I'm currently working with a Banana Pi R3 running OpenWRT, and I've come across an option called "Port Isolation" under "Bridge port specific options." I'm looking for clarification on what this option is intended for and how it should work.
My initial assumption was that enabling this flag on LAN1 would prevent devices connected to other ports, say LAN3, from pinging devices on LAN1. However, I've noticed that this is still possible. Could someone please explain the intended functionality of this flag or point out any potential mistakes in my configuration?
I appreciate your assistance in clarifying this matter.
I also tried enabling "Port isolation" on all LAN ports (LAN1, LAN2, LAN3, LAN4), but it's still possible to ping between LAN1 and LAN3. Is there something I'm missing or another setting I need to adjust?
After some investigation, I realized that the LAN ports on the Banana Pi R3 are connected to a DSA switch. It appears that the "Port isolation" flag doesn't have the same effect on ports connected to the DSA switch as it does on direct Ethernet links.
So, if you're using a Banana Pi R3 or a similar device with LAN ports connected to a DSA switch, please be aware that "Port isolation" might not work as expected on these ports.
I hope this information helps others who might encounter a similar situation. If anyone has further insights or workarounds for achieving port isolation with DSA switch-connected ports, please feel free to share.