1. Home
    2. /
  2. Manuals
    3. /
  3. AirRouter
    4. /
  4. AirOS
    5. /
  5. 6
Page 26 / 38 Scroll up to view Page 21 - 25
24
Ubiquiti Networks, Inc.
Chapter 3: AirOS™
AirRouter User Guide
Private Port
The TCP/UDP port of the application
running on the host which is connected to the internal
network. The specified port will be accessible from the
external network.
Type
The L3 protocol (IP) type which needs to be
forwarded from the internal network.
Public Port
The TCP/UDP port of the AirRouter which
will accept and forward the connections from the
external network to the host connected to the internal
network.
Comments
Enter a brief description of the port
forwarding functionality such as FTP server, Web server,
or game server.
Enabled
Enables or disables the effect of the particular
port forwarding entry. All the added firewall entries are
saved in the system configuration file, however only
the enabled port forwarding entries are used on the
AirRouter.
Save your port forwarding entries by clicking
Save
or
discard your changes by clicking
Cancel
.
Auto IP Aliasing
Automatically generates an IP Address
for the corresponding WLAN/LAN interface if enabled.
The generated IP address is a unique Class B IP address
from the 169.254.X.Y range (Netmask 255.255.0.0) which is
intended for use within the same network segment only.
Auto IP always starts with 169.254.X.Y while X and Y are
last 2 digits from the MAC address of the device (i.e. if the
MAC is 00:15:6D:A3:04:FB, Generated unique Auto IP will
be 169.254.4.251).
IP Aliases
IP aliases for the internal and external network
interface can be configured. IP Aliases can be specified
using the
IP Aliases
configuration window which is opened
when you click
Configure
.
IP
The alternative IP address for the LAN or WLAN
interface, which can be used for the routing or device
management purposes.
Netmask
The network address space identifier for the
particular IP Alias.
Comments
Field used for a brief description of the
purpose of the alias.
Enabled
Enables or disables the particular IP Alias. All
added IP Aliases are saved in the system configuration
file, however only the enabled IP Aliases are active on
the AirRouter.
Newly IP Aliases can be saved by click the
Save
button
or discarded by clicking the
Cancel
button in the
Aliases
configuration window.
Multicast Routing Settings
With a multicast design, applications can send one copy
of each packet and address it to a group of computers
that want to receive it. This technique addresses packets
to a group of receivers rather than to a single receiver.
It depends on the network to forward the packets to
the hosts which need to receive them. Common routers
isolate all the broadcast (thus multicast) traffic between
the internal and external networks, however the AirRouter
provides the multicast traffic pass-through functionality.
Enable Multicast Routing
Option enables multicast
packet pass-through between internal and external
networks while the AirRouter is operating in
Router
mode.
Multicast intercommunication is based on Internet Group
Management Protocol (IGMP).
Multicast Upstream
Specify the source of Multicast
traffic, i.e. defines where multicast traffic comes from.
Firewall Settings
Firewall functionality on any router interface can be
enabled using the
Enable Firewall
option. Router Firewall
rules can be configured, enabled or disabled in the
Firewall
configuration window which is opened by clicking
Configure
.
Firewall entries can be specified by using the following
criteria:
Interface
The interface (WLAN, LAN or PPP) where
filtering of the incoming/passing-through packets is
processed.
IP Type
Sets which particular L3 protocol type (IP, ICMP,
TCP, UDP, P2P) should be filtered.
Source IP/Mask
The source IP of the packet (specified
within the packet header), usually it is the IP of the host
system which sends the packets.
Page 27 / 38
25
Ubiquiti Networks, Inc.
Chapter 3: AirOS™
AirRouter User Guide
Src Port
The source port of the TCP/UDP packet
(specified within the packet header), usually it is the port
of the host system application which sends the packets.
Destination IP/mask
The destination IP of the packet
(specified within the packet header), usually it is the IP
of the system which the packet is addressed to.
Dst Port
The destination port of the TCP/UDP packet
(specified within the packet header), usually it is the
port of the host system application which the packet is
addressed to.
Comment
Field used to enter a brief description of the
firewall entry.
On
Enables or disables the effect of the particular
firewall entry. All the added firewall entries are saved in
the system configuration file, however only the enabled
firewall entries will be active during AirRouter operation.
Not
Can be used for inverting the Source IP/mask,
Source Port, Destination IP/mask and Destination Port
filtering criteria (i.e. if not is enabled for the specified
Destination Port value 443, the filtering criteria will be
applied to all the packets sent to any Destination Port
except the 443 which is commonly used by HTTPS).
Firewall entries can be saved by clicking
Save
or discarded
by clicking
Cancel
in the
Firewall
configuration window.
All active firewall entries are stored in the FIREWALL chain
of the iptables filter table, while the device is operating
in
Router
mode. Please refer to the iptables tutorial for
detailed description of the firewall functionality in Router
mode.
Click
Change
to save the changes made on the
Network
tab.
Static Routes
In this section you can manually add static routing rules to
the System Routing Table, this allows you to specify that a
specific target IP address (es) passes through a determined
gateway. Click
Configure
to add an entry.
For each entry you must specify a valid Target Network IP,
Netmask, Gateway IP, and optionally a comment. Select
On
to enable the rule. Click
Save
to save your entries or
Cancel
to discard them.
Advanced
The
Advanced
tab handles advanced routing and wireless
settings. The advanced wireless settings should be used
by technically advanced users who have a sufficient
knowledge about wireless LAN technology. These settings
should not be changed unless you know the effect the
changes will have on your AirRouter.
Advanced Wireless Settings
The 802.11n data rates include MCS0, MCS1, MCS2, MCS3,
MCS4, MCS5, MCS6, MCS7 for 1x1 chain devices and MCS8,
MCS9, MCS10, MCS11, MCS12, MCS13, MCS, MCS15 for
2x2 chains devices. The ACK timeout has a critical impact
on performance in 802.11n outdoor links.
RTS Threshold
Determines the packet size of a
transmission and, through the use of an access point,
helps control traffic flow. The range is 0-2346 bytes, or
word “off”
. The default value is 2346 which means that RTS
is disabled.
RTS/CTS (Request to Send/Clear to Send) are the
mechanisms used by the 802.11 wireless networking
protocol to reduce frame collisions introduced by the
hidden terminal problem. RTS/CTS packet size threshold is
0-2346 bytes. If the packet size the node wants to transmit
is larger than the threshold, the RTS/CTS handshake
gets triggered. If the packet size is equal to or less than
threshold the data frame gets sent immediately.
Page 28 / 38
26
Ubiquiti Networks, Inc.
Chapter 3: AirOS™
AirRouter User Guide
System uses Request to Send/Clear to Send frames for the
handshake which provide collision reduction for access
point with hidden stations. The stations are sending a
RTS frame first while data is send only after handshake
with an AP is completed. Stations respond with the CTS
frame to the RTS which provides clear media for the
requesting station to send the data. CTS collision control
management has a time interval defined during which
all other stations hold off transmission and wait until the
requesting station finishes transmission.
Fragmentation Threshold
Specifies the maximum size
for a packet before data is fragmented into multiple
packets. The range is 256-2346 bytes, or word “off”
. Setting
the Fragmentation Threshold too low may result in poor
network performance.
The use of fragmentation can increase the reliability
of frame transmissions. When sending smaller frames,
collisions are much less likely to occur. However lower
values of the Fragmentation Threshold will result in lower
throughput as well. It is recommended that you only make
slight modifications or none at all to the Fragmentation
Threshold value. The default setting of 2346 is optimum in
most wireless network use cases.
The AirRouter has a new auto-acknowledgement
timeout algorithm which dynamically optimizes the
frame acknowledgement timeout value without user
intervention. This is a critical feature required for
stabilizing long-distance 802.11n outdoor links. The user
also has the ability to enter the value manually, but it’s not
recommended.
Distance
Specify the distance value in miles (or
kilometers) using the slider or entering the value manually.
The signal strength and throughput falls off with range.
Changing the distance value will change the ACK Timeout
to the appropriate value of the distance.
ACK Timeout
Specify the ACK Timeout. Every time the
station receives the data frame it sends an ACK frame to
the AP (if transmission errors are absent). If the station
receives no ACK frame from the AP within set timeout it
re-sends the frame. The performance drops because if too
many data frames are re-sent, thus if the timeout is set
too short or too long, it will result poor connection and
throughput performance.
Changing the ACK Timeout value will change the Distance
to the appropriate distance value for the ACK Timeout.
Auto Adjust
Control will enable the ACK Timeout
Self-Configuration feature. If enabled, ACK Timeout value
will be derived dynamically using an algorithm similar to
the Conservative Rate Algorithm (used in AirOS v3.4). It
is very recommended to use the Auto Adjust option for
802.11n.
If two or more stations are located at a considerably
different distance from the Access Point they are
associated with, the highest ACK Timeout for the farthest
station should be set on the AP side. The AirRouter
includes an improved ACK Timeout algorithm.
Aggregation
A part of the 802.11n standard that allows
sending multiple frames per single access to the medium
by combining frames together into one larger frame. It
creates the larger frame by combining smaller frames with
the same physical source and destination end points and
traffic class (i.e. QoS) into one large frame with a common
MAC header.
Frames
Determines the number of frames combined
on the new larger frame.
Bytes
Determines the size (in Bytes) of the larger frame.
Multicast Data
This option allows all the Multicast packet
pass-through functionality. By default this option is
disabled.
Enable Extra Reporting
Feature will report additional
information (i.e. Device Name) in the 802.11 management
frames. This information is commonly used for system
identification and status reporting in discovery utilities
and Router operating systems.
Enable Client Isolation
This option allows packets only
to be sent from the external network to the CPE and vice
verse (applicable for Access Point and Access Point WDS
mode only). If Client Isolation is enabled, wireless stations
connected to the same AP will not be able to interconnect
on both the layer 2 (MAC) and layer 3 (IP) level. This is
effective for associated stations and WDS peers as well.
Advanced Ethernet Settings
Enable Autonegotiation
When enabled, the device will
automatically negotiate transmission parameters with the
counterpart, such as speed and duplex. In this process, the
connected devices first share their capabilities and then
choose the fastest transmission mode they both support.
If you want to specify the values manually, disable the
Enable Autonegotiation
option and select the values:
Link Speed, Mbps
Selects the maximum transmission
link speed. There are two options: 10Mbps or 100Mbps.
If running extra long Ethernet cables, a link speed of
10Mbps could help to achieve better stability.
Enable Full Duplex
Selects the duplex mode;
if enabled, the device operates in Full Duplex
(allowing bidirectional communication in both
directions simultaneously). While disabled, the
device operates in Half-Duplex mode (allowing
bidirectional communication in both directions, but not
simultaneously and only in one direction at a time.
Page 29 / 38
27
Ubiquiti Networks, Inc.
Chapter 3: AirOS™
AirRouter User Guide
Traffic Shaping
Wireless Traffic shaping is dedicated to upstream and
downstream bandwidth control while looking from the
client (connected on the Ethernet interface) perspective.
The traffic can be limited at the AirRouter in the upload
and download direction based on a user defined rate limit.
This is layer 3 QoS.
Enable Traffic Shaping
This option will enable
bandwidth control on the device.
Incoming Traffic Limit
Specify the maximum
bandwidth value (in kilobits per second, Kbps) for traffic
passing from the wireless interface to the Ethernet
interface.
Incoming Traffic Burst
Specify the data volume (in
kilobytes) to which the Incoming Traffic Limit will not be
effective afterwards data connection is initiated.
Outgoing Traffic Limit
Specify the maximum
bandwidth value (in kilobits per second, Kbps) for traffic
passing from the Ethernet interface to the wireless
interface.
Outgoing Traffic Burst
Specify the data volume (in
kilobytes) to which the Outgoing Traffic Limit will not be
effective after data connection is initiated.
Services
The
Services
tab covers the configuration of system
management services SNMP, SSH, System Log and Ping
Watchdog.
Ping Watchdog
Ping Watchdog sets the AirRouter to continuously ping
a user defined IP address (it can be the Internet gateway
for example). If it is unable to ping under the user defined
constraints, the AirRouter will automatically reboot. This
option creates a kind of “fail-proof” mechanism.
Ping Watchdog is dedicated for continuous monitoring
of the particular connection to remote host using the
Ping tool. The Ping works by sending ICMP “echo request”
packets to the target host and listening for ICMP “echo
response” replies. If the defined number of replies is not
received, the tool reboots the device.
Enable Ping Watchdog
Enables the Ping Watchdog tool.
IP Address To Ping
Specify the IP address of the target
host which to be monitored by the Ping Watchdog tool.
Ping Interval
Specify time interval (in seconds)
between the ICMP “echo requests” are sent by the Ping
Watchdog Tool. The default value is
300
seconds.
Startup Delay
Specify initial time delay (in seconds)
until the first ICMP echo requests are sent by the Ping
Watchdog tool. The default value is
300
seconds.
The value of Startup Delay should be at least 60 seconds
as the network interface and wireless connection
initialization takes a considerable amount of time if the
device is rebooted.
Failure Count to Reboot
Specify the number of ICMP
echo response replies. If the specified number of ICMP
echo response packets is not received continuously, the
Ping Watchdog tool will reboot the device. The default
value is
3
.
SNMP Agent
Simple Network Monitor Protocol (SNMP) is used
in network management systems to monitor
network-attached devices for conditions that warrant
administrative attention. The AirRouter contains an SNMP
agent which allows it to communicate to SNMP manage
applications for network provisioning.
Page 30 / 38
28
Ubiquiti Networks, Inc.
Chapter 3: AirOS™
AirRouter User Guide
The SNMP Agent provides an interface for device
monitoring using the Simple Network Management
Protocol (an application layer protocol that facilitates the
exchange of management information between network
devices). SNMP Agent allows network administrators to
monitor network performance, find and solve network
problems. For the purpose of equipment identification,
it is always a good idea to configure SNMP agents with
contact and location information:
Enable SNMP Agent
Enables the SNMP Agent.
SNMP Community
Specify the SNMP community
string. It is required to authenticate access to MIB
objects and functions as an embedded password. The
device supports a Read-only community string that
gives read access to authorized management stations to
all the objects in the MIB except the community strings,
but does not allow write access. The AirRouter supports
SNMP v1. The default SNMP Community is
public
.
Contact
Specify the contact who that should be
notified in case an emergency situation arises.
Location
Specify the physical location of the device.
Web Server
The following Web Server parameters can be set:
Use Secure Connection (HTTPS)
If checked Web server
will use secure HTTPS mode. HTTPS mode is unchecked by
default.
Secure Server Port
Defines the Web Server TCP/IP port
Use Secure Connection (HTTPS)
is enabled.
Server Port
Web Server TCP/IP port setting while using
HTTP mode.
Session timeout
Specifies the maximum timeout before
the session expires. Once a session expires, you must login
again using the username and password.
SSH Server
The following SSH Server parameters can be set:
Enable SSH Server
This option enables SSH access to the
AirRouter.
Server Port
SSH service TCP/IP port setting.
Enable Password Authentication
When enabled, you
must authenticate using Administrator credentials in
order to grant SSH access to the device, otherwise an
Authentication Key will be required.
Authorized Keys
Click Edit to import a public key file
working to get SSH access to the device instead of using
an admin password. Click
Browse
to locate and select
the key file, then click
Import
. Click
Save
to save your
changes or
Close
to discard your changes.
Telnet Server
The following Telnet Server parameters can be set:
Enable Telnet Server
This option activates the Telnet
access to the AirOS Device.
Server Port
Telnet service TCP/IP port setting.
NTP Client
The Network Time Protocol (NTP) is a protocol for
synchronizing the clocks of computer systems over
packet-switched, variable-latency data networks. It can
be used to set the AirRouter system time. System Time
is reported next to the every System Log entry while
registering system events if the
Log
option is enabled.
Enable NTP Client
Enables the AirRouter to obtain the
system time from a time server on the Internet.
NTP Server
Specify the IP address or domain name of
the NTP Server.
System Log
Enable Log
This option enables the registration routine
of the system log messages. By default it is disabled.
Enable Remote Log
Enables the syslog remote sending
function while System log messages are sent to a
remote server specified in the
Remote Log IP Address
and
Remote Log Port
fields.
-
Remote Log IP Address
The host IP address where
syslog messages should be sent. Remote host should
be configured properly to receive syslog protocol
messages.

Rate

4.6 / 5 based on 5 votes.

Popular AirRouter Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top