beautypg.com

Amer Networks E5Web GUI User Manual

Page 258

background image

If an established connection cannot be found, then the routing table is consulted. It is important
to understand that the route lookup is performed before any of the various policy rules get
evaluated (for example, IP rules). Consequently, the destination interface is known at the time
cOS Core decides if the connection should be allowed or dropped. This design allows for a more
fine-grained control in security policies.

cOS Core Route Notation

cOS Core uses a slightly different way of describing routes compared to most other systems but
this way is easier to understand, making errors less likely.

Many other products do not use the specific interface in the routing table, but specify the IP
address of the interface instead. The routing table below is from a Microsoft Windows XP
workstation:

====================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 13 d4 51 8d dd ...... Intel(R) PRO/1000 CT Network
0x20004 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===================================================================
===================================================================
Active Routes:
Network Destination

Netmask

Gateway

Interface Metric

0.0.0.0

0.0.0.0

192.168.0.1 192.168.0.10

20

10.0.0.0

255.0.0.0

10.4.2.143

10.4.2.143

1

10.4.2.143

255.255.255.255

127.0.0.1

127.0.0.1

50

10.255.255.255

255.255.255.255

10.4.2.143

10.4.2.143

50

85.11.194.33

255.255.255.255

192.168.0.1 192.168.0.10

20

127.0.0.0

255.0.0.0

127.0.0.1

127.0.0.1

1

192.168.0.0

255.255.255.0 192.168.0.10 192.168.0.10

20

192.168.0.10

255.255.255.255

127.0.0.1

127.0.0.1

20

192.168.0.255

255.255.255.255 192.168.0.10 192.168.0.10

20

224.0.0.0

240.0.0.0

10.4.2.143

10.4.2.143

50

224.0.0.0

240.0.0.0 192.168.0.10 192.168.0.10

20

255.255.255.255

255.255.255.255

10.4.2.143

10.4.2.143

1

255.255.255.255

255.255.255.255 192.168.0.10 192.168.0.10

1

Default Gateway:

192.168.0.1

===================================================================
Persistent Routes:
None

The corresponding routing table in cOS Core will be similar to the following:

Flags Network

Iface

Gateway

Local IP

Metric

----- ------------------ -------- -------------- --------- ------

192.168.0.0/24

lan

20

10.0.0.0/8

wan

1

0.0.0.0/0

wan

192.168.0.1

20

cOS Core Route Definition Advantages

The cOS Core method of defining routes makes the reading and understanding of routing
information easier.

A further advantage with the cOS Core approach is that the administrator can directly specify a
gateway for a particular route and the following is true:

A separate route does not need to be defined that includes the gateway IP address.

Chapter 4: Routing

258

This manual is related to the following products:
See also other documents in the category Amer Networks Computer Accessories: