Figure 4.8. Virtual Routing
When the administrator configures this in NetDefendOS, interface
If1
is made a member of
routing table
pbr1
but not
pbr2
. In other words,
If1
is explicitly associated with
pbr1
. Conversely,
interface
If2
is made a member of
pbr2
but not
pbr1
. It is this interface membership which
determines which routing table is used and this keeps the two sets of traffic totally separated.
Tip: Creating dedicated routing tables is best
In this example, the
main
routing table could have been used as one of the two routing
tables. However, it is usually better and clearer to instead create new, dedicated routing
tables with appropriate names for each separated portion of data traffic.
Reusing Private IP Addresses
An advantage of using separate routing tables on different interfaces is that internal, private IP
address ranges can be reused on different virtual systems. For example,
Department A
and
Department B
could both use the internal network
192.168.0.0/24
.
Since route lookup is done in completely separate routing tables, there are no conflicts.
VPN Tunnels are Interfaces
VPN tunnels are also considered to be interfaces in NetDefendOS and can therefore also be
associated with their own routing tables just as physical interfaces can.
This means that VPN tunnels can be logically separated from each other within NetDefendOS.
Using Loopback Interfaces
In this simple example,
loopback interfaces
were not used since there is no requirement for
Chapter 4: Routing
324
Содержание NetDefendOS
Страница 30: ...Figure 1 3 Packet Flow Schematic Part III Chapter 1 NetDefendOS Overview 30 ...
Страница 32: ...Chapter 1 NetDefendOS Overview 32 ...
Страница 144: ...Chapter 2 Management and Maintenance 144 ...
Страница 220: ... Enable DHCP passthrough Enable L2 passthrough for non IP protocols 4 Click OK Chapter 3 Fundamentals 220 ...
Страница 267: ... SourceNetwork lannet DestinationInterface any DestinationNetwork all nets 4 Click OK Chapter 3 Fundamentals 267 ...
Страница 284: ...Chapter 3 Fundamentals 284 ...
Страница 360: ...The ospf command options are fully described in the separate NetDefendOS CLI Reference Guide Chapter 4 Routing 360 ...
Страница 392: ...Chapter 4 Routing 392 ...
Страница 396: ...Web Interface 1 Go to Network Ethernet If1 2 Select Enable DHCP 3 Click OK Chapter 5 DHCP Services 396 ...
Страница 419: ... Host 2001 DB8 1 MAC 00 90 12 13 14 15 5 Click OK Chapter 5 DHCP Services 419 ...
Страница 420: ...Chapter 5 DHCP Services 420 ...
Страница 424: ...2 Now enter Name lan_Access Action Expect Interface lan Network lannet 3 Click OK Chapter 6 Security Mechanisms 424 ...
Страница 573: ...Chapter 6 Security Mechanisms 573 ...
Страница 575: ...This section describes and provides examples of configuring NAT and SAT rules Chapter 7 Address Translation 575 ...
Страница 607: ...Chapter 7 Address Translation 607 ...
Страница 666: ...Chapter 8 User Authentication 666 ...
Страница 775: ...Chapter 9 VPN 775 ...
Страница 819: ...Chapter 10 Traffic Management 819 ...
Страница 842: ...Chapter 11 High Availability 842 ...
Страница 866: ...Default Enabled Chapter 13 Advanced Settings 866 ...
Страница 879: ...Chapter 13 Advanced Settings 879 ...