New in uOS: Route Trace Tool
Zyxel Employee
Zyxel’s latest uOS 1.32 firmware introduces a valuable diagnostic utility for administrators - the Route Trace tool. This enhancement provides deep visibility into how traffic flows through your firewall, helping quickly identify routing behavior and policy impacts.
What Is Route Trace?
Route Trace allows administrators to simulate and analyze the path of live packets originating from a specific source IP address. By matching against real routing tables, policies, and VPN tunnels, it visually confirms:
- Which outgoing interface is used.
- How policy routes and destination settings affect traffic flow.
How It Works
To use Route Trace:
- Navigate to Packet Flow Explorer.
- Input matching criteria:
- Source IP address (e.g., from your PC).
- Send live traffic packet to Destination IP address (e.g., a ping).
- Filter Protocol (e.g., ICMP).
- Click Capture.
- Observe the result:
- Outgoing interface (e.g., GE1, GE2, or VPN).
Example
Suppose a device at 192.168.11.33 attempts to ping 10.1.1.1. Based on a policy route:
- If destined for 10.1.1.1/32, traffic exits via GE1.
- If destined for 10.1.1.4/24, traffic exits via GE2.
Route Trace confirms this by displaying:
- The ICMP traffic type.
- The matched interface (GE1 or GE2).
For route-based VPNs, it will show the virtual tunnel interface (VTI) as the outbound path, while in policy-based VPNs, the physical interface (e.g., Ge1) is shown.
Note: In ZLD, packets sent through Policy-based VPN, the interface is “doll”.
Categories
- All Categories
- 431 Beta Program
- 2.6K Nebula
- 165 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 364 USG FLEX H Series
- 292 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 262 Service & License
- 407 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 83 Security Highlight