Cabletron Systems 3Com manual Filtering and Access Control

18CHAPTER 1: OVERVIEW OF DIGITAL WIRELESS NETWORKING

Filtering and Access Control

The AP provides facilities to limit the wireless clients that associate with it and the data packets that can forward through it. Filters provide network security or improve performance by eliminating broadcast/multicast packets from the radio network.

The Access Control List (ACL) contains MAC addresses for wireless clients allowed to associate with the AP. This provides security by preventing unauthorized access.

The AP also uses a disallowed address list of destinations. This feature prevents the AP from communicating with specified destinations. This can include network devices that do not require communication with the AP or its wireless clients.

Depending on the setting, the AP can keep a list of frame types that it forwards or discards. The Type Filtering option prevents specific frames (indicated by the 16-bit DIX Ethernet Type field) from being processed by the AP. These include certain broadcast frames from devices unimportant to the wireless LAN but which utilize bandwidth. Filtering out unnecessary frames also improve throughput.

DHCP Support The AP uses Dynamic Host Configuration Protocol (DHCP) to obtain a leased IP address and network configuration information from a remote server. DHCP is based on BOOTP protocol. DHCP can coexist or interoperate with BOOTP. An AP sends out a DHCP request searching for a DHCP server to acquire the network configuration and firmware filenames. Because BOOTP and DHCP interoperate, the one that responds first becomes the server that allocates information. The DHCP client automatically sends a DHCP request to renew the IP address lease as long as the AP is running. (This parameter is programmed at the DHCP server. For example, Windows NT servers typically are set for 3 days.)

The AP can optionally download two files when a boot takes place, the firmware file and an HTML file, because firmware versions 4.00-31 and above support Web servers. Users can program the DHCP or BOOTP server to transfer these two files when a DHCP request is made.

When the AP receives a network configuration change or is not able to renew the

IP address lease the AP sends out an SNMP trap.

Media Types The AP supports bridging between Ethernet, radio, and serial media.

The Ethernet interface fully complies with Ethernet Rev. 2 and IEEE 802.3 specifications. The AP supports 10BASE-T wired connections and full-speed filtering. The data transfer rate over radio waves is 11 Mbps. The Ethernet interface is optional for single-cell or PPP-connected networks.

The radio interface conforms to IEEE 802.11B specifications. The interface operates at 11 Mbps using direct-sequence radio technology. The AP supports multiple-cell operations with fast, transparent roaming between cells. With the direct-sequence system, each cell operates independently. Each cell provides a 11 Mbps bandwidth. Adding cells to the network provides increased coverage area and total system capacity. The AP supports wireless clients operating in Power Save Polling (PSP) mode or Continuously Aware Mode (CAM) without user intervention.