Copyright 2010-2012 Obihai Technology, Inc.
16
Firewall
The firewall protects local processes and LAN side clients against certain basic threats from the WAN side (or the Internet),
such as port scanning and a DOS (Denial of Service) attack. The firewall settings also allow you to selectively turn on or off
the following related features:
NATRedirection – Supports NAT Redirection (a.k.a NAT Loopback or Hairpin) if enabled (default is disabled).
DRDOSAttackProtection – Protects against DOS attack if enabled (default is disabled).
VPNPassThrough – Blocks all VPN traffic if disabled (default is enabled).
The settings of these features will take effect only if firewall is enabled. Otherwise, they will take on their respective default
values (that is, no NATRedirection or DRDOSAttackProtection and VPNPasssThrough is allowed).
Port Forwarding
Up to 20 port forwarding rules may be defined on the OBi. For each rule a range of ports and a designated receiving LAN IP
address must be specified such that incoming traffic arriving at any of those ports on the WAN side are forwarded to the
same port at the designated IP address on the LAN side. You may also specify for each rule if it should only apply to packets
transported over UDP, TCP or both.
DMZ
The DMZ host in the router is the default LAN client address to which a packet received from the WAN side is forwarded
when the router fails to find a matching LAN IP address or matching local process to forward the packet to. Note if firewall
is enabled, that the packet is still subject to firewall inspection before forwarding to the DMZ host.
QoS
QoS (Quality of Service) refers to the prioritization of network traffic based on the type of traffic. For example, time critical
traffic such as VoIP may be allocated the highest priority so they can have a better chance of on time delivery to the
destination. On the OBi202, QoS policy applies to upstream traffic (LAN-to-WAN) only. Downstream QoS is entirely up to
the ISP / upstream routers and switches. The upstream traffic is prioritized according to its type of service as indicated by
the DiffServ/TOS bits in the IP header of each packet. In the QoS settings, you may map the 64 possible types of service to
one of the three priority classes: High, Medium and Low. You may also specify the guaranteed minimum upstream
bandwidth for each priority class. LAN side clients indicate the desired priority class of their outbound packets to the router
by marking the DiffServ/TOS bits of their packets accordingly. See the QoS Settings section for more details.
In addition to the three priority classes, a fourth priority class known as the
Restricted
class is available. The Restricted class
has the highest priority among the four classes. The guaranteed bandwidth for the Restricted class is allocated separately
with its own parameter in the configuration.
Note that the total guaranteed bandwidth allocated to all the four priority classes is equal to the total available uplink
bandwidth, which must be specified correctly in the UpStreamBandwidth parameter in the QoS settings for QoS to work
properly.
Summary of Contents for OBi110
Page 23: ...Copyright 2010 2012 Obihai Technology Inc 23...
Page 52: ...Copyright 2010 2012 Obihai Technology Inc 52...
Page 55: ...Copyright 2010 2012 Obihai Technology Inc 55...
Page 71: ...Copyright 2010 2012 Obihai Technology Inc 71...
Page 92: ...Copyright 2010 2012 Obihai Technology Inc 92...
Page 98: ...Copyright 2010 2012 Obihai Technology Inc 98 SP1 SP2 SP3 and SP4 Services...
Page 114: ...Copyright 2010 2012 Obihai Technology Inc 114...
Page 126: ...Copyright 2010 2012 Obihai Technology Inc 126...
Page 142: ...Copyright 2010 2012 Obihai Technology Inc 142...
Page 143: ...Copyright 2010 2012 Obihai Technology Inc 143...
Page 144: ...Copyright 2010 2012 Obihai Technology Inc 144...
Page 168: ...Copyright 2010 2012 Obihai Technology Inc 168...