IP Broadcast Settings
20-8 IP Configuration
specific network or subnet. The directed broadcast address includes the network or subnet fields,
with the binary bits of the host portion of the address set to one. For example, for a network with
the address 192.168.0.0/16, the directed broadcast address would be 192.168.255.255. For a subnet
with the address 192.168.12.0/24, the directed broadcast address would be 192.168.12.255.
In order to minimize broadcast DoS attacks, forwarding of directed broadcasts is disabled by
default on the fixed switches, as recommended by RFC 2644.
If the ability to send directed broadcasts to a network is required, you should enable directed
broadcasts only on the one interface that will be transmitting the datagrams. For example, if a
switch has five routed interfaces for the 10, 20, 30, 40, and 50 networks, enabling directed
broadcast only on the 30 network interface will allow anyone from any of the other networks (10,
20, 40, 50) to send directed broadcast to the 30 network.
Use the ip directed-broadcast command in router interface configuration mode to enable IP
directed broadcasts on an interface.
UDP Broadcast Forwarding
Typically, broadcast packets from one interface are not forwarded (routed) to another interface.
However, some applications use UDP broadcasts to detect the availability of services, and some
protocols, such as BOOTP/DHCP, require broadcast forwarding to provide services to clients on
other subnets.
Configuring UDP broadcast forwarding on the fixed switch device involves enabling it for one or
more protocols with the ip forward-protocol command, and configuring an IP helper address on
the individual router interfaces with the ip helper-address command. For all protocols specified
with the ip forward-protocol command except DHCP/BOOTP, the system forward broadcast UDP
traffic as a unicast packet to the specified IP addresses. Refer to “DHCP and BOOTP Relay” on
page 20-9 for more information about DHCP/BOOTP processing.
If a certain service exists inside the device, and there is no need to forward the request to remote
networks, the no form of the ip forward-protocol command should be used to disable the
forwarding for the specific port. Such requests will not be automatically blocked from being
forwarded just because a service for them exists in the switch.
By default, UDP broadcast forwarding is enabled, with no port specified.
If port is not specified, the following defaults are used:
Table 20-2 UDP Broadcast Forwarding Port Default
Port Number Protocol
0 Reserved
7 Echo
9 Discard
37 Time Service
42 EN-116 Name Service
49 TACACS Service
53 Domain Naming System
69 Trivial File Transfer Protocol (TFTP)
137 NetBIOS Name Server
138 NetBIOS Datagram Server
To Next Page
Loading...
Need help?
General