Appendix b: adsl router terms, What is a firewall, What is nat – Netcom NB5 User Manual

NetComm NB5 Ethernet/USB Modem Router

YML717 Rev1

74

www.netcomm.com.au

Appendix B: ADSL Router terms

What is a firewall?

A firewall is protection between the Internet and your local network. It acts similarly to the firewall in
your car, protecting the interior of the car from the engine. Your car's firewall has very small opening
that allow desired connections from the engine into the cabin (gas pedal connection, etc), but if
something happens to your engine, you are protected.

The firewall in the ADSL Router is very similar. Only the desired connections that you allow are
passed through the firewall. These connections are normally originating from the local network; such
as web browsing, checking your email, downloading a file, and playing a game. However, in some
cases, you can allow incoming connections so that you can run programs like a web server.

What is NAT?

NAT stands for Network Address Translation. Another name for it is Connection Sharing. What does
this mean? Your ISP provides you with a single network address for you to access the Internet
through. However, you may have several machines on your local network that want to access the
Internet at the same time. The ADSL Router provides NAT functionality that converts your local
network addresses to the single network address provided by your ISP. It keeps track of all these
connections and makes sure that the correct information gets to the correct local machine.

Occasionally, there are certain programs that don't work well through NAT. Some games, and some
applications have a bit of trouble. The ADSL Router contains special functionality to handle the vast
majority of these troublesome programs and games. NAT does cause problems when you want to
run a SERVER though. When running a server, please see the DMZ section below.

What is a DMZ?

DMZ really stands for Demilitarized Zone. It is a way of separating out part of your local network so
that is more open to the Internet. Suppose that you want to run a web-server, or a game server.
Normal servers like these are blocked from working by the NAT functionality. The solution is to
"isolate" the single local computer into a DMZ. This makes the single computer look like it is directly
on the Internet, and others can access this machine.

Your machine isn't really directly connected to the Internet, and it really has an internal local network
address. When you provide the servers network address to others, you must provide the address of
the ADSL Router. The ADSL Router "fakes" the connection to your machine.

You should use the DMZ when you want to run a server that others will access from the Internet.
Internal programs and servers (like print servers, etc) should NOT be connected to the DMZ