General Routing Principles
Although your Cisco Security Appliance is not a router, it does need to provide certain
routing and switching functionality. Whenever your Security Appliance processes valid
traffic, it must determine which interface provides the correct path for the destination
network. It may also have to tag the traffic for the appropriate Virtual LAN (VLAN). Not
only can your Security Appliance route valid traffic, you can also configure it to forward
multicast traffic. Sending multicast traffic to a multicast broadcast address enables multiple
systems to receive a data stream that otherwise would have to be sent to each individual
system.
This chapter focuses on the following three features that enable your Cisco Security
Appliance to effectively route and switch traffic:
■ Ethernet VLAN tagging
■ IP routing
■ Multicast routing