Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4638
Views
0
Helpful
7
Replies

IP Directed Broadcast

avilt
Level 3
Level 3

‎12-10-2012 08:43 PM - edited ‎02-21-2020 04:48 AM

I have a 2901K9 router at a remote location. Insite Interface = 10.10.10.1/24 Outside Interface = 20.20.20.1/24

I have set "no ip directed boradcast" on both interfaces. ( I think it's the default settings)

But still when I ping 20.20.20.255 I get a reply from 10.10.10.1

How can I disable this?

0 Helpful
7 Replies 7

Amjad Abdullah
VIP Alumni
VIP Alumni

‎12-12-2012 08:03 PM

I think you need an ACL to disable this.

Modified as wrong info provided. Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"
0 Helpful

avilt
Level 3
Level 3
In response to Amjad Abdullah

‎12-16-2012 09:24 PM

That's surprising, then what is the need to run "no ip directed broadcast" command at the interface level?

0 Helpful

turnera
Level 1
Level 1
In response to avilt

‎12-17-2012 08:57 AM

Directed broadcasts allow a remote device to send a broadcast message to a network segment using a single unicast packet. Once reaching the layer 3 device directly connected to the network for which the broadcast is intended the message is sent as a link-layer broadcast to all hosts on a network segment. The directed broadcast feature is often targeted in a Distributed Denial of Service (DDoS) because a single unicast packet can result in a very large number of replies. The directed broadcast feature should be disabled.

0 Helpful

avilt
Level 3
Level 3
In response to turnera

‎12-18-2012 06:25 PM

I am aware of ip directed broadcast. My question is why is it not affective inspite of having the command at interface level?

I have a router at the remote location.

Inside Interface = 10.10.10.1/24 Outside Interface = 20.20.20.1/24

I have set "no ip directed boradcast" on both interfaces. ( I think it's the default settings in the latest IOS)

But still when I ping 20.20.20.255 from my location, I get a reply from 10.10.10.1 which is the inside interface of the remote router.

0 Helpful

Amjad Abdullah
VIP Alumni
VIP Alumni
In response to avilt

‎12-17-2012 07:02 PM

Avilt: I fully mi-understood your question. Ignore my reply above and take the other answer from turnera which is the one describing directed broadcast accurately.
As this is a wireless forum can you move the thread to the appropriate forum so you get better help?


Sent from Cisco Technical Support iPad App

Rating useful replies is more useful than saying "Thank you"
0 Helpful

avilt
Level 3
Level 3
In response to Amjad Abdullah

‎06-05-2013 09:20 PM

Can any one provide me the explanation?

I have a router at the remote location.

Inside Interface = 10.10.10.1/24 Outside Interface = 20.20.20.1/24

I have set "no ip directed boradcast" on both interfaces. ( I think it's the default settings in the latest IOS)

But still when I ping 20.20.20.255 from my location (remotely), I get a reply from 10.10.10.1 which is the inside interface of the remote router.

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to avilt

‎06-07-2013 03:46 PM

The answer requires a correct understanding of what the command is intended to do. The command is intended to prevent receiving a packet with destination of broadcast address and forwarding it as a broadcast onto the local subnet. The command is working as intended since the packet is not forwarded. What you are observing is the router, acting as a host, responding to the packet but not forwarding the packet.

HTH

Rick

Sent from Cisco Technical Support iPad App

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card