ZyXEL Communications ZyWALL5UTM 4.0 User Manual
ZyWALL 5/35/70 Series User’s Guide
Appendix I Triangle Route
718
A
P P E N D I X
I
Triangle Route
The Ideal Setup
When the firewall is on, your ZyWALL acts as a secure gateway between your LAN and the
Internet. In an ideal network topology, all incoming and outgoing network traffic passes
through the ZyWALL to protect your LAN against attacks.
Internet. In an ideal network topology, all incoming and outgoing network traffic passes
through the ZyWALL to protect your LAN against attacks.
Figure 452 Ideal Setup
The “Triangle Route” Problem
A traffic route is a path for sending or receiving data packets between two Ethernet devices.
Some companies have more than one alternate route to one or more ISPs. If the LAN and
ISP(s) are in the same subnet, the “triangle route” problem may occur. The steps below
describe the “triangle route” problem.
Some companies have more than one alternate route to one or more ISPs. If the LAN and
ISP(s) are in the same subnet, the “triangle route” problem may occur. The steps below
describe the “triangle route” problem.
1 A computer on the LAN initiates a connection by sending out a SYN packet to a
receiving server on the WAN.
2 The ZyWALL reroutes the SYN packet through Gateway B on the LAN to the WAN.
3 The reply from the WAN goes directly to the computer on the LAN without going
through the ZyWALL.
As a result, the ZyWALL resets the connection, as the connection has not been acknowledged.