Quick links:
Product Overview
Installation
Settings and Administration
ADSL
SIP Support
Telephone ports
Network
Firewall
Wireless
VPN
Misc
Licenses
Troubleshooting
Differences
This shows you the differences between two versions of the page.
|
web_gui:advanced_network_configuration [2010/11/09 14:09] mats |
web_gui:advanced_network_configuration [2010/12/14 16:43] (current) mats |
||
|---|---|---|---|
| Line 7: | Line 7: | ||
| ==== Add routes ==== | ==== Add routes ==== | ||
| + | {{ :web_gui:advanced_network_configuration.png?300|Advanced Network Configuration in rel 5.30}} | ||
| + | |||
| Static additions to the unit's [[wp>Routing_table|routing table]]. | Static additions to the unit's [[wp>Routing_table|routing table]]. | ||
| Use this, for example, to make a routed subnet reachable through the unit. For an 'interface route', enter '0.0.0.0' in the "Gateway" field (or leave empty) and select the interface (under "Type"). The default gateway ("Destination" = 0.0.0.0) should not be entered here, but on the [[Network page|main network page]]. | Use this, for example, to make a routed subnet reachable through the unit. For an 'interface route', enter '0.0.0.0' in the "Gateway" field (or leave empty) and select the interface (under "Type"). The default gateway ("Destination" = 0.0.0.0) should not be entered here, but on the [[Network page|main network page]]. | ||
| Line 22: | Line 24: | ||
| ==== Bridge (802.1D) WAN to ET4 ==== | ==== Bridge (802.1D) WAN to ET4 ==== | ||
| - | The mode ** Bridge: Separate IP addresses for WAN and host on ET4 ** could be thought of as connecting the hosts on the ET4 subnet, the WAN-network (internet) and the router's WAN interface to one and same ethernet switch. Thus, both the WAN interface and the ET4 hosts can get public IP addresses by DHCP. By setting the WAN interface on a manual faked IP address the router can be made not to interfer - the router will become an ordinary bridged (not firewalled) modem and the ET1-ET3 are not really used. [[wp>IEEE_802.1D|802.1D bridge]] | + | The mode ** Bridge: Separate IP addresses for WAN and host on ET4 ** could be thought of as connecting the hosts on the ET4 subnet, the WAN-network (internet) and the router's WAN interface to one and same ethernet switch. |
| + | Thus, both the WAN interface and the ET4 hosts can get public IP addresses by DHCP. | ||
| + | By setting the WAN interface on a manual faked IP address the router can be made not to interfer - the router will become an ordinary bridged (not firewalled) modem and the ET1-ET3 are not really used. [[wp>IEEE_802.1D|802.1D bridge]] | ||
| - | The mode ** Bridge: WAN and host on ET4 share the same IP address ** could be used in cases where the router should act upon some traffic (e.g. SIP in a "SIParator") but the rest should be bridged right through. And where the router is not allowed to have a public IP address of its own. The IP address is owned by the host on ET4 (the router not answering to ARP requests). Nevertheless, the router "steals" any traffic coming from Internet that match a firewall rule or a "flow" created by the router. | + | {{:web_gui:bridge_8021.jpg|}} |
| - | ** Listen to DHCP traffic ** This may be used if the host on ET4 uses dynamic address by DHCP. It will overwrite the manual IP addresses set on the Network configuration page. If "No" is selected, or the host uses static addressing, the IP address, gateway etc. must be manually entered and set to the same values as used by the host. | + | The operating mode [[network:operational_modes#WAN SIParator 2|"WAN SIParator 2"]] makes use of this kind of bridge. |
| - | ** Bridge MAC address ** In addition to a common IP address, the MAC address may need to be cloned by setting it to same as the host on ET4. If the IP address is collected automatically as above, so is also the MAC address and doesn't need to be entered here. | + | The mode ** Bridge: WAN and host on ET4 share the same IP address ** could be used in cases where the router should act upon some traffic (e.g. SIP in a [[network:operational_modes#WAN SIParator 1|"WAN SIParator 1"]]) but the rest should be bridged right through. |
| + | And where the router is not allowed to have a public IP address of its own. | ||
| + | The IP address is owned by the host on ET4 (the router not answering to ARP requests). | ||
| + | Nevertheless, the router "steals" any traffic coming from Internet that match a firewall rule or a "flow" created by the router. | ||
| + | |||
| + | ** Listen to DHCP traffic ** This may be used if the host on ET4 uses dynamic address by DHCP. | ||
| + | It will overwrite the manual IP addresses set on the Network configuration page. | ||
| + | If "No" is selected, or the host uses static addressing, the IP address, gateway etc. must be manually entered and set to the same values as used by the host. [[wp>DHCP|DHCP]] | ||
| + | |||
| + | ** Bridge MAC address ** In addition to a common IP address, the MAC address may need to be cloned by setting it to same as the host on ET4. | ||
| + | If the IP address is collected automatically as above, so is also the MAC address and doesn't need to be entered here. [[wp>MAC_address|MAC address]] | ||
| ==== ATM Encapsulation ==== | ==== ATM Encapsulation ==== | ||
| Line 43: | Line 57: | ||
| ** Default route cost ** is a way to set a kind of priority for the default gateway path, if there are several units in parallel that works as gateways to the Internet. A low cost value indicates 'prefer this router' to another router with a high cost value. Furthermore, if the WAN connectivity is lost (e.g. due to a lost ADSL link), the 'cost' of this unit is automatically raised to max value (=16), indicating that this unit should currently be avoided in preference of other routers. | ** Default route cost ** is a way to set a kind of priority for the default gateway path, if there are several units in parallel that works as gateways to the Internet. A low cost value indicates 'prefer this router' to another router with a high cost value. Furthermore, if the WAN connectivity is lost (e.g. due to a lost ADSL link), the 'cost' of this unit is automatically raised to max value (=16), indicating that this unit should currently be avoided in preference of other routers. | ||
| + | ** Authentication ** RIP Version 2 supports an authentication scheme. If used, enter a **Password** with max. 16 characters. The password is checked when receiving RIP packets, and enclosed when transmitting packets. [[http://tools.ietf.org/html/rfc2453|RIP Version 2]] | ||
| + | |||
| + | ** Accept specific routes ** Check this if the router should accept RIP routes to individual hosts (for example routes that are set up manually by the user), and not just general IP (interface) subnet routes. | ||
| + | |||
| + | ** "Poisoned reverse" flag in RFC1058 ** See the "Split horizon" section (2.2.1) in [[http://tools.ietf.org/html/rfc1058|RFC1058]]. | ||
| + | |||
| + | ==== NAT ports usage ==== | ||
| + | |||
| + | To perform NAT (Network Address Translation), source port numbers on outgoing packets are modified. | ||
| + | These numbers are selected from a pool of non-well-known port numbers. | ||
| + | This port number range can be configured by the fields **Port start number** and **Pool size**. | ||
| + | The default values should not be changed other than possibly in the [[network:operational_modes#WAN SIParator 1|"WAN SIParator 1"]] (single address [[advanced_network_configuration#Bridge (802.1D) WAN to ET4|802.1D bridge]]) mode, where there is a risk of conflicts with another router/firewall also doing NAT. [[wp>Network_address_translation|NAT]] [[wp>Port_address_translation|PAT]] | ||
