cmangla/03.01-DSL-2520U-advanced.txt

## 03.01-DSL-2520U-advanced.txt
     Advanced Help
     * Port Forwarding
     * QoS Setup
     * Outbound Filter
     * Inbound Filter
     * DNS Setup
     * VLAN
     * Firewall & DMZ
     * Network Tools

     Port Forwarding
     ---------------

   Multiple connections are required by some applications, such as internet
   games, video conferencing, Internet telephony, and others. These
   applications have difficulties working through NAT (Network Address
   Translation). This section is used to open multiple ports or a range of
   ports in your router and redirect data through those ports to a single PC on
   your network.

     QoS Setup
     ---------

   Quality of Service (QoS) is a means of ensuring performance by prioritising
   the data packet flow for different applications. This makes it possible to
   ensure that time sensitive programs such as VoIP or Video Conferencing take
   precedence over less time sensitive programs.

   For ease of use, D-Link has set up a number of commonly used applications
   such as VoIP, FTP and MSN Messenger along with the standard ports for you to
   select just by ticking a tick box.

   More advanced controls can be set in LAN QoS.

     Inbound/Outbound Filter
     -----------------------

   Filters can be configured to manage your incoming and outgoing traffic.
   Click on the Inbound and Outbound buttons to advance to the next section for
   further configuration.

   Inbound/Outbound Filter
	  When you use the Port Triggering or Port Forwarding features to open
	  specific ports to traffic from the Internet, you could be increasing
	  the exposure of your LAN to cyberattacks from the Internet. In these
	  cases, you can use Inbound Filters to limit that exposure by
	  specifying the IP addresses of internet hosts that you trust to
	  access your LAN through the ports that you have opened. You might,
	  for example, only allow access to a game server on your home LAN from
	  the computers of friends whom you have invited to play the games on
	  that server.

	  Inbound Filters can be used for limiting access to a server on your
	  network to a system or group of systems. Filter rules can be used
	  with Port Triggering features.  Each filter can be used for several
	  functions; for example a "Game Clan" filter might allow all of the
	  members of a particular gaming group to play several different games
	  for which gaming entries have been created. At the same time an
	  "Admin" filter might only allows systems from your office network to
	  access the WAN admin pages and an FTP server you use at home. If you
	  add an IP address to a filter, the change is effected in all of the
	  places where the filter is used.

	  Outbound Filters can be used to limit LAN computer from accessing the
	  internet. Filters can be used with Port Forwarding features. Outbound
	  filter can be used in conjuction with the Inbound Filter to allow
	  incoming and restrict outgoing access when playing a game over the
	  internet or simply downloading a file.

     DNS
     ---

   DNS
	  Domain Name Server(DNS) is a server that translates URL/Domain Names
	  to the corresponding IP address. Since URL/Domain Names are
	  alphabetical, they are easier to remember. But the internet is based
	  on IP address. For example, the URL/Domain Name www.dlink.com is
	  actually 192.168.0.123.

   DDNS
	  The Dynamic DNS feature allows you to host a server (Web, FTP, Game
	  Server, etc.) using a domain name that you have purchased
	  (www.whateveryournameis.com) with your dynamically assigned IP
	  address. Most broadband Internet Service Providers assign dynamic
	  (changing) IP addresses. When you use a Dynamic DNS service provider,
	  your friends can enter your host name to connect to your server, no
	  matter what your IP address is.

     VLAN
     ----

   VLAN
	  Virtual LAN (VLAN) is a group of devices on one or more LANs that are
	  configured so that they can communicate as if they were attached to
	  the same wire, when in fact they are located on a number of different
	  LAN segments.Because VLANs are based on logical instead of physical
	  connections, it is very flexible for user/host management, bandwidth
	  allocation and resource optimization.

	  1.Port-Based VLAN: each physical switch port is configured with an
	  access list specifying membership in a set of VLANs.

	  2.ATM VLAN - using LAN Emulation (LANE) protocol to map Ethernet
	  packets into ATM cells and deliver them to their destination by
	  converting an Ethernet MAC address into an ATM address.

	  The key for the IEEE 802.1Q to perform the above functions is in its
	  tags. 802.1Q-compliant switch ports can be configured to transmit
	  tagged or untagged frames. A tag field containing VLAN (and/or 802.1p
	  priority)information can be inserted into an Ethernet frame. If a
	  port has an 802.1Q-compliant device attached (such as another
	  switch), these tagged frames can carry VLAN membership information
	  between switches, thus lettinga VLAN span multiple switches. However,
	  it is important to ensure ports with non-802.1Q-compliant devices
	  attached are configured to transmit untagged frames. Many NICs for
	  PCs and printers are not 802.1Q-compliant. If theyreceive a tagged
	  frame, they will not understand the VLAN tag and will drop the frame.
	  Also, the maximum legal Ethernet frame size for tagged frames was
	  increased in 802.1Q (and its companion, 802.3ac) from 1,518 to 1,522
	  bytes.This could cause network interface cards and older switches to
	  drop tagged frames as "oversized."

     Firewall & DMZ
     --------------

   Firewall
	  This allows you to prevent you router from Denial of Service(DOS)
	  attacks.

   DMZ Host
	  DMZ means "Demilitarized Zone." If an application has trouble working
	  from behind the router, you can expose one computer to the Internet
	  and run the application on that computer.

	  When a LAN host is configured as a DMZ host, it becomes the
	  destination for all incoming packets that do not match some other
	  incoming session or rule. If any other ingress rule is in place, that
	  will be used instead of sending packets to the DMZ host; so, an
	  active session, virtual server, active port trigger, or port
	  forwarding rule will take priority over sending a packet to the DMZ
	  host. (The DMZ policy resembles a default port forwarding rule that
	  forwards every port that is not specifically sent anywhere else.)

	  Note: Putting a computer in the DMZ may expose that computer to a
	  variety of security risks. Use of this option is only recommended as
	  a last resort.

     Network Tools
     -------------

   TR069
	  TR-069 is a WAN management protocol. A bidirectional SOAP/HTTP based
	  protocol it provides the communication between the ADSL router and an
	  Auto Configuration Server(ACS).
	Advanced Help
	* Port Forwarding
	* QoS Setup
	* Outbound Filter
	* Inbound Filter
	* DNS Setup
	* VLAN
	* Firewall & DMZ
	* Network Tools

	Port Forwarding
	---------------

	Multiple connections are required by some applications, such as internet
	games, video conferencing, Internet telephony, and others. These
	applications have difficulties working through NAT (Network Address
	Translation). This section is used to open multiple ports or a range of
	ports in your router and redirect data through those ports to a single PC on
	your network.

	QoS Setup
	---------

	Quality of Service (QoS) is a means of ensuring performance by prioritising
	the data packet flow for different applications. This makes it possible to
	ensure that time sensitive programs such as VoIP or Video Conferencing take
	precedence over less time sensitive programs.

	For ease of use, D-Link has set up a number of commonly used applications
	such as VoIP, FTP and MSN Messenger along with the standard ports for you to
	select just by ticking a tick box.

	More advanced controls can be set in LAN QoS.

	Inbound/Outbound Filter
	-----------------------

	Filters can be configured to manage your incoming and outgoing traffic.
	Click on the Inbound and Outbound buttons to advance to the next section for
	further configuration.

	Inbound/Outbound Filter
	When you use the Port Triggering or Port Forwarding features to open
	specific ports to traffic from the Internet, you could be increasing
	the exposure of your LAN to cyberattacks from the Internet. In these
	cases, you can use Inbound Filters to limit that exposure by
	specifying the IP addresses of internet hosts that you trust to
	access your LAN through the ports that you have opened. You might,
	for example, only allow access to a game server on your home LAN from
	the computers of friends whom you have invited to play the games on
	that server.

	Inbound Filters can be used for limiting access to a server on your
	network to a system or group of systems. Filter rules can be used
	with Port Triggering features. Each filter can be used for several
	functions; for example a "Game Clan" filter might allow all of the
	members of a particular gaming group to play several different games
	for which gaming entries have been created. At the same time an
	"Admin" filter might only allows systems from your office network to
	access the WAN admin pages and an FTP server you use at home. If you
	add an IP address to a filter, the change is effected in all of the
	places where the filter is used.

	Outbound Filters can be used to limit LAN computer from accessing the
	internet. Filters can be used with Port Forwarding features. Outbound
	filter can be used in conjuction with the Inbound Filter to allow
	incoming and restrict outgoing access when playing a game over the
	internet or simply downloading a file.

	DNS
	---

	DNS
	Domain Name Server(DNS) is a server that translates URL/Domain Names
	to the corresponding IP address. Since URL/Domain Names are
	alphabetical, they are easier to remember. But the internet is based
	on IP address. For example, the URL/Domain Name www.dlink.com is
	actually 192.168.0.123.

	DDNS
	The Dynamic DNS feature allows you to host a server (Web, FTP, Game
	Server, etc.) using a domain name that you have purchased
	(www.whateveryournameis.com) with your dynamically assigned IP
	address. Most broadband Internet Service Providers assign dynamic
	(changing) IP addresses. When you use a Dynamic DNS service provider,
	your friends can enter your host name to connect to your server, no
	matter what your IP address is.

	VLAN
	----

	VLAN
	Virtual LAN (VLAN) is a group of devices on one or more LANs that are
	configured so that they can communicate as if they were attached to
	the same wire, when in fact they are located on a number of different
	LAN segments.Because VLANs are based on logical instead of physical
	connections, it is very flexible for user/host management, bandwidth
	allocation and resource optimization.

	1.Port-Based VLAN: each physical switch port is configured with an
	access list specifying membership in a set of VLANs.

	2.ATM VLAN - using LAN Emulation (LANE) protocol to map Ethernet
	packets into ATM cells and deliver them to their destination by
	converting an Ethernet MAC address into an ATM address.

	The key for the IEEE 802.1Q to perform the above functions is in its
	tags. 802.1Q-compliant switch ports can be configured to transmit
	tagged or untagged frames. A tag field containing VLAN (and/or 802.1p
	priority)information can be inserted into an Ethernet frame. If a
	port has an 802.1Q-compliant device attached (such as another
	switch), these tagged frames can carry VLAN membership information
	between switches, thus lettinga VLAN span multiple switches. However,
	it is important to ensure ports with non-802.1Q-compliant devices
	attached are configured to transmit untagged frames. Many NICs for
	PCs and printers are not 802.1Q-compliant. If theyreceive a tagged
	frame, they will not understand the VLAN tag and will drop the frame.
	Also, the maximum legal Ethernet frame size for tagged frames was
	increased in 802.1Q (and its companion, 802.3ac) from 1,518 to 1,522
	bytes.This could cause network interface cards and older switches to
	drop tagged frames as "oversized."

	Firewall & DMZ
	--------------

	Firewall
	This allows you to prevent you router from Denial of Service(DOS)
	attacks.

	DMZ Host
	DMZ means "Demilitarized Zone." If an application has trouble working
	from behind the router, you can expose one computer to the Internet
	and run the application on that computer.

	When a LAN host is configured as a DMZ host, it becomes the
	destination for all incoming packets that do not match some other
	incoming session or rule. If any other ingress rule is in place, that
	will be used instead of sending packets to the DMZ host; so, an
	active session, virtual server, active port trigger, or port
	forwarding rule will take priority over sending a packet to the DMZ
	host. (The DMZ policy resembles a default port forwarding rule that
	forwards every port that is not specifically sent anywhere else.)

	Note: Putting a computer in the DMZ may expose that computer to a
	variety of security risks. Use of this option is only recommended as
	a last resort.

	Network Tools
	-------------

	TR069
	TR-069 is a WAN management protocol. A bidirectional SOAP/HTTP based
	protocol it provides the communication between the ADSL router and an
	Auto Configuration Server(ACS).