Port Triggering - ZyXEL Communications ZYWALL USG 20 Manual

Chapter 13 Policy and Static Routes
following twelve DSCP encodings from AF11 through AF43. The decimal equivalent
is listed in brackets.
Table 82 Assured Forwarding (AF) Behavior Group
Low Drop Precedence
Medium Drop Precedence
High Drop Precedence

Port Triggering

Some services use a dedicated range of ports on the client side and a dedicated
range of ports on the server side. With regular port forwarding, you set the port(s)
and IP address to forward a service (coming in from the remote server) to a client
computer. The problem is that port forwarding only forwards a service to a single
IP address. In order to use the same service on a different computer, you have to
manually replace the client computer's IP address with another client computer's
IP address.
Port triggering allows the client computer to take turns using a service
dynamically. Whenever a client computer's packets match the routing poli c y, it can
use the pre-defined port triggering setting to connect to the remote server without
manually configuring a port forwarding rule for each client computer.
Port triggering is used especially when the remote server responses using a
different port from the port the client computer used to request a service. The
ZyWALL records the IP address of a client computer that sends traffic to a remote
server to request a service (incoming service). When the ZyWALL receives a new
connection (trigger service) from the remote server, the ZyWALL forwards the
traffic to the IP address of the client computer that sent the request.
In the following example, you configure two services for port triggering:
Incoming service: Game (UDP: 1234)
Trigger service: Game-1 (UDP: 5670-5678)
Computer A wants to play a multiplayer online game and tries to connect to game
1
server 1 using port 1234. The ZyWALL records the IP address of computer A when
the packets match a policy with SNAT configured.
Game server 1 responds using a port number ranging between 5670 - 5678. The
2
ZyWALL allows and forwards the traffic to computer A.
310
Class 1 Class 2
AF11 (10) AF21 (18)
AF12 (12) AF22 (20)
AF13 (14) AF23 (22)
Class 3 Class 4
AF31 (26) AF41 (34)
AF32 (28) AF42 (36)
AF33 (30) AF43 (38)
ZyWALL USG 20/20W User's Guide