SonicOS 7 System

ARP in L2 Bridged Mode

L2 Bridged Mode employs a learning bridge design where it dynamically determines which hosts are on which interface of an L2 Bridge (referred to as a Bridge-Pair). ARP is passed through natively, meaning that a host communicating across an L2 Bridge sees the actual host MAC addresses of their peers. For example, the Workstation communicating with the Router (192.168.0.1) sees the router as 00:99:10:10:10:10, and the Router sees the Workstation (192.168.0.100) as 00:AA:BB:CC:DD:EE.

This behavior allows for a SonicWall Security Appliance operating in L2 Bridged Mode to be introduced into an existing network with no disruption to most network communications other than that caused by the momentary discontinuity of the physical insertion.

Stream-based TCP protocols communications (for example, an FTP session between a client and a server) needs to be re-established upon the insertion of an L2 Bridged Mode appliance. This is by design so as to maintain the security afforded by stateful packet inspection. As the stateful packet inspection engine cannot have knowledge of the TCP connections which preexisted it, it drops these established packets with a log event such as a TCP packet received on a nonexistent/closed connection; TCP packet dropped.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

  • Hidden
  • Hidden

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.
  • Hidden
  • Hidden