Filter
Top Products
Network > Interfaces
192
SonicOS 5.8.1 Administrator Guide
–
Wireless services with SonicPoints, where communications will occur between wireless
clients and hosts on the Bridge-Pair.
Comparing L2 Bridge Mode to Transparent Mode
This comparison of L2 Bridge Mode to Transparent Mode contains the following sections:
• “ARP in Transparent Mode” on page 192
• “VLAN Support in Transparent Mode” on page 193
• “Multiple Subnets in Transparent Mode” on page 193
• “Non-IPv4 Traffic in Transparent Mode” on page 193
• “Simple Transparent Mode Topology” on page 194
• “ARP in L2 Bridge Mode” on page 194
• “VLAN Support in L2 Bridge Mode” on page 195
• “L2 Bridge IP Packet Path” on page 195
• “Multiple Subnets in L2 Bridge Mode” on page 197
• “Non-IPv4 Traffic in L2 Bridge Mode” on page 197
• “Comparison of L2 Bridge Mode to Transparent Mode” on page 197
• “Benefits of Transparent Mode over L2 Bridge Mode” on page 199
• “Comparing L2 Bridge Mode to the CSM Appliance” on page 199
While Transparent Mode allows a security appliance
running SonicOS Enhanced to be
introduced into an existing network without the need for re-addressing, it presents a certain
level of disruptiveness, particularly with regard to ARP, VLAN support, multiple subnets, and
non-IPv4 traffic types. Consider the diagram below, in a scenario where a Transparent Mode
SonicWALL appliance has just been added to the network with a goal of minimally disruptive
integration, particularly:
• Negligible or no unscheduled downtime
• No need to re-address any portion of the network
• No need reconfigure or otherwise modify the gateway router (as is common when the router
is owned by the ISP)
ARP in Transparent Mode
ARP – Address Resolution Protocol (the mechanism by which unique hardware addresses on
network interface cards are associated to IP addresses) is proxied in Transparent Mode. If the
Workstation on Server on the left had previously resolved the Router (192.168.0.1) to its MAC
address 00:99:10:10:10:10, this cached ARP entry would have to be cleared before these hosts
could communicate through the SonicWALL. This is because the SonicWALL proxies (or
answers on behalf of) the gateway’s IP (192.168.0.1) for hosts connected to interfaces
operating in Transparent Mode. So when the Workstation at the left attempts to resolve
192.168.0.1, the ARP request it sends is responded to by the SonicWALL with its own X0 MAC
address (00:06:B1:10:10:10).
The SonicWALL also proxy ARPs the IP addresses specified in the Transparent Range
(192.168.0.100 to 192.168.0.250) assigned to an interface in Transparent Mode for ARP
requests received on the X1 (Primary WAN) interface. If the Router had previously resolved the
Server (192.168.0.100) to its MAC address 00:AA:BB:CC:DD:EE, this cached ARP entry would
have to be cleared before the router could communicate with the host through the SonicWALL.
This typically requires a flushing of the router’s ARP cache either from its management