Is this double NAT?

shetu

Thanks. I will do this

shetu

Hello
i install pfsene in physical pc and add wan connection. but do not get public ip, only wan ip.
note: my isp has all connection same public ip.


johnpoz

Dude if your not getting a public IP then your behind a ISP nat..  So before you were triple nat, now your only double nat ;)

jahonix

That's IPv4.
Maybe if you use IPv6 you get a public IP there?

shetu

Now what should i do? My isp can't help me about this matter, because they are only watch that I have internet connection or not.

johnpoz

So do they forward inbound unsolicited traffic to your rfc1918 address?

Seems unlikely that this could be all of them and not just maybe if lucky a handful you can use since you state "my isp has all connection same public ip"

If you need unsolicited inbound traffic, change ISPs - or possible as mentioned IPv6 could be used?  But such a lame little isp I find this unlikely.  You could prob use a VPN that you run yourself on some vps to allow for inbound traffic to your setup.  Or leverage some vpn service that allows for forwarded traffic through the vpn to your end point.

JKnott

Now what should i do? My isp can't help me about this matter, because they are only watch that I have internet connection or not.

A big problem these days is many ISPs don't have any global unicast addresses available to give to customers, which means they are forced to use NAT.  That appears to be the case with you.  There is no way around it on IpV4.  The only way around it is IPv6.

johnpoz

^ this is true when use up all the IPv4 space ;)

Blame can be spread around to all over the place.. ISPs, companies not giving back when they have no real use of the space they have, etc.  We have /16 and can tell you we use very small % of that..  Starting to get emails asking to rent some of our IPv4's

As mentioned your only solution is to use IPv6 - which if your isp has no ipv4s to work with you would think they would be pushing their clients to ipv6.  Move to a bigger ISP is your other solution.

JKnott

ISPs, companies not giving back when they have no real use of the space they have, etc.

Even if they all gave back the unused IP address blocks, there still wouldn't be enough.  There are already more mobile devices than there are IPv4 addresses.  The only situation, which should have happened years ago, is IPv6.  I've been running it for 7 years, but first heard of it 22 years ago.

I really get fed up with those who claim IPv4 is good enough, NAT will extend addresses, companies can give back unused blocks etc..

IPv4 has been inadequate for years, ever since NAT became necessary due to the address shortage.

johnpoz

Agree I have been using ipv6 for many years.. Got my HE sage cert/tshirt back in 2011..

I am on tmobile phone and it doesn't get an IPv4 any more just IPv6.

Completely agree IPv6 is the future - but some better management of ipv4 could of staved off the exhaustion for some time.  There is prob little reason for any sort of mobile device to get a ipv4 address from LTE, etc.

Giving a school back in the day when internet first started a /8 was not forward thinking ;) heheh

JKnott

I am on tmobile phone and it doesn't get an IPv4 any more just IPv6.

Mine too.  My cell carrier uses 464XLAT to provide IPv4 support.

Giving a school back in the day when internet first started a /8 was not forward thinking ;) heheh

Of course, that predated personal computers, tablets, cell phones etc.  The 32 bit addresses were intended only to be for a demonstration, with larger addresses when "officially released" at least according to Vint Cerf.