Searching...

Matching results

    Configuring LAN Segments

    LAN segmentation, and the process of adding LAN segments, is used for advanced networking scenarios when LAN traffic must be partitioned.

    An instance where LAN segmentation can be utilized is when providing public Internet access to Wi-Fi users, such as bus passengers. In this scenario, it is important to ensure that private onboard equipment connected to the router’s Ethernet ports, such as fare boxes, remains inaccessible to Wi-Fi users. Multiple LAN segments are useful for specifying different network policies or routing rules on each segment.

    Each WAN interface (Ethernet port, Wi-Fi Access Point, and USB) can be assigned to any LAN segment that has been configured on the router. The router comes with a single LAN segment (Default-LAN) and you can create additional network segments under Network > Zone Settings > LAN Segments.

    Before deploying an Airlink OS router, it is important to review how the LAN segment(s) are configured to ensure that network traffic visibility remains as secure as possible.

    User LAN segments are those defined by a user. System LAN segments are those defined automatically by the system. The System LAN segments are not directly configureable and are used in firewall rules, Multi-WAN rules or IP Passthrough, to name a few.

    To configure a User LAN segments:

    1. Go to Networking > Zones settings > LAN Segments.

    2. Click CREATE LAN SEGMENT to create a new LAN segment, or click Edit ( ) in the table to update an existing LAN segment.

    3. Begin configuring the LAN segment. Refer to the table below for details of individual settings.

    SETTING DESCRIPTION VALUES
    Name Name assigned to this LAN segment Required for all LAN segments
    IPv4 Address Default gateway LAN address for this LAN segment IPv4 address.
    Required for all LAN segments
    IPv4 Prefix Specifies how many bits of the IP address for this LAN segment are used for the network ID 0 – 32.
    Default is 24.
    Required for all LAN segments.
    DHCPV4 SERVER

    Specifies if there is a DHCP server for IPv4 addresses
    When DHCPV4 SERVER is set to On, the following fields will appear.

    • IPv4 PRIMARY DNS - IP address of primary Domain Name System(DNS) server
    • IPv4 SECONDARY DNS - IP address of secondary Domain Name System(DNS) server

    		 On/Off.
    Default is On
    IPv4 POOL STARTING ADDRESS Required for all LAN segments. If DHCPv4 server is On, then this field is the starting IPv4 address of the pool of IP addresses available for DHCP IPv4 address
    Required for all LAN segments.
    IPv4 POOL ENDING ADDRESS Required for all LAN segments. If DHCPv4 server is On, then this field is the ending IPv4 address of the pool of IP addresses available for DHCP IPv4 address
    Required for all LAN segments.
    LEASE TIME(IN MINS) Length of time that the DHCP server will reserve an IPv4 address for a client device. This is added on to the remaining lease time of the device. 2 – 65535 mins.
    Default is 1440 mins
    IPv6 Address Default gateway LAN address for this LAN segment Double-colon notation.
    Leave blank to disable IPv6.
    IPv6 Prefix Specifies how many bits of the IP address for this LAN segment are used for the network ID. 0 – 128.
    Default is 64.
    Leave blank to disable IPv6.
    IPv6 SLAAC When enabled, SLAAC will use the device’s MAC address to create a unique interface identifier, which when combined with a network prefix forms a complete IPv6 address. On/Off.
    Default is Off
    IPv6 Proxy When enabled, allows IPv6 traffic between clients on this LAN that are connected to different interface types. E.g. allow a USBnet client to talk to an Ethernet Client. On/Off.
    Default is Off
    DHCPv6 SERVER

    Specifies if there is a DHCP server for IPv6 addresses
    When DHCPV6 SERVER is set to On, the following fields will appear.

    • IPv6 PRIMARY DNS - Double-colon notation of primary Domain Name System(DNS) server
    • IPv6 SECONDARY DNS - Double-colon notation of secondary Domain Name System(DNS) server

    		 On/Off.
    Default is Off
    BROADCAST FORWARDING IPv4 packet forwarding for broadcast traffic. Specifies if the system will forward broadcast packets it receives on one network interface to other interfaces, allowing broadcast traffic to reach other subnets or networks. On/Off.
    Default is Off
    IPv6 POOL STARTING ADDRESS If DHCPv6 server is On, then this field is the starting IPv6 address of the pool of IP addresses available for DHCP Double-colon notation.
    Leave blank to disable IPv6.
    IPv6 POOL ENDING ADDRESS If DHCPv6 server is On, then this field is the ending IPv6 address of the pool of IP addresses available for DHCP Double-colon notation.
    Leave blank to disable IPv6.
    LEASE TIME(IN MINS) Length of time that the DHCP server will reserve an IPv6 address for a client device. This is added on to the remaining lease time of the device. 2 – 65535 mins.
    Default is 1440 mins
    DHCP DNS Server DNS servers acquired through WAN links or by manually specifying primary and secondary DNS settings
    • None: LAN clients will use the router for DNS resolution. The router will act as a DNS caching sever, and will use the DNS of the current active WAN for resolution.
    • Auto: LAN clients will be given the DNS of the currently active WAN interface. This is not recommended to be used in Multi-WAN scenarios as the WAN can change at any time and clients may have stale DNS servers. This is usable in a single WAN environment.
    • Manual: manually set to use the primary/secondary user-configured values.
    • LPWA - Out-of-Band Management: Select a specific interface to use for WAN DNS resolution. Use with caution: if the interface is down or the interface DNS changes, it is up to the client to renew.
    • any available WAN interfaces, such as Wi-Fi, Cellular or Ethernet.

    TOP