cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
710
Views
0
Helpful
5
Replies

C3560 help

bjenkins6553
Level 1
Level 1

Our configuration consists of a server and many devices that communicate with the server.  The server can push files to the devices and collect data from the devices.  The server issues a UDP discovery request in order to find all of the devices connected to it locally.  After the devices are "discovered", the devices can be "registered" to that server so that all future data collection will be by that server.  The problem we're having now is that a customer has devices in two plants, but only one server.  The plant with the server is blocking UDP requests from leaving the plant, therefore the devices in the second plant are not detected by the server.  It's possible to manually set the registered server on each device.  Our customer is reporting that the devices can ping the server and that the server can

ping the devices.  However, they are not able to collect data from the devices.  I know this is awfully vague, but I don't know enough to knwo what questions to ask.  Is it possible for the devices in the second plant to communicate with the server?  Is there a port that must be opened for this to work?  From what I understand they have a C3560 separating the two plants.

5 Replies 5

Reza Sharifi
Hall of Fame
Hall of Fame

There could be an access control list (ACL) blocking UDP ports from leaving the site.  Check the switch to make sure there are no ACLs, or if there are any, they are not blocking the specific ports you need. By default, switches don't block anything.

Hi,

If the remote site is layer 3 seperated then may be adding an ip helper to the remote sites IP broadcast address will forward the UDP discoveries.

Say server site in 10.0.100.0/24

Say remote site is 10.0.200.0/24

Server site

!

int vlan 100

ip add 10.0.100.254

ip helper-address 10.0.200.255

!

Regards

Alex

Regards, Alex. Please rate useful posts.

Our customer is telling us they cannot, by law, allow UDP packets out of the building.  They are in India.  I don't think they can be flexible on this point.  They  must have another piece of equipment that is blocking UDP.

If the devices know the address of the registered server (this address can be set manually), is there any reason why a device could not send data to the server, even though the server cannot send a UDP discovery request to find the device?

Alex,  This IP helper looks like it's what we need, only in reverse.  From what I understand, a DHCP request from a client can utilize the IP helper to contact the server.  Is the reverse also true?  Can a server utilize an IP helper to contact many clients?

Hi Brent,

Ip Helper is used to forward UDP. (Including DHCP bootp etc)

To forward from a server to many remote devices which are on the same subnets you can make the

target address the subnet broacast ip address.

Like I posted earlier

Say server site in 10.0.100.0/24

connected via IP network to

Say remote site is 10.0.200.0/24

So at the server Server site

!

int vlan 100

ip add 10.0.100.254

ip helper-address 10.0.200.255

!

This will forward UDP requests from any device on subnet 10.0.100.0

to all devices on remote subnet 10.0.200.0

This command can bre used in conjunction with " ip forward-protocol" where you can allow or disallow certain UDP services like bootp,dns,tftp etc.

Have a wee look athis link link which shows the IP services commands

http://www.cisco.com/en/US/docs/ios/12_3t/ip_addr/command/reference/ip1_i1gt.html

I guess your issue is will you be allowed to use this method

Regards

Alex

Regards, Alex. Please rate useful posts.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco