UDP Broadcast - multiple subnets - Public safety

siggy_freud · ‎08-22-2011

Hey all,

First off, let me state that my technical knowledge is rather limited in regards to routing protocols and their limits/abilities.

Some background:

I work for a public safety project management office. A few months back we implemented a Fire Station alerting system on our network. Essentially it sends out data packets that tell this box to play a tone for whatever rig needs dispatching at a station, and that box chimes the bell, opens the doors, shuts off the stove, etc. This data is sent as TCP/IP. We have 31+ boxes, one (or two) for each fire station depending on their configuration. Each box gets an IP address, and each station is on it's own subnet.

The second componenet of the system is a VoIP componenet. When a tone plays for a rig, it is followed by a voice annoucement from a dispatcher telling the Fire Fighters what type of call it is, and where to go. Currently, we have voice running on voice grade lines to each station, and not over our network.

It appears this particular Fire Station Alerting system's VoIP was designed to operate on a flat network. We have 31 stations, each on their own subnetwork. When voice is sent out, it's sent out as UDP broadcast. Essentially, it sends it out to every station, but only those being alerted will have their PA's turned out. This is necessary because often stations will operate in "day mode" where they listen in on every call, even if it's not theirs.

The company in question has said that for our network layout, we should run a PC at each station (or subnet technically) running a program called UBAM listener. I guess it's a system that routes the broadcast over the network so each router doesn't shutdown the broadcast. This presents problems on a number of levels, one being that we simply don't want to run a PC on each subnet for VoIP. It adds another layer of complexity, and it's just one more componenet to fail. Additionally, the cost involved could be somewhat substantial.

My question to you is, are there any protocols or options you can think of (IPHelper?) that would allow us to pass this UDP broadcast through each subnet to these locations? I believe our network IT team tried IPhelper, but said it didn't look like it would scale up to 31 stations and still run reliably. I don't know enough about IPhelper to know its limitations. I know at one point, one of the tech's concerns wasn't so much making it work, but then being responsible for that portion of it (IE being on-call should it go down). I can understand his concern, but that also raised questions in my mind about the reliability of the information I was getting.

Any and all help is certainly appreciated. I realize the information I provided is quite vague, and will certainly try and get you more if needed, so long as it doesn't present a security concern .

Thanks all.

vmiller · ‎08-22-2011

Depending on the horsepower of your head end router, 31 helper addressess shouldn't tax the system too hard.

I would suggest also using the Ip forward-protocol command and indentify the specific port you want forwarded.

Its a bit old school, but should work.

siggy_freud · ‎08-22-2011

Thank you Vmiller for your response. I wish I knew more about the traffic already being handled by this particular router. I'll check with our network team and ask why they felt helper addresses wouldn't work.

Thanks again, and I'll be sure and post any additional information I can gather.

siggy_freud · ‎08-22-2011

Is there a different protocol built into certain Cisco routers to convert broadcast to multi-cast, or is that essentially what one is doing with helper addresses?

vmiller · ‎08-22-2011

thats it in a nushell. its pretty much tried and true.

here is an bit from the command reference:

ip helper-address

To enable the forwarding of User Datagram Protocol (UDP) broadcasts, including BOOTP, received on an interface, use the ip helper-address command in interface configuration mode. To disable the forwarding of broadcast packets to specific addresses, use the no form of this command.

ip helper-address [vrf name | global] address [redundancy vrg-name]

no ip helper-address [vrf name | global] address [redundancy vrg-name]

Syntax Description


vrf name	(Optional) Enables VPN routing and forwarding (VRF) instance and VRF name.
global	(Optional) Configures a global routing table.
address	Destination broadcast or host address to be used when forwarding UDP broadcasts. There can be more than one helper address per interface.
redundancy vrg-name	(Optional) Defines the VRG group name.

Defaults

Disabled

Command Modes

Interface configuration

Command History


Release	Modification
10.0	This command was introduced.
12.2(4)B	The vrf name keyword and argument combination was added, and the global keyword was added.
12.2(8)T	This command was integrated into Cisco IOS Release 12.2(8)T.
12.2(15)T	The redundancy vrg-name keyword and argument combination was added.

Usage Guidelines

Combined with the ip forward-protocol global configuration command, the ip helper-address command allows you to control which broadcast packets and which protocols are forwarded.

One common application that requires helper addresses is Dynamic Host Configuration Protocol (DHCP), which is defined in RFC 1531. To enable BOOTP or DHCP broadcast forwarding for a set of clients, configure a helper address on the router interface connected to the client. The helper address should specify the address of the BOOTP or DHCP server. If you have multiple servers, you can configure one helper address for each server.

All of the following conditions must be met in order for a UDP or IP packet to be helpered by the ip helper-address command:

•The MAC address of the received frame must be all-ones broadcast address (ffff.ffff.ffff).

•The IP destination address must be one of the following: all-ones broadcast (255.255.255.255), subnet broadcast for the receiving interface, or major-net broadcast for the receiving interface if the no ip classless command is also configured.

•The IP time-to-live (TTL) value must be at least 2.

•The IP protocol must be UDP (17).

•The UDP destination port must be for TFTP, Domain Name System (DNS), Time, NetBIOS, ND, BOOTP or DHCP packet, or a UDP port specified by the ip forward-protocol udp global configuration command.

If the DHCP server resides in a Virtual Private Network (VPN) or global space that is different from the interface VPN, then the vrf name or global option allows you to specify the name of the VRF or global space in which the DHCP server resides.

The ip helper-address vrf name address option uses the address associated with the VRF name regardless of the VRF of the incoming interface. If the ip helper-address vrf name address command is configured and later the vrf is deleted from the configuration, then all IP helper addresses associated with that VRF name will be removed from the interface configuration.

If the ip helper-address address command is already configured on an interface with no VRF name configured, and later the interface is configured with the ip helper-address vrf name address command, then the previously configured ip helper-address address is considered to be global.

Note the bold itaicized portion, you need to identify the port to forward....

siggy_freud · ‎08-23-2011

Thanks again Vmiller for the information. I hope we can apply this to our situation and get it all working .