Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

How to configure the ip helper-address and no ip forward-protocol commands to block the port from forwarding broadcast packets by the router

Core Issue

When configuring the ip helper-address command, the following broadcast packets will be forwarded by the router by default:

  • TFTP - port 69
  • Domain Name System (DNS) - port 53
  • Time service - port 37
  • NetBIOS Name Server - port 137
  • NetBIOS Datagram Server - port 138
  • Bootstrap Protocol (BOOTP) - port 67
  • TACACS - port 49

Resolution

If you do not want all the defaults to be forwarded, issue the no ip forward-protocol command to disable the port from being forwarded by the router, as shown in this example:

router#(config-if)ip helper-address x.x.x.x
router#(config)no ip forward-protocol udp tftp

With these commands, all default User Datagram Protocol (UDP) broadcasts except TFTP broadcasts are forwarded by the router.

For more information refer to  ip helper-address .

Note: Configure the no ip forward-protocol command separately for each port to prevent the port from forwarding the broadcast packets by the router.


539
Views
0
Helpful
0
Comments