This topic is to discuss the following lesson:
Great video! in which scenario would you ever use this feature?
Hi Tae Wo K,
Perhaps for some old legacy application that only uses broadcast traffic. It’s unlikely that you would need this nowadays.
Rene
Hi,
Just to double check, but the no ip directed-broadcast only applies to the subnet on the interface the command is used, and it does not stop directed broadcasts for subnets on down stream routers that are in the routing table - correct?
Thanks,
Sam
Hello Samir
By default, a router will not forward any directed-broadcast packets out of any of its interfaces. Take a look at this diagram once again:
Imagine there is another router R4 connected to R3, with a subnet of 192.168.34.0/24. If R1 sends a ping to 192.168.34.255, R2 will not let it pass but will respond itself. In other words, it would behave in exactly the same way as with a ping to 192.168.23.0/24.
Now remember that the no ip directed-broadcast command is the default state, and it is this command that disallows any directed broadcasts to be forwarded. So to answer your question, this command will block all directed broadcasts, regardless of whether or not the destination subnet is directly connected to the interface on which it is applied.
I hope this has been helpful!
Laz
Hi Lazaros,
Thanks for the response.
In that case, what if the subnet between R3-R4 were 10.0.0.0/24 and R2 contained only a default route. How would R2 know that 10.0.0.255 was an ip directed broadcast?
Basically, I’m trying to understand the criteria the router uses to determine when a destination IP is a directed broadcast if the network is not directly connected.
Thanks,
Sam
Hello Samir
This is a good point you bring up. When an IP packet is sent, the destination address in the header contains no subnet information. Therefore the receiving router cannot know if it is a directed broadcast. If you don’t know the subnet, you cannot know if it is a network, broadcast, or host address.
However, if the router has some information about the subnet mask of the particular network, then it can indeed determine if it is a directed broadcast. Where can it find this information? In the routing table.
The routing table will have a list of routes to destination networks (directly connected, statically assigned, dynamically learned) where these destination networks have a defined range. The range identifies the subnet mask, and thus the router can know if the destination IP is a directed broadcast or not. Only then will a directed broadcast be dropped.
If a packet is routed based on the default gateway, then there is no way to determine if it is a directed broadcast or not, so it is forwarded normally.
I hope this has been helpful!
Laz
Makes sense, thanks.
And I’m guessing that if route summarization is used, then IP directed broadcasts will also slip through the net.
Hello Samir
My guess would be yes, you are right, but a quick labbing of such a scenario will verify this behaviour for sure. If you do end up doing it let us know your results!
Glad this has been helpful!
Laz
1 Like
Hi, I’m new and I like your content. I have a couple of queries:
-
What if I need to send a broadcast from a host on the 192.168.12.0/24 network to the 192.168.34.0/24 network and now there is an additional router on the path between these networks. Where do I configure the ip directed-broadcast command? Is this scenario possible?
-
Does the Wake-on-LAN (WOL) service need this feature if I want to remotely power on computers? Could you help me with this question please:
[removed copyrighted image and replaced it with the following]
Topology:
[Application server]----[SW1]----[R1]----[R2]----[SW2]----[multiple workstations and DHCP server]
On which router must IP directed broadcasts be enabled to allow WoL to operate?
Thank you so much
Hello Ricardo!
The ip directed-broadcast command is issued on the outgoing interface of a router that connects to the subnet that you want the direct broadcasts to be forwarded to. If you have multiple routers between the source of the directed broadcast and the intended destination, then you would simply apply the command to all of the intervening routers, on the outgoing interfaces that reach the network in question. Just keep in mind that these directed broadcasts will be sent on all intervening subnets as well, which could cause network inefficiencies, so it should be done with caution.
WoL requires that the IP directed-broadcast feature be supported on the last router to the destination subnet. If we want to enable WoL for the workstations, then the answer is D. If we want WoL to be enabled on the application server, then A is the answer.
I hope this has been helpful!
Laz
I have a Cisco 9300 with ip-routing enabled, so it is essentially setup as a router with static routes. Will I need to setup the same ip directed broadcast configuration in order for broadcast traffic to leave this device? I can see the broadcast traffic on the external interfaces of this 9300 via Wireshark, but I do not see the broadcast traffic on any of my external sites. The external sites are also 9300s setup with ip-routing enabled.
Hello Daniel
In order to answer your question, it is important to understand how and where a directed broadcast is identified and dropped.
When a host sends a packet to a destination that’s a broadcast address of a particular network, none of the devices in the path of that packet know that it is a directed broadcast, because no subnet information is included in the packet. The only device (router) that will be able to identify that destination IP address as a broadcast address is the router that is directly connected to the related subnet. Only that router knows the subnet mask associated with the address space to which the address belongs.
Now having said that, take a look at this diagram again, where R1 sends a packet to 192.168.23.255. Note that there is no way R1 can know if this is a broadcast address because it doesn’t know the subnet mask associated with it:
However, when the packet reaches R2, R2 knows that this is a directed broadcast because the destination address belongs to the subnet connected to its own Fa0/1 interface, and using the subnet mask configured there, it identifies the address as such.
Now imagine you have the following topology:
R1 — R2 — R3 — R4 -------(192.168.44.0/25)--------- R5
Where the network between R4 and R5 is 192.168.44.0/25 as shown. The broadcast address of this network is 192.168.44.127. Now imagine that R1 sends a packet to 192.168.44.127. Note the following:
- R1 does not know that this is a broadcast address since it has no subnet mask information.
- R2 and R3 don’t know it is a broadcast address for the same reason, thus it is forwarded normally.
- Once it gets to R4, only then is it identified as a broadcast address because it belongs to a directly connected subnet.
If R4 is not configured to forward directed broadcasts, it will be dropped.
So getting back to your question, it all depends upon your topology and how many routers exist between the sender of the packet and the destination. The directed broadcast forwarding feature must be configured on the last router in the path, that is the router to which the destination network of the directed broadcast is directly connected. Does that make sense?
I hope this has been helpful!
Laz
Hello, everyone.
Forwarding broadcast traffic is fun but there’s a good reason it is disabled by default. For example, let’s imagine that the 192.168.23.0/24 subnet has 200 hosts. On the 192.168.12.0/24 subnet, we have a server using IP address 192.168.1.50 that we want to attack. We could spend spoofed IP packets where the source address is 192.168.1.50 and the destination address is 192.168.23.255.
All devices in the 192.168.23.0/24 subnet will then reply to 192.168.1.50…with enough traffic, you could perform a DOS attack.
Technically, you could still perform this using a limited broadcast by doing something like this:
SRC-IP: Some important server’s one
DST-IP: 255.255.255.255
This would cause everyone to respond to the server’s IP address, right?
Kind regards,
David
Hello David
Yes, an attacker can choose to put a server’s IP address as the source address, and to put the 255.255.255.255 address as the destination address, and this would indeed cause all devices within the local network to respond to the server’s IP address. The behavior would be the same as that observed if you use the local network’s broadcast address as well. Such an attack would not be stopped by disabling the forwarding of broadcasts, but it would require the attacker to be in the same subnet as the target server. And it would require all participating hosts to be in that same subnet as well. Does that make sense?
I hope this has been helpful!
Laz
I have a question about broadcast and was hoping you could help -
If I have a subnet lets say 192.168.1.X and mask 255.255.255.0
What is the difference in broadcast between 192.168.1.255 and 255.255.255.255 ?
What is the difference between these two broadcast addresses and why would I see both on the same Lan if I was using wireshark for example ?
Can you help me understand the difference between them and different use cases ?
Many thanks.
Hello Sean
In your scenario, if a host on your subnet with an IP address of, say, 192.168.1.55 sends an IP packet with a destination address of 192.168.1.255, the behavior will be exactly the same as if it sent a packet with a destination address of 255.255.255.255.
The difference is that with the 192.168.1.255 address, a host that’s outside of the local subnet can send a broadcast to this network segment. The 255.255.255.255 destination will only send a broadcast to the local subnet.
Now some protocols will use the limited broadcast address of 255.255.255.255 simply because they don’t yet know the subnet information (such as DHCP, RARP, and NTP). Other protocols will use the directed broadcast simply because the host sending the broadcast is in a different subnet, and there’s no other way to send a broadcast to another subnet. This is the case for the Wake-on-Lan (WoL) protocol.
So which one is used is determined by the requirements of the particular protocol.
I hope this has been helpful!
Laz
1 Like