The Virtual Server option gives Internet users access to services on your LAN. This feature is useful for hosting online services such as FTP, Web, or game servers. For each Virtual Server, you define a public port on your router for redirection to an internal LAN IP Address and LAN port.
- You are hosting a Web Server on a PC that has LAN IP Address of 192.168.0.50 and your ISP is blocking Port 80.
With this Virtual Server entry, all Internet traffic on Port 8888 will be redirected to your internal web server on port 80 at IP Address 192.168.0.50.
- Name the Virtual Server (for example:
- Enter the IP Address of the machine on your LAN (for example:
- Enter the Private Port as 
- Enter the Public Port as 
- Select the Protocol (for example
- Ensure the schedule is set to
- Click to add the settings to the Virtual Servers List
- Repeat these steps for each Virtual Server Rule you wish to add. After the list is complete, click at the top of the page.
- Virtual Server Parameters
- Assign a meaningful name to the virtual server, for example
Web Server. Several well-known types of virtual server are available from the "Application Name" drop-down list. Selecting one of these entries fills some of the remaining parameters with standard values for that type of server.
- IP Address
- The IP address of the system on your internal network that will provide the virtual service, for example
192.168.0.50. You can select a computer from the list of DHCP clients in the "Computer Name" drop-down menu, or you can manually enter the IP address of the server computer.
- Traffic Type
- Select the protocol used by the service. The common choices -- UDP, TCP, and both UDP and TCP -- can be selected from the drop-down menu. To specify any other protocol, select "Other" from the list, then enter the corresponding protocol number ( 常用通訊埠查詢) in the Protocol box.
- Private Port
- The port that will be used on your internal network.
- Public Port
- The port that will be accessed from the Internet.
- Inbound Filter
- Select a filter that controls access as needed for this virtual server. If you do not see the filter you need in the list of filters, go to the Advanced → Inbound Filter screen and create a new filter.
- Select a schedule for when the service will be enabled. If you do not see the schedule you need in the list of schedules, go to the Tools → Schedules screen and create a new schedule.
- 24 -- VIRTUAL SERVERS LIST
- Use the checkboxes at the left to activate or deactivate completed Virtual Server entries.
Note: You might have trouble accessing a virtual server using its public identity (WAN-side IP-address of the gateway or its dynamic DNS name) from a machine on the LAN. Your requests may not be looped back or you may be redirected to the "Forbidden" page.
This will happen if you have an Access Control Rule configured for this LAN machine.
The requests from the LAN machine will not be looped back if Internet access is blocked at the time of access. To work around this problem, access the LAN machine using its LAN-side identity.
Requests may be redirected to the "Forbidden" page if web access for the LAN machine is restricted by an Access Control Rule. Add the WAN-side identity (WAN-side IP-address of the router or its dynamic DNS name) on the Advanced → Web Filter screen to work around this problem.
Multiple connections are required by some applications, such as internet games, video conferencing, Internet telephony, and others. These applications have difficulties working through NAT (Network Address Translation). This section is used to open multiple ports or a range of ports in your router and redirect data through those ports to a single PC on your network. You can enter ports in various formats:
Individual (80, 68, 888)
Mixed (1020-5000, 689)
- Suppose you are hosting an online game server that is running on a PC with a private IP Address of 192.168.0.50. This game requires that you open multiple ports (6159-6180, 99) on the router so Internet users can connect.
- Port Forwarding Fields
- Give the rule a name that is meaningful to you, for example
Game Server. You can also select from a list of popular games, and many of the remaining configuration values will be filled in accordingly. However, you should check whether the port values have changed since this list was created, and you must fill in the IP address field.
- IP Address
- Enter the local network IP address of the system hosting the server, for example
- TCP Ports To Open
- Enter the TCP ports to open (for example
- UDP Ports To Open
- Enter the UDP ports to open (for example
- Inbound Filter
- Select a filter that controls access as needed for this rule. If you do not see the filter you need in the list of filters, go to the Advanced → Inbound Filter screen and create a new filter.
- Select a schedule for the times when this rule is in effect. If you do not see the schedule you need in the list of schedules, go to the Tools → Schedules screen and create a new schedule.
With the above example values filled in and this Gaming Rule enabled, all TCP and UDP traffic on ports 6159 through 6180 and port 99 is passed through the router and redirected to the Internal Private IP Address of your Game Server at 192.168.0.50.
Note that different LAN computers cannot be associated with Port Forwarding rules that contain any ports in common; such rules would contradict each other.
- 24 -- Port Forwarding Rules
- Enable or disable defined rules with the checkboxes at the left.
An application rule is used to open single or multiple ports on your router when the router senses data sent to the Internet on a "trigger" port or port range. An application rule applies to all computers on your internal network.
- Parameters for an Application Rule
- You need to configure your router to allow a software application running on any computer on your network to connect to a web-based server or another user on the Internet.
- Enter a name for the Special Application Rule, for example
Game App, which will help you identify the rule in the future. Alternatively, you can select from the Application list of common applications.
- Instead of entering a name for the Special Application rule, you can select from this list of common applications, and the remaining configuration values will be filled in accordingly.
- Trigger Port
- Enter the outgoing port range used by your application (for example
- Trigger Traffic Type
- Select the outbound protocol used by your application (for example
- Firewall Port
- Enter the port range that you want to open up to Internet traffic (for example
- Firewall Traffic Type
- Select the protocol used by the Internet traffic coming back into the router through the opened port range (for example
- Select a schedule for when this rule is in effect. If you do not see the schedule you need in the list of schedules, go to the Tools → Schedules screen and create a new schedule.
With the above example application rule enabled, the router will open up a range of ports from 6000-6200 for incoming traffic from the Internet, whenever any computer on the internal network opens up an application that sends data to the Internet using a port in the range of 6500-6700.
- 24 -- Application Rules
- This section is where you define application rules. Enable or disable defined rules with the checkboxes at the left.
The The QoS Engine™ feature helps improve your network gaming performance by prioritizing the data flows of network applications.
- WAN Traffic Shaping
- Enable QoS Engine
- Enable this option for better performance and experience with online games and other interactive applications, such as VoIP.
- Automatic Uplink Speed
- When enabled, this option causes the router to automatically measure the useful uplink bandwidth each time the WAN interface is re-established (after a reboot, for example).
- Measured Uplink Speed
- This is the uplink speed measured when the WAN interface was last re-established. The value may be lower than that reported by your ISP as it does not include all of the network protocol overheads associated with your ISP's network. Typically, this figure will be between 87% and 91% of the stated uplink speed for xDSL connections and around 5 kbps lower for cable network connections.
- Manual Uplink Speed
- If Automatic Uplink Speed is disabled, this option allows you to set the uplink speed manually. Uplink speed is the speed at which data can be transferred from the router to your ISP. This is determined by your ISP. ISPs often specify speed as a downlink/uplink pair; for example, 1.5Mbps/284kbps. For this example, you would enter "284". Alternatively you can test your uplink speed with a service such as www.dslreports.com. Note however that sites such as DSL Reports, because they do not consider as many network protocol overheads, will generally note speeds slightly lower than the Measured Uplink Speed or the ISP rated speed.
The MAC address filter section can be used to filter network access by machines based on the unique MAC addresses of their network adapter(s). It is most useful to prevent unauthorized wireless devices from connecting to your network. A MAC address is a unique ID assigned by the manufacturer of the network adapter.
- 24 -- MAC Filtering Rules
- Configure MAC Filtering
- When "OFF" is selected, MAC addresses are not used to control network access. When "ALLOW" is selected, only computers with MAC addresses listed in the MAC Address List are granted network access. When "DENY" is selected, any computer with a MAC address listed in the MAC Address List is refused access to the network.
- MAC Address
- Enter the MAC address of the desired. Computers that have obtained an IP address from the router's DHCP server will be in the DHCP Client List. Select a device from the drop down menu, then click the arrow to add that device's MAC address to the list.
- Click the button to remove the MAC address from the MAC Filtering list.
The Access Control section allows you to control access in and out of devices on your network. Use this feature as Parental Controls to only grant access to approved sites, limit web access based on time or dates, and/or block access from applications such as peer-to-peer utilities or games.
- By default, the Access Control feature is disabled. If you need Access Control, check this option.
Note: When Access Control is disabled, every device on the LAN has unrestricted access to the Internet. However, if you enable Access Control, Internet access is restricted for those devices that have an Access Control Policy configured for them. All other devices have unrestricted access to the Internet.
- Policy Wizard
- The Policy Wizard guides you through the steps of defining each access control policy. A policy is the "Who, What, When, and How" of access control -- whose computer will be affected by the control, what internet addresses are controlled, when will the control be in effect, and how is the control implemented. You can define multiple policies. The Policy Wizard starts when you click the button below and also when you edit an existing policy.
- Add Policy
- Click this button to start creating a new access control policy.
- Policy Table
- This section shows the currently defined access control policies. A policy can be changed by clicking the Edit icon, or deleted by clicking the Delete icon. When you click the Edit icon, the Policy Wizard starts and guides you through the process of changing a policy. You can enable or disable specific policies in the list by clicking the "Enable" checkbox.
This section is where you add the Web sites to be used for Access Control. The Web sites listed here are used when the Web Filter option is enabled in Access Control..
- Website Filter Parameters
- Website URL/Domain
- Enter the URL (address) of the Web Site that you want to allow or deny; for example:
google.com. Do not enter the
http:// preceding the URL. Enter the most inclusive domain; for example, select allow and enter
dlink.com and access will be permitted to both
Note: Many web sites construct pages with images and content from other web sites. For example, to access
my.yahoo.com, you would need to select allow and type
- 40 -- Website Filtering Rules
- The section lists the current denied or allowed web sites.
When you use the Virtual Server, Port Forwarding, or Remote Administration features to open specific ports to traffic from the Internet, you could be increasing the exposure of your LAN to cyberattacks from the Internet. In these cases, you can use Inbound Filters to limit that exposure by specifying the IP addresses of internet hosts that you trust to access your LAN through the ports that you have opened. You might, for example, only allow access to a game server on your home LAN from the computers of friends whom you have invited to play the games on that server.
Inbound Filters can be used for limiting access to a server on your network to a system or group of systems. Filter rules can be used with Virtual Server, Gaming, or Remote Administration features. Each filter can be used for several functions; for example a "Game Clan" filter might allow all of the members of a particular gaming group to play several different games for which gaming entries have been created. At the same time an "Admin" filter might only allows systems from your office network to access the WAN admin pages and an FTP server you use at home. If you add an IP address to a filter, the change is effected in all of the places where the filter is used.
- Add/Edit Inbound Filter Rule
- Here you can add entries to the Inbound Filter Rules List below, or edit existing entries.
- Enter a name for the rule that is meaningful to you.
- The rule can either Allow or Deny messages.
- Remote IP Range
- Define the ranges of Internet addresses this rule applies to. For a single IP address, enter the same address in both the Start and End boxes. Up to eight ranges can be entered. The Enable checkbox allows you to turn on or off specific entries in the list of ranges.
- Saves the new or edited Inbound Filter Rule in the following list. When finished updating the Inbound Filter Rules List, you must still click the button at the top of the page to make the changes effective and permanent.
- Re-initializes the Add/Update area of the screen, erasing any changes that you may have made prior to clicking the Add/Update button.
- Inbound Filter Rules List
- The section lists the current Inbound Filter Rules. An Inbound Filter Rule can be changed by clicking the Edit icon, or deleted by clicking the Delete icon. When you click the Edit icon, the item is highlighted, and the "Edit Inbound Filter Rule" section is activated for editing.
In addition to the filters listed here, two predefined filters are available wherever inbound filters can be applied:
- Allow All
- Permit any WAN user to access the related capability.
- Deny All
- Prevent all WAN users from accessing the related capability. (LAN users are not affected by Inbound Filter Rules.)
The router provides a tight firewall by virtue of the way NAT works. Unless you configure the router to the contrary, the NAT does not respond to unsolicited incoming requests on any port, thereby making your LAN invisible to Internet cyberattackers. However, some network applications cannot run with a tight firewall. Those applications need to selectively open ports in the firewall to function correctly. The options on this page control several ways of opening the firewall to address the needs of specific types of applications. See also Virtual Server, Port Forwarding, Application Rules, and UPnP for related options.
- Firewall Settings
- Enable SPI
- SPI ("stateful packet inspection" also known as "dynamic packet filtering") helps to prevent cyberattacks by tracking more state per session. It validates that the traffic passing through that session conforms to the protocol. When the protocol is TCP, SPI checks that packet sequence numbers are within the valid range for the session, discarding those packets that do not have valid sequence numbers.
Whether SPI is enabled or not, the router always tracks TCP connection states and ensures that each TCP packet's flags are valid for the current state.
- NAT Endpoint Filtering
The NAT Endpoint Filtering options control how the router's NAT manages incoming connection requests to ports that are already being used.
- Endpoint Independent
- Once a LAN-side application has created a connection through a specific port, the NAT will forward any incoming connection requests with the same port to the LAN-side application regardless of their origin. This is the least restrictive option, giving the best connectivity and allowing some applications (P2P applications in particular) to behave almost as if they are directly connected to the Internet.
- Address Restricted
- The NAT forwards incoming connection requests to a LAN-side host only when they come from the same IP address with which a connection was established. This allows the remote application to send data back through a port different from the one used when the outgoing session was created.
- Port And Address Restricted
- The NAT does not forward any incoming connection requests with the same port address as an already establish connection.
Note that some of these options can interact with other port restrictions. Endpoint Independent Filtering takes priority over inbound filters or schedules, so it is possible for an incoming session request related to an outgoing session to enter through a port in spite of an active inbound filter on that port. However, packets will be rejected as expected when sent to blocked ports (whether blocked by schedule or by inbound filter) for which there are no active sessions. Port and Address Restricted Filtering ensures that inbound filters and schedules work precisely, but prevents some level of connectivity, and therefore might require the use of port triggers, virtual servers, or port forwarding to open the ports needed by the application. Address Restricted Filtering gives a compromise position, which avoids problems when communicating with certain other types of NAT router (symmetric NATs in particular) but leaves inbound filters and scheduled access working as expected.
- UDP Endpoint Filtering
- Controls endpoint filtering for packets of the UDP protocol.
- TCP Endpoint Filtering
- Controls endpoint filtering for packets of the TCP protocol.
Formerly, the terms "Full Cone", "Restricted Cone", "Port Restricted Cone" and "Symmetric" were used to refer to different variations of NATs. These terms are purposely not used here, because they do not fully describe the behavior of this router's NAT. While not a perfect mapping, the following loose correspondences between the "cone" classification and the "endpoint filtering" modes can be drawn: if this router is configured for endpoint independent filtering, it implements full cone behavior; address restricted filtering implements restricted cone behavior; and port and address restricted filtering implements port restricted cone behavior.
- Anti-Spoof checking
This mechanism protects against activity from spoofed or forged IP addresses, mainly by blocking packets appearing on interfaces and in directions which are logically not possible.
- DMZ Host
DMZ means "Demilitarized Zone." If an application has trouble working from behind the router, you can expose one computer to the Internet and run the application on that computer.
When a LAN host is configured as a DMZ host, it becomes the destination for all incoming packets that do not match some other incoming session or rule. If any other ingress rule is in place, that will be used instead of sending packets to the DMZ host; so, an active session, virtual server, active port trigger, or port forwarding rule will take priority over sending a packet to the DMZ host. (The DMZ policy resembles a default port forwarding rule that forwards every port that is not specifically sent anywhere else.)
The router provides only limited firewall protection for the DMZ host. The router does not forward a TCP packet that does not match an active DMZ session, unless it is a connection establishment packet (SYN). Except for this limited protection, the DMZ host is effectively "outside the firewall". Anyone considering using a DMZ host should also consider running a firewall on that DMZ host system to provide additional protection.
Packets received by the DMZ host have their IP addresses translated from the WAN-side IP address of the router to the LAN-side IP address of the DMZ host. However, port numbers are not translated; so applications on the DMZ host can depend on specific port numbers.
The DMZ capability is just one of several means for allowing incoming requests that might appear unsolicited to the NAT. In general, the DMZ host should be used only if there are no other alternatives, because it is much more exposed to cyberattacks than any other system on the LAN. Thought should be given to using other configurations instead: a virtual server, a port forwarding rule, or a port trigger. Virtual servers open one port for incoming sessions bound for a specific application (and also allow port redirection and the use of ALGs). Port forwarding is rather like a selective DMZ, where incoming traffic targeted at one or more ports is forwarded to a specific LAN host (thereby not exposing as many ports as a DMZ host). Port triggering is a special form of port forwarding, which is activated by outgoing traffic, and for which ports are only forwarded while the trigger is active.
Few applications truly require the use of the DMZ host. Following are examples of when a DMZ host might be required:
- A host needs to support several applications that might use overlapping ingress ports such that two port forwarding rules cannot be used because they would potentially be in conflict.
- To handle incoming connections that use a protocol other than ICMP, TCP, UDP, and IGMP (also GRE and ESP, when these protocols are enabled by the PPTP and IPSec ALGs ).
- Enable DMZ
Note: Putting a computer in the DMZ may expose that computer to a variety of security risks. Use of this option is only recommended as a last resort.
- DMZ IP Address
- Specify the LAN IP address of the LAN computer that you want to have unrestricted Internet communication. If this computer obtains its address Automatically using DHCP, then you may want to make a static reservation on the Basic → Network Settings page so that the IP address of the DMZ computer does not change.
- Application Level Gateway (ALG) Configuration
- Here you can enable or disable ALGs. Some protocols and
applications require special handling of the IP payload to make
them work with network address translation (NAT). Each ALG
provides special handling for a specific protocol or application.
A number of ALGs for common applications are enabled by default.
- Allows multiple machines on the LAN to connect to their
corporate networks using PPTP protocol. When the PPTP ALG is
enabled, LAN computers can establish PPTP VPN connections either
with the same or with different VPN servers. When the PPTP ALG
is disabled, the router allows VPN operation in a restricted way
-- LAN computers are typically able to establish VPN tunnels to
different VPN Internet servers but not to the same server. The
advantage of disabling the PPTP ALG is to increase VPN
performance. Enabling the PPTP ALG also allows incoming VPN
connections to a LAN side VPN server (refer to
Advanced→Virtual Server ).
- IPSec (VPN)
- Allows multiple VPN clients to connect to their corporate
networks using IPSec. Some VPN clients support traversal of
IPSec through NAT. This option may interfere with the operation
of such VPN clients. If you are having trouble connecting with
your corporate network, try disabling this option.
Check with the system administrator of your corporate network
whether your VPN client supports NAT traversal.
Note that L2TP VPN connections typically use IPSec to secure
the connection. To achieve multiple VPN pass-through in this
case, the IPSec ALG must be enabled.
- Allows applications that use Real Time Streaming Protocol to
receive streaming media from the internet. QuickTime and Real
Player are some of the common applications using this protocol.
- Allows devices and applications using VoIP (Voice over IP)
to communicate across NAT. Some VoIP applications and devices
have the ability to discover NAT devices and work around them.
This ALG may interfere with the operation of such devices. If
you are having trouble making VoIP calls, try turning this ALG
Specifies whether the entry will be enabled or disabled.
The IP address of packets that will take this route.
One bits in the mask specify which bits of the IP address must match.
Specifies the next hop to be taken if this route is used. A gateway of 0.0.0.0 implies there is no next hop, and the IP address matched is directly connected to the router on the interface specified: WAN.
The route metric is a value from 1 to 16 that indicates the cost of using this route. A value of 1 is the lowest cost, and 15 is the highest cost. A value of 16 indicates that the route is not reachable from this router. When trying to reach a particular destination, computers on your network will select the best route, ignoring unreachable routes.
Specifies the interface -- WAN -- that the IP packet must use to transit out of the router, when this route is used.
- Transmit Power
- Normally the wireless transmitter operates at 100% power. In some circumstances, however, there might be a need to isolate specific frequencies to a smaller area. By reducing the power of the radio, you can prevent transmissions from reaching beyond your corporate/home office or designated wireless area.
- Beacon Period
- Beacons are packets sent by a wireless router to synchronize wireless devices. Specify a Beacon Period value between 20 and 1000. The default value is set to 100 milliseconds.
- RTS Threshold
- When an excessive number of wireless packet collisions are occurring, wireless performance can be improved by using the RTS/CTS (Request to Send/Clear to Send) handshake protocol. The wireless transmitter will begin to send RTS frames (and wait for CTS) when data frame size in bytes is greater than the RTS Threshold. This setting should remain at its default value of 2346.
- Fragmentation Threshold
- Wireless frames can be divided into smaller units (fragments) to improve performance in the presence of RF interference and at the limits of RF coverage. Fragmentation will occur when frame size in bytes is greater than the Fragmentation Threshold. This setting should remain at its default value of 2346. Setting the Fragmentation value too low may result in poor performance.
- DTIM Interval
- A DTIM is a countdown informing clients of the next window for listening to broadcast and multicast messages. When the wireless router has buffered broadcast or multicast messages for associated clients, it sends the next DTIM with a DTIM Interval value. Wireless clients detect the beacons and awaken to receive the broadcast and multicast messages. The default value is 1. Valid settings are between 1 and 255.
- WLAN Partition
- Enabling WLAN Partition prevents associated wireless clients from communicating with each other.
- WMM Enable
- Enabling WMM can help control latency and jitter when transmitting multimedia content over a wireless connection.
- Short GI
- Using a short (400ns) guard interval can increase throughput. However, it can also increase error rate in some installations, due to increased sensitivity to radio-frequency reflections. Select the option that works best for your installation.
- Extra Wireless Protection
- Extra protection for neighboring 11b wireless networks. Turn this option off to reduce the adverse effect of legacy wireless networks on 802.11n performance. This option is available only when 802.11 Mode is set to 802.11n only or 802.11g only.
- UPnP is short for Universal Plug and Play, which is a networking architecture that provides compatibility among networking equipment, software, and peripherals. This router has optional UPnP capability, and can work with other UPnP devices and software.
- Enable UPnP
- If you need to use the UPnP functionality, you can enable it here.
- WAN Ping
- Pinging public WAN IP addresses is a common method used by hackers to test whether your WAN IP address is valid.
- Enable WAN Ping Respond
- If you leave this option unchecked, you are causing the router to ignore
ping commands for the public WAN IP address of the router.
- WAN Port Speed
- Normally, this is set to "auto". If you have trouble connecting to the WAN, try the other settings.
- Multicast Streams
- The router uses the IGMP protocol to support efficient multicasting -- transmission of identical content, such as multimedia, from a source to a number of recipients.
- Enable Multicast Streams
- This option must be enabled if any applications on the LAN participate in a multicast group. If you have a multimedia LAN application that is not receiving content as expected, try enabling this option.
- The IPv6 (Internet Protocol version 6) section is where
you configure your IPv6 Connection type.
- IPv6 Connection Type
- There are several connection types to choose from: Link-local,
Static IP v6, DHCPv6, Stateless Autoconfiguration, PPPoE, IPv6
in IPv4 Tunnel and 6to4. If you are unsure of your connection
method, please contact your IPv6 Internet Service Provider.
Note: If using the PPPoE option, you will need to ensure that
any PPPoE client software on your computers is removed or
- Link-local Mode
- Link-local address is used by nodes and routers when
communicating with neighboring nodes on the same link.
This mode enables IPv6-capable devices to communicate
with each other in the LAN side.
- Static IP v6 Mode
- Used when your ISP provides you a set IPv6 address that
does not change. The IPv6 information is manually entered
in your IPv6 configuration settings. You must enter the
IPv6 address, Subnet Prefix Length, Default Gateway, Primary
DNS Server, and Secondary DNS Server. Your ISP provides
you with all of this information.
- DHCPv6 Mode
- A method of connection where the ISP assigns your IPv6
address when your router requests one from the ISP's server.
Some ISP's require you to make some settings on your side
before your router can connect to the IPv6 Internet.
- Select this option if your ISP requires you to use a
PPPoE (Point to Point Protocol over Ethernet) connection
to IPv6 Internet. DSL providers typically use this option.
This method of connection requires you to enter a Username
and Password (provided by your Internet
Service Provider) to gain access to the IPv6 Internet.
The supported authentication protocols are PAP and CHAP.
Dynamic IP: If the ISP's
servers assign the router's WAN IPv6 addressing upon
establishing a connection, select this option.
Static IP : If your ISP has
assigned a fixed IPv6 address, select this option. The
ISP provides the value for the IPv6
Service Name: Some ISP's
may require that you enter a Service Name. Only enter
a Service Name if your ISP requires one.
Reconnect Mode: Typically
PPPoE connections are not always on. The D-Link router
allows you to set the reconnection mode. The settings
- Always on: A connection
to the Internet is always maintained.
- On demand: A connection
to the Internet is made as needed.
- Manual: You have to open
up the Web-based management interface and click the
Connect button manually any time that you wish to
connect to the Internet.
Maximum Idle Time: Time interval
the machine can be idle before the WAN link is disconnected.
The Maximum Idle Time value is only used for the "On
demand" and "Manual" reconnect modes.
- IPv6 in IPv4 Tunnel Mode
- IPv6 in IPv4 tunneling is the encapsulation of IPv6 packets
in IPv4 packets so that IPv6 packets can be sent over an IPv4
- 6to4 Mode
- 6to4 is an IPv6 address assignment and automatic tunneling
technology that used to provide unicast IPv6 connectivity
between IPv6 sites and hosts across the IPv4 Internet.
- The following options apply to all WAN modes.
- Primary DNS Server, Secondary DNS Server: Enter the IPv6 addresses of the DNS Servers. Leave the field for the secondary server empty if not used.
- LAN IPv6 Address Setting
- These are the settings of the LAN (Local Area Network) IPv6
interface for the router. The router's LAN IPv6 Address is configured
based on the IPv6 Address and Subnet assigned by your ISP. (A
subnet with prefix /64 is supported in LAN.)
- LAN Address Autoconfiguration Settings
- Use this section to setup IPv6 Autoconfiguration to assign
IPv6 address to the computers on your local network. A Stateless
and a Stateful Autoconfiguration method are provided.
- Enable Autoconfiguration
- These two values (from and to) define a range of IPv6
addresses that the DHCPv6 Server uses when assigning addresses
to computers and devices on your Local Area Network. Any
addresses that are outside of this range are not managed
by the DHCPv6 Server; these could, therefore, be used for
manually configured devices or devices that cannot use DHCPv6
to obtain network address details automatically.
- When you selected Stateful (DHCPv6), the following options
- The computers (and other devices) connected to your LAN
also need to have their TCP/IP configuration set to "DHCPv6"
or "Obtain an IPv6 address automatically".
- IPv6 Address Range (DHCPv6)
- Once your D-Link router is properly configured and this
option is enabled, the router will manage the IPv6 addresses
and other network configuration information for computers
and other devices connected to your Local Area Network.
There is no need for you to do this yourself.
- It is possible for a computer or device that is manually
configured to have an IPv6 address that does reside within
- IPv6 Address Lifetime
- The amount of time that a computer may have an IPv6 address before it is required to renew the lease.