Re: Broadcast traffic in a static routing environment

gparrish · ‎10-28-2004

We have a 10.x.x.x/16 internal network. At the core of the network I often see packets with the address 10.255.255.255 showing up and getting a redirected at the inside of the firewall back into our network.

This happens after the packet has traversed two Cisco routers already. Since this is a broadcast packet shouldn't it be stopped at the local router ethernet interface. I assume since everything is statically routed it is getting a free ride on this.

We do have no ip directed-broadcast configured also.

Thanks,

Greg

Kevin Dorrell · ‎10-28-2004

Greg,

You say that your internal network is 10.x.x.x/16. Do you mean that, or do you mean 10.0.0.0/8, or for example 10.2.0.0/16? What I am getting at is whether or not 10.255.255.255 is within your local subnet. With your mask and subnet, will the router recognise 10.255.255.255 as a directed broadcast, or will it just consider it an address which is off its subnet?

If your router has the address, say, 10.10.0.1/16, and it sees a packet for 10.255.255.255, I think it will try and forward it to the rest of the 10 network, because it is addressed off-net.

The ip dirtected-broadcast command affects only the last stage of the directed broadcast onto its target subnet, and not the forwarding of directed broadcasts in intermediate nodes. Here is the doc ref:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipras_r/1rfipadr.htm#wp1018109

And here is what it says:

The ip directed-broadcast interface command controls the explosion of directed broadcasts when they reach their target subnets. The command affects only the final transmission of the directed broadcast on its ultimate destination subnet. It does not affect the transit unicast routing of IP directed broadcasts.

Perhaps you could post the relevant parts of your config please?

Kevin Dorrell

Luxembourg