Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- batman-adv ap_isolation issue
- =============================
- --------------
- Network layout
- --------------
- Internet <---> Linux firewall <---> batman-adv-AP#1
- ^
- |
- mesh--> batman-adv-AP#2
- ---------------------
- Configuration details
- ---------------------
- ap_isolation is enabled on both batman-adv-AP#1 and batman-adv-AP#2
- batctl info on the devices:
- batman-adv-AP#1:
- Locally retrieved addresses (from bat0) announced via TT (TTVN: 3):
- * da:0f:30:51:ca:2e [.P...]
- * ac:86:74:01:b3:b0 [.....]
- * 00:0e:2e:bd:d7:88 [.....]
- Globally announced TT entries received via the mesh bat0
- Client (TTVN) Originator (Curr TTVN) Flags
- * ac:86:74:01:b4:90 ( 2) via ae:86:74:01:b4:94 ( 2) [...]
- * 02:69:fe:45:a3:cf ( 1) via ae:86:74:01:b4:94 ( 2) [...]
- batman-adv-AP#2:
- Locally retrieved addresses (from bat0) announced via TT (TTVN: 2):
- * ac:86:74:01:b4:90 [.....]
- * 02:69:fe:45:a3:cf [.P...]
- Globally announced TT entries received via the mesh bat0
- Client (TTVN) Originator (Curr TTVN) Flags
- * da:0f:30:51:ca:2e ( 3) via ae:86:74:01:b3:b4 ( 3) [...]
- * ac:86:74:01:b3:b0 ( 3) via ae:86:74:01:b3:b4 ( 3) [...]
- * 00:0e:2e:bd:d7:88 ( 3) via ae:86:74:01:b3:b4 ( 3) [...]
- brctl info on the devices:
- batman-adv-AP#1:
- bridge name bridge id STP enabled interfaces
- br-lan 8000.ac867401b3b0 no eth0
- wlan0
- wlan0-1
- bat0
- batman-adv-AP#2:
- bridge name bridge id STP enabled interfaces
- br-lan 8000.ac867401b490 no eth0
- wlan0
- wlan0-1
- bat0
- ------------------
- Problem definition
- ------------------
- From the Linux firewall I can ping batman-adv-AP#1 (and ssh) but not batman-adv-AP#2
- batman-adv-AP#1 can reach the Linux firewall (ping, http,...)
- batman-adv-AP#2 can not reach the Linux firewall (ping, http,...)
- If I disable ap_isolation on batman-adv-AP#1 (batctl ap 0), I can ping both batman-adv-AP#1 and batman-adv-AP#2 from the Linux server
- If I re-enable ap_isolation on batman-adv-AP#1 (batctl ap 1), I can still ping both batman-adv-AP#1 and batman-adv-AP#2 from the Linux server
- In this state (disable/re-enable of ap_isolation) an I have not tested if isolation is actually occuring
- -------------------
- Version information
- -------------------
- Running OpenWRT Backfire r29910 with batman-adv 2011.4.0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement