Chapter 10 Routing
USG20(W)-VPN Series User’s Guide
238
10.4 Policy Routing Technical Reference
Here is more detailed information about some of the features you can configure in policy routing.
NAT and SNAT
NAT (Network Address Translation - NAT, RFC 1631) is the translation of the IP address in a packet
in one network to a different IP address in another network. Use SNAT (Source NAT) to change the
source IP address in one network to a different IP address in another network.
Assured Forwarding (AF) PHB for DiffServ
Assured Forwarding (AF) behavior is defined in RFC 2597. The AF behavior group defines four AF
classes. Inside each class, packets are given a high, medium or low drop precedence. The drop
precedence determines the probability that routers in the network will drop packets when
congestion occurs. If congestion occurs between classes, the traffic in the higher class (smaller
numbered class) is generally given priority. Combining the classes and drop precedence produces
the following twelve DSCP encodings from AF11 through AF43. The decimal equivalent is listed in
brackets.
Maximize Bandwidth Usage
The maximize bandwidth usage option allows the USG to divide up any available bandwidth on the
interface (including unallocated bandwidth and any allocated bandwidth that a policy route is not
using) among the policy routes that require more bandwidth.
When you enable maximize bandwidth usage, the USG first makes sure that each policy route gets
up to its bandwidth allotment. Next, the USG divides up an interface’s available bandwidth
(bandwidth that is unbudgeted or unused by the policy routes) depending on how many policy
routes require more bandwidth and on their priority levels. When only one policy route requires
more bandwidth, the USG gives the extra bandwidth to that policy route.
When multiple policy routes require more bandwidth, the USG gives the highest priority policy
routes the available bandwidth first (as much as they require, if there is enough available
bandwidth), and then to lower priority policy routes if there is still bandwidth available. The USG
distributes the available bandwidth equally among policy routes with the same priority level.
Table 94
Assured Forwarding (AF) Behavior Group
CLASS 1
CLASS 2
CLASS 3
CLASS 4
Low Drop Precedence
AF11 (10)
AF21 (18)
AF31 (26)
AF41 (34)
Medium Drop Precedence
AF12 (12)
AF22 (20)
AF32 (28)
AF42 (36)
High Drop Precedence
AF13 (14)
AF23 (22)
AF33 (30)
AF43 (38)
Summary of Contents for ZyWall USG20-VPN
Page 17: ...17 PART I User s Guide ...
Page 18: ...18 ...
Page 99: ...99 PART II Technical Reference ...
Page 100: ...100 ...