Network Planning Guide for ProSafe VPN Firewall Router FVX538
Network Planning 2-3
October 2004
Figure 2-2: Dual WAN ports for load balancing
Single or Multiple Exposed Hosts
Incoming traffic from the Internet is normally discarded by the firewall unless the traffic is a
response to one of your local computers or a service that you have configured in the Inbound Rules
menu. Instead of discarding this traffic, you can have it forwarded to one or more LAN hosts on
your network. These LAN hosts are called exposed hosts.
The addressing of the router’s dual WAN port depends on the configuration being implemented:
Single Exposed Host
The Internet IP address of the router’s WAN port must be known to the public so that the public
can send incoming traffic to the exposed host when this feature is supported and enabled.
Table 2-1. IP addressing requirements for exposed hosts in dual WAN port systems
Configuration and
WAN IP address
Single WAN Port
(reference case)
Dual WAN Port Cases
Failover Load Balancing
Single exposed host Fixed Allowed
(FQDN optional)
FQDN required Allowed
(FQDN optional)
Dynamic FQDN required FQDN required FQDN required
Multiple exposed
hosts
Fixed Address block
required
(FQDN optional)
Not allowed
a
a. Not allowed because to do so, the IP addresses of each WAN port would have to be the identical range of
fixed addresses.
Address block
required
(FQDN optional)
Dynamic Not allowed Not allowed Not allowed
Router
netgear1.dyndns.org
WAN1 IP
Dual WAN Ports (Load Balancing)
WAN2 IP
netgear2.dyndns.org
Useof fully-qualifieddomainnames forIPaddresses ofWAN ports:
o requiredfor dynamicIPaddresses
o optional forfixedIPaddresses