You are hereIsolating a Load Balanced Connection on a Sonicwall

Isolating a Load Balanced Connection on a Sonicwall

By steve - Posted on 19 October 2012

When we were having problems testing the Comcast modem for problems, we also had some issues with testing. Whenever we tested the load balanced connection, we were never sure what connection things would go out on.

If you want to force the Sonicwall to route a particular device's traffic to a particular interface (ignoring load balancing's randomness or Sonicwall's route optimizations), then you need to create a routing rule. The rule overrides everything (until you delete the rule)...

Warning: it is very easy to set up a rule that breaks everything... your connection to the sonicwall, other users' access, etc. Be VERY careful when creating routing rules to avoid having to do a factory reset or something.

Before you add the rule, make sure your traffic is following expected behavior. I like to do a tracert to a known location: tracert to make sure I know what is happening before the change.

  • Log into the Sonicwall
  • Click Network/Routing
  • Click Add...
  • Set these settings for the rule:
    • Source: (Create new address object...)
    • Name: The name you want to use for this object (like: StevePC)
    • Zone: LAN
    • Type: Host
    • IP Address: the IP address of the device (see the next line for important information)
      Note: if you use an DHCP assigned address here, when the address is reassigned in the future (if you haven't deleted the rule) the next device to get this IP address will follow this rule. So, either manually assign the IP address to the device or make the DHCP assignment static in DHCP settings in the Sonicwall for this device. Either way, be sure to delete the special test rule when the test is done!
    • Click OK
    • Select the Source you just created (Testulator in my example)
    • Destination: Any
    • Service: Any
    • Gateway: X3 Default Gateway (because this is my comcast connection)
    • Interface: X3 (because this is my comcast connection)
    • Metric: 1
    • Comment: A note about why you are doing this... My example: "Force Steve to use comcast"
    • Disable route when interface is disconnected: Uncheck (we want to know when the interface fails, not just use the backup)
    • Allow VPN path to take precedence: Check (if you want, shouldn't matter for testing)
    • Permit TCP acceleration: Uncheck
    • Probe: None
    • Disable route when probe succeeds: Uncheck
    • Probe default state is UP: Uncheck
    • Click OK

After you add the rule, no matter what you do, all traffic from the specified device should route out through Comcast. Do the same test: tracert and you should see Comcast as the first network you hit.

Did this help you? You can help me!

Did you find this information helpful? You can help me back by linking to this page, purchasing from my sponsors, or posting a comment!

+One me on Google:

Follow me on twitter:


Affiliation Badges