Hello,
using MT 2.9 now…
actually my clients about 20, i’m using queue to limit their ul/dl.
and the remain IP i blocked with firewall.
say that my network:
192.168.100.0 (network)
192.168.100.254 (MT)
192.168.100.1 (monitoring computer) → had 150kbit limit
192.168.100.10-30 (AP Client IP)
192.168.100.31-41 (Comp Client IP)
and i’m block remain IP. Each user, i limit about 70kbit, except the 192.168.100.1
now, someday, i got a user that cheating the rule, he change his IP to any, say so 192.168.100.5,10,1 etc…
may be he want to run out from IP limitting, somehow, the tricky way can cause IP Conflict for other user, say he use 192.168.100.32 . it will make “IP Conflict” for original user 192.168.100.32, or conflicting with my monitorin IP and MT IP.
so, is there a way to prevent such like this cheatting IP ??
thanks, waiting for your enlightment…
Set arp=reply-only and define static ARP entries per client.
how i can set that config ??
from interface → change ether2 (LOCAL) to ARP=Reply-only ??
and how to define STATIC ARP ENTRIES per Client ???
give me more clue plz..
thanks alot
wow, thanks bro… it works. thanks alot…
This is something we were just about to look into ourselves…
<< Set arp=reply-only and define static ARP entries per client >>
Did you do that on the AP or the CPE?
Which interface in particular did you set that on?
I assume you can set multiple static ARP entries, if you want a client to have multiple IPs assigned right?
Thanx…
SMA
i set arp=enabled on my local interface.
so, can u give more clue, what different between
ARP=Enabled
ARP=Proxy-ARP
ARP=Reply-Only
Thanks
You need to do it on the AP.
It should be set on the interface that the clients are connecting to,
not on uplink or backhaul interfaces.
Yes, that is possible.
–Tom
The different modes are explained in the manual (link posted in previous answer). What facts are you missing that are not explained there?
–Tom
<< The different modes are explained in the manual (link posted in previous answer). What facts are you missing that are not explained there? >>
The manual really is not helpful in regards to the arp settings.
We’ve spent alot of time tinkering with that, and what the manual says should be done, doesn’t seem to have the effect we need.
Things go unpingable without proxy-arp enabled sometimes, in places where proxy arp really does not need to be according to the manual, like across a wds bridge (should be transparent) where it should function without it. Without it being enabled, the CPE does not ping.
SMA
actually, i wanna know what the feature each setting. until now, i doesn’t see any different between that. thats why i’m asking…