first router in DMZ and in addition to that manually disable anything what could block traffic, thus letting the first router just as pass through?
Probably not, but what purpose would the first router serve if it was emasculated? |
|
cb14
join:2013-02-04
Miami Beach, FL Reviews:
·localphone.com
·Callcentric
·AT&T U-Verse
·T-Mobile US
·Google Voice
·magicjack.com
| said by Gershom 1624 
Probably not, but what purpose would the first router serve if it was emasculated?
[/BQUOTE :The first router is a part of a proprietary ATT gateway causing problems and letting that " disappear" could mean the end of troubles. Even neutered, it will still have a purpose- with it's 51 W consumption it will function as a space heater on one of our 6 cool days per year.  |
|
Reviews:
·Callcentric
| Note that the ISP may use NAT as well, so some people may be multinatting without even knowing it. Doing traceroutes, I see that my ISP is using both the 10.x.x.x and the 172.16.x.x ranges, so they are using NAT to build out their whose subscriber base. For all I know, since I see both private address ranges, they may even be doing double NATting before it gets to me. And then I use NAT to the 192.168.x.x space for my own distribution.
PS: My VoIP works like a charm. |
|
scooper
join:2000-07-11
Youngsville, NC
kudos:2 | reply to JoeSchmoe007
I have on occaision done double NAT with no issues. All my routers are Netgear. |
|
 TrevIP Telephony AddictPremium
join:2009-06-29
Victoria, BC
kudos:4 | reply to Ole Juul
said by Ole Juul:Note that the ISP may use NAT as well, so some people may be multinatting without even knowing it. Doing traceroutes, I see that my ISP is using both the 10.x.x.x and the 172.16.x.x ranges, so they are using NAT to build out their whose subscriber base. For all I know, since I see both private address ranges, they may even be doing double NATting before it gets to me. And then I use NAT to the 192.168.x.x space for my own distribution.
Assuming you're on Telus DSL and seeing something like this:
linuxsrv ~ $ traceroute google.ca
traceroute to google.ca (173.194.33.24), 30 hops max, 60 byte packets
1 tomato (192.168.x.x) 0.335 ms 0.566 ms 0.654 ms
2 10.31.128.1 (10.31.128.1) 21.323 ms 21.472 ms 36.694 ms
3 75.154.217.103 (75.154.217.103) 16.978 ms 17.584 ms 17.893 ms
4 96.1.252.131 (96.1.252.131) 17.759 ms * *
5 209.85.249.32 (209.85.249.32) 18.728 ms 18.895 ms 18.947 ms
6 209.85.253.24 (209.85.253.24) 19.642 ms 16.370 ms 16.557 ms
7 sea09s01-in-f24.1e100.net (173.194.33.24) 16.420 ms 15.576 ms 15.768 ms
I still have a public IP address and thus do not need to be NATed by them.
If your router/modem receives a private IP address, that's another story, but it's my understanding that Telus is not doing this (yet).
--
I represent AcroVoice, a full service Canadian VoIP Provider.
Buy your Obihai ATA shipped from within Canada. |
|
Reviews:
·Comcast
·Callcentric
·AT&T Wireless Br..
·Suddenlink
| Now, yes, this is mobile VoIP. But it is pertinent to this thread because of NAT.
Now, with AT&T cellular data service, you have a LOT of NAT.
Even before you get out to non-AT&T IP space (e.g. anything other than 12.x.x.x), you've already crossed about 7 or 8 NAT boxes.
Between me on AT&T and Callcentric, there are about 22 hops, and 10 or so are just AT&T 10.x.x.x, 172.x.x.x and 12.x.x.x IP ranges.
This is why mobile VoIP worked so horribly on AT&T, they had awful latency because of all the stupid NAT boxes and it took 10 hops just to get onto the Internet (120ms was a good day, a bad day was 200ms and constant switching between H+ H and 3G all the time).
This is why I moved to Sprint yesterday. Mobile VoIP has never worked so great before!
With Sprint, there are about 20 hops, just like AT&T, and they do use NAT (with weird 66.87.x.x and 66.29.x.x public IPs), however the big difference is there's no stupid constant 'stepping down' to and from 3G and HSDPA all the time (that killed the latency and constant connections).
The other difference is the latency. On Sprint, 80-90ms is pretty much all the time, at least around here. I'm perfectly willing to sacrifice speed (AT&T's big draw) for better latency (arguably, Sprint's draw). |
|
Reviews:
·Callcentric
| reply to Trev
said by Trev:Assuming you're on Telus DSL and seeing something like this: . . .
Even though hop 2 is from Telus, it doesn't mean there is double nat. It simply means they've been efficient and have used internal IP addresses for their on-net gateways. You're quite right, I mustn't assume that there are two NATs from my ISP. However, I just checked and all six hops between my 192.168.1.1 and the first publicly routable address are in the 10.x.x.x range. So I think it's safe to assume that if I want to have a local network that I can't avoid double natting. I think many people are going to be in the same situation unless they have a publicly routable IP address for themselves which is pretty much just a city thing as far as I know. Anyway, I just wanted to point out that ISP NATting counts too. |
|
| reply to XANAVirus
said by XANAVirus:Now, with AT&T cellular data service, you have a LOT of NAT.
Even before you get out to non-AT&T IP space (e.g. anything other than 12.x.x.x), you've already crossed about 7 or 8 NAT boxes.
Take a look at Trev's post above yours »Re: Downsides of double NAT for VOIP. You are not crossing "NAT boxes" when you see private addresses. Those just happen to be the IP addresses that correspond to the router interfaces that return packets from your traceroute packets. |
|
