Triangle Route; The "Triangle Route" Problem; Figure 109 Ideal Setup - ZyXEL Communications P-660HW-Tx v3 User Manual
802.11g wireless adsl 2+ 4-port gateway
Hide thumbs
Also See for P-660HW-Tx v3:
- User manual (438 pages) ,
- Support notes (116 pages) ,
- Quick start manual (10 pages)
Table of Contents
Advertisement
Chapter 11 Firewalls
• To selectively block/allow inbound or outbound traffic between inside host/networks and
outside host/networks. Remember that filters can not distinguish traffic originating from
an inside host or an outside host by IP address.
• The firewall performs better than filtering if you need to check many rules.
• Use the firewall if you need routine e-mail reports about your system or need to be alerted
when attacks occur.
• The firewall can block specific URL traffic that might occur in the future. The URL can be
saved in an Access Control List (ACL) database.
11.8 Triangle Route
When the firewall is on, your switch acts as a secure gateway between your LAN and the
Internet. In an ideal network topology, all incoming and outgoing network traffic passes
through the switch to protect your LAN against attacks.
Figure 109 Ideal Setup
11.8.1 The "Triangle Route" Problem
A traffic route is a path for sending or receiving data packets between two Ethernet devices.
Some companies have more than one route to one or more ISPs. If the alternate gateway is on
the LAN (and it's IP address is in the same subnet), the "triangle route" problem may occur.
The steps below describe the "triangle route" problem.
1 A computer on the LAN initiates a connection by sending out a SYN packet to a
receiving server on the WAN.
2 The switch reroutes the SYN packet through Gateway A on the LAN to the WAN.
3 The reply from the WAN goes directly to the computer on the LAN without going
through the switch.
As a result, the switch resets the connection, as the connection has not been acknowledged.
170
P-660HW-Tx v3 User's Guide
Advertisement
Table of Contents
Troubleshooting
