Bad design? Helper address question....

Unanswered Question
Jun 23rd, 2009


We've acquired a network, and I'm going through their configs. The previous tech set up a helper address to I've never seen this before, but I can only gather that it's broadcasting to every device on their network when a request for dhcp, udp forwards, etc. come in.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
davy.timmermans Tue, 06/23/2009 - 08:21

IP helper address is for preventing the presence of a DHCP server in every VLAN.


A router or L3 switch, doesn't forward broadcast to other subnets than the subnet of interface it received the request.


so there's a mechanism needed for forwarding DHCP broadcast (and some other protocols with same issue)

The SVI or router that receives the request will forward the DHCP message unicast to the IP helper address (=DHCP server in this case)

the forwarding of other protocols can be disabled with "no ip forward-protocol x"

John Blakley Tue, 06/23/2009 - 08:26


Thanks for the response. My main question is why this person was forwarding the helper address to a broadcast address instead of a direct ip.



davy.timmermans Tue, 06/23/2009 - 08:28

ah ok, without SM it wasn't clear that you mention a broadcast ;-)

because several servers which requires the forwarding of these UDP protocols are on the same segment.

I've to doublecheck first ;)

John Blakley Tue, 06/23/2009 - 08:30

So, I would have to say it's a bad design then (maybe they didn't want to go back and add others later). I would specify individual servers instead of the broadcast because now you have every host on that segment having to receive that traffic regardless if they need to or not. =)


davy.timmermans Tue, 06/23/2009 - 08:42

In most implementations the IP helper address is solely used for DHCP clients retrieving a DHCP server. Other forwarding UDP protocols are often 'removed' from the ip helper "mechanism".

--> no ip forward protcol UPD xxx

I think it's your turn to check what services the IP helper address is used for.

glen.grant Tue, 06/23/2009 - 09:21

That is a subnet broadcast , instead of using 1 or 2 helper addresses they blasted to the whole subnet , not a great idea .

Edison Ortiz Tue, 06/23/2009 - 09:32

Your understanding is correct. The design is going from broadcast on client subnet, to unicast at the L3 interface of the routing device back down to broadcast on the remote LAN segment.

Depending upon the customer requirements, this can be either a bad or desired design.

On a local segment, these packets will be in broadcast mode anyways, you are just extending the broadcast to another segment.

Ideally, you know the DHCP server at the remote LAN subnet but as I said, it depends on the customer requirements.





This Discussion