Can't Ping Public IPv4 from local Network(not trivial)

[MatzeXp]

Hey guys, 

the Topic might sound simple, but my mind is completly blown atm and I need some guys to help me out

My Setup:
I have a local Server installed and I can access it via the local IP perfectly fine. Now I have set up a domain with a dyndns to reach my Server via Internet. It works perfectly fine when I'm not in my local network.
Here starts the crazy part: I can partially reach my server via my domain in my local network. Small amount of data can be transfered, large amount crashes my router. For example Via NExtcloud I can Backup all my contacts in my WLAN and Videos (30MB) will crash my Router at 10-20%.(whole reason for the thread)
I have noticed that I can't ping my public IPV4 and IPv6 address.
I just had a call with my Internet Provider (unitymedia germany and i have dualstack ipv4/ipv6) and they told me it is not possible to reach my own public ipv4 addres because the router cant handle it and thinks it is some kind of attack. They also claimed this is not possible at all (internetprovider does not mather). For me this sounds a littls ridiculous.

So here is my question:
Is this really not possible to ping your own ipv4 from your local network? Are there some Internetproviders where this is possible? Or does their hardware just suck ass?

 

Thanks for your replies up front

Matze

[Levent]

I believe thing you are trying to do is called NAT Loopback. 

[WereCatf]

4 minutes ago, MatzeXp said:

Is this really not possible to ping your own ipv4 from your local network? Are there some Internetproviders where this is possible? Or does their hardware just suck ass?

Your router is just shit, simple as that. There is no reason why you couldn't ping your public IP from within your local network other than whatever your router has been configured to do. You could replace it with a better one. pfSense is a really great router OS, if you're willing to build your own and learn a little on how IP-networking works.

[MatzeXp]

yeah this sounds like my problem. So it is a hardwareproblem?

[Lurick]

4 minutes ago, WereCatf said:

Your router is just shit, simple as that. There is no reason why you couldn't ping your public IP from within your local network other than whatever your router has been configured to do. You could replace it with a better one. pfSense is a really great router OS, if you're willing to build your own and learn a little on how IP-networking works.

It's called hairpinning or NAT loopback as @Levent pointed out and has nothing to do with the router being shit. It's usually blocked by default because it's going to cause more problems than it solves in 99% of all cases. Some providers consider it a security risk as well.

[MatzeXp]

2 minutes ago, WereCatf said:

Your router is just shit, simple as that

I thought somethink like that. Yeah so thanks guys for the quick replys  Then I'm looking for a new router now 

[WereCatf]

2 minutes ago, Lurick said:

It's called hairpinning or NAT loopback as @Levent pointed out and has nothing to do with the router being shit. It's usually blocked by default because it's going to cause more problems than it solves in 99% of all cases. Some providers consider it a security risk as well.

I do consider a router being shit if such settings are not configurable, but okay, I'll rephrase myself: OP's router doesn't sound entirely suitable for OP's needs.

[MatzeXp]

Just now, Lurick said:

It's called hairpinning or NAT loopback as @Levent pointed out and has nothing to do with the router being shit. It's usually blocked by default because it's going to cause more problems than it solves in 99% of all cases.

Is there hardware which supports NAT loopback or does it cause too much problem and no one needs this feature realy or is there a simpler way?

[Lurick]

2 minutes ago, MatzeXp said:

I thought somethink like that. Yeah so thanks guys for the quick replys  Then I'm looking for a new router now 

I wish you luck finding a consumer grade router that permits this.

 

 

1 minute ago, WereCatf said:

I do consider a router being shit if such settings are not configurable.

https://security.stackexchange.com/questions/16343/is-nat-loopback-on-my-router-a-security-problem

For 99.9% of consumers that don't need it, why should the security risk be exposed?

[WereCatf]

Just now, Lurick said:

https://security.stackexchange.com/questions/16343/is-nat-loopback-on-my-router-a-security-problem

 

For 99.9% of consumers that don't need it, why should the security risk be exposed?

There are a lot of settings that are exposed in most routers, they're just usually hidden behind "advanced" - or "expert" - settings.

[Biomecanoid]

It should be some firewall setting that you should disable.