Manualshelf

User's Manual

ManualsBrandsProxim Wireless ManualsElectronicsSingle Band Wireless AP W/ Build in Amplifiers
919293949596979899100
Configuration MP.11 4954-R Installation and Management
Intra-Cell Blocking (Base Station Unit Only)
96
Intra-Cell Blocking (Base Station Unit Only)
Overview
The Intra-Cell Blocking feature lets traffic be blocked between two SUs registered to the same Base Station. There are
two potential reasons to isolate traffic among wireless subscribers:
To provide better security to the subscribers by isolating the traffic from one subscriber to another in a public space.
To block unwanted traffic between subscribers to prevent this traffic from using bandwidth.
You can form groups of SUs at the Base Station, which define the filtering criteria. All data to or from SUs belonging to the
same group are bridged. All other data from SUs that do not belong to a particular group are automatically forwarded
through the Ethernet interface of the Base Station. If an SU does not belong to any group, the Base Station discards the
data.
You can also configure a Security Gateway to block traffic between SUs connected to different BSUs. All packets
destined for SUs not connected to the same Base Station are forwarded to the Security Gateway MAC address
(configured in the Security Gateway tab).
When you change the device from Bridge to Routing mode, Intra-Cell Blocking stops working with or without a reboot.
When you change the device from Routing to Bridge mode, Intra-Cell Blocking starts working with or without a reboot.
Intra-Cell Blocking Group Rules
The following rules apply to Intra-Cell Blocking Groups:
One SU can be assigned to more than one group.
An SU that has not been assigned to any group cannot communicate to any other SU connected to the same or
different BSU.
Example of Intra-Cell Blocking Groups
Assume that four Intra-Cell Blocking Groups have been configured on one BSU. SUs 1 through 6 are registered to BSU
1. SUs 7 through 9 are registered to BSU 2.
In this example, SU 1 belongs to two groups, Group 1 and Group 3. Therefore, packets from SU 1 destined to SU 4, SU
5, SU 6, and SU 3 are not blocked. However, SU 9 belongs to group 4 only and packets from SU 9 are blocked unless
sent to SU 8 or SU 2.
Achieving Communication Between Two SUs
In a multipoint configuration, an SU can communicate with another SU through the BSU when in Bridge mode by default.
Use the intra-cell blocking feature if this is not desired. In a routing configuration, each of the SUs must have a different
subnet on their Ethernet port to distinguish traffic for each SU, and each subnet must be entered into a routing rule in the
BSU as well as into an upstream router. The wireless side of all SUs must share the same subnet with the BSU wireless
interface. These IP addresses must be used as next hop when creating the routes for the SU subnets.
Intra-Cell Blocking Group Example
Group 1 Group 2 Group 3 Group 4
SU 1 SU 2 SU 6 SU 8
SU 4 SU 3 SU 1 SU 9
SU 5 SU 8 SU 3 SU 2