Ip policy routing, Introduction, Benefits – ZyXEL Communications Internet Security Gateway ZyWALL 100 User Manual

ZyWALL 100 Internet Security Gateway

IP Policy Routing

25-1

Chapter 25

IP Policy Routing

This chapter covers setting and applying policies used for IP routing.

25.1 Introduction

Traditionally, routing is based on the destination address only and the ZyWALL takes the shortest path to
forward a packet. IP Policy Routing (IPPR) provides a mechanism to override the default routing behavior
and alter the packet forwarding based on the policy defined by the network administrator. Policy-based
routing is applied to incoming packets on a per interface basis, prior to the normal routing.

25.2 Benefits

• Source-Based Routing – Network administrators can use policy-based routing to direct traffic from

different users through different connections.

• Quality of Service (QoS) – Organizations can differentiate traffic by setting the precedence or ToS

(Type of Service) values in the IP header at the periphery of the network to enable the backbone to
prioritize traffic.

• Cost Savings – IPPR allows organizations to distribute interactive traffic on high-bandwidth, high-cost

paths while using low-cost paths for batch traffic.

• Load Sharing – Network administrators can use IPPR to distribute traffic among multiple paths.

25.3 Routing Policy

Individual routing policies are used as part of the overall IPPR process. A policy defines the matching
criteria and the action to take when a packet meets the criteria. The action is taken only when all the criteria
are met. The criteria include the source address and port, IP protocol (ICMP, UDP, TCP, etc.), destination
address and port, ToS and precedence (fields in the IP header) and length. The inclusion of length criterion