Good day,
I have a question regarding neighbor discovery on the new versions of router OS.
I had a script that disabled discovery on the WLAN interface of the CPE’s, after the latest updates the discovery has been changed to !dynamic and they start discovering all other devices on the bridged AP.
How can i disable of block this discovery from the AP side so two subscribers cannot discover each other on the wlan interfaces
Disable default-forward
-Chris
This is also part of the issue,
Default forward is disabled on all my access points, but they are still able to communicate over the bridge on the AP for some reason.
If i disable the bridge then default forwarding takes care of the issue
Ok I see part of the issue is that default forwarding was still enabled in the access list on the device i’m testing.
Thanks
I see.
I’d say clients can discover all CPEs on all other Access Points but not on the AP they’re connected to. Does this make sense?
So you need to isolate the APs from each other as well.
Either through routed networks per AP (i.e. one client subnet per access point, no NAT, just routing to your nexthop) or L2-isolation in the switch they are connected to. Or, if they terminate in a RB directly and all in the same bridge, use bridge horizon there to isolate the ports.
-Chris