Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
847
Views
0
Helpful
11
Replies

Is there a way to make a router ignore directed broadcasts?

zsedc
Level 1
Level 1

‎04-24-2003 02:07 AM - edited ‎03-02-2019 06:52 AM

"no ip directed-broadcast" set.

May there is a way to stop router answer on requests to broadcast address?

Net subnetted with 6 subnets so 12 extra access-list rules not seems a

good idea.

Labels:
0 Helpful
11 Replies 11

rwiesmann
Level 4
Level 4

‎04-24-2003 02:41 AM

Hi

The default behavior of a router ist to drop directed broadcast unless you

use one of the following commands:

ip helper-address x.x.x.x

ip forward protocol {udp [port] | nd | sdns}

ip directed-broadcast

So i do not quite understand the question?

See the config guide:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/ip_c/ipcprt1/1cdipadr.htm#1002098

Hope that helps

Roger

0 Helpful

zsedc
Level 1
Level 1
In response to rwiesmann

‎04-24-2003 03:42 AM

I still got icmp echo replys from router when send request to

directed-broadcast address ( both to [subnet | 0] and [subnet | -1].

It's not forwarded. It's just handled as if destination ip was the router.

0 Helpful

rwiesmann
Level 4
Level 4
In response to zsedc

‎04-24-2003 03:49 AM

Hi

What icmp type/code do you get?

Regards

Roger

0 Helpful

zsedc
Level 1
Level 1
In response to rwiesmann

‎04-24-2003 04:23 AM

8/0 sent 0/0 received.

cisco.com seem have same situation.

try ping 198.133.219.0 or 198.133.219.255

0 Helpful

rwiesmann
Level 4
Level 4
In response to zsedc

‎04-24-2003 05:04 AM

It depends what subnetmask there is in place. but i do not

get you point.....if you ping the broadcast addrees basically all station in the subnet should answer that. If you ping the network address nobody should answer it and that's normal behavior.

I think there is also a command on the switch which will help you to overgo that.

Regards

Roger

0 Helpful

zsedc
Level 1
Level 1
In response to rwiesmann

‎04-24-2003 05:24 AM

Here is a quote from rfc2644 (bcp34):

Directed Broadcast - a broadcast directed to the specified network

prefix. It MUST NOT be used as a source address. A router MAY

originate Network Directed Broadcast packets. A router MAY have a

configuration option to allow it to receive directed broadcast

packets, however this option MUST be disabled by default, and thus

the router MUST NOT receive Network Directed Broadcast packets

unless specifically configured by the end user.

so it is NOT normal behavior.

And I also hope there is a command which changes this behavior.

But could anyone help me find it?

0 Helpful

rwiesmann
Level 4
Level 4
In response to zsedc

‎04-24-2003 12:11 PM

Sorry mixed up some points in the last posting. In my posting above i meant broadcast to all host on the same subnet....but you are talking about the directed ones.

Directed broadcasts will be tropped by the router, because as in the config guide stated "no ip directed-broadcast" command is on by default . I posted the link to the config guide in an earlier posting. The router will issue an icmp packet which states that the net is not

reachable...i do not think you can turn that off. I think you wanted to turn this icmp message off am i correct.

Regards

Roger

0 Helpful

zsedc
Level 1
Level 1
In response to rwiesmann

‎04-25-2003 04:06 AM

Yes, "no ip directed-broadcast" is on by default but is only disables translation directed-broadcast to Layer2 broadcast(s) and do nothing with

router's replys. Router will issue net-unreach only if interface associated with network is down. Still it seams the problem only with icmp traffic as no

tcp-rst/icmp-portunreach response sent to tcp/udp requests.

0 Helpful

rwiesmann
Level 4
Level 4
In response to zsedc

‎04-25-2003 01:34 AM

Hi

An add on to my last posting....You can turn of the sending of icmp unreachable messages with the following command on the interface level:

no ip unreachables

Regards

Roger

0 Helpful

t.baranski
Level 4
Level 4

‎04-24-2003 06:20 PM

I think what's being referred to here is the tendency of Cisco devices (the ones I've worked with, anyway) to answer pings destined towards network and broadcast addresses to which the Cisco device is directly attached. To me, this behavior is undesirable because it makes it easy for someone with bad intentions to ping sweep the network and get a very good idea of the subnetting structure.

I'm not aware of a knob to toggle this behavior -- anyone else know of one? What I've had to do on our external devices is add lines to the access lists to block packets destined towards these addresses.

0 Helpful

olorunloba
Level 5
Level 5
In response to t.baranski

‎04-25-2003 06:00 AM

I think you are referring to arp-proxy, a situation in which the router responds to an arp request because it has knowledge of the destined network. This feature is enable by default on cisco interfaces. Try to disable it by using

no ip proxy-arp,

and see whether it solves your problem.

Another option might be to change the broadcast address of the router, but I am not sure what impact this will have on the operation and connectivity of the interface.

Regards

0 Helpful
Customers Also Viewed These Support Documents