Re: "Directed-broadcast" is not working!

Abdullah Net · ‎08-18-2013

Hello there,

I am testing enabling "directed-broadcast" in my network. I am using real cisco equipment in the topology below:

I have implemented static routings and Host A can ping Host C and Host D successfull and vise versa.

So, in HOST A, i opened my windows cmd and i typed Ping 10.10.60.255 and i got:

Reply from 10.10.10.2: bytes=32 time=1ms TTL=254

That is normal because R2 by default drops all broadcasts and do not forward them. So, i enabled "Directed-broadcast" under R2 Int FA 0/1 which should allow directed broadcasts to be passed to 10.10.60.0/24 network. but i got the same replies

Reply from 10.10.10.2: bytes=32 time=1ms TTL=254

So, i opened wireshark on HOST A hoping to catch the problem and according to wireshark there is something wrong:

I got more into it and i enabled "debug i packed" and "debug ip icmp" on R2 and this is what i got:

IP: tableid=0, s=10.10.50.50 (Serial0/1/0), d=10.10.60.255 (FastEthernet0/1), routed via RIB

IP: s=10.10.50.50 (Serial0/1/0), d=10.10.60.255 (FastEthernet0/1), g=255.255.255.255, len 60, forward directed broadcast

IP: s=10.10.50.50 (Serial0/1/0), d=10.10.60.255 (FastEthernet0/1), len 60, rcvd 5

ICMP: echo reply sent, src 10.10.10.2, dst 10.10.50.50

IP: tableid=0, s=10.10.10.2 (local), d=10.10.50.50 (Serial0/1/0), routed via FIB

IP: s=10.10.10.2 (local), d=10.10.50.50 (Serial0/1/0), len 60, sending

I dont really understand what is the problem here. I also tried enabling "Directed-broadcast" on R2 int S 0/1/0 as well but i got same results.

Your help is appreciated...

Abdul,

Richard Burts · ‎08-18-2013

Abdul

This sounds like an interesting problem. Can you post the config of R2? This might help us to understand what is going on.

I find it surprising that your wireshark capture indicates that you are receiving an ICMP error protocol unreachable. But that the debug on R2 does not mention this at all.

HTH

Rick

HTH

Rick

Richard Burts · ‎08-18-2013

I have looked more carefully at the wireshark capture and see some things that I missed the first time. What I am seeing is this:

- host A sends ping (as expected).

- R2 sends ping response (as expected).

- SW2 sends ping response - this demonstrates that directed broadcast on R2 is working.

- host A sends ICMP protocol not available to SW2 - quite unexpected.

So as far as directed broadcast is concerned it is working on R2. And it gets at least as far as SW2. If you are not receiving responses from host C or D then we may need to look more closely at the config of SW2 and see if it is doing something that affects the traffic.

HTH

Rick

HTH

Rick

Abdullah Net · ‎08-18-2013

Rick,

The configuration of SW2 is really basic and mostly standard. I only enabled Vlan 1 and gave it an ip address of 10.10.60.2 and that's it.

Abdul,

Jan Hrnko · ‎08-18-2013

Hi Abdul,

quite an interesting problem. Just one idea though, have you tried to check firewall settings on those hosts? Maybe firewall is blocking icmp traffic. Everything else looks normal.

Best regards,

Jan

Abdullah Net · ‎08-18-2013

Jan,

All firewalls are off and i double checked with your post.

Abdul,

jawad-mukhtar · ‎08-18-2013

can u post config

Jawad

Abdullah Net · ‎08-18-2013

R1 Configuration

interface FastEthernet0/1

ip address 10.10.50.1 255.255.255.0

duplex auto

speed auto

!

interface Serial0/1/0

ip address 10.10.10.1 255.255.255.252

clock rate 2000000

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

speed auto

!

ip route 10.10.60.0 255.255.255.0 10.10.10.2

!

ip forward-protocol nd

!

access-list 100 permit icmp any any

R2 Configuration

Current configuration : 1012 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname R2

!

boot-start-marker

boot-end-marker

!

no aaa new-model

memory-size iomem 5

ip cef

!

multilink bundle-name authenticated

!

archive

log config

hidekeys

!

interface FastEthernet0/1

ip address 10.10.60.1 255.255.255.0

ip directed-broadcast

duplex auto

speed auto

!

interface Serial0/1/0

ip address 10.10.10.2 255.255.255.252

clock rate 2000000

!

interface FastEthernet0/0

no ip address

shutdown

duplex auto

--More--

!

ip route 10.10.50.0 255.255.255.0 10.10.10.1

Abdullah Net · ‎08-19-2013

Hello,

This is what i came up with so far. I replaced host C with a router (R3) and i gave its interface "fa 0/0" an ip address of 10.10.60.2.

I pinged 10.10.60.255 from host A and FINALLY i got a reply back

R1#

IP: tableid=0, s=10.10.60.2 (Serial0/0), d=10.10.40.1 (FastEthernet0/0), routed via RIB

IP: s=10.10.60.2 (Serial0/0), d=10.10.40.1, len 100, rcvd 4

According to wireshark, R3 recieved the icmp packet and issued a response.

So, i went and replaced back the router with HOST C as it was before and i opened wireshark to see whats happening and i got this:

HOST C did recieve the packet but did not issue a reply back.

Why is that? i replaced the PC with another one and i still got the same wireshark results.

Abdul,

jawad-mukhtar · ‎08-19-2013

have u defined gateway on our hosts

host c, d gateway must be

10.10.60.1

host a, b gateway must be

10.10.50.1

Jawad

Abdullah Net · ‎08-19-2013

Jawad,

Done that

Abdul,