Loopback enable/disable

Discussion in 'HyperWRT Firmware' started by penkert, Mar 1, 2006.

  1. penkert

    penkert Network Guru Member


    Is there an option in Thibor/Tofu to enable or disable the loopback option? Loopback seems to be working in my setup, so it must be on, but I'm experiencing difficulties with Windows file sharing. In other firmware distributions turning off loopback has always solved this problem for me in the past, but I don't know how to do that in Tofu13c which is in use on my routers.
    Thank you very much!

  2. snwbdr

    snwbdr Network Guru Member

    Hi I use Thibor 14 it has this option called the spanning-tree protocol. Spanning-Tree Protocol: Prevents loops when there are multiple paths in the network. Not sure if Tofu has this, but I would think so because they are pretty much the same. It is on the Basic Setup page. If you have it just disable it. :)
  3. Thibor

    Thibor Super Moderator Staff Member Member

    stp isn't the same thing. In the firewall page, "Filter Internet NAT Redirection" is Loopback, if it is checked, loopback is disabled.
  4. snwbdr

    snwbdr Network Guru Member

    Oops sorry about that. Learn something new everyday.
  5. penkert

    penkert Network Guru Member

    Hmm, I now checked the "Filter Internet NAT Redirection" (firewalling is enabled, of course) but I can still access port forwarded services on my internal network thru my DNS alias. Any ideas?
  6. Thibor

    Thibor Super Moderator Staff Member Member

    nope, i thought disabling loopback meant that to see your local servers you were forced to go out on the internet rather than routed through the router.
  7. penkert

    penkert Network Guru Member

    All right, obviously my way of determining if loopback is enabled or not was wrong altogether then. I guess the reaction speed of internal services when accessed thru a DNS alias would be the proper way then. Thank you very much for the explanation, Thibor!

    Is there anybody out there who also experiences trouble browsing his/her Windows network neighborhood? If so, did you find the cause for it? As I said, in the past turning off the loopback service on other firmware distributions has fixed this misbehavior for me.

    Anyway, Thibor/Tofu HyperWRT ist the best firmware I've run across so far, so I'm gonna stick with it no matter what.
  8. Disman_ca

    Disman_ca Super Moderator Staff Member Member

    When "Filter Internet NAT Redirection" (loopback) is enabled (meaning not checked), the router will NAT all wired/wireless clients. Name resolution from the client will appear to come from the WAN address. So http://www.mydns.com will resolve back to your internal address (usually a port forward to a local web server). This in affect breaks "Network Neighborhood" or workgroup browsing because all names will resolve back to the WAN IP of your router or not at all.

    When "Filter Internet NAT Redirection" is disabled (meaning checked), local name resolution will be handled on the LAN side by the router and local names will be resolved to IP. Further more, you won't be able to resolve http://www.mydns.com because the router will not allow you to resolve the address to your WAN IP.

    I believe the whole idea of "Filter Internet NAT Redirection" was intended for port forwarded addresses to be able to be resolved by LAN clients. Unfortunatley the side affect is local name resolution is broken.

    BTW, Don't forget to reboot the router to ensure the loopback change takes affect. If you can ping a workstation name and get back a response by IP then loopback is disabled. If you then attempt to browse the workstation shares and get an access denied, you are now dealing with share permissions. I hope I helped and didn't confuse the issue further.
  9. penkert

    penkert Network Guru Member

    Hi Disman_ca!

    Your answer has been very illuminating. Thank you very much! I'm still trying to understand why this behavior is a technical necessaty (on the implementing side that is) but that's a different story. :)

  10. G_Styles

    G_Styles Network Guru Member

    Windows file sharing uses Netbios name service, not DNS. If you are trying to resolve local names from an internet name service such as Dynamic DNS, it won't work. You will need an internal DNS server that is authoritative to your zone. Then you can have Dynamic DNS resolve your internet Domain name, and Query your Authoritative DNS server for a response to the query. And return that query to your local host. If you want to fix local file sharing in a windows network scenario, you may consider setting up a WINS server in your internal network. But if you want names inside your private network to be resolved from internally and the internet, you will need your own DNS server.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice