Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Forwarding UDP Broadcast traffic

I have 4 2500 series routers in a hub and spoke configuration around a 4500 series. A software vendor we I work with is requesting that I "open" my routers to allow UDP broadcast traffic on ports 12483 and 12484. This is apparently needed for their software to initially find its licensing server. Is this a good idea from a "network best practices" point of view? And if it’s an ok thing to do, how might I go about allowing this traffic to pass.

Thanks a million for the help

2 ACCEPTED SOLUTIONS

Accepted Solutions
New Member

Re: Forwarding UDP Broadcast traffic

I always try to avoid forwarding broadcast traffic across routers if I can. But if this is something you have to do the use the following commands

ip helper-address

ip forward-protocol udp 12483

ip forward-protocol udp 12484

The ip helper command goes on the interface that first recieves the broadcast traffic. The ip forward command goes in global mode. By defualt the ip-helper command will also forward broadcast for ports 69, 53, 37, 137, 138, 67, 68, and 49 unless you disable them with a no ip forward-protocol.

If this helps please rate my post, thanks

Hall of Fame Super Silver

Re: Forwarding UDP Broadcast traffic

James

I am not sure that I fully understand your question. The title of the question is about forwarding UDP braodcasts. I understand this. And the answer is to configure ip helper-address. You configure this on the interface that is receiving the UDP broadcasts. The helper address receives the broadcast and forwards a unicast to the address that you configure in the helper address. So lets assume that you have a router with an Ethernet interface in network 192.168.2.0 and the licensing server is at address 192.168.4.5 So the clients in 192.168.2.0 will be trying to find the server by sending broadcasts on ports 12483 and 12484. So on the Ethernet interface you would configure ip helper-address 192.168.4.5. You also need to identify the ports to forward and would do this with the ip forward-protocol command ip forward-protocol udp 12483 and ip forward-protocol udp 12484.

Then your question talks about "open" a port. That language is generally used to talk about access lists which restrict traffic and you want to allow certain traffic to get through.

Perhaps you can clarify which aspect your question is about?

HTH

Rick

4 REPLIES
New Member

Re: Forwarding UDP Broadcast traffic

I always try to avoid forwarding broadcast traffic across routers if I can. But if this is something you have to do the use the following commands

ip helper-address

ip forward-protocol udp 12483

ip forward-protocol udp 12484

The ip helper command goes on the interface that first recieves the broadcast traffic. The ip forward command goes in global mode. By defualt the ip-helper command will also forward broadcast for ports 69, 53, 37, 137, 138, 67, 68, and 49 unless you disable them with a no ip forward-protocol.

If this helps please rate my post, thanks

Hall of Fame Super Silver

Re: Forwarding UDP Broadcast traffic

James

I am not sure that I fully understand your question. The title of the question is about forwarding UDP braodcasts. I understand this. And the answer is to configure ip helper-address. You configure this on the interface that is receiving the UDP broadcasts. The helper address receives the broadcast and forwards a unicast to the address that you configure in the helper address. So lets assume that you have a router with an Ethernet interface in network 192.168.2.0 and the licensing server is at address 192.168.4.5 So the clients in 192.168.2.0 will be trying to find the server by sending broadcasts on ports 12483 and 12484. So on the Ethernet interface you would configure ip helper-address 192.168.4.5. You also need to identify the ports to forward and would do this with the ip forward-protocol command ip forward-protocol udp 12483 and ip forward-protocol udp 12484.

Then your question talks about "open" a port. That language is generally used to talk about access lists which restrict traffic and you want to allow certain traffic to get through.

Perhaps you can clarify which aspect your question is about?

HTH

Rick

New Member

Re: Forwarding UDP Broadcast traffic

What you two have proposed seems like it will fit the bill perfectly. Here is what I have done, see if this sounds right to you guys.

On the router in the remote location where the client machines are located I added the following:

interface Ethernet0 ip helper-address

I also added the following lines to the global config:

ip forward-protocol udp 12483

ip forward-protocol udp 12484

With this configuration has ip helper also started to forward ports 69, 53, 37, 137, 138, 67, 68, and 49? I don’t want any other ports forwarded but the two in the config.

Thanks again for the help!

James

Hall of Fame Super Silver

Re: Forwarding UDP Broadcast traffic

James

What you have configured should forward the client requests to the license server. It will also forward the other ports. If you do not want those ports forwarded then you need to disable them. Use:

no ip forward-protocol udp 69

etc

HTH

Rick

777
Views
0
Helpful
4
Replies
CreatePlease login to create content