en-US
search-icon

Knowledge Base

SonicWall Default Routes explained

Description

SonicWall Default Routes explained

Resolution

Default Route Policy setting -

Device – NSA E6500
Firmware version – SonicOS Enhanced 5.6.x.x. or higher

RIP and OSPF are disabled by default. If you need to use dynamic routing, it will be necessary to enable these routing protocols on specific interfaces.

Default Route policies –

 Image

Default Routing policy – 1
 

 

#
Source
Destination
Service
Gateway
Interface
Metric
Priority
1
Any
255.255.255.255/32
Any
0.0.0.0
X0
20
1

 

In this policy, the destination is 255.255.255.255 which is a broadcast address (a broadcast address is a network address that allows information to be sent to all nodes on a network, rather than to a specific network host).
 
Gateway is ‘0.0.0.0’, (zero network or (0.0.0.0) which in Internet Protocol standards stands for this network, i.e., the local network).
 
The interface is ‘X0’, the LAN of your firewall (It’s aimed at X0 so that broadcasts should stick within that interface).
Metric is 20, which is the default for a locally attached network. Priority is 1, which means this routing policy takes precedence over remaining policies.
 

Default Routing policy – 2
 

 

#
Source
Destination
Service
Gateway
Interface
Metric
Priority
2
Any
X1 Default Gateway
Any
0.0.0.0
X1
20
2

 

In this policy, the destination is the X1 Default Gateway, firewall would use this to dictate how its gateway address is found.
 

Default Routing policy – 3 through 6
 

 

#
Source
Destination
Service
Gateway
Interface
Metric
Priority
3
Any
W0 subnet
Any
0.0.0.0
W0
20
3
4
Any
X2 Subnet
Any
0.0.0.0
X2
20
4
5
Any
LAN Primary subnet
Any
0.0.0.0
X0
20
6
6
Any
WAN Primary Subnet
Any
0.0.0.0
X1
20
7

 

The policies 3 through 6 are internal routes for the respective Interfaces (directly connected network routes,) specifying the proper interfaces for those IP subnets.


Default Routing policy – 7

 

#
Source
Destination
Service
Gateway
Interface
Metric
Priority
7
WAN Primary IP
Any
Any
X1 Default Gateway
X1
20
8

 

The policy #7 is a route which helps the WAN IP send traffic to its gateway for its own initiated traffic.


Default Routing policy – 8

 

#
Source
Destination
Service
Gateway
Interface
Metric
Priority
8
Any
0.0.0.0/0
Any
10.50.20.1
X1
20
9

 

The policy #8 is a dynamic default route which uses the Active WAN’s gateway and interface, and can change to backup ethernet or 3G / analog modem WANs based on physical or logical monitoring.


Example:

Below you will also see a route table from a simple Windows XP system w/ a single NIC, and it has many of the sames, specifically: #1 broadcast route ; #3 connected network route ; #8 default route
 

H:>ipconfig

Ethernet adapter Local Area Connection:

        Connection-specific DNS Suffix  . :

        IP Address. . . . . . . . . . . . : 10.50.22.51
        Subnet Mask . . . . . . . . . . . : 255.255.252.0
        Default Gateway . . . . . . . . . : 10.50.20.1

 

H:>route print

===========================================================================

Interface List

0x1 ........................... MS TCP Loopback interface
0x2 ...00 16 76 96 d9 cc ...... Intel(R) PRO/100 VE Network Connection - Packet Scheduler

Miniport

===========================================================================

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0       10.50.20.1     10.50.22.51       20

       10.50.20.0    255.255.252.0      10.50.22.51     10.50.22.51       20

      10.50.22.51  255.255.255.255        127.0.0.1       127.0.0.1       20

   10.255.255.255  255.255.255.255      10.50.22.51     10.50.22.51       20

        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1

        224.0.0.0        240.0.0.0      10.50.22.51     10.50.22.51       20

  255.255.255.255  255.255.255.255      10.50.22.51     10.50.22.51       1

Default Gateway:        10.50.20.1

===========================================================================

Persistent Routes:   None