Posted: Sat Sep 25, 2021 13:17 Post subject: Can WAN DHCP Server be on different subnet than WAN Gateway?
Is it possible to have WAN DHCP Server on a different subnet (private IP) than WAN Gateway (public IP)?
When my personal router is in Router Mode and ISP Router is in Bridged Mode:
- ISP uses private IP 172.16.Z.Z for the first hop and based on sniffing DHCP request and replies, the same private ISP IP 172.16.Z.Z acts as WAN DHCP Server, but assigned WAN Gateway IP is always a public IP that is not on the same subnet as 172.16.Z.Z.
When my personal router is in Router Mode and ISP Router is in Router Mode (Double NAT):
- ISP uses private IP 172.16.Z.Z for the first hop and the same private ISP IP 172.16.Z.Z acts as both - ISP router DHCP Server and ISP router Gateway, but assigned WAN Gateway IP is always a public IP that is not on the same subnet as 172.16.Z.Z.
Questions:
1. Is that normal? Can DHCP servers provide gateway IP's that are not on the same subnet as the DHCP server?
2. When my personal router is in Router Mode and ISP router is in Bridged Mode, 172.16.Z.Z DHCP Server sends DHCP reply packets every 5 seconds, even after my personal router receives a Gateway IP and connects to it. Is that just a misconfigured DHCP server?
Below are the screenshots is from my ISP-provided router. There is WAN (public IP) and then there is DOCSIS WAN (private IP).
I am not sure if that is considered CGNAT. I think cable ISP's use private IP middle-box routers for neighborhood nodes, similar to DSLAM boxes. I doubt public IP's are shared with my ISP, but middle-box private IP's and/or their subnets are probably shared.
I guess in my case, DOCSIS WAN Gateway serves as DHCP server for both DOCSIS WAN and WAN, regardless of whether I use ISP-provided modem-router or personal router.
I don't know, but it isn't that uncommon for the first 1-2 hops to be ISP-owned private addresses. This is how route tracing looks like for me:
- If I place ISP router in Bridged Mode, then my personal router hops from local subnet to public subnet, but 172.16.Z.Z is always the DHCP server.
- If I place ISP router in Router Mode (Double NAT), then my personal router hops to ISP router subnet, which hops to 172.16.Z.Z subnet, then hops to 10.Z.Z.Z subnet, and only then hops to public subnet.
Basically, if I use personal router and ISP router in Router Mode (Double NAT), I hop through 3 private subnets before I get to a public address.