ISP with Private IP Address Gateway and Multi-WAN Policy Routing?

coolspot · Nov 8, 2023, 1:43 PM

I have a FTTH connection from Bell Canada and I believe they use CGNAT? I noticed my PPPoE Gateway IP address is 10.11.6.145.

I also have a cable connection with a normal public IP address for the gateway.

In the documentation, I noticed it recommends creating a rule to bypass policy routing if the network has multiple LAN interfaces to prevent routing through the WAN gateway. But since my ISP uses a private IP address for the gateway, what should I set for the network range for the "Bypass Policy Routing" rule, do I exclude the 10.0.0.0/8 rule?

JKnott · Nov 8, 2023, 1:43 PM

@coolspot said in ISP with Private IP Address Gateway and Multi-WAN Policy Routing?:

I have a FTTH connection from Bell Canada and I believe they use CGNAT? I noticed my PPPoE Gateway IP address is 10.11.6.145.

I didn't know Bell had sunk so low as to use CGNAT. Doesn't surprise me though, as they don't even offer IPv6, which most, if not all, the cable companies do.

I suspect you still want to follow that documentation, as all that CGNAT will do is keep you from connecting to your network from outside.

stephenw10 · Nov 8, 2023, 1:50 PM

It's common to see a gateway with a private IP address on PPPoE. That doesn't necessarily mean your WAN IP is also in a private subnet or is behind CGN.

coolspot · Nov 8, 2023, 2:48 PM

@stephenw10 Right - but will the "Bypass Policying Routing" rule of 10.0.0.0/8 cause any issues - i.e. flooding the modem with packets that should be for the LAN only?

The reason why I ask is because a few days ago my Bell FTTH saw huge latency spikes when traffic started flowing thorugh it. If I blocked all traffic except for HTTP/HTTPS the connection was stable.

Mysteriously things are OK today, but I'm wondering if the Bypass Policy Rule has any relation to my issues a few days ago.

stephenw10 · Nov 8, 2023, 2:59 PM

@coolspot said in ISP with Private IP Address Gateway and Multi-WAN Policy Routing?:

will the "Bypass Policying Routing" rule of 10.0.0.0/8 cause any issues

No. Not unless that traffic is using the gateway as a destination, which is very unlikely for anything except gateway monitoring. But even so the static route for the gateway would still be valid so without policy routing the traffic would still reach it.

But also are you really using 10/8 locally?

coolspot · Nov 8, 2023, 3:04 PM

@stephenw10 said in ISP with Private IP Address Gateway and Multi-WAN Policy Routing?:

But also are you really using 10/8 locally?

I am not using 10.0.0.0/8 only 192.168.0.0/23.

A few days ago, my network crashed - whenever any "substaintial" traffic passed over the PPPoE link latency would start to skyrocket - climing to as high as 2000ms+.

If I blocked all traffic except for HTTPS the connection seem stable.

Mysteriously late afternoon yesterday everything started to work fine, hence my paranoia that it maybe internal LAN traffic causing issues with my modem.

I only have two rules on my LAN segement. I have zero idea why my modem would behave the way it did a few days ago.

stephenw10 · Nov 8, 2023, 4:03 PM

Oh OK you're just bypassing for all rfc1918. That's fine. Nothing you have set there looks like a problem.