User`s guide

ManualsBrandsEnterasys ManualsComputer equipmentEnterasys Matrix DFE-Gold Series

101

102

103

104

105

106

107

108

109

110

Configuring IP Broadcast Settings

Matrix DFE Series and N-SA User’s Guide 7-15

Enabling or Disabling IP Directed Broadcasts

Directedbroadcastsarenetworkorsubnetbroadcastpacketswhicharesenttoarouterfor

forwarding.TheycanbemisusedtocreateDenialofService(DoS)attacks.Bydefault,theMatrix

DFESeriesorN‐SAdeviceprotectsagainstthispossibilitybynotforwardingdirectedbroadcasts.

However,dependingonyournetwork

requirements,youmaywanttoenablethisfunction.

Frominterfaceconfigurationmode,usethiscommandtoenable IPdirectedbroadcastsonan

interface:

ip directed-broadcast

Usethis“no”formofthecommandtogloballydisableIPdirectedbroadcasts:

no ip directed-broadcast

Configuring UDP Broadcast Forwarding

Typically ,broadcastpacketsfromoneinterfacearenotforwarded(routed)toanotherinterface.

However,someapplicationsuseUDPbroadcaststodetecttheavailabilityofservices,and

protocols,suchasBOOTP/DHCP,requirebroadcastforwardingtoprovideservicestoclientson

othersubnets.ConfiguringUDPbroadcastforwardingontheMatrixDFESeriesor

N‐SAdevice

involvesenablingit,enablingDHCP/BootPrelay,andassigninganIP“helperaddress”as

describedinthissection.

Enabling or Disabling UDP Broadcast Forwarding

Fromglobalconfigurationmode,usethiscommandtoenableUDPbroadcastforwardingandto

specifythe protocolsforwhichUDPwillforwardservices:

ip forward-protocol {udp [port | protocol]}

TheportvariablespecifiesadestinationportthatcontrolswhichUDPservicesareforwarded.

Ifnotspecified,theMatrixDFESeriesorN‐SAdevicewillforwarddefaultservicesusingthe

defaultportslistedinTable 7‐5.Specifyingaprotocolkeywordwillenableonlyitsserviceon

thedefaultport

listed.

Table 7-5 Default UDP Forwarding Services

Protocol Keyword Service Default UDP Port

bootps Bootstrap Protocol Server 67

bootpc Bootstrap Protocol Client 68

domain Domain Name Service 53

nameserver EN-116 Name Service 42

netbios-dgm NetBIOS datagram service 138

netbios-ns NetBIOS name service 137

tacacs Terminal Access Controller Access Control

System

tftp Trivial File Transfer Protocol 69

time Time Service 37