Community discussions

MikroTik App
 
Cablenut9
Long time Member
Long time Member
Topic Author
Posts: 542
Joined: Fri Jan 08, 2021 5:30 am

Virtual interfaces for 60GHz

Thu Jul 15, 2021 5:06 am

Is it possible to have a virtual interface to which 60GHz stations can connect to? I want to have a setup where multiple wAPs connect to a single wAP 60x3 and that wAP 60x3 can create a PtP link from itself to any of the stations. However, I noticed in the MikWiki that the station interfaces are created only after they connect. This wouldn't work for me because I'd have static bindings set up for things like OSPF on those interfaces, and if they are dynamically generated, than that's not going to work.
 
mducharme
Trainer
Trainer
Posts: 1777
Joined: Tue Jul 19, 2016 6:45 pm
Location: Vancouver, BC, Canada

Re: Virtual interfaces for 60GHz

Thu Jul 15, 2021 5:25 am

The station interfaces are only created after connect, but they are not dynamic, so they will stay there even if the far end goes down.
 
Cablenut9
Long time Member
Long time Member
Topic Author
Posts: 542
Joined: Fri Jan 08, 2021 5:30 am

Re: Virtual interfaces for 60GHz

Thu Jul 15, 2021 5:27 am

The station interfaces are only created after connect, but they are not dynamic, so they will stay there even if the far end goes down.
Is this really true? If so, then what stops someone from making a script that changes the identity of some station and cramming the AP with a long list of dummy interfaces?
 
mducharme
Trainer
Trainer
Posts: 1777
Joined: Tue Jul 19, 2016 6:45 pm
Location: Vancouver, BC, Canada

Re: Virtual interfaces for 60GHz

Thu Jul 15, 2021 5:37 am

Is this really true? If so, then what stops someone from making a script that changes the identity of some station and cramming the AP with a long list of dummy interfaces?
I'm afraid I don't understand your question. Can you clarify?
 
Cablenut9
Long time Member
Long time Member
Topic Author
Posts: 542
Joined: Fri Jan 08, 2021 5:30 am

Re: Virtual interfaces for 60GHz

Thu Jul 15, 2021 5:45 am

Let's say I have an AP and a station. If the AP assigns slave interfaces based on each station, using the MAC to differentiate between them, then the AP will make a new interface for each MAC it sees. The script on the station changes its MAC to some random value every time it connects. The AP, thinking it's a new station, creates a totally new interface just for it. However, the station disconnects and changes its MAC again and the cycle continues until memory runs out on the AP and you're left with maybe hundreds of useless slave interfaces.
 
mducharme
Trainer
Trainer
Posts: 1777
Joined: Tue Jul 19, 2016 6:45 pm
Location: Vancouver, BC, Canada

Re: Virtual interfaces for 60GHz

Thu Jul 15, 2021 5:56 am

Yes, that's probably possible. But why would you keep changing the MAC on the station side to begin with? Presumably you control both sides?
 
Cablenut9
Long time Member
Long time Member
Topic Author
Posts: 542
Joined: Fri Jan 08, 2021 5:30 am

Re: Virtual interfaces for 60GHz

Thu Jul 15, 2021 6:14 am

But why would you keep changing the MAC on the station side to begin with? Presumably you control both sides?
That's in case someone hacks a station and wants to subtly attack the network.
 
mducharme
Trainer
Trainer
Posts: 1777
Joined: Tue Jul 19, 2016 6:45 pm
Location: Vancouver, BC, Canada

Re: Virtual interfaces for 60GHz

Thu Jul 15, 2021 7:31 am

They could, that's why I would use a firewall on the devices. As far as I am aware the type of attack you bring up is entirely possible, if the device is not secured properly.
 
marekm
Member
Member
Posts: 379
Joined: Tue Feb 01, 2011 11:27 pm

Re: Virtual interfaces for 60GHz

Thu Jul 15, 2021 8:09 pm

Adding new stations to the list automatically should be made an option. If disabled, only stations already on the list can connect. This could be extended to allow different encryption keys for each station (specified by access list, or RADIUS server).

Who is online

Users browsing this forum: No registered users and 30 guests