Sonicwall Tz and Comcast Business Ethernet Dedicated Internet (EDI) circuits:

MS500

Hello All,

We have configured the TZ series to connect to the Comcast EDI circuits with WAN Bloc (/30) and LAN block for /29 or larger with no problem. We used the "Routed Mode" in SonicWall to accomplish that. However, recently I have noticed that Comcast has started configuring a /29 WAN Block instead of the traditional point-to-point connection (/30). Can we use the same Routed Mode method for /29 WAN block? In other words, use one of the addresses on the WAN block for the WAN port on the Sonicwall and just ignore the rest of the addresses? Has anybody done similar configuration. Are there any pitfalls doing that? Any suggestion is greatly appreciated.

Cheers,

Arkwright

If your question boils down to "can I use a /29 instead of a /30?", then the answer is of course "yes". If you're only using one IP ["just ignore the rest"] then the size of netmask is irrelevant so long as you have sufficient quantity of IPs.

MS500

Thank you for your response. The number of Public IPs is limited by the size of the LAN Block. Because remember, Comcast delivers a Layer 2 service and for every WAN IP that you use you need a Layer 3 device to route your LAN Block IPs. I guess I don't understand the advantages of a /29 WAN block and was wondering whether anybody has configured SonicWall for this kind of setup.

Thanks.

Arkwright

You cannot use routed mode with only a single routeable subnet. But if you only need one IP it doesn't matter.

With a /29 on your WAN interface you can use the spare IP addresses in NAT policies. As an example, you could have your guest wifi go out to the internet NATed to a different public IP to your corporate networks.