P a g e
|
48
GWN7000 User Manual
Version 1.0.6.28
Policy Routing
Feature Overview
The Policy-based Routing feature allows a network administrator to make advanced routing decisions for
traffic passing through the router. This feature allows for high granularity control over policies that dictate
what WAN port, and even VPN tunnel, traffic should use. Traffic controlled this way can be balanced across
multiple WANs or VPNs or to have complex failover designs.
Locally generated traffic can be globally routed via the policy selected under the menu “
Router
→
WAN
→
Global
Settings
” in order to dictate to the router either to use failover or load-balancing for locally generated
packets.
Creating/Configuring Routing Policies
The basic flow for traffic handled by policy-based routing in GWN7000 is as follows:
•
Traffic matched with a specific iptables rule is marked to be used with a Policy.
•
The policy contains a list of members that can be used by the policy.
•
These members point to a specific interface and define a metric or weight assigned to them which
can be used for determining load balancing and failover behavior.
•
The interface can be any outgoing interface (WAN or VPN) and must be assigned a metric.
•
The router then handles the routing of matched traffic to the appropriate routing tables for each
member interface for that Policy.
In order to properly implement this feature, the old per-zone and per-wan routing table design has been
removed and reworked to only use the main table. In addition, the Inter-group Traffic Forwarding is being
removed in favor of
automatically
creating more configurable Firewall Forwarding rules.
In order to configure a new routing policy, first users need to create members under the menu
Routing
→
Policy
Routing
→
Members
.
Click on
button to create a new member, and configure its related metric and weight: