Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8902
Views
0
Helpful
3
Replies

UDP Flooding, ip forward-protocol, and service dhcp

mbrown
Level 1
Level 1

‎05-23-2006 08:49 PM - edited ‎03-03-2019 03:20 AM

I've been reading up on how IOS routers handle DHCP using the "ip helper-address" command and ran across a few different terms / commands that I need help clarifying.

I've found that "ip forward-protocol" is enabled by default for many services, and bootps is enabled by default.

Then there's "service dhcp" which enables the DHCP relay service.

I also see the term "UDP Flooding" mentioned in several places, but can't find any specifics on what this entails.

Can someone please explain how "ip forward-protocol", "service dhcp", and "UDP Flooding" are different, how they interact, etc?

Thanks!

-Mason

Labels:
0 Helpful
3 Replies 3

bbaley
Level 3
Level 3

‎05-29-2006 10:25 AM

When configuring the ip helper-address command, the following broadcast packets will be forwarded by the router by default:

TFTP - port 69

Domain Name System (DNS) - port 53

Time service - port 37

NetBIOS Name Server - port 137

NetBIOS Datagram Server - port 138

Bootstrap Protocol (BOOTP) - port 67

TACACS - port 49

f you do not want all the defaults to be forwarded, issue the no ip forward-protocol command to disable the port from being forwarded by the router, as shown in this example:

router#(config-if)ip helper-address x.x.x.x

router#(config)no ip forward-protocol udp tftpWith these commands, all default User Datagram Protocol (UDP) broadcasts except TFTP broadcasts are forwarded by the router.

Configure the no ip forward-protocol command separately for each port to prevent the port from forwarding the broadcast packets by the router.

0 Helpful

mbrown
Level 1
Level 1
In response to bbaley

‎05-29-2006 02:29 PM

Thanks for the explanation. That's helpful to understand how to selectively enable or disable individual UDP broadcast forwarding for different ports.

But what happens if I leave the "service dhcp" (that supposedly forwards DHCP packets to other subnets) enabled, but set "no ip forward-protocol udp bootpc" and "no ip forward-protocol udp bootps"? Does DHCP forwarding from a client on one subnet to a server on another still happen?

Or how about the opposite situation? I set "no service dhcp" but leave the "ip forward-protocol udp bootpc" and "ip forward-protocol udp bootps" enabled?

0 Helpful

ForneyJR
Level 1
Level 1

‎05-29-2006 01:44 PM

Also, service DHCP is enabled by default. This allows the router of switch to perform DHCP service. Some corporate policies will required DHCP to be disabled, so the cmd 'no service dhcp' will be add to base configs.

UDP flooding is only related to bridging implementations. It works in conjucntion with spanning-tree to forward packets in a controlled, or safe, manner from a bridging perspective.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents