Manualshelf

User guide

ManualsBrandsCheck Point Software Technologies ManualsNetworkingSafe@Office 1000NW
251252253254255256257258259260
Using Static Routes
Chapter 6: Managing Your Network 241
Using Static Routes
A static route is a setting that explicitly specifies the route to use for packets, according to
one of the following criteria:
The packet's source IP address and/or destination IP address
The network service used to send the packet
Packets that match the criteria for a specific static route are sent to the route's defined
destination, or next hop, which can be a specific gateway's IP address or an Internet
connection. Specifying an Internet connection as the static route's next hop is useful in
cases where the ISP's default gateway IP address is dynamically assigned to the gateway,
as this approach allows you to route traffic to the Internet connection by specifying its
name, instead of a static IP address.
Note: If the static route's next hop is an Internet connection that is currently
unavailable, the Safe@Office appliance sends matching traffic through the static
route with the next-lowest metric.
Packets with a source, destination, or network service that do not match any defined static
route are routed to the default gateway. To modify the default gateway, see Using a LAN
Connection on page 154.
When a static route is based on the packet's source, it is called a source route. Source
routing can be used, for example, for load balancing between two Internet connections. For
instance, if you have an Accounting department and a Marketing department, and you want
each to use a different Internet connection for outgoing traffic, you can add a static route
specifying that traffic originating from the Accounting department should be sent via
WAN1, and another static route specifying that traffic originating from the Marketing
department should be sent via WAN2.
A static route that is based on the network service used to send the packet is called a
service route. Service routing is useful for directing all traffic of a particular type to a
specific Internet connection. For example, you can choose to route all HTTP traffic to the
secondary Internet connection, while routing all other traffic to the primary Internet
connection. Service routes can be defined for network service objects, enabling you to
create routes for custom protocols and port ranges.