System information
Troubleshooting TCP/IP
Book Title
7-114
UDP broadcast
forwarding is disabled
on specific UDP ports
Step 1 Use the show running-config privileged exec command on the router and
look for any no ip forward-protocol udp global configuration command
entries. Such entries disable the forwarding of UDP traffic out specific
ports.
For example, entering the no ip forward-protocol udp 53 global
configuration command disables the forwarding of all UDP traffic out
port 53, which is the default port for DNS broadcasts. The following
entry is shown in the configuration:
no ip forward-protocol udp domain
Step 2
If UDP broadcasts are disabled at specific UDP ports, enter the ip
forward-protocol udp port global configuration command (you can also
specify a keyword, such as domain, rather than the port number).
For example, to reenable DNS broadcasts, enter the following command:
C4500(config)#ip forward-protocol udp domain
To allow forwarding of BOOTP broadcasts, enter the following
command:
C4500(config)#ip forward-protocol udp bootp
To allow forwarding of all UDP broadcasts, enter the following
command:
C4500(config)#ip forward-protocol udp
Access list or other
filters are misconfigured
Step 1 Use the show running-config command to check the configuration of
each router in the path. See if there are access lists configured on the
router.
Step 2 If there are access lists enabled on the router, disable them using the
appropriate commands. For example, to disable input access list 10, enter
the following command:
C4000(config-if)#no ip access-group 10 in
Step 3
After disabling all access lists, determine whether the BOOTP or other
UDP broadcasts are forwarded normally. If broadcasts are forwarded
normally, an access list is probably blocking traffic.
Step 4 To isolate the problem access list, enable access lists one at a time until
broadcasts are no longer forwarded.
Step 5 Check the problem access list to see whether it is filtering traffic from any
UDP ports. If an access list denies specific UDP ports, make sure that it
does not deny ports used to forward the broadcast traffic in question (such
as UDP port 67 for BOOTP or port 68 for BOOTP replies).
Enter explicit permit statements for those ports used to forward
broadcasts that you want to have forwarded.
The following is an example of using a permit statement in an access list:
Router(config)#access-list 101 permit udp any any eq
Router(config)#access-list 101 permit udp any any eq
Step 6
If you altered an access list, enable the list to see whether broadcasts are
still forwarded normally.
Step 7 If problems persist, perform the preceding steps on routers in the path
until broadcast traffic is forwarded correctly.
For more information about misconfigured access lists, see Table 7-4 and the
section “Misconfigured Access List Example” earlier in this chapter. For more
information on configuring access lists, see the Cisco IOS configuration guides
and command references.
Possible Problem Solution