Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Router Ranker

Click for Router Ranker

NAS Charts

Click for NAS Charts

NAS Ranker

Click for NAS Ranker

More Tools

Click for More Tools

LAN & WAN Reviews

VLANs and QoS

SonicWALL includes VLAN functionality for the TZ 190 with their PortShield feature. PortShields are user-created virtual interfaces that enable control over the switch ports on the TZ 190. The TZ 190 has eight switch ports, which in default configuration are all part of a single VLAN. Separating the eight switch ports into different VLANs requires first creating a new Zone, which is as simple as going into the Network Zones menu, clicking Add, and giving your new Zone a name. With a new Zone created, a PortShield Interface can then be added in the Network Interface menu and assigned to the new Zone.

I tested the TZ 190's VLAN functionality by creating a Zone called LAN2, and then added a PortShield Interface called VLAN2 assigned to my new LAN2 Zone. As you can see below, I gave the PortShield interface an IP address in a different subnet (192.168.5.1/24 as opposed to the LAN interface of 192.168.168.168/24) and assigned one of the eight switch ports to be a member of my VLAN2 PortShield interface. A DHCP service was automatically set up by the SonicOS to provide IP addresses to clients off this port in the 192.168.5.0/24 network. I tested this feature by then plugging my laptop into the switch port I assigned to this new VLAN, and verified I was assigned an IP address from the 192.168.5.0/24 network and was able to surf the Internet.

VLAN PortShield

Figure 17: A VLAN PortShield

Recall from the Firewall discussion above the SonicWALL’s ability to control traffic between the wireless LAN and the wired LAN Zones. SonicWALL provides the same control with my newly added Zone. I verified I can Allow or Deny traffic between the LAN Zone and my LAN2 Zone. Further, since I've separated the two zones into different subnets, I have automatically protected each zone from the other's Layer 2 broadcasts, a key value of VLANs.

The TZ 190 also allows for allocating bandwidth to different traffic types, an element of QoS. To ensure sensitive traffic flows, such as VoIP, are allocated sufficient bandwidth, the first step is to define the bandwidth of the WAN interface. I was able to do this by going into the Network Interface menu and setting the capacity (Figure 18) of my Internet service, in this case Verizon FiOS, which runs at 5 Mbps down and about 1.5 Mbps up.

Bandwidth settings

Figure 18: Bandwidth management settings

Once defined, Access Rules in the Firewall can be set up to allocate percentages of bandwidth to specific traffic types. In Figure 19, you can see that I've allocated a minimum or guaranteed bandwidth percentage of 10% and maximum of 15% to VoIP traffic going from my LAN subnets to the WAN interface. Another Access Rule can be set up for the WAN-to-LAN direction. Setting bandwidth allocations ensures activities like web surfing or downloading won't affect delay-sensitive traffic flows.

QoS settings
Click to enlarge image

Figure 19: Assigning bandwidth to specific access rules

More LAN & WAN

Wi-Fi System Tools
Check out our Wi-Fi System Charts, Ranker and Finder!

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Over In The Forums

i'm trying to run an aimesh of two 86u's and one 68u. so i setup my old and trusty 86u as a main and the two other routers as nodes. everything goes w...
Hi, I'm new around here.I have this configuration:Router ISP: Bridge mode (192.168.0.1)Router ASUS AC68U :Firmware: Asuswrt-Merlin 834.13 (Thank you M...
Hi, I have a question around multi-subnet environment and routing via OpenVPN on Merlin. I have a few internal networks for desktop, vms and wifi clie...
Hi, I can not use IGMP proxy on my AX88U with the last Merlin firmware, I got this message : "Due to hardware limitation, IGMP proxy cannot co-exist w...
My custom VPN configuration would be 577 bytes long.However, this does not fit completely into the input field.I just happened to see that because a s...

Don't Miss These

  • 1
  • 2
  • 3