cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
204
Views
5
Helpful
3
Replies

IP Directed-Broadcast not working

Grux22
Level 1
Level 1

Hello,

I have an isolated "island" network used for controlling machine equipment.  The software uses directed broadcast packets to discover and solicit responses from hosts on other subnets.  Because of the nature of the software and network, we enable the ip directed-broadcast option on each of the vLAN interfaces.  As a relevant note, we have two Cisco 9300 setup in a VRRP configuration to allow some resiliency in the event of a router failure.

During project startup two years ago, directed broadcast packets worked as designed.  However, during a recent project where several new hosts were added to the network, I noticed the directed broadcast packets were not being routed to the appropriate subnet.  We don't make too many changes to the switches, so I'm trying to understand why it no longer works.  This is a pretty uncomplicated feature on a pretty simply network, so I'm at a loss.

From a host on GigabitEthernet1/0/1 (vLAN 10, 192.168.10.1/24),

  • I'm able to ping 192.168.10.255 and solicit a response from all of the hosts on 192.168.10.1/24
  • I'm able to ping any single host on 192.168.10.1/24
  • I'm able to ping any single host on 192.168.11.1/24

From a host on GigabitEthernet1/0/2 (vLAN 11, 192.168.11.1/24):

  • I'm able to ping 192.168.11.255 and solicit a response from all of the hosts on 192.168.11.1/24.
  • I'm able to ping any single host on 192.168.10.1/24
  • I'm able to ping any single host on 192.168.11.1/24

I am able to ping 192.168.10.255 and 192.168.11.255 directly from the router, and I receive responses from all of the hosts on each subnet.

When I ping 192.168.10.255 from GigabitEthernet1/0/2 (vLAN 11, 192.168.11.1/24) or 192.168.11.255 from GigabitEthernet1/0/1 (vLAN 11, 192.168.11.1/24), I receive a timeout.

Any ideas?   It baffles me that is used to work, and it no longer works...are there any other options in the switch that would stop ip directed-broadcast from working as designed?  We have no ACLs implemented.

Below is the configuration for the primary switch in the VRRP setup.

Cisco 9300, IOS: 17.06.05

Sample Interfaces:

 

interface GigabitEthernet1/0/1
 switchport access vlan 10
 switchport mode access
!
interface GigabitEthernet1/0/2
 switchport access vlan 11
 switchport mode access
!
interface GigabitEthernet1/0/3
 switchport access vlan 11
 switchport mode access
!
interface GigabitEthernet1/0/4
 switchport access vlan 10
 switchport mode access
!
interface GigabitEthernet1/0/5
 switchport access vlan 11
 switchport mode access

...
...
...
...

interface GigabitEthernet1/1/1
 switchport trunk native vlan 256
 switchport mode trunk
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
 switchport trunk native vlan 256
 switchport mode trunk

 

vLAN configuration

 

interface Vlan1
 no ip address
!
interface Vlan10
 ip address 192.168.10.1 255.255.255.0
 ip directed-broadcast
 vrrp 10 address-family ipv4
  priority 110
  preempt delay minimum 30
  address 192.168.10.1 primary
  exit-vrrp
!
interface Vlan11
 ip address 192.168.11.1 255.255.255.0
 ip directed-broadcast
 vrrp 11 address-family ipv4
  priority 110
  preempt delay minimum 30
  address 192.168.11.1 primary
  exit-vrrp

 

 

 

 

 

1 Accepted Solution

Accepted Solutions

@Grux22 

There is a known bug in IOS-XE that requires an additional command in order to directed-broacast to work

 

 

interface Vlan10
ip address 192.168.10.1 255.255.255.0
ip directed-broadcast
ip network-broadcast

View solution in original post

3 Replies 3

@Grux22 

There is a known bug in IOS-XE that requires an additional command in order to directed-broacast to work

 

 

interface Vlan10
ip address 192.168.10.1 255.255.255.0
ip directed-broadcast
ip network-broadcast

Hello @Flavio Miranda 

+5 - for this little piece of a cisco gotcha !


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Grux22
Level 1
Level 1

Thank you.  This fixed the issue.  It took some digging, but I now see it in the documentation:   

The ip network-broadcast command must be configured at the ingress interface before configuring the ip directed-broadcast command at the egress interface. This ensures that the IP-directed broadcasts work correctly and prevents an outage from occurring after an upgrade.

 

Review Cisco Networking for a $25 gift card