Network > Interfaces
190
SonicOS 5.8.1 Administrator Guide
Key Concepts to Configuring L2 Bridge Mode and Transparent Mode
The following terms will be used when referring to the operation and configuration of L2 Bridge
Mode:
• L2 Bridge Mode – A method of configuring SonicWALL security appliance, which enables
the SonicWALL to be inserted inline into an existing network with absolute transparency,
beyond even that provided by Transparent Mode. Layer 2 Bridge Mode also refers to the
IP Assignment configuration that is selected for Secondary Bridge Interfaces that are
placed into a Bridge-Pair.
• Transparent Mode – A method of configuring a SonicWALL security appliance that allows
the SonicWALL to be inserted into an existing network without the need for IP
reconfiguration by spanning a single IP subnet across two or more interfaces through the
use of automatically applied ARP and routing logic.
• IP Assignment – When configuring a Trusted (LAN) or Public (DMZ) interface, the IP
Assignment for the interface can either be:
–
Static – The IP address for the interface is manually entered.
–
Transparent Mode – The IP address(es) for the interface is assigned using an Address
Object (Host, Range, or Group) that falls within the WAN Primary IP subnet, effectively
spanning the subnet from the WAN interface to the assigned interface.
–
Layer 2 Bridge Mode – An interface placed in this mode becomes the Secondary
Bridge Interface to the Primary Bridge Interface to which it is paired. The resulting
Bridge-Pair will then behave like a two-port learning bridge with full L2 transparency,
and all IP traffic that passes through will be subjected to full stateful failover and deep
packet inspection.
• Bridge-Pair – The logical interface set composed of a Primary Bridge Interface and a
Secondary Bridge Interface. The terms primary and secondary do not imply any inherent
level of operational dominance or subordination; both interfaces continue to be treated
according to their zone type, and to pass IP traffic according to their configured Access
Rules. Non-IPv4 traffic across the Bridge-Pair is controlled by the Block all non-IPv4 traffic
setting on the Secondary Bridge Interface. A system may support as many Bridge Pairs as
it has interface pairs available. In other words, the maximum number of Bridge-Pairs is
equal to ½ the number of physical interfaces on the platform. Membership in a Bridge-Pair
Mixed-Mode Operation L2 Bridge Mode can concurrently provide L2 Bridging
and conventional security appliance services, such as
routing, NA
T, VPN, and wireless operations. This
means it can be used as an L2 Bridge for one segment
of the network, while providing a complete set of
security services to the remainder of the network. This
also allows for the introduction of the SonicWALL
security appliance as a pure L2 bridge, with a smooth
migration path to full security services operation.
Wireless Layer 2 Bridging Use a single IP subnet across multiple zone types,
including LAN, WLAN, DMZ, or custom zones. This
feature allows wireless and wired clients to seamlessly
share the same network resources, including DHCP
addresses.The Layer 2 protocol can run between
paired interfaces, allowing multiple traffic types to
traverse the bridge, including broadcast and non-ip
packets.
Feature Benefit
