7.5 Policy routing
97
Figure 7.31
Policy routing — setting NAT for a reserved link
Figure 7.32
Policy routing — a link reserved for a specific server
Note:
In the second rule, automatic interface selection is used. This means that the
Internet
4Mbit
link is also used for network traffic load balancing. Email traffic is certainly still re-
spected and has higher priority on the link reserved by the first rule. This means that total
load will be efficiently balanced between both links all the time.
If you need to reserve a link
only
for a specific traffic (i.e. route other traffic through other
links), go to
Configuration
→
Interfaces
and set the speed of the link to
0 Mbit/s
. In this case
the link will not be used for load balancing. Only traffic specified in corresponding traffic rules
will be routed through it.
Example: Optimization of network traffic load balancing
WinRoute
provides two options of network traffic load balancing: per host (clients) or per con-
nection (for details, refer to chapter
). With respect to variability of applications on individ-
ual hosts and of user behavior, the best solution (more efficient use of individual links) proves
to be the option of load balancing per connection. However, this mode may encounter prob-
lems with access to services where multiple connections get established at one moment (web
pages and other web related services). The server can consider source addresses in individual
connections as connection recovery after failure (this may lead for instance to expiration of
the session) or as an attack attempt (in that case the service can get unavailable).
This problem can be bridged over by policy routing. In case of “problematic” services (e.g.
HTTP
and
HTTPS
) the load will be balanced per host, i.e. all connections from one client will
be routed through a particular Internet link so that their IP address will be identical (a single
Summary of Contents for KERIO WINROUTE FIREWALL 6
Page 1: ...Kerio WinRoute Firewall 6 Administrator s Guide Kerio Technologies s r o...
Page 157: ...12 3 Content Rating System Kerio Web Filter 157 Figure 12 7 Kerio Web Filter rule...
Page 247: ...19 4 Alerts 247 Figure 19 14 Details of a selected event...
Page 330: ...Chapter 23 Kerio VPN 330 Figure 23 55 The Paris filial office VPN server configuration...
Page 368: ...368...