Has anyone come across this. We have a VLAN structure in our network. we can browse all the devices in one VLAN but cannot browse devices in another VLAN in the Network Neighbourhood. No devices from this VLAN shows up at all.
The router setting for each of the VLAN is exactly the same. The only thing is that all the nslookup for the devices in this VLAN is working perfectly but we just cannot browse them in Network Neighbourhood. We have a mixture Windows NT4 and Windows 2000.
You need to forward UDP ports 137 and 138 on the router doing the inter vlan routing.
router(config)#ip forward-protocol udp 137
router(config)#ip forward-protocol udp 138
I ave ip helper-address set up on all the neccessary VLANS and only have
no ip forward-protocol udp tftp
no ip forward-protocol udp tacacs
globally set. So this should forward udp 137 and udp 138. But it works for other VLANS but just not for one.
If you are browsing on your network than you are sending a broadcast. By default a router stops all the broadcasts. So you can reach the computers on ip address but not by name. You should fill your hosts file or dns and resolve the computers by ip address. Don't browse to the computer but find the computer.
If you create a ip helper address on the receiving interface of your computer than some broadcasts are send to that ip address. This is what you normally do if you are sending a bootp request to a dhcp server on another lan.
Now the broadcast of your request is send through the router.
This should also work for your microsoft browsing on port 137.
I hope this helps.
Don't forward NetBIOS broadcasts on port UDP port 137 & 138. It impacts the ability of the NT browser service to properly elect a segment (or VLAN) master Browser - One master browser per subnet is needed.
If you have a DHCP (Bootp) server then only forward directed broadcast on ports 67 & 68
Also check that your Wins and/lmhosts environment is setup correctly.
Hope it helps
Please check the fol
oops, meant to include these MS Q references that I got the info from:
Q135464 - 8003 Browsing Errors with UDP Forwarding and
Q190930 - UDP Broadcast Forwarding by Cisco's IP Helper.
Hi and Thanks
We do have a DHCP Server and do not use LMHOSTS as we have a DNS and WINS Server. We enable NetBIOS over TCP/IP in our network setting.
I have ip helper-address on all dhcp vlan and this should automatically forward udp 137,138,67 and 68. So am I suppose to disable udp 137 and 138.
Yers our WINS is set up correctly. DO you know if this has anything to do with master browser and the likes as each vlan needs to have their own.
Only allow 'directed broadcasts" and that also only to the subnet(s) where you have your NT PDC and Wins.
Each subnet/vlan must have its own Master Browser (verify using Browstat.exe from NT Resource kit), which then sends the list to your Domain Master Browser (PDC) using directed frame on UDP port 138. This consolidated list is then used by clients for browsing the network.
Things to try:
1. Ping from VLAN that has PDC/WINS to problem VLAN using the NetBIOS
name of a server, and vice versa
2. Map a drive using the NetBIOS name - from both sides.
3. Use a trace program like Ethereal or ....
4. Stop and start the Browser service on NT/W2K
Thank you so much guys and gals. I really appreciate your help on this.
It was the master browser on the subnet that was not configured properly.
Using the browstat and browmon, I was able to see the master browser for that subnet but then could not ping it properly by name only by ip address. SO I had to configure the master browser properly and rebooted.
Once I rebooted, a re-election took place and another properly configured PC became the master browser. Did a browstat forceannounce (all from the Microsoft site) on a PC in the subnet and waited the 12 minutes and over and then I could view all the devices in that subnet when I checked today.
Thank you all so much for your help
A few things to look at: On the network setting for your WINS server did you configure the address of the WINS server? It seems silly, but the WINS server needs to know where the WINS server is.
I'm guessing on this one because you havn't posted all of the details of your topology. Is the WINS server on the VLAN that works? I bet it is. If your workstations are set for hybrid mode, they will look to the WINS server first then do a broadcast. This will make it seem like WINS is working on the segment when it is not. Could be the case here.
Look in the WINS database. Have all of the workstations and servers (including the WINS server) registered with the WINS server?
One other thing of note: It may take up to 45 minutes for the WINS databse to become fully populated. Be patient when adding machines.
Also, (I forget the details on this one - check microsoft.com) do not allow a Windows 95 (and 98?) machine to become the master browser. It screws things up but I forget why or how. Old age you know!!!
Hope this helps. Let us know if you need more help or what you find.