Mypep.link addresses: Limiting which WANs it maps to

zegor_mjol · February 26, 2025, 9:58pm

Background:

A router with multiple (three in our case) WAN connections, all cellular. Assume its peplink identity is “findmyrouter.mypep.link”
Two of the connections have static IP addresses.
One has a NAT address provided by the carrier (TMO), 192.0.0.2. The NAT address is not recognized as “private” by InControl2.

Issue:
All three addresses are reported as public addresses for the device in response to a DNS query on “findmyrouter.mypep.link”, but only two of them are routable. Consequently, attempts to connect to “findmyrouter.mypep.link” may fail or succeed, depending on which IP address is provided by the DNS.

Wish:
Is there any way to turn off the NAT’ed address as one of the publicly reported ones? Similar to the “Resolve Private IP Address” option, expanded to “Do Not Resolve the IP Address on WAN names”. Or something else and clever that prevents IC2 from believing the particular WAN(s) to be routable?

Cheers,

Z

zegor_mjol · March 4, 2025, 3:00am

Work-around:

There is a way to work around this with an extra layer of redirection.

One creates an outbound policy to send the IC2 connections through either of the two routable-address connections, with a fall-through to the generic rule if those two address connections are down.

Then “ic2-detected.findmyrouter.mypep.link” will be a routable address, if any such exists.

Or maybe a bit more prettily: Assume one has one’s own domain “mydomain.com” and we are OK with using “findmyrouter.mydomain.com” as the name to be referenced.

Then let findmyrouter.mydomain.com resolve to “ic2-detected.findmyrouter.mypep.link”

Then as long as either of the two routable connections are up the connection can be made from the internet side of things.

If they are both down then IC2 will still have access, but the device itself will not be generally addressable since the DNS lookup will yield a non-routable address.

FWIW.

Cheers,

Z