Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
325
Views
0
Helpful
2
Replies

Router forwards directed broadcast while being told not to do so

Utair Corporation
Level 3
Level 3

‎02-06-2014 12:23 AM - edited ‎03-07-2019 06:02 PM

Hi, just got brand new 3945E with following config:

no ip source-route
ip arp proxy disable
ip cef
!
interface Tunnel1
 ip address 10.95.62.5 255.255.255.252
 ip flow ingress
 ip flow egress
!it's default route to all networks
!
interface GigabitEthernet0/0
 no ip address
 load-interval 30
 duplex auto
 speed auto
!
interface GigabitEthernet0/0.18
 encapsulation dot1Q 18
 ip address 10.96.249.1 255.255.255.0
!
interface GigabitEthernet0/1
 no ip address
 load-interval 30
 duplex auto
 speed auto
!
interface GigabitEthernet0/1.602
 encapsulation dot1Q 602
 ip address 172.30.123.1 255.255.255.252
!
interface GigabitEthernet0/2
 no ip address
 no ip proxy-arp
 load-interval 30
 duplex auto
 speed auto
!
interface GigabitEthernet0/2.17
 encapsulation dot1Q 17
 ip vrf forwarding Management
 ip address 10.96.32.61 255.255.255.0
!
no ip forward-protocol nd
no ip forward-protocol udp tftp
no ip forward-protocol udp domain
no ip forward-protocol udp time
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm
no ip forward-protocol udp tacacs
!
ip flow-top-talkers
 top 200
 sort-by bytes
 cache-timeout 1000
!

All Gigabit interfaces are plugged into trunk ports on swith. There is a traffic in Vlan1, but there is no IP enabled interfaces in that vlan, furthermore arp-proxy and broadcast forwarding explicitly turned off and here what i get:

#sho ip flow top-talkers

SrcIf         SrcIPaddress    DstIf         DstIPaddress    Pr SrcP DstP Bytes
Gi0/2         10.131.10.186   Tu1*          10.131.11.255   11 0089 0089   513K
Gi0/2         10.131.11.120   Tu1*          10.131.11.255   11 0089 0089   702
Gi0/2         10.131.10.209   Tu1*          10.131.11.255   11 008A 008A   687
Gi0/2         10.96.37.107    Tu1*          10.96.37.255    11 E8A6 079B   204
Gi0/2         10.96.37.107    Tu1*          10.96.37.255    11 E8A8 079B   204
Gi0/2         10.131.10.120   Tu1*          10.131.11.255   11 E0C5 079B   204
Gi0/2         10.131.10.120   Tu1*          10.131.11.255   11 E0C7 079B   204
8 of 200 top talkers shown. 8 flows processed.

Why the hell broadcast gets forwarded? did i miss something?

IOS is Cisco recommended:

Cisco IOS Software, C3900e Software (C3900e-UNIVERSALK9-M), Version 15.2(4)M5, RELEASE SOFTWARE (fc2)

Labels:
0 Helpful
2 Replies 2

Utair Corporation
Level 3
Level 3

‎02-06-2014 01:20 AM

It is a bug:

https://tools.cisco.com/bugsearch/bug/CSCtz66340

0 Helpful

Utair Corporation
Level 3
Level 3
In response to Utair Corporation

‎02-06-2014 03:39 AM

Moved up to 15.3(3)M2, problem gone.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card