Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3763
Views
0
Helpful
4
Replies

Forwarding UDP Broadcast traffic

Go to solution
james.lavery
Level 1
Level 1

‎03-30-2006 06:06 AM - edited ‎03-03-2019 12:14 PM

I have 4 2500 series routers in a hub and spoke configuration around a 4500 series. A software vendor we I work with is requesting that I "open" my routers to allow UDP broadcast traffic on ports 12483 and 12484. This is apparently needed for their software to initially find its licensing server. Is this a good idea from a "network best practices" point of view? And if it’s an ok thing to do, how might I go about allowing this traffic to pass.

Thanks a million for the help

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Nicholas Vigil
Level 1
Level 1

‎03-30-2006 06:28 AM

I always try to avoid forwarding broadcast traffic across routers if I can. But if this is something you have to do the use the following commands

ip helper-address

ip forward-protocol udp 12483

ip forward-protocol udp 12484

The ip helper command goes on the interface that first recieves the broadcast traffic. The ip forward command goes in global mode. By defualt the ip-helper command will also forward broadcast for ports 69, 53, 37, 137, 138, 67, 68, and 49 unless you disable them with a no ip forward-protocol.

If this helps please rate my post, thanks

View solution in original post

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎03-30-2006 06:29 AM

James

I am not sure that I fully understand your question. The title of the question is about forwarding UDP braodcasts. I understand this. And the answer is to configure ip helper-address. You configure this on the interface that is receiving the UDP broadcasts. The helper address receives the broadcast and forwards a unicast to the address that you configure in the helper address. So lets assume that you have a router with an Ethernet interface in network 192.168.2.0 and the licensing server is at address 192.168.4.5 So the clients in 192.168.2.0 will be trying to find the server by sending broadcasts on ports 12483 and 12484. So on the Ethernet interface you would configure ip helper-address 192.168.4.5. You also need to identify the ports to forward and would do this with the ip forward-protocol command ip forward-protocol udp 12483 and ip forward-protocol udp 12484.

Then your question talks about "open" a port. That language is generally used to talk about access lists which restrict traffic and you want to allow certain traffic to get through.

Perhaps you can clarify which aspect your question is about?

HTH

Rick

HTH

Rick

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Nicholas Vigil
Level 1
Level 1

‎03-30-2006 06:28 AM

I always try to avoid forwarding broadcast traffic across routers if I can. But if this is something you have to do the use the following commands

ip helper-address

ip forward-protocol udp 12483

ip forward-protocol udp 12484

The ip helper command goes on the interface that first recieves the broadcast traffic. The ip forward command goes in global mode. By defualt the ip-helper command will also forward broadcast for ports 69, 53, 37, 137, 138, 67, 68, and 49 unless you disable them with a no ip forward-protocol.

If this helps please rate my post, thanks

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame

‎03-30-2006 06:29 AM

James

I am not sure that I fully understand your question. The title of the question is about forwarding UDP braodcasts. I understand this. And the answer is to configure ip helper-address. You configure this on the interface that is receiving the UDP broadcasts. The helper address receives the broadcast and forwards a unicast to the address that you configure in the helper address. So lets assume that you have a router with an Ethernet interface in network 192.168.2.0 and the licensing server is at address 192.168.4.5 So the clients in 192.168.2.0 will be trying to find the server by sending broadcasts on ports 12483 and 12484. So on the Ethernet interface you would configure ip helper-address 192.168.4.5. You also need to identify the ports to forward and would do this with the ip forward-protocol command ip forward-protocol udp 12483 and ip forward-protocol udp 12484.

Then your question talks about "open" a port. That language is generally used to talk about access lists which restrict traffic and you want to allow certain traffic to get through.

Perhaps you can clarify which aspect your question is about?

HTH

Rick

HTH

Rick
0 Helpful

Go to solution
james.lavery
Level 1
Level 1
In response to Richard Burts

‎03-30-2006 07:54 AM

What you two have proposed seems like it will fit the bill perfectly. Here is what I have done, see if this sounds right to you guys.

On the router in the remote location where the client machines are located I added the following:

interface Ethernet0 ip helper-address

I also added the following lines to the global config:

ip forward-protocol udp 12483

ip forward-protocol udp 12484

With this configuration has ip helper also started to forward ports 69, 53, 37, 137, 138, 67, 68, and 49? I don’t want any other ports forwarded but the two in the config.

Thanks again for the help!

James

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to james.lavery

‎03-30-2006 07:58 AM

James

What you have configured should forward the client requests to the license server. It will also forward the other ports. If you do not want those ports forwarded then you need to disable them. Use:

no ip forward-protocol udp 69

etc

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card