Someone just reminded me that just because you add OpenvSwitch to a Wifi access point does not make it a SDN device. What you've really created is a hybrid device where where OvS may control part of it but other facilities control other parts of it.When I was thinking about this problem last night obviously the wireless devices were not going thru the datapath of OvS so there was no way that it was going to be able manage that traffic.
If the router supports it, a solution to the problem is to enable wireless isolation within OpenWRT. Hybrid device, hybrid solution. Thanks for the help. ________________________________ From: Blue Lang <b...@veracity.io> Sent: Thursday, July 27, 2017 2:40 PM To: Michael Williams Cc: Joo Yong-Seok; ovs-discuss@openvswitch.org Subject: Re: [ovs-discuss] Multiple Virtual Wireless Ports You'd need to get your wifi NIC or WAP to act as a transparent bridge so the end devices appear as multiple MACs on the WLAN0 interface. Then you can use (should be able to?) use OF write actions to control the traffic flow on the wifi guests. There are quite a few hits on google covering very similar situations to the one you're asking about here. Thanks, On Thu, Jul 27, 2017 at 1:59 PM, Michael Williams <mw7...@hotmail.com<mailto:mw7...@hotmail.com>> wrote: When I WiFi interface I mean WLAN0 and in this particular box we have WLAN0 for the 5 GHz radio. When you add it to OvS you are just adding it as an individual port to the bridge. But if you have for example 4 computers connect wirelessly its like they are all connecting via that single port unlike if you plugged in 4 computers via the wired ports where each computer would plug into a single individual port. My problem is I want to be able to control the traffic between the wireless devices using OvS in the same way that I can control the traffic between the wired devices. When you said added multiple wifi interfaces do you mean that you have multiple radios? Because we only have two and are only using one. ________________________________ From: Joo Yong-Seok <joo.yongs...@gmail.com<mailto:joo.yongs...@gmail.com>> Sent: Thursday, July 27, 2017 1:33 PM To: Michael Williams Cc: Ben Pfaff; ovs-discuss@openvswitch.org<mailto:ovs-discuss@openvswitch.org> Subject: Re: [ovs-discuss] Multiple Virtual Wireless Ports When you say, "wifi interface", do you mean wlan interface (which is VAP) at AP? or low-level wifi interface? I don't know rate-limit since I've never tried but it works well for regular OVS rules. - Drop everything - Allow ARP - Allow DHCP - Allow DNS I applied the rule in one of ovs bridge and added multiple wifi interface over GRE tunnel. At least, I've tried this on top of Linux kernel 4.4 / OVS 2.6 - OPENWRT package. Best regards, On Thu, Jul 27, 2017 at 10:28 AM, Michael Williams <mw7...@hotmail.com<mailto:mw7...@hotmail.com>> wrote: Hi Ben, I don't think I explained it properly. Between the wired ports we can apply Openflow rules to limit traffic between computers connected via those wired ports, and that works with standard OvS. On the wireless WiFi side I would like to be able do the same thing and to limit the traffic between WiFi connected devices. Since WiFi only has one interface and not multiple individual ports like the wired stuff, my rules for dropping traffic between ports won't work. So I was wondering if there was someway with OvS to limit or stop traffic between WiFi connected computers? ________________________________ From: Ben Pfaff <b...@ovn.org<mailto:b...@ovn.org>> Sent: Thursday, July 27, 2017 12:57 PM To: Michael Williams Cc: ovs-discuss@openvswitch.org<mailto:ovs-discuss@openvswitch.org> Subject: Re: [ovs-discuss] Multiple Virtual Wireless Ports On Thu, Jul 27, 2017 at 01:33:23PM +0000, Michael Williams wrote: > We have OvS running on a wireless router with 4 wired Ethernet > ports. We can apply rules on the wired ports but when we try to apply > rules on the wireless port the rules don't work between multiple > wireless devices. Is there a way within OvS to treat the wireless > interface like multiple virtual ports so that when a wireless device > connects we can apply rules to govern behavior between the wireless > devices like we can with the wired devices? OVS doesn't distinguish between different kinds of ports, so the restrictions you're describing don't make sense; OVS doesn't work that way. You might be using a vendor's modified version of OVS. If so, then you should ask the vendor for assistance. _______________________________________________ discuss mailing list disc...@openvswitch.org<mailto:disc...@openvswitch.org> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss _______________________________________________ discuss mailing list disc...@openvswitch.org<mailto:disc...@openvswitch.org> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss -- Blue Lang PM | Veracity 3423 Piedmont Rd NE Suite 350 Atlanta, GA 30305 Cell: (770) 265-1381<tel:+17702651381> https://www.linkedin.com/in/bluelang/ b...@veracity.io<mailto:b...@veracity.io> www.veracity.io<http://www.veracity.io> [cid:7F6FF7CF-4327-4C3B-BD13-9C258997225D]
_______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
