Install guide
1-10 Release Note
Software Version 2.7.5
C613-10454-00 REV A
The firewall shown has two public interfaces, WAN ISP1 and WAN ISP2, that
are configured for both network address translation (NAT) and for WAN load
balancing. Two translated IP addresses (i.e. NATx and NATy) are configured
for the two WAN connections ISP1 and ISP2. When the firewall receives a
packet from its private interface, it finds a route in its routing table based on the
WAN load-balancing algorithm. This route determines the public interface
from which it transmits the packet and which of the two addresses (NATx or
NATy) it attaches as the IP source address. An important aspect is that with
NAT applied, the returning packets are more likely to take the same path (via
the same ISP) as the data sent and therefore offer a degree of load balancing for
the return path. For more information on NAT, see Network Address Translation
in the Firewall chapter of your router’s Software Reference.
Operation with Policy Based Routing
Policy routing is an alternative mechanism for routing packets and is based on
policies or rules that you or your network manager have set. Because policy
routing provides dedicated routing, it does not participate in WAN load
balancing. When a packet is received via an interface with an assigned policy
filter, and the packet matches an entry in the policy filter, the routing process
will bypass the WAN load balancer and forward the packet using a route with
the same policy number specified in the matching policy filter entry. For more
information, see Policy Based Routing in the Internet Protocol (IP) chapter of
your router’s Software Reference.
Operation with Priority Based Routing
Priority based routing is used in situations where you want to route a
particular traffic type over paths other than those offering the best route. For
example, you might want to route high priority interactive traffic over the path
offering the best route, and low priority batch traffic over a path having a less
efficient route.
Before the router transmits a packet via one of its interfaces, it first checks the
packet for a match against the priority filter that is assigned to that particular
interface. If a match is found the router assigns the packet a new priority.
The IP module places packets for forwarding in a priority queue determined
by the packet’s assigned priority. Packets in higher priority queues are
forwarded ahead of packets in lower priority queues. Since WAN load
balancing is performed before packet priority assignment, both features can
work together simultaneously.
Operation with UPnP NAT Traversal
Since all UPnP related data is transmitted over a single interface, this data does
not take part in load balancing. However, the UPnP feature can operate
simultaneously with the WAN load balancer, although this data will add a
degree of imbalance to the data distribution across the WAN load balancer
interfaces.