Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: Forwarding broadcast

Forwarding broadcast 9 years 11 months ago #19056

  • dentifrice
  • dentifrice's Avatar
  • Offline
  • New Member
  • Posts: 19
  • Karma: 0
Hi !

Little problem with my network setup and I need help.

I have 2 networks connected through a cisco layer 3 switch (using it as a router)

Two BVI interfaces, one for each network.

Ip routing is working perfectly between both networks.

We are running a program here that use ONLY broadcast (UDP 5001, 5002, 5003) to communication between the stations.

I have 25 clients on one side, and only one on the other side.

The 25 clients have no problem talking to each other as they are in the same network.

But the other client on the other side can't receive data because it's on another network, obviously. (broadcast...)

What I need to know is how do I setup my L3 switch/router to forward UDP broadcast (port 5001, 5002, 5003) between networks.

I tried several things but i'm lost with all those commands (ip helper address, ip forward-protocol, ip broadcast address, etc...).

Can someone help me cleared this out. What do I need to setup globally and/or on the interfaces (of the switch L3/router) to get this working ?

Here's a picture of my setup.

Thank you and sorry for my english



The administrator has disabled public write access.

Re: Forwarding broadcast 9 years 11 months ago #19064

  • Smurf
  • Smurf's Avatar
  • Offline
  • Moderator
  • Posts: 1390
  • Karma: 1
I dont think its going to be able to be setup to broadcast on just the three UDP ports. I think it will have to be a case of broadcast all or nothing.

If you think how the broadcast works, it doesn't go as far up as Layer 4 to take a look in the TCP/UDP port numbers.

If you enable the full broadcasting of traffic, then you are loosing the whole reason for splitting the address ranges and segmenting the traffic to make the broadcast domain smaller.

Is there nothing that can be done to the application to stop this behavour ?
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx

Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
The administrator has disabled public write access.

Re: Forwarding broadcast 9 years 11 months ago #19068

  • TheBishop
  • TheBishop's Avatar
  • Offline
  • Moderator
  • Posts: 1719
  • Thank you received: 8
  • Karma: 5
I'm a bit confused by the term 'broadcast' followed by three specific UDP ports that it uses. Perhaps you could explain a little more about how it works?
If it is a genuine 'broadcast' then Smurf is right, you're not going to get that passed through to the other side of your infrastructure as it stands. I'm wondering about ways you might be able to do this without changing your existing topology. A point-to-point VPN perhaps? Or could you change the way the application works - perhaps having a server on each subnet and somehow connecting them together?
The administrator has disabled public write access.

Re: Forwarding broadcast 9 years 11 months ago #19073

  • dentifrice
  • dentifrice's Avatar
  • Offline
  • New Member
  • Posts: 19
  • Karma: 0
no I can't modify the application. My client is the army and this program can't be change.


clients sends data through a UDP packet sent via local broadcast

example :
network : 192.168.1.0 / 255.255.255.0

client sends UDP packet to everyone : IPv4 UDP packet on port 5001 to 192.168.1.255

and every clients communicate between them with subnet broadcast address.
stupid as a monkey but that's the way it is :lol:
(This apps was build to works on satellite networks

I know it can be done because there is a command on cisco router like this : ip forward-protocol udp 5001

but it's not enough, I need to configure something in the interface.

thanks


edit :
can you tell me the way to enable full broadcast forward ? I know it's dumb but it's just for testing purpose...to see if it works. If it doesn't, i will not waste my time on doing it for just 3 ports...
The administrator has disabled public write access.

Re: Forwarding broadcast 9 years 11 months ago #19078

  • dentifrice
  • dentifrice's Avatar
  • Offline
  • New Member
  • Posts: 19
  • Karma: 0
this is the UDP packet send through the subnet broadcast address

forget the "192.168.35.255", it should be 39.255. This is because I took this screenshot before changing my subnet mask from 252 to 248.

The administrator has disabled public write access.

Re: Forwarding broadcast 9 years 11 months ago #19082

  • d_jabsd
  • d_jabsd's Avatar
  • Offline
  • Distinguished Member
  • Posts: 153
  • Karma: 0
you might be able to use 'ip forward-protocol udp <port>'

ip forward-protocol udp 5001
ip forward-protocol udp 5002
ip forward-protocol udp 5003



see www.cisco.com/en/US/products/sw/iosswrel...7d169.html#wp1108053
The administrator has disabled public write access.
  • Page:
  • 1
  • 2
Time to create page: 0.085 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup