Community discussions

 
conchalnet
Member Candidate
Member Candidate
Topic Author
Posts: 274
Joined: Thu Nov 03, 2005 1:44 pm
Location: Brazil

Isolating traffic between bridges

Thu May 06, 2010 7:30 pm

Hi all!

I've a structure with 6 RouterBoards each one with two wireless cards and connected by eth1 to my switch.

All of them are configurated as bridge with the eth1 and the boths wireless interfaces on the bridge ports.

The customers of the same wireless card cant see each other because of the "Default Forward disabled" But the clients connected on card1 can see the clients on card2 and all of them can see the traffic of the clients connected on another bridge.

How can I isolated the traffic between customers is all bridges?

Best regards

Fabrício
 
User avatar
martini
Member Candidate
Member Candidate
Posts: 296
Joined: Tue Dec 21, 2004 12:13 am

Re: Isolating traffic between bridges

Thu May 06, 2010 10:37 pm

use bridge firewall, disable mac forwarding (for customer mac)
 
conchalnet
Member Candidate
Member Candidate
Topic Author
Posts: 274
Joined: Thu Nov 03, 2005 1:44 pm
Location: Brazil

Re: Isolating traffic between bridges

Thu May 06, 2010 11:30 pm

Hi Martini, how can I disable the mac forwarding?

Best regards

Fabrício
 
User avatar
martini
Member Candidate
Member Candidate
Posts: 296
Joined: Tue Dec 21, 2004 12:13 am

Re: Isolating traffic between bridges

Fri May 07, 2010 1:07 am

/interface bridge filter add action=drop chain=forward arp-src-mac-address=(customer mac) arp-dst-mac-address=(customer2 mac)

or create access rule for allowed mac to allowed mac and then add FROP rule for all other mac
 
conchalnet
Member Candidate
Member Candidate
Topic Author
Posts: 274
Joined: Thu Nov 03, 2005 1:44 pm
Location: Brazil

Re: Isolating traffic between bridges

Fri May 07, 2010 1:31 am

Thanks Martini, but it's impossible to me... I'm talking in more than 1k clients

Regards

Fabrício
 
User avatar
martini
Member Candidate
Member Candidate
Posts: 296
Joined: Tue Dec 21, 2004 12:13 am

Re: Isolating traffic between bridges

Fri May 07, 2010 9:04 am

Then you need to use Vlan on routerboard and switch, make 2 vlan and bridge each of them with wireless interface.
And you problem solved )

Who is online

Users browsing this forum: No registered users and 82 guests