I found it, thanks, under wireless like you said. Under advanced in the
nanostations. All APs have been done, wait and see!
On 6/21/21 2:25 PM, Mathew Howard wrote:
It should be in wireless settings, under Advanced at the bottom
(assuming airOS 8.x)
On Mon, Jun 21, 2021 at 1:42 PM Jan-GAMs <j.vank...@grnacres.net
<mailto:j.vank...@grnacres.net>> wrote:
Where do I find this "Client Isolation" to activate it?
On 6/21/21 10:18 AM, Mathew Howard wrote:
Ubiquiti does have the equivalent feature... it's called "Client
isolation"
On Mon, Jun 21, 2021 at 9:01 AM Adam Moffett <dmmoff...@gmail.com
<mailto:dmmoff...@gmail.com>> wrote:
I'd consider putting the data VLAN on the switch port rather
than the wireless gear. Make the switch port facing the AP a
hybrid port with a native VLAN so all untagged traffic gets
tagged with the native VLAN ID. You can still retain your
universal management VLAN that way. And yeah a different ID
for each AP which is on the same switched network. If you
add the data VLAN to the wireless devices then the config of
the devices will be different at each tower and that'll
complicate your life quite a bit.
SM Isolation is a feature on Cambium PMP and ePMP. The AP
won't forward traffic from one SM to another, if SM's need to
exchange traffic that has to go through the router upstream
from the AP's. This might be slightly less efficient in the
case that someone actually does this, but it's pretty rare to
have intentional traffic going SM to SM......usually that's
just broadcast chatter which you're better off if you drop.
I do not know if Ubiquiti has an equivalent feature.
On 6/20/2021 12:52 PM, Jan-GAMs wrote:
I thought I had mentioned earlier an "all Ubiquiti"
network? And I'm fairly certain you're not discussing
mechanical isolation mounts for motors when you are
referring to SM isolation for Canopy? (laugh time).
I think we are small enough that a seperate VLAN per AP is
possible to do. Thanks for the suggestion, plus it will
save us money we don't have. Now you are saying the AP
should have it's own VLAN. Are you also saying the
Downlinks which connect the next tower which are also
configured as an AP should also have their own VLAN? Or are
you saying that only APs which have customer radios
connected should have their own VLAN?
Presently we have every device on the same VLAN for
management and most of the new radios seem to have only one
setting for one VLAN, the older stuff you can add more VLANs
by clicking the "add" button. Can you point me to a white
paper on deploying multiple VLANs in a network so I can
better wrap my feeble brain around this?
On 6/19/21 9:57 AM, Chuck McCown via AF wrote:
Assuming you use some form of Canopy or Cambium, I presume
you have SM isolation turned on too, right?
*From:* Chuck McCown via AF
*Sent:* Saturday, June 19, 2021 10:27 AM
*To:* af@af.afmug.com
*Cc:* Chuck McCown
*Subject:* Re: [AFMUG] BNG dynamic provisioning Re: strange
outage
You need to use VLANs to pipe each AP back to your router
on its own tag.
Then the router can make sure there is no AP to AP traffic.
This is the same as having a router at the tower with each
AP on its own router port.
*From:* Jan-GAMs
*Sent:* Saturday, June 19, 2021 9:28 AM
*To:* af@af.afmug.com
*Subject:* Re: [AFMUG] BNG dynamic provisioning Re: strange
outage
That's what we been doing for a long time. The ubiquiti
switches are manageable from the UISP. We use a VLAN for
management.
On 6/19/21 7:10 AM, Chuck McCown via AF wrote:
UBNT US-8-60W is $109
VLAN tag each AP port. Set up your downlink as a VLAN
trunk. Then each AP will have its own private channel
back to your core/edge router.
I am no VLAN expert by any means. There are lots of
experts here. But this is the method I used literally 18
years ago when faced with this same problem. I used a
cisco managed switch that was built for wide temperature
conditions. 2900 or 2500 or something like that. Worked
like a champ.
Are you sure the ubiquity switch you have at each tower
does not support VLANs?
*From:* Jan-GAMs
*Sent:* Saturday, June 19, 2021 6:23 AM
*To:* af@af.afmug.com
*Subject:* Re: [AFMUG] BNG dynamic provisioning Re:
strange outage
We have in each tower a ubiquiti switch and one or two APs
plus an uplink(to next tower towards the gateway) and a
downlink(away from the gateway). We don't have that many
customers to support a huge investment.
Ok, looks like the advice is to replace the ubiquiti
switches with ubiquiti routers? I haven't seen in router
setup any provision for BNG, maybe I'm missing something.
I'd never get management willing to replace a $100 switch
with a $3,000 Cisco router, especially on a network where
we wouldn't make that much ROI in several years (we have a
board of directors who keep threatening to shut us down,
they're mostly from last century and barely know how to
use a cell-phone).
Am I wrong in thinking we can configure an Edgerouter X to
prevent these multicast storms we're having in our
networks? I'm loathe to use any natting, can I leave
these in bridge-mode and get a solution to the problem?
On 6/18/21 5:24 PM, Mark Radabaugh wrote:
Absolutely! Glad to hear others are doing this - it’s
what Amplex has been doing for years.
I get really tired of the ‘experts’ telling everyone
there is only one ‘right’ way to build a network, yet
have never heard of this.
Mark
On Jun 18, 2021, at 3:48 PM, Carl Peterson
<cpeter...@portnetworks.com> wrote:
We use the same BNG for all our residential subs in a
market. GPON, Active Ethernet, and Fixed Wireless. Some
of the fixed wireless stuff requires a hack to run the
CVLANS through another box to add the second tag but
that's cheap and easy enough. A Netonix 6 mini hanging
off a switch can do it with either 0x88a8 or a second
0x8100 tag. Cambium supports QinQ natively.
On Fri, Jun 18, 2021 at 2:36 PM D. Bernardi
<dberna...@zitomedia.net> wrote:
Thanks. This seems fairly common on GPON
networks as well so you could use this feature
for both GPON and Fixed Wireless on the same BGN.
At 01:59 PM 6/18/2021, you wrote:
>Juniper. We have a MX5 in production and a
>MX204 I'm setting up right now to replace it. Â
>Subscriber management is additional
>licensing. Not sure if just dynamic interface
>creation requires subscriber management
>licensing. I just looked on our production BNG
>and it isn't using subscriber-vlan. Â
>
>subscriber-accounting
>Â Â Â Â Â Â Â Â 1Â Â Â Â Â Â 1 Â Â Â
  0  permanent
>
>Â subscriber-authentication
>Â Â Â Â Â Â 0Â Â Â Â Â Â 1 Â Â Â Â Â
0Â Â permanent
>
>Â subscriber-address-assignment
>Â Â Â Â 1Â Â Â Â Â Â 1 Â Â Â Â Â 0Â Â
permanent
>
>Â subscriber-vlan
>Â Â Â Â Â Â Â Â Â Â Â 0Â Â Â Â Â
>Â 1 Â Â Â Â Â 0Â Â permanent
>
>Â
><https://www.juniper.net/documentation/en_US/junose15.1/topics/concept/dynamic-interfaces-overview.html
<https://www.juniper.net/documentation/en_US/junose15.1/topics/concept/dynamic-interfaces-overview.html>>https://www.juniper.net/documentation/en_US/junose15.1/topics/concept/dynamic-interfaces-overview.html
<https://www.juniper.net/documentation/en_US/junose15.1/topics/concept/dynamic-interfaces-overview.html>
>
>On Fri, Jun 18, 2021 at 12:34 PM D. Bernardi
><<mailto:dberna...@zitomedia.net>dberna...@zitomedia.net>
wrote:
>At 12:35 PM 6/18/2021, Carl Peterson wrote:
> >We've gone full circle - Flat to fully routed to
> >MPLS/VPLS over a routed network back to
> >flat. You hit a scaling issue with routed
> >networks as you hit 10G and above, especially if
> >you aren't using Mikrotik or other low cost
> >routing. Real carrier grade switching is a lot
> >lower cost, lower power, and much easier to
manage. Â
> >
> >Every customer has their own dedicated circuit
> >(SVLAN.CVLAN). The corresponding interface on
> >the BNG is dynamically created for the
> >subscriber with attributes out of radius. Â
> >Something like this isn't the right answer at
> >100 customers but you should consider it or
> >something like it once you go north of a few k
subs. Â
>
>
>What are you using for the BNG and does it
>require an additional license for dynamic interface
creation?
>
>
>
>
>--
>AF mailing list
><mailto:AF@af.afmug.com>AF@af.afmug.com
>http://af.afmug.com/mailman/listinfo/af_af.afmug.com
<http://af.afmug.com/mailman/listinfo/af_af.afmug.com>
>
>
>
>--
>
>Carl Peterson
>
>PORT NETWORKS
>
>401 E Pratt St, Ste 2553
>
>Baltimore, MD 21202
>
>(410) 637-3707Â
>--
>AF mailing list
>AF@af.afmug.com
>http://af.afmug.com/mailman/listinfo/af_af.afmug.com
<http://af.afmug.com/mailman/listinfo/af_af.afmug.com>
--
AF mailing list
AF@af.afmug.com
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
<http://af.afmug.com/mailman/listinfo/af_af.afmug.com>
--
Carl Peterson
*PORT NETWORKS*
401 E Pratt St, Ste 2553
Baltimore, MD 21202
(410) 637-3707
--
AF mailing list
AF@af.afmug.com
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
<http://af.afmug.com/mailman/listinfo/af_af.afmug.com>
------------------------------------------------------------------------
--
AF mailing list
AF@af.afmug.com
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
<http://af.afmug.com/mailman/listinfo/af_af.afmug.com>
------------------------------------------------------------------------
--
AF mailing list
AF@af.afmug.com <mailto:AF@af.afmug.com>
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
<http://af.afmug.com/mailman/listinfo/af_af.afmug.com>
------------------------------------------------------------------------
--
AF mailing list
AF@af.afmug.com <mailto:AF@af.afmug.com>
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
<http://af.afmug.com/mailman/listinfo/af_af.afmug.com>
--
AF mailing list
AF@af.afmug.com <mailto:AF@af.afmug.com>
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
<http://af.afmug.com/mailman/listinfo/af_af.afmug.com>
--
AF mailing list
AF@af.afmug.com <mailto:AF@af.afmug.com>
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
<http://af.afmug.com/mailman/listinfo/af_af.afmug.com>
--
AF mailing list
AF@af.afmug.com
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
