local vs directed broadcasts

axfalk · ‎10-29-2004

I am a bit confused as to which broadcasts (local or directed) a router will pass. I have always thought that a router will pass directed broadcasts (all the host bits on) and filter local broadcasts (255.255.255.255). But then how does it know to let the ARP and DHCP broadcast pass?

Thanks.

a.awan · ‎10-29-2004

A router by definition serves as a boundary for a broadcast domain. I will try to answer your questions as best as i can:

1. A cisco router will not pass local broadcasts neither will it convert a directed broadcast to a physical broadcast by default.

2. The router never lets ARP broadcasts through. In most current implementations of operating systems ARP requests are generated only for destinations in the same IP subnet as the generating host. For destinations that are on a different subnet an ARP is generated (if required) only for the default gateway which in most cases is the router. The router responds with its own MAC address and then handles any routing from then onwards. There is a feature called proxy-arp which when enabled (it is enabled by default on multi access interfaces) allows the router to respond to ARP requests that are for destinations reachable by the router via another interface. This usually comes in handy when there are older hosts that will pretty much ARP for anything.

3. DHCP broadcasts are not forwarded by the router under default circumstances. You have to configure the router to forward DHCP (or other UDP broadcasts) using the ip helper-address commmand.

Take a look at the following article and read the description under the heading 'Configuring Broadcast Packet Handling':

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca75b.html#wp1002049

Richard Burts · ‎10-29-2004

I think it may help you to think in terms of different actions to what a router will hear on an interface and what it will transmit on an interface. A router may hear (receive) a broadcast on an interface (this would include ARP and DHCP). The default on an interface is not to forward any broadcast that it hears on the interface. (Exceptions to this rule are the ip helper-address which will forward selected broadcasts).

A directed broadcast may be transmitted by the router or not depending partly on the version of IOS and depending on how the interface is configured. In earlier versions of IOS directed broadcast was enabled by default and could be disabled if desired. In current versions of IOS directed broadcast is disabled by default and can be enabled if desired.

When a router hears a packet it does not know whether it is a directed broadcast or not. For example a router may hear a packet with destination address 192.168.2.127. Is that a directed broadcast or not? You can not determine whether it is a directed broadcast or not until you have the subnet mask associated with it, and you do not have the subnet mask until you get to the interface where the subnet is a connected network. At that point the router will decide whether to forward the directed broadcast or not. In older IOS it was the default to forward directed broadcast and it could be disabled if desired. For quite a while the default has been not to forward directed broadcast and it can be enabled if desired. For most networks it is better to leave it disabled because of the possibility that forwarding directed broadcasts can increase your vulnerability to various Denial Of Service attacks.

HTH

Rick

HTH

Rick