FreshTomato Wiki

User Tools

Site Tools

Trace:
advanced-firewall

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revisionBoth sides next revision
advanced-firewall [2022/01/21 01:55] – Added NAT loopback options, grammar hogwildadvanced-firewall [2022/01/21 02:31] – formatting hogwild
Line 29: Line 29:
 **NAT target** - Defines the way NAT is implemented for the sake of Hairpinning. Masquerade is the default however this involves an additional lookup ad the mapping of done towards an interface. SNAT is faster (if ever measurable) as the NAT mapping point directly to the destination IP hence bypassing the lookup stage. **NAT target** - Defines the way NAT is implemented for the sake of Hairpinning. Masquerade is the default however this involves an additional lookup ad the mapping of done towards an interface. SNAT is faster (if ever measurable) as the NAT mapping point directly to the destination IP hence bypassing the lookup stage.
  
-Multicast\\  {{:pasted:20220118-185509.png}}\\  **Enable IGMP proxy** - Runs the IGMP (Internet Group Management Protocol) for your router.\\  **LAN0/LAN1/LAN2/LAN3** - where enabled the bridges will partecipate in IGMP subscription using the router as a proxy between the LANs selected. This essentially allows IGMP to work between VLANs.\\  **Enable quick leave** - This is a feature of IGMP v2 and allows the router to stop streaming of the multicast IP as soon as the end device sends the quick leave IGMP packet.\\  **Custom Configuration** - This option allows you to set up some advanced parameters for the IGMP proxy daemon. Make sure to consult the official documentation.\\+ \\
  
-{{:pasted:20220118-190050.png}}\\  **Enable Udpxy** - Similarly to IGMP proxy Udpxy allows multicast communication between sender and receiver sitting in different VLANs. NOTE: since the behavior is pretty much identical you should use either but not both at the same time.\\  **Upstream interface** - leave empty for default - Defines where the stream source is expected to live.\\  **LAN0/LAN1/LAN2/LAN3** - this is where the stream clients are expected to live.\\  **Enable client statistics** - As the option suggest if enabled statistical information about the clients is collected.\\  **Max clients** - Considering this is a lightwave protocol it works well for a limited number of clients, you might want to impose a maximum number if any.\\  **Udpxy port**- This is where you can consult the Udpxy information on your router.\\+Multicast\\  {{:pasted:20220118-185509.png}}\\  \\
  
-{{:pasted:20220118-190844.png}}\\  \\+**Enable IGMP proxy** - Runs the IGMP (Internet Group Management Protocol) for your router.\\  **LAN0/LAN1/LAN2/LAN3** - where enabled the bridges will partecipate in IGMP subscription using the router as a proxy between the LANs selected. This essentially allows IGMP to work between VLANs.\\  **Enable quick leave** - This is a feature of IGMP v2 and allows the router to stop streaming of the multicast IP as soon as the end device sends the quick leave IGMP packet.\\  **Custom Configuration** - This option allows you to set up some advanced parameters for the IGMP proxy daemon. Make sure to consult the official documentation.\\ 
 + 
 + \\ 
 + 
 +{{:pasted:20220118-190050.png}}\\  \\ 
 + 
 +**Enable Udpxy** - Similarly to IGMP proxy Udpxy allows multicast communication between sender and receiver sitting in different VLANs. NOTE: since the behavior is pretty much identical you should use either but not both at the same time. 
 + 
 +**Upstream interface** - leave empty for default - Defines where the stream source is expected to live. 
 + 
 +**LAN0/LAN1/LAN2/LAN3** - this is where the stream clients are expected to live. 
 + 
 +**Enable client statistics** - As the option suggest if enabled statistical information about the clients is collected. 
 + 
 +**Max clients** - Considering this is a lightwave protocol it works well for a limited number of clients, you might want to impose a maximum number if any. 
 + 
 +**Udpxy port**- This is where you can consult the Udpxy information on your router.\\  \\ 
 + 
 +{{:pasted:20220118-190844.png}}\\
  
 **Efficient Multicast Forwarding (IGMP Snooping) -** IGMP snooping is a way to have the switch (router) facilitating the discovery of multicast (IGMP) clients. Beware that enabling IGMP snooping might interfere with some multicast-based applications/protocols. This issue is well-known, for example when using uPnP (Universal Plug 'n Play). **Efficient Multicast Forwarding (IGMP Snooping) -** IGMP snooping is a way to have the switch (router) facilitating the discovery of multicast (IGMP) clients. Beware that enabling IGMP snooping might interfere with some multicast-based applications/protocols. This issue is well-known, for example when using uPnP (Universal Plug 'n Play).
advanced-firewall.txt · Last modified: 2023/05/28 05:39 by hogwild

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki