Configure a Hive Profile

Hive communications operate at Layers 2 and 3. The default port number for Layer 3 hive communications and for roaming-related traffic is UDP 3000. If a different service on your network is already using port 3000, you can change this to any number from 1024 to 65535, as long as the new setting is at least 5 digits greater or less than the current setting. For example, if the current port number is 3000, you can set a new port number higher than 3005.

Hive members use this password when authenticating themselves to each other over the wireless backhaul link using WPA-PSK CCMP (AES). To see the text that you entered, clear the Obscure Secret check box.

Extreme Networks devices ship with the default hive- and SSID-lever DoS detection settings for a number of frame types that are commonly used when launching DoS attacks. You can raise the thresholds to avoid receiving too many false alarms or lowering them to receive more alarms indicative of spikes in certain types of traffic.

DoS prevention rules for hives apply to wireless traffic from all radios that might reach the backhaul or access channel from wireless clients or nearby access points broadcasting on the same channel. You can define settings to detect DoS attacks on the radio channels that a device uses for hive communications and for SSID access traffic.

DoS prevention rules for clients apply to traffic originating from a single neighboring radio. The source might be a neighbor member or a nearby device outside the network that is broadcasting on the same channel the Extreme Networks device is using for its wireless backhaul communications, or for SSID access traffic.

For both types of rules, you can change the alarm thresholds and enable or disable settings for each DoS Detection type: Probe Requests and Responses, (Re) Associations, Association and Disassociation Requests and Responses, Authentication and Deauthentication, and EAP over LAN (EAPoL). Wireless clients periodically send probe requests to see if any access points are within range. The threshold determines the number of messages per minute required to trigger an alarm about a possible DoS attack. The alarm interval determines the length between repeated alarms when the number of messages continues to exceed the threshold.

This is the maximum frame size in bytes that requires the device to first send an request to send (RTS (request to send) message before sending a large frame. The default setting is 2346 bytes.

This is the maximum IEEE 802.11 frame size in bytes that the device uses when sending control traffic over the wireless backhaul link to other members. If the device needs to send a frame that is larger, it first breaks it into smaller fragments. The default setting is 2346 bytes.

Signal strength threshold: Choose a signal strength between 90 dBm and - 55 dBm. This is the minimum signal strength required to enable members to form a wireless backhaul link. The default is -80 dBm.

Polling interval: Set the time interval from 1 to 60 minutes to poll the signal strength of neighboring members. A lower interval increases traffic on the network slightly, especially in environments where there are lots of members, however this also increases the responsiveness of members to changes in signal strength. A higher interval reduces responsiveness to signal strength changes, which can be preferable in an environment where severe and frequent signal strength fluctuations would cause members to continually drop and re-establish connections. The default is every 60 seconds.

The default is 10 seconds, and the range is 5 to 360,000 seconds (100 hours). To calculate the length of time required, multiply the keepalive interval by the ageout value. Using the default settings, 10 seconds (interval) x 5 (missed keepalives), a neighbor ages out after 50 seconds.

You can select existing filters from the table, or add new filters.