why cant you have more than 1 DMZ client?

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Author Message
mikeyman2171
DD-WRT Novice


Joined: 12 Mar 2007
Posts: 29
Location: Jacksonville NC

PostPosted: Fri Apr 27, 2007 22:01    Post subject: why cant you have more than 1 DMZ client? Reply with quote
I have noticed that no matter how many routers Ive looked at they have all only supported 1 DMZ client. Now I have been wondering about this for a while and Im hoping someone can come up with a good answer, Is there any thing that is preventing some one from releasing a firmware with the ability to have more than 1 DMZ client ? if not then why hasnt it been done? ( I can sure use one) and if there is what is it?
Thanks
Mike
Sponsor
h3xis
DD-WRT User


Joined: 01 Nov 2006
Posts: 132
Location: SC, USA

PostPosted: Fri Apr 27, 2007 22:05    Post subject: Reply with quote
Because it's not possible, AFAIK. What would be the point? Just set up port forwarding.
antvr
DD-WRT Novice


Joined: 27 Apr 2007
Posts: 8

PostPosted: Fri Apr 27, 2007 22:55    Post subject: Reply with quote
On Zyxel Prestige 653HWI-11 we are running our servers on public DMZ since fw P653HWI-11_V3.40(OA.4)C0_Standard.zip (2004).

The WAN is on the /30 subnet (point to point)
The DMZ is on the /29 public subnet (RFC1483 routed)
The LAN is 192.168.1.0/24

You can have IP Aliases for the LAN (and on DMZ only Zywalls) but I'm not sure about VLAN implementation. LAN/WLAN separation only on the Zywall's.

AFAIK all Zyxel 652HW/653HW and recent Zywall support the public DMZ.

Hope this helps.
frater
DD-WRT Guru


Joined: 07 Jun 2006
Posts: 2777

PostPosted: Sat Apr 28, 2007 0:44    Post subject: Reply with quote
You don't have DMZ at all on the DD-WRT.
Linksys misused the term when they should have used something like "default server"

Everything is forwarded to that IP unless another IP is defined in port forwarding.
This IP is on the LAN side.

The Zyxel however has real DMZ.
The implementation differs from device to device.
Like the real DMZ (DeMilitarized Zone) it's between the safe homeland (LAN) and the next "unsafe" country (WAN).

_________________
Asus RT16N + OTRW
Kingston 4GB USB-disk 128 MB swap + 1.4GB ext3 on /opt + 2 GB ext3 on /mnt
Copperjet 1616 modem in ZipB-config
Asterisk, pixelserv & Pound running on router
Another Asus RT16N as WDS-bridge

DD-WRT v24-sp2 vpn (c) 2010 NewMedia-NET GmbH
Release: 12/16/10 (SVN revision: 15758M)
mikeyman2171
DD-WRT Novice


Joined: 12 Mar 2007
Posts: 29
Location: Jacksonville NC

PostPosted: Sat Apr 28, 2007 20:26    Post subject: Why dont I just use port forwarding? Reply with quote
I do use port forwarding, I was just wondering if there was a reason that there wasn't more than 1 DMZ client on a router. Its more a curriousity thing than a need. The only benefit I would get from using multiple DMZ clients would be my Xbox 360 and my Vonage router would both have unrestricted access on my network. Since I already know how to forward ports it is of no real use to me.
Mike

_________________
Semper Gumby
Ubu
DD-WRT User


Joined: 10 Feb 2007
Posts: 201

PostPosted: Sat Apr 28, 2007 22:00    Post subject: Reply with quote
DMZ is really a poor way of defining the function of this feature.
As we all know, DMZ stands for ‘De-Militarized Zone’, it should be called the ‘Combat Zone’ as it leaves you directly on your public IP.

A DMZ (at least in the corporate world), is the subnet of the network that is exposed to port forwarding rules of the gateway firewall. Systems on this subnet aren’t fully exposed to the internet the way the ‘DMZ’ feature of these routers do. The ‘Private portion of a corporate network would be on a separate subnet, behind its own firewall, with no or minimal ports forwarded, and only to other subnets on the corporate net, not the Internet.

The only thing this ‘feature’ (if you can call it that) is good for is for testing for a port forwarding problem.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum