Abu

I have looked at the file that you posted. The function of ip helper-address is that it will forward only certain UDP broadcasts. There is a list of UDP port numbers whose broadcasts are forwarded by default. If you want to forward broadcasts of some other port you use the ip forward-protocol command.

I see that you have configured ip forward-protocol to forward port 4001. And you have configured ip helper-address on subnet 172.17.36 to forward to address 151.1.10.2. If the host in subnet 172.17.36 is sending broadcasts on port 4001 then the router should be forwarding unicasts to address 151.1.10.2.

Can you verify whether the sender is sending UDP broadcasts on port 4001? And can you verify that the host at 151.1.10.2 is or is not receiving these packets on port 4001?

[edit] Tony - I looked at the link that you posted and I do not see anything that says that all broadcasts are forwarded. In fact it says this:

The UDP destination port must be for TFTP, Domain Name System (DNS), Time, NetBIOS, ND, BOOTP or DHCP packet, or a UDP port specified by the ip forward-protocol udp global configuration command.

perhaps you can point out the part that says that all UDP broadcasts are forwarded?

HTH

Rick

Rick,

Now that you point it out, I'm not sure that I was looking much beyond the first paragraph.

I guess I was so keen to point out the mistake in Cisco's documentation that I fogot to read the whole doco.

I've got to say that the explanation on the ciscopress page was better presented for me, then the CCO page.

Abu

I appolgise for any confusion I've caused it wasn't intentional.

Tony

Tony

No problem. It is true that some pages from CCO are better done than others and that some products from Cisco Press are even better.

It is one of the advantages of the forum that we have multiple contributors and multiple points of view. We have all (certainly including me) posted responses that on closer examination were not quite on the mark. Usually the collective input of the forum will point us in the right direction. I encourage you to continue your participation in the forum.

HTH

Rick

Rick

Sorry that i've not given enough information. Actually in previous 2600 & 3600 routers, we used this "ip helper-address" feature to forward protocol of port 4000 to 6000 & it is working till now in at least at 100 locations. We also used this "ip helper-address' feature in sub-interface & working well. Now we've purchased new cisco 2811 & cisco 851 routers. But in these new routers, this commands worked only when routers route between classfull networks.

For your information, we have a customized software to check the UDP broadcast transmit & receive. We always use this software before using the "ip helper-address" feature at any location. When we checked udp broadcast on new routers, receiver pc was not receiving broadcast. But ping response shows that both the UDP broadcast transmitting pc & UDP broadcast receiving pc are getting each other.

Any suggession regarding the problem will be a great help.

Thanks

Abu Sayed

Abu

One thing about this thread has me puzzled. In each of your posts you have said that the helper-address only works when routing between classful networks. But the configuration that you posted is routing between classful networks. I do not understand whether this one is working or is not working.

There is always the possibility of some bug in this particular release. Have you tried the new platforms (2800 and 851) with a different version of the software?

Going back to basics the configuration that you posted should forward broadcasts from any host on subnet 172.17.36 using UDP port 4001. To demonstrate whether there are UDP broadcasts on port 4001 I would like to see you apply this to your configuration:

access-list 199 permit udp any host 255.255.255.255 eq 4001 log

access-list 199 permit ip any any

interface fastethernet 0/0

ip access-group 199 in

Make sure that you are receiving syslog messages (terminal monitor or show logging buff - with logging severity at least at level 6) and this should show whether there are broadcasts being received on that port.

HTH

Rick

Rick

Sorry for being late to answer as i was in leave & thanks for your patience regarding my problem.

I used a wrong term CLASSLESS routing. I want to mean that IP helper address works with my new routers when

a)for class A network, subnet mask is 255.0.0.0

b)for class B network, subnet mask is 255.255.0.0

c)for class C network, subnet mask is 255.255.255.0

Attached file may help to understand better.

ACTUALLY I NEED TO FORWARD UDP BROADCAST BETWEEN "SUBNETTED CLASSFUL" NETWORKs. In cisco router (2600, 3600) of old version like 11 or 12.2, IP helper-address commands works to forward UDP broadcast between subnetted classful network & i m using it till now. I don't know whether it is problem of new version or some other config may be required.

Looking forward to your reply to solve the problem of forwarding udp broadcast between subnetted classful network.

regards

Abu Sayed

Abu

I have looked at the new information that you have posted and it does shed some light on the situation, though it does not yet show me a clear understanding of the problem or of the solution.

I find the inclusion of access-list 199 to be especially helpful. It confirms part of my original thought that for some reason the broadcasts do not seem to be getting to the router interface.

I do note that the show logging header information indicates that 13 messages have been written to the logging buffer but we only see 2 messages. I am quite curious about what happened to the other 11. But I am not sure that this is essential to understanding the problem.

According to the file that you posted the only difference is changing the mask of the interfaces. I suspect that something else changed. Can you identify for us exactly what changes were made between the configuration that does not work and the configuration that does work?

I might also be interested in a small change in access-list 199. Can you put this into the first configuration and see what it shows:

access-list 199 permit udp any any eq 4001 log

access-list 199 permit ip any any

and if that does not show anything then try this:

access-list 199 permit udp any host 255.255.255.255 log

access-list 199 permit ip any any

HTH

Rick

Hello Rick

Please find the attached 4-step tests & their logging info. At east steps, router was reloaded with new configuration. In these cases, I used the logging info level 7.

Regards

Abu Sayed

Rick

I used a network analyzer (ethereal), which showed that my customized software was always broadcasting UDP packets as per Class A, B or C & this broadcast was independent of PC Subnet Mask.

Any comments....

Regards

Abu Sayed

Abu

The additional information is helpful and it may help us understand what is going on.

First may I verify one assumption: in all of the tests (where the router subnet mask was /16 and was /24) was the PC using the same subnet mask and was it a /16? This is what I infer from the log file output but would like to verify it.

I believe that we can explain what is happening. First lets look at what the PC is sending: it is sending to destination address 172.17.255.255 which is a subnet broadcast for mask /16. When the router interface has a /16 mask it believes that it is in subnet 172.17 and it sees this packet as a broadcast on the local subnet and it will use the helper-address to forward to other subnets. However when the router interface has mask of /24 it believes that it is in subnet 172.17.36. Therefore when it sees a packet with destination 172.17.255 it believes that this is a packet with a destination in some other subnet. The router attempts to forward toward subnet 172.17.255 but can not since that subnet does not exist. And the reason that helper-address is not working here is that the router does not regard this packet as a local broadcast.

If you run debug ip packet in this situation I believe that it may generate some messages which would confirm this theory.

This is an interesting example of what can happen when end stations are configured with masks that are different from the mask on the router interface. I believe that if you were to change the mask on the PC when you change the mask on the router that helper-address would work as expected with both masks.

HTH

Rick

Rick

I said that the my customized software to broadcast was independent of PC Netmask, whether it is of 16bits or 24bits. This software always follows 8bit/16bit/24bit broadcast for class A/B/C network. If I change the pc netmask, software was not follwing the pc netmask. It follows the Class A/B/C schemes. I think i have to try ip helper-address with new software.

Thanks for ur company along with ip helper-address discussion. I will inform you about my test with new software.

Regards

Abu Sayed

Abu

If that software always sends a network broadcast (class A, B, or C) depending on the class of the network then there will be problems when the netmask of the subnet is not the default mask for the classful network. I believe that a change in the software (or different software) is the best solution.

There may be an alternative to consider. There is an interface configuration command ip broadcast-address which gives the ability to specify a broadcast address. I have not used this command and do not know the implications of using it on an interface to define a different broadcast address. But it seems logical that you could use it to make the router consider the network broadcast as the broadcast for that interface. It seems that it would make the helper-address forward the packets. I do not know if it would affect anything else.

HTH

Rick