What You Can Do In The Policy And Static Route Screens; What You Need To Know About Policy And Static Routing - ZyXEL Communications ZyWALL USG 300 User Manual
Unified security gateway
Hide thumbs
Also See for ZyWALL USG 300:
- User manual (1156 pages) ,
- Quick start manual (128 pages) ,
- Specifications (4 pages)
Table of Contents
Advertisement
Chapter 12 Policy and Static Routes
12.1.1 What You Can Do in the Policy and Static Route Screens
• Use the Policy Route screens (see
routes.
• Use the Static Route screens (see
routes.
12.1.2 What You Need to Know About Policy and Static Routing
Policy Routing
Traditionally, routing is based on the destination address only and the ZyWALL takes the
shortest path to forward a packet. IP Policy Routing (IPPR) provides a mechanism to override
the default routing behavior and alter the packet forwarding based on the policy defined by the
network administrator. Policy-based routing is applied to incoming packets on a per interface
basis, prior to the normal routing.
How You Can Use Policy Routing
• Source-Based Routing – Network administrators can use policy-based routing to direct
traffic from different users through different connections.
• Bandwidth Shaping – You can allocate bandwidth to traffic that matches routing policies
and prioritize traffic (however the application patrol's bandwidth management is more
flexible and recommended for TCP and UDP traffic). Use policy routes to manage other
types of traffic (like ICMP traffic) and send traffic through VPN tunnels.
Bandwidth management in policy routes has priority over application patrol
bandwidth management.
• Cost Savings – IPPR allows organizations to distribute interactive traffic on high-
bandwidth, high-cost paths while using low-cost paths for batch traffic.
• Load Sharing – Network administrators can use IPPR to distribute traffic among multiple
paths.
• NAT - The ZyWALL performs NAT by default for traffic going to or from the WAN
interfaces. A routing policy's SNAT allows network administrators to have traffic
received on a specified interface use a specified IP address as the source IP address.
• A NAT loopback policy route lets local users use a domain name to access a virtual server.
When creating a virtual server that local users will use a domain name to access, you can
select an option to configure a NAT loopback policy route.
Static Routes
The ZyWALL usually uses the default gateway to route outbound traffic from computers on
the LAN to the Internet. To have the ZyWALL send data to devices not reachable through the
default gateway, use static routes. Configure static routes if you need to use RIP or OSPF to
propagate the routing information to other routers. See
RIP and OSPF.
252
Section 12.2 on page
253) to list and configure policy
Section 12.3 on page
257) to list and configure static
Chapter 13 on page 261
ZyWALL USG 300 User's Guide
for more on
Advertisement
Table of Contents
Troubleshooting
