Most Access Points have a feature that blocks cpe to cpe traffic at layer 2
From: <[email protected]<mailto:[email protected]>> on behalf of "Ethan E. Dee" <[email protected]<mailto:[email protected]>> Gino Villarini President Metro Office Park #18 Suite 304 Guaynabo, Puerto Rico 00968 [cid:aeronet-logo_310cfc3e-6691-4f69-bd49-b37b834b9238.png] Reply-To: WISPA General List <[email protected]<mailto:[email protected]>> Date: Friday, October 21, 2016 at 3:23 PM To: WISPA General List <[email protected]<mailto:[email protected]>> Subject: Re: [WISPA] Network/infrastructure design for WISP's Typically, we use two vlans per Access point (tower/building/physical location). We use a private vlan (10.x.x.x/24) for private/management/voip traffic. And a public vlan for the client traffic. The untagged traffic goes on the management vlan. The web traffic is tagged back to the switch. We use all static for simplicity of monitoring and management. On 10/21/2016 3:07 PM, Jordan de Geus wrote: Hey guys, I'm very new to the WISP industry and I've been curious to know how people are designing their WISP networks. Are you creating VLAN's for each connection point? So your backhauls are all in one VLAN, while all AP to client connections are in another VLAN? I had been thinking about how the above VLAN based design would be, in terms of security, and I realized that if all CPE's were in one VLAN together, wouldn't they be able to cross communicate? So an AP with 30 clients operating in VLANX, would essentially be able to communicate to each other, bring security as a major issue. I was thinking that you'd be able to do VLAN's for each customer, but doing a PTMP setup for residential purposes, I feel like the system would be quite bogged down with that amount of vlans? How are you authenticating and issuing IP's to clients? Are you doing PPPOE or DHCP? Is everything just in routed tables? What sort of hardware are you using for your network design and management? Kind Regards, Jordan _______________________________________________ Wireless mailing list [email protected]<mailto:[email protected]>http://lists.wispa.org/mailman/listinfo/wireless -- Ethan Dee Network Admin Globalvision 864 704 3600 [email protected]<mailto:[email protected]>[email protected]<mailto:[email protected]> 864 467 1333
_______________________________________________ Wireless mailing list [email protected] http://lists.wispa.org/mailman/listinfo/wireless
