As most Cisco engineers know, The Matrix is everywhere, it is all around us. Even now in this very room, you can see it when you look out your window or when you turn on your television. You can feel it when you go to work, when you go to church, when you pay your taxes…But enough bad news! Today we get to interview hot Matrix babe Trinity. Trinity is going to help us settle an old argument that has caused much strife in the Cisco ranks: Do Cisco routers block or forward broadcasts? Ask a CCNA and he will say Cisco routers block broadcasts. Ask a CCNP and he will say that yes indeed, Cisco routers forward broadcasts. Ask a CCIE and he will respond wisely “It depends”. Trinity has entered the Matrix for the sole purpose of clearing this up for us. Interviewing Trinity will be RouterGod field reporter Mitch Turner. Let’s give a warm RouterGod welcome to Trinity:
|
|
Mitch Welcome Trinity, boy are we glad to see you! The world of Cisco has been turned upside down over the controversy surrounding broadcasts. Cisco’s stock has reached an all time low due to the constant bickering over broadcasts. What’s the score? Do Cisco routers forward broadcasts? Trinity I guess the best answer is that Cisco routers by default do not forward broadcasts, but can be configured to do so quite easily. Mitch That doesn’t make sense. Why would anybody in their right mind want to forward a broadcast? After all, that’s why we need routers in the first place, to reduce broadcast domains, right? Why would you want to forward an ARP broadcast for example? |
Trinity
I doubt that you would ever want to forward an ARP broadcast. But there are many types of broadcasts besides ARP.
Mitch
There are? Like what?
Trinity
Well a good example would be when a workstation that is a DHCP client boots up, it sends out a broadcast looking for a DHCP server. I’m pretty sure you want the DHCP server to respond and give the client an IP address.
Mitch
Well, sure, but why not just put your DHCP server in the same subnet as the client? Problem solved!
Trinity
Do you have a Microsoft MCSE certificate?
Mitch
Yes!
Trinity
I thought so. Bill Gates has convinced you that you need a Windows DHCP server in every subnet, hasn’t he? The truth is, you only need one DHCP server and one as a backup. You can configure a Cisco router to forward BOOTP broadcasts to the centralized DHCP server and save your company thousands of dollars.
Mitch
Holy smokes! How do you do that?
| Trinity
Just enter the command: ip helper-address followed by the address of the machine you want the broadcasts to be forwarded to. Mitch Where does this command go? Trinity You place the command on the interface you expect to be receiving the broadcast. Mitch Does this command cause the router to forward all broadcasts? Trinity By default, the ip helper-address command will forward these 8 UDP ports: |
Trinity is from the future. A future where the Cisco routers and switches have taken over the earth. In the future, humans become the energy source that powers Cisco routers. By the way, if anyone should ask, take the red pill. You can thank us later. |
|
|
|
Mitch
OK Trinity, cool. What happens if I have a DHCP server, but the interface with the ip helper-address command receives a DNS query? Will it forward it to my DCHP server? Trinity Yes! Any of these eight broadcasts will be sent to whatever address you have specified. If those ports or services are not available on the target machine, an ICMP Port Unreachable error message will be sent back. This may have an impact on bandwidth. Mitch What if I have several machines I want to send these broadcasts to, do I have to enter this command once for every machine I want to target? Trinity If the machines you are targeting are all on the same subnet, like a server farm, you can specify a directed broadcast. |
Mitch
Can I use one command to forward to a directed broadcast address and another command to specify unicast IP addresses of machines on other networks?
Trinity
You bet! You can mix and match
Mitch
If the ip helper-address command can take a broadcast and turn it into a unicast, must the target machine be directly on the other side of the router?
Trinity
No, you can use an address to any destination on your network.
Mitch
How do the routers know how to get the packet to the target machine?
Trinity
These are routers, right? That’s what they do…
Mitch
Oh yeah! I forgot for a second. One more thing, is there any way to customize what ports get forwarded? Can I delete some of the 8 default UDP ports or add new ports I want forwarded?
| Trinity
Definately! There is a command you use in global configuration mode that the ip helper-address command will consult for more specific instructions. It is the ip forward-protocol command. Mitch Let’s say I want the default 8 ports plus I want port 2000 which is a broadcast port we use for a custom application our users use at work? How do I do that? |
|
Trinity
Well, put you ip helper-address command on the interface that receives the broadcasts, then in global config mode enter the command: ip forward-protocol udp 2000 and that should do the trick.
Mitch
Here’s another one, say I only want to forward TFTP broadcasts, how do I do that with the ip forward-protocol command?
Trinity
Easy, here’s how, you just have to specify the ports you don’t want forwarded:
no ip forward-protocol udp 37
no ip forward-protocol udp 49
no ip forward-protocol udp 53
no ip forward-protocol udp 67
no ip forward-protocol udp 68
no ip forward-protocol udp 137
no ip forward-protocol udp 138
Mitch
OK, now I get it, out of the box, Cisco routers do not forward broadcasts, but like everything else, Cisco has given us a way to tweak and customize things for our own individual networks. Very Cool! Why don’t they teach this in CCNA class?
Trinity
They did for CCNA version 1, but now it is taught in CCNP, it’s definitely on the BCSN test so remember the commands!
Mitch
Hey thanks, Trinity. How did you know that I needed to learn these commands?
Trinity
The Oracle prophesized it.
Mitch
Huh?
Back To RouterGod Online Magazine
Leave a Comment
You must be logged in to post a comment.