I noticed that ISP’s Modem is seeing internal LAN IP Addresses.
The internal LAN IP Addresses are showing up when ISP’s Modem does its own “arp”; as follows:
“arp -i pow0 -d 192.168.37.17”
“arp -i pow0 -d 192.168.37.18”
“arp -i pow0 -d 192.168.37.29”
Occasionally the ISP’s modem will issue an “arp”; as follows:
“arp -i pow0 -s 192.168.37.18 10:56:ca:xx:xx:x”
With last part being MAC address of PepLink’s Balance One’s WAN-1.
After ISP’s Modem does an “arp” it either does it’s own “route add” or “route del”; as follows:
“route del 192.168.37.17 dev pow0”
“route add 192.168.37.19 dev pow0”
Adding to puzzle, is this does not seem to be happening for all devices on LAN. It may happen whether a device has a Static Assigned IP address or is using a DHCP (Balance One) Assigned IP address.
I thought a Router doing NAT / DHCP hid (concealed) the Internal LAN IP addesses from ISP Modems attached to WAN ports. Thus, appearing as if only one device was attached to ISP’s Modem, instead of several devices.
All ISP’s Modem should see is PepLink Balance One’s IP address of “192.168.37.1” and MAC ID of “10:56:ca:xx:xx:x”.
Can you provide detail info how the Balance One is deployed in the network ? Possible please provide a simple network diagram that illusion the IP address use for the ISP modem LAN , Balance One WAN, Balance One LAN for us to discuss further.
This is expected. MAC addresses for LAN hosts will not forward to satellite modem. MAC address belongs to layer 2. However, Balance router is a layer 3 device. Hence, MAC address can’t forward through a layer 3 device.
Please refer here to understand the model of 7 OSI layers.
I understand that. The issue is why is Satellite Modem able to see some LAN internal IP Addresses, when Balance One router should be hiding those IP Addresses?
Understand, the Satellite Modem is actually picking up real LAN internal IP Addresses, then doing an “arp” on those LAN Internal IP Addresses.
Satellite Modem should really only see Balance One’s IP address of “192.168.37.1” and it’s MAC ID of “10:56:ca:xx:xx:x”.
It is an Assigned Persistent IP Address (72.173.xx.xx). Meaning it is same for long periods of time (months).
However, Persistent IP Address will change if MAC ID of device connected to Satellite Modem’s one Ethernet Port is changed. Persistent IP Address might also change if ISP makes changes to their service.
If I remember correctly, the ISP will allow the Business connection to have assigned up to three different Persistent IP Addresses at a time.
The Balance One connected to Satellite Modem is set to “NAT” Routing Mode.
The Balance One is connected via PepVPN to another Balance One’s WAN-1 and that one is also set to “NAT” Routing Mode.
Another datapoint on that. I am experiencing some issues with cable modems denying internet access to the Peplink SOHO, and while I still haven’t been able to confirm the problem here is the issue, I do see some local LAN ARP broadcasts on the WAN port, including Local LAN IPs and MAC addresses of devices behind the NAT firewall. Those devices should not be visible on the WAN port and those ARP should be dropped on the WAN, but according to the capture logs it is possible these are being forwarded on to the WAN link.
This could explain why I am having problems, because ISP cable modems typically only allow one MAC address to go through, so if one of these ARPs got to the modem before the SOHO’s own ARPs, the modem could lock onto the MAC address of the internal LAN device instead of the SOHO’s MAC.
Currently have an open ticket with @sitloongs on this modem issue. I think it is highly possible the problem here might be the root cause of mine.
Running FW 7.1.
@peparn, We still investigating the ticket created by you #785165.
For @AstiRusty issue, the issue is resolved. The issue are not the same as the issue that you reported. If you read the forum thread title “LAN IP Addresses with WAN-1 MAC IDs”, the issue are confirmed is a bug that the Source IP in some conditions is not NATed. This confirm fixed in latest firmware.
