10-23-2014 01:47 PM - edited 03-07-2019 09:13 PM
Hi all. I have several L2 switches with a single connection to both core switches. The core switches are L3 and running HSRP for all vlans.
In our environment clients have Office 2010 installed. Because of this an executable named Groove.exe, SharePoint Workspace is running on clients and broadcasting with source udp port 57733 to destination 255.255.255.255 port 1211.
If I'm correct routers do not forward broadcasts. So, is it better to let the router perform as its supposed, or create an ACL that drops this specific traffic?
I know the ideal solution would be to have Groove.exe disabled via group policy, but I'd like to try some things in the meantime.
Thanks for all input.
10-23-2014 02:36 PM
Hi,
Correct, routers do not forward broadcast. There are other applications that use broadcast. For example: when you power up host, it will send out a broadcast to get an IP address from the DHCP, and the router intercept the broadcast if the DHCP is located in a different subnet. So, if broadcast from Groove.exe is not harming your network in any way then you don't need to do anything. And as you said, let the router do its job.
HTH
10-31-2014 01:45 PM
Reza,
Thanks for the response. So if a host exhibits this behavior on a L2 switch, will all hosts on that L2 switch receive that broadcast?
10-31-2014 01:50 PM
Hi,
That is correct. All hosts in that segment will receive the broadcast.
HTH
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide