Zyxel ZyWALL-USG50 Router Manual PDF (Setup & Configuration Guide)

Page 291 / 944 Scroll up to view Page 286 - 290

Chapter 13 Policy and Static Routes

ZyWALL USG 50 User’s Guide

291

13.3

IP Static Route Screen

Click

Configuration > Network > Routing > Static Route

to open the

Static

Route

screen. This screen displays the configured static routes. Configure static

routes to be able to use RIP or OSPF to propagate the routing information to other

routers.

Figure 177

Configuration > Network > Routing > Static Route

Maximum

Bandwidth

Specify the maximum bandwidth (from 1 to 1048576) allowed for the

route in kbps. If you enter

0

here, there is no bandwidth limitation for

the route.

If the sum of the bandwidths for routes using the same next hop is

higher than the actual transmission speed, lower priority traffic may not

be sent if higher priority traffic uses all of the actual bandwidth.

To reserve bandwidth for traffic that does not match any of the policy

routes, leave some of the interface’s bandwidth unbudgeted and do not

enable

Maximize Bandwidth Usage

.

Bandwidth

Priority

Enter a number between 1 and 7 to set the priority for traffic. The

smaller the number, the higher the priority. If you set the maximum

bandwidth to

0

, the bandwidth priority will be changed to

0

after you

click

OK

. That means the route has the highest priority and will get all

the bandwidth it needs up to the maximum available.

A route with higher priority is given bandwidth before a route with lower

priority.

If you set routes to have the same priority, then bandwidth is divided

equally amongst those routes.

Maximize

Bandwidth

Usage

Select this check box to have the ZyWALL divide up all of the interface’s

unallocated and/or unused bandwidth among the policy routes that

require bandwidth. Do not select this if you want to reserve bandwidth

for traffic that does not match any of the policy routes.

OK

Click

OK

to save your changes back to the ZyWALL.

Cancel

Click

Cancel

to exit this screen without saving.

Table 77

Configuration > Network > Routing > Policy Route > Edit (continued)

LABEL

DESCRIPTION

Page 292 / 944

Chapter 13 Policy and Static Routes

ZyWALL USG 50 User’s Guide

292

The following table describes the labels in this screen.

13.3.1

Static Route Add/Edit Screen

Select a static route index number and click

Add

or

Edit

. The screen shown next

appears. Use this screen to configure the required information for a static route.

Figure 178

Configuration > Network > Routing > Static Route > Add

The following table describes the labels in this screen.

Table 78

Configuration > Network > Routing > Static Route

LABEL

DESCRIPTION

Add

Click this to create a new static route.

Edit

Double-click an entry or select it and click

Edit

to open a screen where

you can modify the entry’s settings.

Remove

To remove an entry, select it and click

Remove

. The ZyWALL confirms

you want to remove it before doing so.

#

This is the number of an individual static route.

Destination

This is the destination IP address.

Subnet Mask

This is the IP subnet mask.

Next-Hop

This is the IP address of the next-hop gateway or the interface through

which the traffic is routed. The gateway is a router or switch on the same

segment as your ZyWALL's interface(s). The gateway helps forward

packets to their destinations.

Metric

This is the route’s priority among the ZyWALL’s routes. The smaller the

number, the higher priority the route has.

Table 79

Configuration > Network > Routing > Static Route > Add

LABEL

DESCRIPTION

Destination IP

This parameter specifies the IP network address of the final destination.

Routing is always based on network number. If you need to specify a

route to a single host, use a subnet mask of 255.255.255.255 in the

subnet mask field to force the network number to be identical to the host

ID.

Subnet Mask

Enter the IP subnet mask here.

Page 293 / 944

Chapter 13 Policy and Static Routes

ZyWALL USG 50 User’s Guide

293

13.4

Policy Routing Technical Reference

Here is more detailed information about some of the features you can configure in

policy routing.

NAT and SNAT

NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP

address in a packet in one network to a different IP address in another network.

Use SNAT (Source NAT) to change the source IP address in one network to a

different IP address in another network.

Assured Forwarding (AF) PHB for DiffServ

Assured Forwarding (AF) behavior is defined in RFC 2597. The AF behavior group

defines four AF classes. Inside each class, packets are given a high, medium or

low drop precedence. The drop precedence determines the probability that routers

in the network will drop packets when congestion occurs. If congestion occurs

between classes, the traffic in the higher class (smaller numbered class) is

generally given priority. Combining the classes and drop precedence produces the

Gateway IP

Select the radio button and enter the IP address of the next-hop

gateway. The gateway is a router or switch on the same segment as your

ZyWALL's interface(s). The gateway helps forward packets to their

destinations.

Interface

Select the radio button and a predefined interface through which the

traffic is sent.

Metric

Metric represents the “cost” of transmission for routing purposes. IP

routing uses hop count as the measurement of cost, with a minimum of 1

for directly connected networks. Enter a number that approximates the

cost for this link. The number need not be precise, but it must be 0~127.

In practice, 2 or 3 is usually a good number.

OK

Click

OK

to save your changes back to the ZyWALL.

Cancel

Click

Cancel

to exit this screen without saving.

Table 79

Configuration > Network > Routing > Static Route > Add (continued)

LABEL

DESCRIPTION

Page 294 / 944

Chapter 13 Policy and Static Routes

ZyWALL USG 50 User’s Guide

294

following twelve DSCP encodings from AF11 through AF43. The decimal equivalent

is listed in brackets.

Port Triggering

Some services use a dedicated range of ports on the client side and a dedicated

range of ports on the server side. With regular port forwarding, you set the port(s)

and IP address to forward a service (coming in from the remote server) to a client

computer. The problem is that port forwarding only forwards a service to a single

IP address. In order to use the same service on a different computer, you have to

manually replace the client computer's IP address with another client computer's

IP address.

Port triggering allows the client computer to take turns using a service

dynamically. Whenever a client computer’s packets match the routing policy, it can

use the pre-defined port triggering setting to connect to the remote server without

manually configuring a port forwarding rule for each client computer.

Port triggering is used especially when the remote server responses using a

different port from the port the client computer used to request a service. The

ZyWALL records the IP address of a client computer that sends traffic to a remote

server to request a service (incoming service). When the ZyWALL receives a new

connection (trigger service) from the remote server, the ZyWALL forwards the

traffic to the IP address of the client computer that sent the request.

In the following example, you configure two services for port triggering:

Incoming service: Game (UDP: 1234)

Trigger service: Game-1 (UDP: 5670-5678)

1

Computer

A

wants to play a multiplayer online game and tries to connect to game

server

1

using port 1234. The ZyWALL records the IP address of computer

A

when

the packets match a policy with SNAT configured.

2

Game server

1

responds using a port number ranging between 5670 - 5678. The

ZyWALL allows and forwards the traffic to computer

A

.

Table 80

Assured Forwarding (AF) Behavior Group

Class 1

Class 2

Class 3

Class 4

Low Drop Precedence

AF11 (10)

AF21 (18)

AF31 (26)

AF41 (34)

Medium Drop Precedence

AF12 (12)

AF22 (20)

AF32 (28)

AF42 (36)

High Drop Precedence

AF13 (14)

AF23 (22)

AF33 (30)

AF43 (38)

Page 295 / 944

Chapter 13 Policy and Static Routes

ZyWALL USG 50 User’s Guide

295

3

Computer

A

and game server

1

are connected to each other until the connection

is closed or times out. Any other computers (such as

B

or

C

) cannot connect to

remote server

1

using the same port triggering rule as computer

A

unless they

are using a different next hop (gateway, outgoing interface, VPN tunnel or trunk)

from computer

A

or until the connection is closed or times out.

Figure 179

Trigger Port Forwarding Example

Maximize Bandwidth Usage

The maximize bandwidth usage option allows the ZyWALL to divide up any

available bandwidth on the interface (including unallocated bandwidth and any

allocated bandwidth that a policy route is not using) among the policy routes that

require more bandwidth.

When you enable maximize bandwidth usage, the ZyWALL first makes sure that

each policy route gets up to its bandwidth allotment. Next, the ZyWALL divides up

an interface’s available bandwidth (bandwidth that is unbudgeted or unused by

the policy routes) depending on how many policy routes require more bandwidth

and on their priority levels. When only one policy route requires more bandwidth,

the ZyWALL gives the extra bandwidth to that policy route.

When multiple policy routes require more bandwidth, the ZyWALL gives the

highest priority policy routes the available bandwidth first (as much as they

require, if there is enough available bandwidth), and then to lower priority policy

routes if there is still bandwidth available. The ZyWALL distributes the available

bandwidth equally among policy routes with the same priority level.

Rate

Popular Zyxel Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share