When in the Matrix, Trinity prefers to 
dress in an inconspicuous fashion.

 Mitch

Welcome Trinity, boy are we glad to see you!  The world of Cisco has been turned upside down over the controversy surrounding broadcasts.  Cisco's stock has reached an all time low due to the constant bickering over broadcasts.  What's the score?  Do Cisco routers forward broadcasts?

Trinity

I guess the best answer is that Cisco routers by default do not forward broadcasts, but can be configured to do so quite easily.

Mitch

That doesn't make sense.  Why would anybody in their right mind want to forward a broadcast?  After all, that's why we need routers in the first place, to reduce broadcast domains, right?  Why would you want to forward an ARP broadcast for example?

Trinity

I doubt that you would ever want to forward an ARP broadcast.  But there are many types of broadcasts besides ARP.

Mitch

There are?  Like what?

Trinity

Well a good example would be when a workstation that is a DHCP client boots up, it sends out a broadcast looking for a DHCP server.  I'm pretty sure you want the DHCP server to respond and give the client an IP address.

Mitch

Well, sure, but why not just put your DHCP server in the same subnet as the client?  Problem solved!

Trinity

Do you have a Microsoft MCSE certificate?

Mitch

Yes!

Trinity

I thought so.  Bill Gates has convinced you that you need a Windows DHCP server in every subnet, hasn't he?  The truth is, you only need one DHCP server and one as a backup.  You can configure a Cisco router to forward BOOTP broadcasts to the centralized DHCP server and save your company thousands of dollars.

Mitch

Holy smokes!  How do you do that?

Just enter the command: ip helper-address followed by the address of the machine you want the broadcasts to be forwarded to.

Mitch

Where does this command go?

Trinity

You place the command on the interface you expect to be receiving the broadcast.

Mitch

Does this command cause the router to forward all broadcasts?

Trinity

By default, the ip helper-address command will forward these 8 UDP ports:

Trinity is from the future.  A future where the Cisco routers
and switches have taken over the earth.  In the future,
humans become the energy source that powers Cisco
routers.  By the way, if anyone should ask,
take the red pill.  You can thank us later.

Trinity is grief stricken after hearing that the Cisco
stock she paid $70 a share for is now worth $18
per share.  Don't give up your day job, Trinity!

OK Trinity, cool.  What happens if I have a DHCP server, but the interface with the ip helper-address command receives a DNS query?  Will it forward it to my DCHP server?

Trinity

Yes!  Any of these eight broadcasts will be sent to whatever address you have specified.  If those ports or services are not available on the target machine, an ICMP Port Unreachable error message will be sent back.  This may have an impact on bandwidth.

Mitch

What if I have several machines I want to send these broadcasts to, do I have to enter this command once for every machine I want to target?

Trinity

If the machines you are targeting are all on the same subnet, like a server farm, you can specify a directed broadcast.

Mitch

Can I use one command to forward to a directed broadcast address and another command to specify unicast IP addresses of machines on other networks?

Trinity

You bet!  You can mix and match

Mitch

If the ip helper-address command can take a broadcast and turn it into a unicast, must the target machine be directly on the other side of the router?

Trinity

No, you can use an address to any destination on your network.

Mitch

How do the routers know how to get the packet to the target machine?

Trinity

These are routers, right?  That's what they do...

Mitch

Oh yeah!  I forgot for a second.  One more thing, is there any way to customize what ports get forwarded?  Can I delete some of the 8 default UDP ports or add new ports I want forwarded?

Definately!  There is a command you use in global configuration mode that the ip helper-address command will consult for more specific instructions.  It is the ip forward-protocol command.

Mitch

Let's say I want the default 8 ports plus I want port 2000 which is a broadcast port we use for a custom application our users use at work?  How do I do that?

Trinity

Well, put you ip helper-address command on the interface that receives the broadcasts, then in global config mode enter the command: ip forward-protocol udp 2000 and that should do the trick.

Mitch

Here's another one, say I only want to forward TFTP broadcasts, how do I do that with the ip forward-protocol command?

Trinity

Easy, here's how, you just have to specify the ports you don't want forwarded:

no ip forward-protocol udp 37
no ip forward-protocol udp 49
no ip forward-protocol udp 53
no ip forward-protocol udp 67
no ip forward-protocol udp 68
no ip forward-protocol udp 137
no ip forward-protocol udp 138

Mitch

OK, now I get it, out of the box, Cisco routers do not forward broadcasts, but like everything else, Cisco has given us a way to tweak and customize things for our own individual networks.  Very Cool!  Why don't they teach this in CCNA class?

Trinity

They did for CCNA version 1, but now it is taught in CCNP, it's definitely on the BCSN test so remember the commands!

Mitch

Hey thanks, Trinity.  How did you know that I needed to learn these commands?

Trinity

The Oracle prophesized it.

Mitch

Huh?

Trinity with trademark misplaced strand of hair.  To the right is Neo, he is a computer
hacker who saves the world.  To the left is Switch, she dies when Cipher yanks the 
jumper cables out of the back of her head.