Is Proxy ARP supported on AP22? If so, does it work across VLANs/BSSIDs?
@salmedo We don't support Proxy ARP today with the AP22. Can you give an example of a use case that you are looking to provide.
I bought the AP22 for my home. I have several VLANs, one of which I use for "dubious" IOT devices. They all connect on the 2.4GHz network - in all, I have about 35 devices that connect to that band across several VLANs. I was a tad surprised when I saw the AP22 reporting an utilization of almost 40% on the 2.4 and only about 6% on the 5GHz (even though most of the activity happens on devices connected to this latter band). Checking network activity, I observed significant ARP traffic on the "dubious" IOT VLAN (and later also found some constant broadcasting by each of the IOT devices). Looking through this forum, it appears that at least one of your APs converts multicast ARP to unicast.
So, to answer your question, the use case is my router (to which the AP is connected) seems to send quite a bit of ARP requests, and each of the IOT devices sends a reply and I was wondering if the AP22 would be a good place to have an ARP Proxy so as to not consume radio bandwidth.
- Does the AP22 convert multicast ARP requests to unicast?
- How is the radio band utilization calculated? I might be making a storm in a glass of water.
Thanks in advance,
@salmedo Having multiple VLAN's and SSID's for IOT devices may be causing all of your ARP traffic. Best practices are to have 3 SSID's An employee Network, a Guest, and then an IOT. The more SSID's and VLAN's create beacons and probes across all the networks causing utilization to increase and bandwidth can suffer from this as well.
The Instant On AP allows all broadcast and multicast frames as it is. Only ARP requests are converted to unicast frames and sends them to the associated clients as an optimization. When in bridge mode the broadcasts and multicast are also delivered on the wired side as well, due to the nature of a bridge function in a network. On the contrary, a NAT function inherently discards the broadcast and multicast to keep them within a single subnet. Instant On Guest networks have a special ACL that forbid inter-communication between wireless devices, essentially forcing the traffic to reach the default gateway in the wired network.
Thank you for the follow up.
I only have 3 VLANs and an untagged LAN (a protected LAN, an untrusted IOT, a higher-reputation IOT, and a guest VLAN - seldom used). Accordinly, I have 4 SSIDs. The 3 VLANs are wireless only, and they are firewalled at the router level. There is no broadcast leak between the VLANs (at least not at the router level) but I do see the broadcasts at the wired level as expected and as you pointed out.
I understand that Proxy ARP at the AP level would cause the AP to reply to the wired router instead of forwarding the ARP request wirelessly to all (or each) subscribers (either as a broadcast or unicast), thus reducing radio utilization. That was the original question. Multicast to unicast conversion is certainly helpful (thank you for the confirmation).
My remaining question then is: how is the radio utilization calculated? Is it radio time, number of suscribers, other formula?
@salmedo Utilization = SNR + number of client and usage