Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Passing Broadcast from 1 VLAN to another

Hi all,

Our sys admin is using a Sw delivery pkg; the pkg works by sending wake on lan packets using broadcast before delivering the pkgs; naturally, these broadcast pkts are not reaching other vlans. What can i do to make them do this?

thank you.

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: Passing Broadcast from 1 VLAN to another

Mohamad

Yes it is a combination of the 3 commands and of knowing which command needs to go on which interface.

I am glad that we were able to help you solve your problem. Thanks for the rating.

HTH

Rick

23 REPLIES
New Member

Re: Passing Broadcast from 1 VLAN to another

Make you server nic card to participate on all VLAN by making it trunk interface. Not all NIC card supports trunking you need to buy special kind of NIC card for this.

Once your server is in all VLAN it will broadcast to all VLAN.

I hope it should work this way.

Re: Passing Broadcast from 1 VLAN to another

Hi,

You can think of using ip helper-address command under VLAN interface to acheive forwarding of broadcasts

eg. int VLAN2

ip address 10.1.1.1 255.255.255.0

ip helper-address 10.1.2.255

ip helper-address 10.1.3.255

you may have to use proper filtering/access list to allow broadcast only from the specified server.

HTH

Cisco Employee

Re: Passing Broadcast from 1 VLAN to another

Try enabling " ip directed-broadcast" under the vlan interface .

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_command_reference_chapter09186a0080087387.html#wp1017949

HTH,

-amit singh

New Member

Re: Passing Broadcast from 1 VLAN to another

Queston to Parameshwaram-

ip helper-address command is for directing the brodcast to a server which on other VLAN but here requirement is different ? User wanna have bradcast from a server in a VLAN to be reached to other VLANs also.

Question to Amit-

Can you please explain how ip directed brodcast command will broadcast traffic from that particular server to other VLANs, not all the broadcast ?

Re: Passing Broadcast from 1 VLAN to another

Hi,

Basically ip helper-address is used to forward udp broadcast (eg. DHCP BOOTP Packets) to Specific address mentioned in the command. The command syntax is

ip helper-address address

where address is Destination broadcast or host address to be used when forwarding UDP broadcasts. There can be more than one helper address per interface.

so if the address is ip broadcast address for a LAN segment, all machines in that segment will receive the particular broadcast information

Incase of DHCP, 255.255.255.255 is generated by Client and is forwarded to DHCP Server ( i.e. in helper-address command) as unicast packet. In the present scenario, 255.255.255.255 is generated by Server and is forwarded to respective different VLANs as ip broadcasts which configured in helper address.

HTH

regards

Param

Re: Passing Broadcast from 1 VLAN to another

Hi all,

The ip helper-address doesn't forward all broadcasts:

All of the following conditions must be met in order for a UDP or IP packet to be helpered by the ip helper-address command:

?The MAC address of the received frame must be all-ones broadcast address (ffff.ffff.ffff).

?The IP destination address must be one of the following: all-ones broadcast (255.255.255.255), subnet broadcast for the receiving interface; or major-net broadcast for the receiving interface if the no ip classless command is also configured.

?The IP time-to-live (TTL) value must be at least 2.

?The IP protocol must be UDP (17).

?The UDP destination port must be for TFTP, Domain Name System (DNS), Time, NetBIOS, ND, BOOTP or DHCP packet, or a UDP port specified by the ip forward-protocol udp global configuration command.

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_r/iprprt1/1rdipadr.htm#wp1018606

If these are the protocols that you wish to pass between VLANs then fine, if not try to define your protocol via the "ip forward-protocol" command.

HTH, please rate if it does,

Mohammed Mahmoud.

New Member

Re: Passing Broadcast from 1 VLAN to another

Guys,

please correct me if i'm wrong; the helper-address handles the problem from a reverse point of view; i.e. if i plug in a dhcp client, it will bcst a dhcp request, which gets directed by the helper-address to a specific host. in my case, the server itself is sending bcsts to, say, 500 machines.

so i configured ip forward-protocol to enable wake on lan pkts {which use UDP port 3674 in my case} and applied ip directed-broacast on vlan 1 {where my server is}. this did not solve the problem.

what do you think?

Re: Passing Broadcast from 1 VLAN to another

Hi there,

IP helper should solve broadcast issues either ways. Have you tried it like this:

"ip helper-address 255.255.255.255"

HTH,

Mohammed Mahmoud.

Cisco Employee

Re: Passing Broadcast from 1 VLAN to another

Please see how, ip directed-broadcast works.

http://www.cisco.com/warp/public/707/21.html#controlling_directed_bcasts

-amit singh

Re: Passing Broadcast from 1 VLAN to another

Hi Amit,

An IP directed broadcast is a datagram which is sent to the broadcast address of a subnet to which the sending machine is not directly attached, do u think that this apply to this case ?

BR,

Mohammed Mahmoud.

New Member

Re: Passing Broadcast from 1 VLAN to another

Guys,

i added ip forward-protocol udp 3674, used by wkae on pkts. I then added an inbound acl to vlan1 {where the server is located}, with src = server ip, dst = any, prot = udp port 3674; as i send wake on pkts from the server, i see hits on the acl entry.

i then applied the same acl, in the inbound and outbound directions of the subnet where the test machine is located. It did not record any hits.

Obviously, wake on pkts are reaching VLAN1, but not going through the destination subnet VLAN111.

any ideas? is it smtg on the vlan config level?

Re: Passing Broadcast from 1 VLAN to another

Hi

Did you configure ip helper-address under VLAN interface ?

can you post the config ?

Regards

Param

New Member

Re: Passing Broadcast from 1 VLAN to another

Hi again,

no i did not set ip helper-address. i have the following config under vlan 1:

int vlan1

ip address 172.16.16.200 255.255.192.0

ip access-group SUS1 in

ip access-group SUS1 out

no ip redirects

ip directed-broadcast 101

no ip proxy-arp

interface Vlan111

ip address 172.16.111.1 255.255.255.0

ip access-group NACHI in

ip access-group NACHI out

ip helper-address 172.16.16.45

ip helper-address 172.16.16.47

no ip redirects

ip directed-broadcast 101

no ip proxy-arp

ip access-list extended NACHI

deny udp any any eq tftp

deny tcp any any eq 707

permit ip any any

ip access-list extended SUS1

deny udp any any eq tftp

deny tcp any any eq 707

deny ip host 172.16.16.8 172.19.0.0 0.0.255.255

deny ip host 172.16.16.8 192.168.0.0 0.0.255.255

deny tcp host 172.16.16.41 172.19.0.0 0.0.255.255 eq www

deny tcp host 172.16.16.41 192.168.0.0 0.0.255.255 eq www

deny tcp 192.168.0.0 0.0.255.255 172.16.16.0 0.0.0.255 eq 3389

deny tcp 172.19.0.0 0.0.255.255 172.16.16.0 0.0.0.255 eq 3389

permit udp host 172.16.16.220 any eq 3674

permit ip any any

access-list 101 permit udp host 172.16.16.47 any eq echo

access-list 101 permit udp host 172.16.16.46 any eq echo

access-list 101 permit udp host 172.16.16.45 any eq echo

access-list 101 permit udp host 172.16.16.220 any eq 3674

access-list 101 permit udp host 172.16.16.220 any

.45 & .47 are my dhcp servers.

does this help?

thanks.

New Member

Re: Passing Broadcast from 1 VLAN to another

Is your

ip access-group NACHI in

ip access-group NACHI out blocking this ?

New Member

Re: Passing Broadcast from 1 VLAN to another

no man, i removed all ACLs & tried, with the same results.

on the other hand, i just found out that the magic packets go to 255.255.255.255, and not to say 172.16.111.255 {where the dst machine is}. i traced it using an ACL on the in direction of Vlan1 {where the server is}. after that point, nothing is showing up.

i found the following url: http://tcpmag.com/qanda/article.asp?EditorialsID=320

does this make sense?

-Mohamad.

Hall of Fame Super Silver

Re: Passing Broadcast from 1 VLAN to another

Mohamad

I believe that to solve your issue you will need both ip forward-protocol, ip helper-address and ip directed-broadcast commands. You will need the ip forward-protocol (which you seem to already have done), and the ip helper-address on the interface where the server is located. You will need to configure the helper address to point to the subnet broadcast of the remote VLAN (for example if the remote VLAN is subnet 172.16.4.0/24 then you would configure ip helper-address 172.16.4.255). And you need ip directed-broadcast on the remote VLAN interface.

You need the forward-protocol command to identify wake on LAN as a protocol to forward, and you need the helper-address to specify that it gets forwarded to the remote subnet as a subnet broadcast. You need the directed-broadcast on the remote VLAN interface because otherwise the interface will receive the forwarded packet but will not forward it onto the subnet.

HTH

Rick

New Member

Re: Passing Broadcast from 1 VLAN to another

Hi Rick,

indeed you are right! it's a combination of ip forward-protocol, ip directed-broadcasts & ip helper-address on the remote vlan. when i added the helper address, the machines woke up :)

thanks to all of you guys for your support.

-Mohamad.

Hall of Fame Super Silver

Re: Passing Broadcast from 1 VLAN to another

Mohamad

Yes it is a combination of the 3 commands and of knowing which command needs to go on which interface.

I am glad that we were able to help you solve your problem. Thanks for the rating.

HTH

Rick

Cisco Employee

Re: Passing Broadcast from 1 VLAN to another

Rick,

Well done, great answer.

Appreciate your knowledge and experience sharing with such wonderful posts.

Rated you Sir :-)

-amit singh

Hall of Fame Super Silver

Re: Passing Broadcast from 1 VLAN to another

Amit

Thank you for the kind words - and thanks for the rating. It means a lot to me to be able to help others by posting to the forum. And I appreciate having you as a long time active poster in the forum.

HTH

Rick

Re: Passing Broadcast from 1 VLAN to another

Hi Rick,

Its great learning from experts like your self.

BR,

Mohammed Mahmoud.

Hall of Fame Super Silver

Re: Passing Broadcast from 1 VLAN to another

Mohammed

Thank you for the kind words. I have spent a lot of time studying and gaining experience with many aspects of networking. I am happy to share with people through the forum. I am glad to see that you have become an active contributing member of the forum and I encourage you to continue your participation in the forum.

HTH

Rick

New Member

Re: Passing Broadcast from 1 VLAN to another

Mohamad.

For the benefit of all involved, could you please post the completed final configs of the involved interfaces on both ends of the broadcast.

Thanks.

Thomas.

1035
Views
25
Helpful
23
Replies