The only way you can make sure that an infected client can't wreak havoc on the AP is to have bwctrl on the CPE.
This is what I was saying... but Colin Watson says that PPPoE encapsulates everything including ping packets into PPP which does have flow control?? Is this right?
PPP over serial lines does have flow control (RTS/CTS and XON/XOFF).
RTS/CTS can't be used with PPPoE because it uses the RTS/CTS wires on the serial port (out-of-band signalling).
XON/XOFF is in-band, but requires escape codes to insure that payload data is not incorrectly interpreted as XON/XOFF. In order to use escape codes, the PPP peers must negotiate an Async-Control-Character-Map (ACCM) during the LCP phase. The PPPoE RFC states that:
http://www.faqs.org/rfcs/rfc2516.html "7. LCP Considerations [...] An implementation MUST NOT request any of the following options, and MUST reject a request for such an option: [...] Asynchronous-Control-Character-Map (ACCM)"
So neither RTS/CTS nor XON/XOFF can be used for PPPoE flow control.
-- LarsG
The PART-15.ORG smartBridges Discussion List
To Join: mailto:[EMAIL PROTECTED] (in the body type subscribe smartBridges <yournickname>
To Remove: mailto:[EMAIL PROTECTED] (in the body type unsubscribe smartBridges)
Archives: http://archives.part-15.org
