D-Link DFL-800-AV-12 User Manual - Page 58
Ethernet, L2TP tunnels. For more information about PPTP/L2TP
View all D-Link DFL-800-AV-12 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 58 highlights
3.3.2. Ethernet Chapter 3. Fundamentals L2TP tunnels. For more information about PPTP/L2TP, please see Section 9.5, "PPTP/L2TP". • GRE interfaces are used to establish GRE tunnels. For more information about GRE, please see Section 3.3.5, "GRE Tunnels". Even though the various types of interfaces are very different in the way they are implemented and how they work, NetDefendOS treats all interfaces as logical IP interfaces. This means that all types of interfaces can be used almost interchangeably in the various subystems and policies. The result of this is a very high flexibility in how traffic can be controlled and routed in the system. Each interface in NetDefendOS is given a unique name to be able to select it into other subsystems. Some of the interface types provide relevant default names that are possible to modify should that be needed, while other interface types require a user-provided name. Warning If an interface definition is removed from a NetDefendOS configuration, it is important to first remove or change any references to that interface. For instance rules in the IP rule set that refer to that interface should be removed or changed. The any and core interfaces In addition, NetDefendOS provides two special logical interfaces named core and any: • any represents all possible interfaces including the core interface • core indicates that it is NetDefendOS itself that will deal with the traffic. Examples of the use of core would be when the D-Link Firewall acts as a PPTP or L2TP server or is to respond to ICMP "Ping" requests. By specifying the Destination Interface of a route as core, NetDefendOS will then know that it is itself that is the ultimate destination of the traffic. 3.3.2. Ethernet The IEEE 802.3 Ethernet standard allows various devices to be attached at arbitrary points or 'ports' to a physical transport mechanism such as a coaxial cable. Using the CSMA/CD protocol, each Ethernet connected device 'listens' to the network and sends data to another connected device when no other is sending. If 2 devices broadcast simultaneously, algorithms allow them to re-send at different times. Devices broadcast data as frames and the other devices 'listen' to determine if they are the intended destination for any of these frames. A frame is a sequence of bits which specify the originating device plus the destination device, the data payload along with error checking bits. A pause between the broadcasting of individual frames allows devices time to process each frame before the next arrives and this pause becomes progressively smaller as the transmission rates get faster from normal to Fast and then Gigabit Ethernet. Each Ethernet interface in a D-Link Firewall corresponds to a physical Ethernet port in the system. The number of ports, their link speed and the way the ports are realized, is dependent on the hardware model. Note Some systems use an integrated layer 2 switch for providing additional physical Ethernet ports. Such additional ports are seen as a single interface by NetDefendOS. Ethernet Interface Names 58