I have a small LAN behind a modem: Zyxel Prestige 600 series. I've set up some servers on one of my LAN computers. Port forwarding is OK, my friends can connect to the servers properly. But on any hosts in the LAN, I cannot connect to the server using the external IP of the modem (using internal IP is fine.). I've googled for a while and found that it could be my modem doesn't have loopback function.

I dont' know what the "loopback function" is, and how I know if my modem supports it or not. And if my modem does, how can I enable it (hope it's just hidden somewhere )

Please someone makes a quick explanation about the loopback function of a router and let me know if my modem supports it.

Thank you .

Here's an explaination of loopback and solution: http://www.dyndns.com/support/kb/loo...nnections.html

Thanks for your reply, Nexus. I've understood a little more about loopback, but the resolution is not very good. Using the hosts file instead of dns is not what I expect.
I've heard there' re some kinds of routers have the loopback function built-in. Please tell me how it works (basically), then we could find another solutions (better or worse, who knows ? ).
Thanks, guys.

Allowing traffic to traverse the external interface of your firewall twice isn't very secure any way. It can allow for spoofing unless very tightly configured.

Either use hosts files, or run split-view DNS.

I don't believe the traffic traverses any external interface. In a typical Linux-based iptables implementation (which is used in many commodity routers),, this is done prerouting, so it never reaches the external interface.

Some Zyxel products provide NAT loopback, but I don't think the 600 does. They can be accessed through a telnet session command line. A KB articles describes:

http://www.zyxel.com/web/support_kno...20050117110248

I agree with chort; it is better not to rely on this feature, and instead setup a split DNS or use a hosts file (easiest). Some mail servers won't use the hosts file, so you'd need split DNS in any case if you decide to run such a server.

Thanks for your replies, lads . Zyxel 600 series modems have NAT loopback function and I've enabled it via command line. (I bought the modem without any manuals :|) Everything 's fine now.

But I wonder if there're some security issues as you said. Please leave some links refer to the issues. Thanks .

PS: Configuring DNS server is a good way, though. Why didn't I think about such a simple solution like this ?

Excellent! I'm now not surprised that you were able to enable the feature; so many commodity items have hidden feature sets, often artificially suppressed to create full range of products.