Why is SpanVA sending UDP packets to the default Gateway?

book

Article ID: 171264

calendar_today

Updated On:

Products

CASB Security Standard CASB Security Premium CASB Security Advanced CASB Audit CASB Gateway CASB Gateway Advanced Data Loss Prevention Cloud Package

Issue/Introduction

The customer wants to know why the SpanVA is sending UDP packets to the Default Gateway.

Resolution

SpanVA does a traceroute to the known GW of the network once every ten minutes, and this is done to distinguish a NAT GW from the bridged GW.  NAT and bridged GW respond differently to traceroute requests.
This is done in use case where a customer runs SpanVA with one NAT and one bridged interface, we would be able to detect the bridged interface and show its IP and corresponding GW in the Network tab on SpanVA UI.