Client Isolation/ AP isolation - how does it work ?

Discussion in 'Wireless Internet' started by sam1967, Jul 12, 2005.

  1. sam1967

    sam1967 Guest

    my AP is a linksys WRT54G and it supports client isolation (or AP
    isolation as linksys calls it) which prevents one wireless client
    communicating with another wireless client.

    this is a nice feature but im not sure how it works and wether i could
    see traffic to and from stationA to the AP from stationB (for example)
    ..

    MTIA
     
    sam1967, Jul 12, 2005
    #1
    1. Advertisements

  2. sam1967

    Tony Field Guest

    I think that it blocks two messages which stops M$ networking from talking
    to each other.

    Tony
     
    Tony Field, Jul 12, 2005
    #2
    1. Advertisements

  3. Oh, it's really simple. Wireless access points work by bridging the
    wireless port to the wired switch ports and router port. Everything
    happens at the MAC address level and does not involve IP addresses,
    NETBIOS over TCP/IP (also known as MS Networking). Just MAC
    addresses.

    The wireless bridge builds a bridging table consisting of a table of
    "heard" (or sniffed) MAC addresses that appear on various ports.
    There are really just 3 available ports[1]. Wireless, ethernet
    switch, and router port. If the destination MAC address of a port is
    shows up in the MAC address table as sitting on a specific port, only
    that port gets the traffic. Broadcasts, which have no destination MAC
    address are sent to all ports.

    Well, it's simple enough to build a logical rule (or filter) for these
    MAC addresses and ports that says:
    "If the packet originates on the wireless port, it can only send
    and receive packets that are destined or originate from the router
    port or ethernet switch port."
    Not a very complex rule, but one which totally prevents wireless
    client to client traffic. Not even broadcasts will go from wireless
    client to client.

    [1] Actually, that's not true as each port on the 4 port ethernet
    switch is considered a seperate port. However, let's make life simple
    and pretent the switch section is just one port.
     
    Jeff Liebermann, Jul 13, 2005
    #3
  4. sam1967

    sam1967 Guest

    Thanks again Jeff

    That makes perfect sense.

    Presumbaly this must also improve performance slightly ?
     
    sam1967, Jul 15, 2005
    #4
  5. Nope. Absolutely no improvement in performance which I guess means
    speed. Performance is exactly the same as if you were using one
    antenna. The difference is in "reliability" or ability to survive in
    a multipath environment. However, you'll get more reliability
    benifits out of OFDM modulation, which actually benifits somewhat from
    being able to use multiple delayed (reflected) transmissions, than out
    of diversity.

    To make matters more complex, diversity has the benifit of reducing
    the number of speed changes the access point has to make to compensate
    for lousy signals. The access point has no way to know if the
    corrupted packets are comeing from reflections, poor signal strength,
    or interference. It only knows that the packets are arriving trashed.
    So, it has only two recourses. It can decrease the maximum packet
    size to smaller packets that have a higher probability of getting
    through interference or overlapping valid data with reflective
    collisions. However, this isn't done because the fragmentation
    threshold is normally defaulted to maximum for optimum performance.
    So, the only remaining option is to slow things down, which has the
    effect of improving the receiver sensitivity. Algorithms vary, but
    basically as soon as there's garbage packets, there will be a
    corresponding slow down, which of course affects performance. If
    diversity can be used to reduce the need to recover from corrupted
    packets, then overall performance will improve.

    In case you haven't noticed, everything affects everything else, ad
    nausium. In my never humble opinion, it is better to go slow and
    error free, than fast with lots of retransmissions, speed changes, and
    corruption.
     
    Jeff Liebermann, Jul 15, 2005
    #5
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.