Solved: Network broadcast vs Subnet Broadcast (dhcp and route advertisement)

SJ K · ‎05-06-2015

Hi all,

I am reading this link below

http://www.firewall.cx/networking-topics/general-networking/109-network-broadcast.html and it came to my mind that ->

why would a broadcast need to be 255.255.255.255 ?

In any case, the host should be sitting in a network/subnet and having a router to separate the broadcast domain, so the broadcast should be local to the subnet only, if there is a need to broadcast to another network, it should only be that network's subnet broadcast adddress only (provided that the router has ip direct broadcast on).

Does a router even forward 255.255.255.255 broadcast ?

For example such as DHCP discover, why is it sending out a 255.255.255.255 broadcast ( is it that because it doesn't even know what network/mask it is in yet ?)

Is there any other type of broadcast that requires itself to be 255.255.255.255 ?

Regards,
Noob

Ashwin Ramdin · ‎05-08-2015

Because that is how RIPv1 works. It use broadcast to send updates.In RIPv2 they changed that to Multicast (224.0.0.9).

A routing protocol does not use the IP address of it links to send updates, it will use broadcast (RIPv1 only)/Multicast (EIGRP/OSPF/RIPv2).

View solution in original post

Bilal Nawaz · ‎05-08-2015

In the case of routing protocols, its all link local multicast (224.0.0.0/24) - i.e. forwarding out of all routing protocol enabled interfaces (if not passive). Response back either unicast or link local muticast.

When we look at the link local going on the wire and how the switch deals with it is different to that of multicast. Most L2 switch's flood all frames that fall within the MAC address range of 0x0100.5e00.00xx, which translates to the link local multicast range I informed you about above. Usually with normal multicast, it is more efficient by using IGMP, keeping track of who is interested in a multicast feed and only forwarding on to those that want it.

The reason why link local multicast is flooded is that IGMP membership reports usually aren't sent for multicast traffic in the link local address block.

Therefore if a switch did not flood the frames, then protocols like RIP, OSPF, EIGRP would break.

It's different to the typical multicast where we would see "join/register" - this would then typically depend on IGMP, PIM and potentially an RP.

Hope this helps

Bilal

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

View solution in original post

Bilal Nawaz · ‎05-06-2015

If for example a host does not have an IP address, a host that wants DHCP, it will send out to 255.255.255.255, it doesn't have knowledge of the subnet in use, it only has one option. The router does indeed stop the broadcast.

ip directed broadcast option which is different as its "routable" can be used for things like Wake On LAN (WoL). A directed broadcast, directs at a network broadcast address.

I can give an example. I have a remote server 10.10.10.10, and a PC 172.16.1.10/24, different subnets. The PC is asleep/shutdown with wake on lan enabled. Previously when the PC was ON it has an active agent that registers to the server. Server has a record of the PC name, Ip address, subnet mask, mac address etc.... When I go to the server and click "wake the PC" it then sends a directed broadcast (magic packet) of the last known subnet where the PC was seen - 172.16.1.255. When the Router/Switch receives that packet it translates it to a layer 2 broadcast. Inside the packet contains the PC's mac address, so when the PC receives it, the agent then wakes the PC and starts up.

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

SJ K · ‎05-08-2015

Hi Bilaz,

Sorry for coming back late. I posted too much questions i nearly forgotten about this until today while learning route advertisements. I saw this in the debug message

RIP: sending v1 update to 255.255.255.255 via FastEthernet0/0 (10.3.5.1)
RIP: build update entries
network 10.1.5.0 metric 1

Why does R1, still send advertisement to 255.255.255.255 when it knows it is sending out through its interface (fa0/0) on a directly connected network (10.3.5.0/24) ?

Why doesn't t send to 10.3.5.255 instead ?

Regards,
Noob

Ashwin Ramdin · ‎05-08-2015

Because that is how RIPv1 works. It use broadcast to send updates.In RIPv2 they changed that to Multicast (224.0.0.9).

A routing protocol does not use the IP address of it links to send updates, it will use broadcast (RIPv1 only)/Multicast (EIGRP/OSPF/RIPv2).

SJ K · ‎05-08-2015

Hi Ashwin

Thanks. How does one register itself to a multicast domain ? and how does we see what multicast domain we are in ?

Regards,
Noob

Bilal Nawaz · ‎05-08-2015

In the case of routing protocols, its all link local multicast (224.0.0.0/24) - i.e. forwarding out of all routing protocol enabled interfaces (if not passive). Response back either unicast or link local muticast.

When we look at the link local going on the wire and how the switch deals with it is different to that of multicast. Most L2 switch's flood all frames that fall within the MAC address range of 0x0100.5e00.00xx, which translates to the link local multicast range I informed you about above. Usually with normal multicast, it is more efficient by using IGMP, keeping track of who is interested in a multicast feed and only forwarding on to those that want it.

The reason why link local multicast is flooded is that IGMP membership reports usually aren't sent for multicast traffic in the link local address block.

Therefore if a switch did not flood the frames, then protocols like RIP, OSPF, EIGRP would break.

It's different to the typical multicast where we would see "join/register" - this would then typically depend on IGMP, PIM and potentially an RP.

Hope this helps

Bilal

Please rate useful posts & remember to mark any solved questions as answered. Thank you.