Solved: Re: Wake On Lan + VRF On C8300-1N1S-4T2X - Page 2

yoav-shneor · ‎12-27-2023

Hello Team,

VPLS with C1000 on all branches and ISR4331 at the center

I Replaced ISR4331 to C8300-1N1S-4T2X
Also configured vrf lite ( LAN+WAN interfaces under vrf )

Wake On Lan doesnt work since.

I dont know if it is a misconfig or a BUG or known limitation, according to TAC it shoukd work and it doesnt

router version is c8000be-universalk9.17.03.05.SPA.bin

LAN+WAN configured with ip directed-broadcast & ip network-broadcast just in case....

monitor capture ( both ) on WAN , gives nothing.

monitor capture (both ) on LAN see the WoL coming in from LAN as it should. WOL screenshot.PNG

Main_8300-Router#show monitor capture wakeonlan buffer detailed
----------------------------------------------------------------------------
# size timestamp source destination dscp protocol
----------------------------------------------------------------------------
0 126 0.000000 172.31.6.160 -> 172.31.160.38 0 BE TCP
0000: 00000C07 AC018018 44EC01B7 08004500 ........D.....E.
0010: 00701F3D 40007F06 DD45AC1F 06A0AC1F .p.=@....E......
0020: A02601BD E5889557 AC90B72D DBD45018 .&.....W...-..P.
0030: 01FFF841 00000000 0044FE53 4D424000 ...A.....D.SMB@.

1 144 2.523020 172.31.6.160 -> 172.31.160.255 0 BE UDP
0000: 00000C07 AC018018 44EC01B7 08004500 ........D.....E.
0010: 00823B05 00007F11 0088AC1F 06A0AC1F ..;.............
0020: A0FFC19F FFFF006E 5F8CFFFF FFFFFFFF .......n_.......
0030: 2CF05D43 F3AC2CF0 5D43F3AC 2CF05D43 ,.]C..,.]C..,.]C

2 144 2.523020 172.31.6.160 -> 172.31.160.255 0 BE UDP
0000: 00000C07 AC018018 44EC01B7 08004500 ........D.....E.
0010: 00823B06 00007F11 0087AC1F 06A0AC1F ..;.............
0020: A0FFC19F 0050006E 5F3CFFFF FFFFFFFF .....P.n_<......
0030: 2CF05D43 F3AC2CF0 5D43F3AC 2CF05D43 ,.]C..,.]C..,.]C

3 144 2.524027 172.31.6.160 -> 172.31.160.255 0 BE UDP
0000: 00000C07 AC018018 44EC01B7 08004500 ........D.....E.
0010: 00823B08 00007F11 0085AC1F 06A0AC1F ..;.............
0020: A0FFC19F 0015006E 5F77FFFF FFFFFFFF .......n_w......
0030: 2CF05D43 F3AC2CF0 5D43F3AC 2CF05D43 ,.]C..,.]C..,.]C

Georg Pauwen · ‎01-07-2024

Hello,

I haven't followed the entire thread, so what I say might be redundant, but which WOL utility are you using, and which UDP port needs to be forwarded ? I recall that typically you would need to forward the port like this:

8300(config)ip forward-protocol udp 7

yoav-shneor · ‎01-09-2024

Hi Georg,

Tested it yesterday , didn't help.

Thanks

MHM Cisco World · ‎01-09-2024

@Georg Pauwen correct
UDP 7 and UDP 9 must config to forward WOL.
you try UDP 7 try add both UDP7 and UDP9
MHM

Richard Burts · ‎01-09-2024

I was initially quite interested in the possibility that ip forward-protocol might be the issue. Then I realized that the OP has said that the WOL is generated for a downstream device and forwarded to this 8300. So at this point forward-protocol is not needed. We need to figure why the received packet is not being forwarded to the destination as expected.

The information from the routing table for the destination address seems to be as expected. I am a bit puzzled by:

Main_8300-Router#sh ip cef 172.31.6.0
0.0.0.0/0

Is there any possibility that there is some policy/policing that might impact the WoL packet?

HTH

Rick

MHM Cisco World · ‎01-09-2024

Friend any broadcast limit ot not need udp l4 port.

He broadcast his network to .255 so I think he use udp

And to be sure he can only select any packet he capture and open it and see the l4 header which udp port is use

MHM

yoav-shneor · ‎01-09-2024

Hi Richard ,

I showed you ip cef since there is no specific route for that subnet , it is by default route .
No policies / route maps / PBRs what so ever

TNX

Richard Burts · ‎01-09-2024

Thanks. So where does the default route point? I had assumed that it would use the "WAN" but that seems to be where the eigrp route points also.

HTH

Rick

yoav-shneor · ‎01-09-2024

Hi Rick,

EIGRP Main Router to branches

STATIC default Main Router to Firewall

Richard Burts · ‎01-09-2024

Thanks for the information. As a test can you traceroute (or ping) from 8300 to 172.36.160.255 (or perhaps to some host in that subnet). If that is successful can you then traceroute (or ping) that address specifying that the source is the LAN subinterface?

HTH

Rick

yoav-shneor · ‎01-09-2024

Hi Georg ,

Tomorrow another session with cisco TAC , i will remind it to them.

TNX

yoav-shneor · ‎01-10-2024

Hi Georg ,

Tested with cisco TAC , it didn't help.

On debug we saw port 17 so tested that too

Protocol : 17 (UDP)
Header Checksum : 0x007a
Source Address : 172.31.6.160
Destination Address : 172.31.160.255

TNX

yoav-shneor · ‎02-10-2024

OK , So problem solved. C8300-1N1S-4T2X Version is the cause but the solution is on the remote branch

The broadcast packet was Punted ( send to RP ) on the branch side insted of forwarded regularly . the XE version of the 8300 is the cause by the way it sends it .

The solution is actually commands the mentiond here but the order is important

ip network-broadcast on interfaces in the direction from which a packet is expected to arrive.
Ip directed-broadcast on interfaces in the direction in which the packet is expected to go out.