Filter
Top Products
Riverstone Networks RS Switch Router User Guide Release 8.0 11-9
IP Routing Configuration Guide Configuring Direct Broadcast
11.9 CONFIGURING DIRECT BROADCAST
Directed broadcast packets are network or subnet broadcast packets which are sent to a router to be forwarded as
broadcast packets. They can be misused to create Denial Of Service attacks. The RS protects against this possibility
by not forwarding directed broadcasts, by default. To enable the forwarding of directed broadcasts, use the
ip enable
directed-broadcast
command.
You can configure the RS to forward all directed broadcast traffic from the local subnet to a specified IP address or all
associated IP addresses. This is a more efficient method than defining only one local interface and remote IP address
destination at a time with the
ip-helper
command when you are forwarding traffic from more than one interface in
the local subnet to a remote destination IP address.
To enable directed broadcast forwarding on the “int4” network interface:
11.10 CONFIGURING DENIAL OF SERVICE (DOS)
By default, the RS installs flows in the hardware so that packets sent as directed broadcasts are dropped in hardware,
if directed broadcast is not enabled on the interface where the packet is received. You can disable this feature, causing
directed broadcast packets to be processed on the RS even if directed broadcast is not enabled on the interface receiving
the packet.
Similarly, the RS installs flows to drop packets destined for the RS for which service is not provided by the RS. This
prevents packets for unknown services from slowing the CPU. You can disable this behavior, causing these packets to
be processed by the CPU.
To cause directed broadcast packets to be processed on the RS, even if directed broadcast is not enabled on the interface
receiving the packet:
To allow packets destined for the RS, but do not have a service defined for them on the RS, to be processed by the RS’s
CPU:
11.11 MONITORING IP PARAMETERS
The RS provides display of IP statistics and configurations contained in the routing table. Information displayed
provides routing and performance information.
rs(config)# ip enable directed-broadcast interface int4
rs(config)# ip dos disable directed-broadcast-protection
rs(config)# ip dos disable port-attack-protection