Right now we filter the following:
PPPOE
SMB
BOOTP Server
IPv4 Multicast
Is there harm in blocking “All other IPv4” or would that block everything like web traffic?
are you running DHCP ? if so dont do it.
The router at our tower issues Public DHCP address to the client (router or PC) The Radios them selves are on a seperate private /24 for each tower.
Right. but if you check All IPV4 it will block the client from pulling an IP address.
ask me how i know. lol.
LOL…Ya that’s why i thought I’d ask before I tried it.
Thanks for the help
No problem. we filter the same things you do but also SNMP and this along with VLANing our network has kept broadcast storms to pretty much nil.
Is there a benefit to filtering PPPoE if you don’t use it?
Otherwise we filter SMB, SNMP, BOOTP Server and IPv4 Multicast.
wifiguy wrote: Is there a benefit to filtering PPPoE if you don't use it?
Otherwise we filter SMB, SNMP, BOOTP Server and IPv4 Multicast.
Not really - a customer of your's would have to set up a PPPoE server on their connection for it to have any unique effect. Conceivably you could have a broadcast storm of PPPoE Discovery packets looking for an LNS, but this would require manual configuration in order to even set a device to PPPoE mode instead of DHCP or Static or whichever you use.
One thing to mention is that if you filter PPPoE, you will also block PPTP which may be used by some clients to connect to their HQ.
Why would a PPPoE filter stop PPTP? PPPoE sends ethernet frames with type ID of 0x8863 and 0x8864… PPTP uses IP UDP port 1723 and IP Protocol 47 (GRE)… (both 0x0800 type frames)
I agree… we had always in the past filtered PPPoE. We recently had experience with a few complaints of customers not being able to connect via PPTP, and the only solution that resolved the problem was removing the PPPoE filter. This was using v8.2.7 firmware, and have not tried with v9.x