Table of Contents
Advertisement
Chapter 39
Configuring IP Unicast Routing
Enabling Directed Broadcast-to-Physical Broadcast Translation
By default, IP directed broadcasts are dropped; they are not forwarded. Dropping IP-directed broadcasts
makes routers less susceptible to denial-of-service attacks.
You can enable forwarding of IP-directed broadcasts on an interface when the broadcast becomes a
physical (MAC-layer) broadcast. Only those protocols configured by using the ip forward-protocol
global configuration command are forwarded.
You can specify an access control list (ACL) to control which broadcasts are forwarded. When an ACL
is specified, only those IP packets permitted by the ACL can be translated from directed broadcasts to
physical broadcasts. For more information on access lists, see
Security with ACLs."
Beginning in privileged EXEC mode, follow these steps to enable forwarding of IP-directed broadcasts
on an interface:
Command
Step 1
configure terminal
Step 2
interface interface-id
Step 3
ip directed-broadcast [access-list-number]
Step 4
exit
Step 5
ip forward-protocol {udp [port] | nd | sdns} Specify the protocols and ports the router uses when forwarding
Step 6
end
Step 7
show ip interface [interface-id]
or
show running-config
Step 8
copy running-config startup-config
Use the no ip directed-broadcast interface configuration command to disable translation of directed
broadcasts to physical broadcasts. Use the no ip forward-protocol global configuration command to
remove a protocol or a port.
OL-13270-06
Purpose
Enter global configuration mode.
Enter interface configuration mode, and specify the interface to
configure.
Enable directed broadcast-to-physical broadcast translation on the
interface. You can include an ACL to control which broadcasts are
forwarded. When an access list, only IP packets permitted by the
access list can be translated
The ip directed-broadcast interface configuration command
Note
can be configured on a VPN routing/forwarding(VRF)
interface and is VRF-aware. Directed broadcast traffic is
routed only within the VRF.
Return to global configuration mode.
broadcast packets.
•
udp—Forward UPD datagrams.
port: (Optional) Destination port that controls which UDP
services are forwarded.
•
nd—Forward Network Disk datagrams.
•
sdns—Forward Secure Data Network Service (SDNS)
datagrams
Return to privileged EXEC mode.
Verify the configuration on the interface or all interfaces.
(Optional) Save your entries in the configuration file.
Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide
Configuring IP Addressing
Chapter 35, "Configuring Network
39-15
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
