We have an DLB 2700 w/ omni in the field for one of our broadcast sites. There are approximately 25 customers on this AP. Each customer is using a different brand of WiFi equipment from Deliberant, Proxim, YDI, you name it. I am needing more control at the access point level bandwidth control, firewall control, better CPE stats. I am curious if the following things are possible:
Bandwidth Control based on customer MAC address since we run DHCP and the IP will change often?
Write a firewall to block unwanted Netbios and other traffic on the Wireless Interface to keep wireless Clients from talking to each other and passing garbage back and forth
Hardware wise I am Looking at using RB433 w/ XR2 with level 3 license in place of the above setup any issues you can think of?
I am doing all are AP’s and some CPE’s with Routerboards. As for bandwidth control, We do all ours with PPPoE/radius. I’m pretty sure you can limit bandwidth via mac address. I have never done this; but I would guess you would mangle the traffic by mac address, and then put the mangle in a simple queue.
Firewall rules are extremely flexible. You can pretty much block whatever you want. There are even Layer 7 deep packet rules that can be applied. I recommend you go to the Mikrotik demo router and look at the firewall rules, they have a pretty good set of rules for common viruses and worms.
The basic license should be fine. I think the only time you need higher is if you have over 200 pppoe/hotspot/etc. connections. Not exactly sure on the number, it might be higher.
Overall, you get an extreme amount of control over the behavior of your AP/CPE.
Yes to all.
Everything you ask for can be done in more than one way.There is a small learning curve as there is no one way or right way to do anything with MT. I wish someone would come up with officially supported configurations, or setup scripts. The wikis are a great start.
You will need the level 4 license but thats great because the 433 comes with it no extra charge.