Add ability to assign Traffic Filter for Inter-station Traffic by User Profile or VLAN instead of just SSID

  • 2
  • Idea
  • Updated 4 years ago
Feature Request - It would be nice to be able to assign a Traffic Filter per User Profile or VLAN instead of just per SSID.

Stealing the wording from Nick..."Ideally, controlling the ability of a client to send inter-station
traffic would be on a per-profile basis rather than SSID basis to give
granularity and avoid the proliferation of SSIDs, which has performance
overheads as well as logistical implications."

https://community.aerohive.com/aerohive/topics/stop_inter_station_traffic_per_user_profile_or_vlan

Thank you.


Photo of Smitty

Smitty

  • 37 Posts
  • 3 Reply Likes

Posted 4 years ago

  • 2
Photo of Mike Kouri

Mike Kouri, Official Rep

  • 1030 Posts
  • 271 Reply Likes
Sorry, but blocking inter-station traffic is a radio-specific concept, which is why it is applied on a per-SSID basis, not per user profile or per VLAN.

I see in the other thread that our champs (who, BTW, constantly amaze me with their depth of knowledge and obvious desire to help out) have weighed in with explanations and possible workarounds.
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
I did some research on this by hunting through the source of the open source Linux kernel drivers and associated user mode code, and a few mailing lists.

The reason is that the driver for the wireless chip implements this feature, usually with hardware support, and does so on a per-BSS basis. That is for performance reasons and means that we cannot easily or realistically see such support on a per-profile basis which is much higher up the abstracted stack - it would require handling via the CPU and quite a lot of code churn and work to implement it.

(The feature on a per-BSS basis is a standard one and is typically known as ap_isolate.)

(Edited)