cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
351
Views
0
Helpful
1
Replies

Please, Help me with Ethertype Filters

mike_zag
Level 1
Level 1

Hello!

My task is very simple.

I want Birdge 350 Series to forward ONLY IP protocol. And drop others.

I follow the Ethertype Filters link, then define new FILTER

with Default Disposition set to block.

Then I add a new Specisal Case with IP protocol (0x0800) with desposition set to forward.

So I think that is all. And then I apply the filter to Interfaces.

And it DOES NOT WORKS. IP protocol is blocked.

Now I have to define filter with Default Disposition set to forward and define all

protocols I don't wanna see with desposition set to block.

I think that it's not correct solution .

So Please show me my mistake!

Thank you!

1 Accepted Solution

Accepted Solutions

gverr
Level 1
Level 1

Mike,

To get an IP connection (layer 3 of OSI model) you need to have a link at layer 2 and 1 of the OSI model, that is MAC and physical. As such, your mobile unit need to know the MAC address of your target node or the the MAc of the EXIT door of your segment to the target IP address on another segment, that is your router.

To get the MAC address of a node while having its IP address, there is a protocol, ARP (Address Resolution Protocol), which is a subset of IP. You need to set up ARP protocol as well in your Special Cases (Protocol ID 0x0806). So, to get IP only crossing an AP, block all traffic and forward IP and ARP only.

Cordially,

Guy

View solution in original post

1 Reply 1

gverr
Level 1
Level 1

Mike,

To get an IP connection (layer 3 of OSI model) you need to have a link at layer 2 and 1 of the OSI model, that is MAC and physical. As such, your mobile unit need to know the MAC address of your target node or the the MAc of the EXIT door of your segment to the target IP address on another segment, that is your router.

To get the MAC address of a node while having its IP address, there is a protocol, ARP (Address Resolution Protocol), which is a subset of IP. You need to set up ARP protocol as well in your Special Cases (Protocol ID 0x0806). So, to get IP only crossing an AP, block all traffic and forward IP and ARP only.

Cordially,

Guy

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: