Interfaces, Overview – D-Link DFL-2500 User Manual
Page 57
3.3. Interfaces
3.3.1. Overview
An Interface is one of the most important logical building blocks in NetDefendOS. All network
traffic that passes through or gets terminated in the system is done so through one or several
interfaces.
An interface can be seen as a doorway for network traffic to or from the system. Thus, when traffic
enters the system through an interface, that interface would be referred to as the receiving interface
(or sometimes ingress or incoming interface). Consequently, when traffic is leaving the system, the
interface used to send the traffic is referred to as the sending interface (or sometimes egress
interface).
NetDefendOS supports a number of interface types, which can be divided into the following four
major groups:
Physical Interfaces
Each physical interface represents a physical port in a
NetDefendOS-based product. Thus, all network traffic that
originates from or is terminated in the system will eventually
pass through any of the physical interfaces.
NetDefendOS currently supports Ethernet as the only physical
interface type. For more information about Ethernet interfaces,
see Section 3.3.2, “Ethernet”.
Physical Sub-Interfaces
Some interfaces require a binding to an underlying physical
interface in order to transfer data. This group of interfaces is
called Physical Sub-Interfaces.
NetDefendOS
has
support
for
two
types
of
physical
sub-interfaces:
•
Virtual LAN (VLAN) interfaces as specified by IEEE
802.1Q. When routing IP packets over a Virtual LAN
interface, they will be encapsulated in VLAN-tagged
Ethernet frames. For more information about Virtual LAN
interfaces, please see Section 3.3.3, “VLAN”.
•
PPPoE (PPP-over-Ethernet) interfaces for connections to
PPPoE servers. For more information about PPPoE, please
see Section 3.3.4, “PPPoE”.
Tunnel Interfaces
Tunnel interfaces are used when network traffic is being
tunneled between the system and another tunnel end-point in
the network, before it gets routed to its final destination.
To accomplish tunneling, additional headers are added to the
traffic
that
is
to
be
tunneled.
Furthermore,
various
transformations can be applied to the network traffic depending
on the type of tunnel interface. When routing traffic over an
IPsec interface, for instance, the payload is usually encrypted to
achieve confidentiality.
NetDefendOS supports the following tunnel interface types:
•
IPsec interfaces are used as end-points for IPsec VPN
tunnels. For more information about IPsec VPN, please see
Section 9.3, “IPsec”.
•
PPTP/L2TP interfaces are used as end-points for PPTP or
3.3. Interfaces
Chapter 3. Fundamentals
57