Gateway Terms - CTC Union ATU-R140 User Manual

ATU-R140 ADSL Ethernet USB Router User's Guide
6.

Gateway terms

What is a firewall?
A firewall is protection between the Internet and your local network. It acts similarly to the
firewall in your car, protecting the interior of the car from the engine. Your car's firewall has
very small opening that allow desired connections from the engine into the cabin (gas pedal
connection, etc), but if something happens to your engine, you are protected.
The firewall in the Gateway is very similar. Only the desired connections that you allow are
passed through the firewall. These connections are normally originating from the local
network; such as web browsing, checking your email, downloading a file, and playing a game.
However, in some cases, you can allow incoming connections so that you can run programs
like a web server.
What is NAT?
NAT stands for Network Address Translation. Another name for it is Connection Sharing.
What does this mean? Your ISP provides you with a single network address for you to access
the Internet through. However, you may have several machines on your local network that
want to access the Internet at the same time. The Gateway provides NAT functionality that
converts your local network addresses to the single network address provided by your ISP. It
keeps track of all these connections and makes sure that the correct information gets to the
correct local machine.
Occasionally, there are certain programs that don't work well through NAT. Some games, and
some specialty applications have a bit of trouble. The Gateway contains special functionality
to handle the vast majority of these troublesome programs and games. NAT does cause
problems when you want to run a SERVER though. When running a server, please see the
DMZ section below.
What is a DMZ?
DMZ really stands for Demilitarized Zone. It is a way of separating out part of your local
network so that is more open to the Internet. Suppose that you want to run a web-server, or a
game server. Normal servers like these are blocked from working by the NAT functionality.
The solution is to "isolate" the single local computer into a DMZ. This makes the single
computer look like it is directly on the Internet, and others can access this machine.
Your machine isn't really directly connected to the Internet, and it really has an internal local
network address. When you provide the servers network address to others, you must provide
the address of the Gateway. The Gateway "fakes" the connection to your machine.
You should use the DMZ when you want to run a server that others will access from the
Internet. Internal programs and servers (like print servers, etc) should NOT be connected to
the DMZ
What is a Gateway?
The Internet is so large that a single network cannot handle all of the traffic and still deliver a
reasonable level of service. To overcome this limitation, the network is broken down into
smaller segments or subnets that can deliver good performance for the stations attached to
that segment. This segmentation solves the problem of supporting a large number of stations,
but introduces the problem of getting traffic from one subnet to another.
To accomplish this, devices called routers or gateways are placed between segments. If a
machine wishes to contact another device on the same segment, it transmits to that station
directly using a simple discovery technique. If the target station does not exist on the same
segment as the source station, then the source actually has no idea how to get to the target.
One of the configuration parameters transmitted to each network device is its default
gateway. This address is configured by the network administrators and it informs each
personal computer or other network device where to send data if the target station does not
reside on the same subnet as the source. If your machine can reach all stations on the same
subnet (usually a building or a sector within a building), but cannot communicate outside of
this area, it is usually because of an incorrectly configured default gateway.
43