My ISP said there is no "second router" yet I can see I'm behind a double NAT. What can I do?

[HeyCrest]

I have a router at home, and its WAN IP is 10.x.x.x which means I have a double NAT situation. The required ports for my game are forwarded in my router yet they're blocked. Another proof that I'm behind a double NAT. I called my ISP to ask them to forward the necessary ports from their side but they said there is no router/modem on their side that's blocking ports. Apparently all they have is a switch. So the wire that comes into my home router goes to an ON/OFF switch which is supposedly directly connected to the internet. But how is that possible, as my router clearly has a private IP that is different from my public IP, and on top of that I have strict NAT type on my games. How do I solve this issue?

[Skiiwee29]

if you have a 10. WAN IP Address, its not a double nat... but sounds like you're behind a CGNat. Only way to get the ports you need is to get a static IP address to bypass the CGNat solution your ISP has in place. 

[HeyCrest]

1 minute ago, Skiiwee29 said:

if you have a 10. WAN IP Address, its not a double nat... but sounds like you're behind a CGNat. Only way to get the ports you need is to get a static IP address to bypass the CGNat solution your ISP has in place. 

Can you please guide me how to do that? I have set a static IP for my PC when I forwarded ports in my home router. How do I get it to bypass the CGNat?

[Skiiwee29]

Just now, HeyCrest said:

Can you please guide me how to do that? I have set a static IP for my PC when I forwarded ports in my home router. How do I get it to bypass the CGNat?

You will have to pay for a static IP address from your ISP to get a proper individual IP address. 

[HeyCrest]

Just now, Skiiwee29 said:

You will have to pay for a static IP address from your ISP to get a proper individual IP address. 

Is there no other way? The reason I ask this, is because my ISP probably does not offer it. When I called him about this issue he was completely clueless and had no idea what port forwarding or NAT is.

[Skiiwee29]

1 minute ago, HeyCrest said:

Is there no other way? The reason I ask this, is because my ISP probably does not offer it. When I called him about this issue he was completely clueless and had no idea what port forwarding or NAT is.

To get around the CGNat, no there is no other way. Its becoming more and more common as IPv4 space is no longer available and IPv6 isn't ready for full deployment yet. I have several ISPs I work with that utilize this to save IP space and its common for gamers to need static IPs so they can do proper port forwarding to open up the NAT for Xbox and PSN. 

[HeyCrest]

Just now, Skiiwee29 said:

To get around the CGNat, no there is no other way. Its becoming more and more common as IPv4 space is no longer available and IPv6 isn't ready for full deployment yet. 

Thanks a lot for your help. I appreciate it.

[porina]

As a workaround, VPN might help? Especially if it is a gaming service like WTFast. I have no experience of using these but just throwing it out there as an option.

[brwainer]

45 minutes ago, Skiiwee29 said:

 

if you have a 10. WAN IP Address, its not a double nat... but sounds like you're behind a CGNat.

 

I agree that they are behind a carrier NAT, but this is still a double NAT regardless of the cause. CGNat specifically is supposed to use 100.64.0.0/10 as the intermediate subnet, so it doesn’t cause a routing issue with a client device potentially having the same subnet. Using this subnet is the only thing that makes a NAT “Carrier-Grade”.

 

Otherwise I agree with your advice that the only thing that can be done is get a public IP.

[Skiiwee29]

3 minutes ago, brwainer said:

I agree that they are behind a carrier NAT, but this is still a double NAT regardless of the cause. CGNat specifically is supposed to use 100.64.0.0/10 as the intermediate subnet, so it doesn’t cause a routing issue with a client device potentially having the same subnet. Using this subnet is the only thing that makes a NAT “Carrier-Grade”.

 

Otherwise I agree with your advice that the only thing that can be done is get a public IP.

I agree, but I do have clients who use 10. IPs for there CPE IPs instead of the 100.64 scopes so its not uncommon. 

[Alex Atkin UK]

3 hours ago, Skiiwee29 said:

I agree, but I do have clients who use 10. IPs for there CPE IPs instead of the 100.64 scopes so its not uncommon. 

Though very very stupid as it could cause issues with private LANs or VPNs, thus why the CGNAT range exists.

[Donut417]

21 hours ago, zhnu said:

I would not do business with my ISP if they did such kind of practices. Well that aside Reddit has good solutions already https://www.reddit.com/r/HomeNetworking/comments/j5bhvc/bypass_cgnat_options/

TL;DR buy a vpn if you don't mind a small delay on your ping or get a public ip from your ISP.

Depending on where you live in the world, you would go with out internet. Carrier Grade NAT is used to preserve the IP addresses the ISP has. They can’t get any more. Many places in Asia use carrier grade NAT. Most cellular providers use it as well, even in the US. 

[Donut417]

Just now, zhnu said:

Is not a proper solution it breaks security, the ISPs can use other solutions to get around the problem but I think personally they opt-in on this solutions so they can block illegal streams and limit users data transmissions (torrents and such).

They use it because it’s easy to implement. Like I said, NO more IP v4 addresses. It’s pretty much that simple. 

[Donut417]

1 hour ago, zhnu said:

Really then checkout on AWS how many you can allocate for 0.50€ each.

That’s because America had control of the internet till recently. I’m sure we influenced the internet gods to get more IPs. 
 

It’s still a fact that we ran out of IPv4 addresses years ago. Look it up. IPv6 is the solution, but ISPs are too cheap to deploy IPv6 gear. So most of the internet uses IPv4 till this day. 

[Donut417]

2 hours ago, zhnu said:

No that's not at all how it works, countries have specific ranges assigned to them, AWS has multiple datacenters and you can select the region. AWS has a London region, go check it out if you can or not allocate there a public ipv4 address.
ISPs already have "IPV6 gear" don't really know what you're ranting about.

Not all ISPs have the gear, as not all ISPs supply IPv6. Not all websites use IPv6. Having gear available for purchase, is not the same as having the gear in the damn data center. ISPs are businesses, they don’t give a shit about the customer as long as they are making money. Which is why we have had slow deployment of IPv6. 
 

Also your not taking population in to account. There are 1.4 Billion in China alone and about that many in India. That’s why certain regions are IP exhausted. ISP’s are keeping the public IP’s for businesses as they will pay more than a residential customer.