it's a rather new cellular gateway model, the Arcadyan KVD21. I believe it's released as of December '21 and community belief is that its end-user-facing interfaces were made very minimal and rushed because they wanted to get it to market ASAP. There are no controls on the web interface. The best you get is "set the SSID and password of the wifi". No ability to disable radios, no ability to control anything at the cellular modem, NAT, etc. levels. at all. Like I said, had to sniff out some API calls from the webpage to figure out there was more available if you can make your own http requests manually.. but even that only covered wifi radio settings.
Not to get too tangential though — is there a huge, terrible downside of double-NAT'ing?
I did it a very long time ago but I used separate subnet masks. Because I was in college, and back then no one used passwords on their routers, so leached free WIFI and I did it to keep my network off their network.
It can cause problems, your router is getting conflicting information, it has to be configured to know not to use any information, like DHCP, DNS from the WAN.
I don't remember all I needed to do.
Give me a second to see if you are in as bad a place as I think.
If you have any more trouble, try disabling !Pv6 on the gateway.
There are complaints about this thing all over and one is it does not do IPv6 and Apple is going to try anyway, the router will pass that upstream and it will hit a roadblock with the gateway.
Hah. Nice . Yeah, my situation isn't too different than a commercial free wifi source given the lack of control I have..
Router just grabs an IP from the gateway and since they're using different subnets (...12.1/24 and ...1.1/24) I think that's okay? I hard-coded the DNS servers for the router at some point apparently, so I don't know if it's actually hitting the Pihole for DNS requests directly from the router or using the 1.1.1.1 I plugged in.
I've never tried it but I suppose I could actually just disable the NAT on my router .. but yeah now I'm wondering if we should just close this down since I figured out that it is apparently reconnected (regardless of everything I felt like I was seeing before )
Yeah, that's the whole screen. I'll look at the NAT and UPnP stuff — I think the TTL questions (and the whole "special requirement from ISP" section) is probably fine but at the end of the day, I'm still not feeling any problems / issues with double-NAT'ing so I can disable NAT and pass-through to the Gateway's own NAT but as long as my P0w is connecting and behaving well, I'm probably good on my end!
E.g. I'd also be concerned that disabling NAT will push DHCP requests (and DNS requests?) up to the Gateway, which would bypass the PiHole entirely anyway
I would prefer the gateway do less if I could control it
To be fair I guess I may not totally understand what "double NAT'd" truly means but given that my LAN from my router is the 192.168.1.1/24 then the router is getting its upstream IP from the gateway also as a NAT'd LAN on 192.168.12.1/24 (shown below)
Your gateway is giving the router a WAN address from its DHCP server in its "12.XXX" address range.
Your router's address range "1.XXX" is just its default range, but you gave control to the Pi. So, you could, if you wanted, change it to any private address as long as you change the Pi-holes address range.
That is not NAT.
Nat allows one internet address to be translated into many. So the devices in local networks do not need to have an public address.
If you can actually look at the gateway, you will see address its using in public is nothing like that.
Right, exactly — the Gateway is assigned a public address (which, now that I think about it, may also be another layer of NAT in the cellular layer itself)
My public address is actually 172.58.1.1/16 (anonymized heavily), though now that I think about it there may be even another NAT setup in the cellular layer too.. But if we assume that the Gateway is 172.58.1.1/16 then it assigning my router the address 192.168.12.109/24 represents a NAT layer happening, right? The gateway has a NAT'd LAN on 192.168.12.1/24. But then my router is doing its own NAT'd LAN on 192.168.1.1/24 (e.g. my laptop's LAN IP is 192.168.1.222). Isn't that a double-NAT'd setup? Or is that something totally else.
Ah, wait I think I'm following what you're saying — since the Pi is doing all the DHCP I could virtually 'flatten' the double NAT'ing by having the Pi just give out IP's in the 12.xx range? And disable the NAT on the router? Not totally sure I'm following all of that.
If I have 5 devices on my LAN, how does the router send the correct replies to the correct device when it only has one on the internet?
It translates the address so everything gets what is supposed on the local address. The Pi-hole is assigning the address for the devices, but the router is sending packets where they are supposed to go.
That is Network Address Translation. Now what happens if two devices are doing the NAT are trying to translate, it gets double routed inside the network, from one ip range to another packets are translated and then translated again.
So in you case your gateway is on 172.58.1.1 and it gets requests on its router side from both and 192.168.12.109 (all packets get there from your ASUS router and 192,168.12.1,(router's can phone home alot, especially if they automatically upgrade firmware It has to make sure it sends those packet to the right device the router separates those requests and codes each packet for each device (yes, even itself)
However, your ASUS lan is on 192.168.1.1 and it is also translating addresses in its address range, in this case it is just 192,168.1.222 and from your Pi-hole and coding them, so they go wherever they are supposed.
If you are not having trouble, then don't worry. You have very few devices on either side.
I'll take it! And given that "the simple method" described far above for turning off the Pi works and as I've recently found, the Pi ... mysteriously is reconnecting when plugged back in is working, I think I'm in good shape now. Thanks so much for all the time and help!
I'll go ahead and close this thread at this point. I hope it's helpful for others who come along to find it! I've been playing with the Pi and router quite a bit today and still think I have some occasional transient issues where the Pi doesn't reconnect if the connection is broken, but I've also found that the results can be different when pulling out the ethernet cable from the ethernet adapter usb dongle of the P0w than when pulling out the usb dongle altogether.
I've also realized that "double NAT" is not simply having two NAT layers stacked on top of each other (after all, that is how the internet works) — it's the specific condition of having devices on both layers that try to talk to each other but can't because they're on separate LANs. So correctly, this does not match my condition.
Just for completeness, another reason for the initially lost Pi connectivity mighty be some powersavings feature of the USB host and/or Ethernet adapter, which kicked in when the carrier signal was lost but didn't wake up once the link was back up from the router end. Maybe a recent firmware update changed the situation.
it's a rather new cellular gateway model, the Arcadyan KVD21. I believe it's released as of December '21 and community belief is that its end-user-facing interfaces were made very minimal and rushed because they wanted to get it to market ASAP. There are no controls on the web interface. The best you get is "set the SSID and password of the wifi". No ability to disable radios, no ability to control anything at the cellular modem, NAT, etc. levels. at all. Like I said, had to sniff out some API calls from the webpage to figure out there was more available if you can make your own http requests manually.. but even that only covered wifi radio settings.
. Yeah, my situation isn't too different than a commercial free wifi source given the lack of control I have..
.. but yeah now I'm wondering if we should just close this down since I figured out that it is apparently reconnected (regardless of everything I felt like I was seeing before 
)
.