Zhone 6210 ユーザーガイド
Hotwire 6210, 6211, and 6381 User’s Guide
6
Terminology
What is a firewall?
A firewall is protection between the Internet and your local network. It acts as the firewall in your car does, protecting
the interior of the car from the engine. Your car's firewall has very small opening that allow desired connections from
the engine into the cabin (gas pedal connection, etc), but if something happens to your engine, you are protected.
A firewall is protection between the Internet and your local network. It acts as the firewall in your car does, protecting
the interior of the car from the engine. Your car's firewall has very small opening that allow desired connections from
the engine into the cabin (gas pedal connection, etc), but if something happens to your engine, you are protected.
The firewall in the router is very similar. Only the connections that you allow are passed through the firewall. These
connections normally originate from the local network, such as users web browsing, checking e-mail, downloading
files, and playing games. However, you can allow incoming connections so that you can run programs like a web
server.
connections normally originate from the local network, such as users web browsing, checking e-mail, downloading
files, and playing games. However, you can allow incoming connections so that you can run programs like a web
server.
What is NAT?
NAT stands for Network Address Translation. Another name for it is Connection Sharing. What does this mean?
Your ISP provides you with a single network address to access the Internet with. However, you may have several
machines on your local network that want to access the Internet at the same time. The router provides NAT
functionality that converts your local network addresses to the single network address provided by your ISP. It keeps
track of all these connections and makes sure that the correct information gets to the correct local machine.
Occasionally, there are certain programs that don't work well through NAT. Some games and other specialty
applications have a bit of trouble. The router contains special functionality to handle the vast majority of these
troublesome programs and games. NAT does cause problems when you want to run a server. See the DMZ section
below.
NAT stands for Network Address Translation. Another name for it is Connection Sharing. What does this mean?
Your ISP provides you with a single network address to access the Internet with. However, you may have several
machines on your local network that want to access the Internet at the same time. The router provides NAT
functionality that converts your local network addresses to the single network address provided by your ISP. It keeps
track of all these connections and makes sure that the correct information gets to the correct local machine.
Occasionally, there are certain programs that don't work well through NAT. Some games and other specialty
applications have a bit of trouble. The router contains special functionality to handle the vast majority of these
troublesome programs and games. NAT does cause problems when you want to run a server. See the DMZ section
below.
What is a DMZ?
DMZ really stands for Demilitarized Zone. It is a way of separating part of your local network so that is more open to
the Internet. Suppose that you want to run a web server, or a game server. Normal servers like these are blocked from
working by the NAT functionality. The solution is to isolate the single local computer into a DMZ. This makes the
single computer look like it is directly on the Internet, and others can access this machine.
DMZ really stands for Demilitarized Zone. It is a way of separating part of your local network so that is more open to
the Internet. Suppose that you want to run a web server, or a game server. Normal servers like these are blocked from
working by the NAT functionality. The solution is to isolate the single local computer into a DMZ. This makes the
single computer look like it is directly on the Internet, and others can access this machine.
Your machine isn't really directly connected to the Internet, and it really has an internal local network address. When
you provide the server’s network address to others, you actually provide the address of the modem. The modem fakes
the connection to your machine.
you provide the server’s network address to others, you actually provide the address of the modem. The modem fakes
the connection to your machine.
You should use the DMZ when you want to run a server that others will access from the Internet. Internal programs
and servers (like print servers) should not be connected to the DMZ.
and servers (like print servers) should not be connected to the DMZ.
What is a Router?
The Internet is so large that a single network cannot handle all of the traffic and still deliver a reasonable level of
service. To overcome this limitation, the network is broken down into smaller segments or subnets that can deliver
good performance for the stations attached to that segment. This segmentation solves the problem of supporting a
large number of stations, but introduces the problem of getting traffic from one subnet to another.
service. To overcome this limitation, the network is broken down into smaller segments or subnets that can deliver
good performance for the stations attached to that segment. This segmentation solves the problem of supporting a
large number of stations, but introduces the problem of getting traffic from one subnet to another.
To accomplish this, devices called routers are placed between segments. If a machine wishes to contact another device
on the same segment, it transmits to that station directly using a simple discovery technique. If the target station does
not exist on the same segment as the source station, then the source actually has no idea how to get to the target.
on the same segment, it transmits to that station directly using a simple discovery technique. If the target station does
not exist on the same segment as the source station, then the source actually has no idea how to get to the target.
One of the configuration parameters transmitted to each network device is its default gateway. This address is
configured by the network administrators and it informs each personal computer or other network device where to
send data if the target station does not reside on the same subnet as the source. If your machine can reach all stations
on the same subnet (usually a building or a sector within a building), but cannot communicate outside of this area, it is
usually because of an incorrectly configured default gateway.
configured by the network administrators and it informs each personal computer or other network device where to
send data if the target station does not reside on the same subnet as the source. If your machine can reach all stations
on the same subnet (usually a building or a sector within a building), but cannot communicate outside of this area, it is
usually because of an incorrectly configured default gateway.
46 April 2004 6210-A2-GB21-10