Peer-to-peer blocking is applied to individual WLANs, and each client inherits the peer-to-peer blocking setting of the WLAN to which it is associated. Peer-to-Peer enables you to have more control over how traffic is directed. For example, you can choose to have traffic bridged locally within thecontroller, dropped by thecontroller, or forwarded to the upstream VLAN.
Peer-to-peer blocking is supported for clients that are associated with local and central switching WLANs.
Per WLAN, peer-to-peer configuration is pushed by thecontrollerto FlexConnect AP.Incontrollersoftware releases prior to 4.2, peer-to-peer blocking is applied globally to all clients on all WLANs and causes traffic between two clients on the same VLAN to be transferred to the upstream VLAN rather than being bridged by thecontroller. This behavior usually results in traffic being dropped at the upstream switch because switches do not forward packets out the same port on which they are received.
This section contains the following subsections:
Restrictions on Peer-to-Peer Blocking
Peer-to-peer blocking does not apply to multicast traffic.
In FlexConnect, solution peer-to-peer blocking configuration cannot be applied only to a particular FlexConnect AP or a subset of APs. It is applied to all FlexConnect APs that broadcast the SSID.
Cisco controller with central switching clients supports peer-to-peer upstream-forward. However, this is not supported in the FlexConnect solution. This is treated as peer-to-peer drop and client packets are dropped.
Cisco controller with central switching clients supports peer-to-peer blocking for clients associated with different APs. However, this solution targets only clients connected to the same AP. FlexConnect ACLs can be used as a workaround for this limitation.
