cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
22702
Views
5
Helpful
7
Replies

ip forward-protocol nd

davidsudjiman
Level 1
Level 1

Hi,

I've tried to dig on Cisco.com website about this but all information leads to "ip forward-protocol udp" which helps the dhcp process (in-short). While I'm actually looking the proper explanation for "ip forward-protocol nd" I only got that parameter "nd" is used for old SUN network disk which I have no idea whether that still in use in current civilization. What is this command for and what is exactly Sun network disk?

Regards,

David Sudjiman

1 Accepted Solution

Accepted Solutions

Victor

This is an interesting explanation with good information about forwarding broadcasts. But it fails to address the question that David asks which is about forward-protocol "ND"

David - I doubt that there is any nd protocol in most networks these days. As far as I know it is a very old and deprecated protocol, and I doubt that you need to have much concern about it.

I suspect that your question arises from the fact that this command appears in your running config - but you did not enter it. I have noticed that in a lot of versions of 12.4T (and perhaps some others) this command is showing up. We did not input it, but it is showing up. It is showing up in running config because IOS chooses to show it. I do not have a good explanation for why it is showing up suddenly. But I am not sure that you can remove it. And I am sure that it is not doing any harm when it does show up.

HTH

Rick

HTH

Rick

View solution in original post

7 Replies 7

lamav
Level 8
Level 8

David:

1.) The ip forward-protocol command alone does nothing. You need the ip helper-address command, too. The helper address command lets the router interface know that it will be receiving a UDP broadcast from a directly connected client and that it should repackage it as either a directed broadcast to a specific destination subnet or a unicast to a specific machine.

By default, the helper address allows 8 different UDP-based applications to get forwarded, excluding all others. That is why you need the ip forward-protocol command: to add that UDP-based application to the list of forwarded applications.

2.) The ip directed-broadcast command should be applied to the vlan interface that is expected to receive the directed broadcast from the sending/forwarding router. The directed broadcast is a tool sometimes used by hackers to launch a denial of service attack, so routers block directed broadcasts that are destined for directly connected hosts hanging off the interface.

So, you are dealing with broadcasts in 2 directions - the send side, which is why we use the helper address and the forward protocol commands, and the receive side, which is why we use the ip directed broadcast command.

HTH

Victor

Victor

This is an interesting explanation with good information about forwarding broadcasts. But it fails to address the question that David asks which is about forward-protocol "ND"

David - I doubt that there is any nd protocol in most networks these days. As far as I know it is a very old and deprecated protocol, and I doubt that you need to have much concern about it.

I suspect that your question arises from the fact that this command appears in your running config - but you did not enter it. I have noticed that in a lot of versions of 12.4T (and perhaps some others) this command is showing up. We did not input it, but it is showing up. It is showing up in running config because IOS chooses to show it. I do not have a good explanation for why it is showing up suddenly. But I am not sure that you can remove it. And I am sure that it is not doing any harm when it does show up.

HTH

Rick

HTH

Rick

Thanks Victor, you're spotted-on!

I'm actually looking whether there is more information about it somewhere, but I think technology are moving fast and let by gone be by gone :-)

David

A search on Google found several references to ND as a network disk protocol developed by Sun Microsystems and which was a predecessor to the NFS file system. It appears that the protocol dates to the early 1980s. There certainly does not seem to be any recent activity with it.

For references you might start here:

www.cs.cornell.edu/courses/cs6464/2009sp/papers/nfs.pdf

HTH

Rick

HTH

Rick

Which just makes it even more curious why we suddenly see it in the config of modern IOS....

Anyone at Cisco who would jump in with a comment?

Ingolf

Gurpreet Kochar
Level 1
Level 1

There is an internal bug filed for this command and following is what the bug has to say


This is the best i could find


The actual open/closed attribute of the port is unchanged - but now the

config is made to explicitly reflects the fact that the port is/was open
by default.

This is necessary because in the future, we will close the port by
default, so that is why it is crucial to have "ip forward-proto nd" put
into configs now so that customers will not be surprised by changed
network behavior when the default changes.

In summary, the port of "ip forward-protocol nd" will be closed in
future IOS, we just make it show up in the current one so that customer
won't be surprised in future default changes.



CSE

Lan Switching

Hello,

Thank you - nice to know.

To Rick Burts: I believe we have had a discussion about this command and it seems that the bug described here by Gurpreet aligns nicely with the views I have presented in the discussion:

https://supportforums.cisco.com/message/3168474#3168474

Best regards,

Peter

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: