Single or multiple exposed hosts, Single exposed host, Single or multiple exposed hosts -3 – NETGEAR ProSafe FVX538 User Manual

Network Planning Guide for ProSafe VPN Firewall Router FVX538

Network Planning

2-3

October 2004

Figure 2-2: Dual WAN ports for load balancing

Single or Multiple Exposed Hosts

Incoming traffic from the Internet is normally discarded by the firewall unless the traffic is a
response to one of your local computers or a service that you have configured in the Inbound Rules
menu. Instead of discarding this traffic, you can have it forwarded to one or more LAN hosts on
your network. These LAN hosts are called exposed hosts.

The addressing of the router’s dual WAN port depends on the configuration being implemented:

Single Exposed Host

The Internet IP address of the router’s WAN port must be known to the public so that the public
can send incoming traffic to the exposed host when this feature is supported and enabled.

Table 2-1.

IP addressing requirements for exposed hosts in dual WAN port systems

Configuration and

WAN IP address

Single WAN Port

(reference case)

Dual WAN Port Cases

Failover

Load Balancing

Single exposed host

Fixed

Allowed

(FQDN optional)

FQDN required

Allowed

(FQDN optional)

Dynamic

FQDN required

FQDN required

FQDN required

Multiple exposed
hosts

Fixed

Address block
required

(FQDN optional)

Not allowed

a

a. Not allowed because to do so, the IP addresses of each WAN port would have to be the identical range of

fixed addresses.

Address block
required

(FQDN optional)

Dynamic

Not allowed

Not allowed

Not allowed

Router

netgear1.dyndns.org

WAN1 IP

Dual WAN Ports (Load Balancing)

WAN2 IP

netgear2.dyndns.org

Use of fully-qualified domain names for IP addresses of WAN ports:
o required for dynamic IP addresses
o optional for fixed IP addresses