Networking – Two network-ranges, one gateway – Double NAT issue

I have one network 192.168.0.x which is slowly running out of IP addresses.
I wanted to remedy this by creating a second network for mobile devices (192.168.1.x).

The first network has a gateway of 192.168.0.1 and a subnet of 255.255.255.0.

When I got to configure the second network (using an Apple Airport) I set its IP address to 192.168.0.3, its subnet to 255.255.255.0 and its router and DNS to 192.168.0.1. I also activated the DHCP-service for the range of 192.168.1.2 – 200.

This seems to work fine, even though the I received a message that there was a "Double NAT" in the network. Furthermore it tells me "This AirPort base station has a private IP address on its Ethernet WAN port. It is connected to a device or network that is using Network Address Translation to provide private IP addresses. Change your AirPort base station from using DHCP and NAT to bridge mode."

But if I do this, it does not serve the purpose of the AirPort being a separate DHCP for the second address-range (192.168.1.x). Can I just ignore this error, or am I doing something wrong?

Thanks

// EDIT

I also have noticed that if I now try to change anything about the DHCP or NAT setup on the AirPort I get the error message: "The DHCP range you have entered conflicts with the WAN IP address of your base station". It suggests for me to use 192.168.0.2-200 as DHCP range, but that is not what I wanted. This kind of gives me the feeling that I might not have this set up correctly, even though it works – as I mentioned.

# ipcalc 192.168.0.0/23 Address: 192.168.0.0 11000000.10101000.0000000 0.00000000 Netmask: 255.255.254.0 = 23 11111111.11111111.1111111 0.00000000 Wildcard: 0.0.1.255 00000000.00000000.0000000 1.11111111 Network: 192.168.0.0/23 11000000.10101000.0000000 0.00000000 HostMin: 192.168.0.1 11000000.10101000.0000000 0.00000001 HostMax: 192.168.1.254 11000000.10101000.0000000 1.11111110 Broadcast: 192.168.1.255 11000000.10101000.0000000 1.11111111 Hosts/Net: 510 Class C, Private Internet

Best Answer

The message:

There is a "Double NAT" in the network. This AirPort base station has a private IP address on its Ethernet WAN port. It is connected to a device or network that is using Network Address Translation to provide private IP addresses.

is purely a warning message, which you can safely disregard altogether.

The annoying feature of this configuration is that none of the devices on the 192.168.0.0/24 network will be able to talk to those on the 192.168.1.0/24 network. In other words, right now they represent two distinct subnets. You may keep this configuration, if this is of no concern to you.

Alternatively, you may wish to integrate all of your components into a single subnet. You may obtain this in this way (the order of these operations matters):

1.connect to the Airport, and disable DHCP;

2.unplug the ethernet cable from the WAN side of the Airport, and plug it into the LAN side.

3.open the GUI of the main router, and change the mask of the LAN, from 255.255.255.0 to 255.255.254.0.

4.Turn off everything;

5.turn on the router, count to five, turn on all of the devices in whichever order.

By doing this, you will have established a twice-as-large network, with these properties (output of ipcalc):

This way you will have defeated the dearth of IP addresses, while still keeping all of your devices into the same subnet. Turning everything off and on again forces the introduction of the new mask, and the new routing table.

This works provided you do not have static IPs. If instead you do, you will have to manually adjust the mask to reflect its new value, on each device.

Best Answer

Related Solutions

Networking – Set up an Airport Express to use the same DHCP space as the router

Related Question