12.17
By design routers do not forward broadcast packets for a number of reasons but instead create seperate broadcast domains, but what if you do want to forward certain broadcast packets between different vlans or physical networks?
I rely on a lot of different remote management tools to administer the servers in my loft remotely. One of these tools is remote Wake-on-LAN. In order to forward WoL packets between networks you can use the ip-helper address command on Cisco routers.
On the Router where the Wol packets will originate from, we tell the router to allow forwarding of udp packets on port 9. (This is the discard port that WoL packets use.) Then under the interface where the WoL packets will originate from, we tell the router where to forward the packets to.
R1(config)# ip forward-protocol udp 9
R1(config-if)# ip helper-address 192.168.1.255
Now all we need to do is create an access list on the other router to allow the forwarded broadcast messages, otherwise you could open yourself up to a possible Smurf DOS attack. Then we tell the router on which interfaces we will allow the forwaded broadcast messages to be received on.
R2(config)# access-list 101 permit udp 192.168.0.0 0.0.0.255 192.168.1.0 0.0.0.255 eq 9
R2(config-if)# ip directed-broadcast 101
No Comment.
Add Your Comment