cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1860
Views
5
Helpful
5
Replies

L2 broadcast over WAN

Carlo Zaina
Level 1
Level 1

Greets.

There is a way to allow a router to forward Layer 2 broadcast across a WAN?

For example, the feature "wake-on lan" used on some ethernet NIC, can be deployed also across a wan?

Thank you

1 Accepted Solution

Accepted Solutions

Harold Ritter
Cisco Employee
Cisco Employee

For WOL the work over the WAN, you need to first configure this command on the router connected to the server sending the WOL magic packet:

ip forward-protocol

And on the specific interface connected to the WOL server:

ip helper-address

for instance the directed broadcast address would be 192.168.2.255 if the subnet address is 192.168.2.0/24.

You also need to configure the interface connected to subnet where the workstations to be awaken reside as follow:

ip directed-broadcast

note that the ACL is optional but it is recommended to configure it so that just wake on lan packet sourced from the specific server(s) are forwarded. This will make sure that you don't open the door to Smurf attacks, which is the reason "ip directed-broadcast" is disabled by default.

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

5 Replies 5

mahmoodmkl
Level 7
Level 7

Hi

How is ur WAN connected.r u talking about a PtoP wan connection and if routers are used then the broadcast will not be forwarded.I guess u can forward the broadcast using ip helper-address.

Thanks

Mahmood

Harold Ritter
Cisco Employee
Cisco Employee

For WOL the work over the WAN, you need to first configure this command on the router connected to the server sending the WOL magic packet:

ip forward-protocol

And on the specific interface connected to the WOL server:

ip helper-address

for instance the directed broadcast address would be 192.168.2.255 if the subnet address is 192.168.2.0/24.

You also need to configure the interface connected to subnet where the workstations to be awaken reside as follow:

ip directed-broadcast

note that the ACL is optional but it is recommended to configure it so that just wake on lan packet sourced from the specific server(s) are forwarded. This will make sure that you don't open the door to Smurf attacks, which is the reason "ip directed-broadcast" is disabled by default.

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

By the way, certain WOL softwares can be configured to send the WOL magic packet to the directed broadcast address of the LAN to be awaken. In this case, you would not need to configure anything on the router connected to the server sending the WOL magic packet.

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Well, the wan is a FR.

The subnet at the main office is 10.37.4.0/22 and at the branch office 10.37.8.0/22.

For what i read, then, it is enough to send the packet to the broadcast IP 10.37.11.255, eventually configuring the allow-protocol or the ip helper-address, i'm right?

A doubt: does the ip helper-address work only for DHCP or also other services?

Thank you

Carlo,

If your WOL sotware allows you to send the magic packet to 10.37.11.255 then you don't even need to configure an ip-helper address.

Just configuring "ip directed-broadcast" on the interface connected to subnet 10.37.8.0/22 would be sufficient.

To your second question, ip helper-address is used not only for DHCP but for any protocol configured using the "ip forward-protocol" command. By default, only the following protocols are forwarded to the ip helper address:

Trivial File Transfer Protocol (TFTP) (port 69)

?Domain Naming System (port 53)

?Time service (port 37)

?NetBIOS Name Server (port 137)

?NetBIOS Datagram Server (port 138)

?Boot Protocol (BOOTP) client and server packets (ports 67 and 68)

?TACACS service (port 49)

?IEN-116 Name Service (port 42)

For more information on "ip forward-protocol", please see the Cisco IOS Documentation.

http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124tcr/tiad_r/adressht.htm#wp1144779

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco