Directed broadcast, as opposed to all 1s broadcast (255.255.255.255) or link local broadcast, is a broadcast directed to a specific subnet only. For instance a broadcast sent to the IP address 192.168.0.255/24 is a broadcast to that particular subnet 192.168.0.0/24. Since it can be exploited for Smurf attacks (DoS), ip directed broadcast is disabled by default in the 12.x IOS versions.
There're some applications such as WoL, backups or other management tasks, for which directed broadcasts are enabled, but with an ACL defining the source & destination of the directed broadcast.
If you're part of say 10.0.0.0/24 subnet & an upstream router had 192.168.0.0/24 subnet attached to it, you'll send a directed broadcast to the address 192.168.0.255/24 & the router will relay it to the destination subnet. The packets will be routed like any other packets until it hits the destination router, which will send the broadcast from the interface which has the destination network directly attached to it.
Thanks for the reply. It makes more sense now. I was just confussed in how it was discribed in the Cisco press DESGN 640-863 book. It had said the follwoing,
On Cisco routers, the ip directed-broadcast interface command controls what the last router in
the path, the one connected to the destination subnet, does with a directed broadcast packet. If
ip directed-broadcast is enabled on the interface, the router changes the directed broadcast to
a broadcast and sends the packet, encapsulated in a Layer 2 broadcast frame, onto the subnet.
However, if the no ip directed-broadcast command is configured on the interface, directed
broadcasts destined for the subnet to which that interface is attached are dropped.
Where it says the packet is encapsulated in a Layer 2 broadcast frame and then sent onto the subnet.
Thanks for the reply
I think that description is pretty accurate though. I ran into IP directed broadcast a few years back when we wanted to start sending Wake On Lan packets across subnets. A wake on lan packet is really just a layer 2 broadcast to tell the machines to power up. Well, because it is a layer 2 broadcast, you have to be in the same subnet as the machine that you want to wake up.
Well, with an IP directed broadcast, I can encapsulate that layer 2 broadcast into a layer 3 packet, send it to the intended IP subnets and then when it reaches its destination, the router will stip the IP information and reveal the broadcast Layer 2 frame.
For all of the security issues there are with IP directed broadcast, there are good things too. So, what I do is I enable IP directed broadcast, but protect it with an ACL so that only certain machines can send the IP directed broadcast.
Ok getting it now (I think). I was just looking at it as been just a layer 3 (IP) broadcast. But once it go's onto another ethernet segment it is sent as a layer 2 broadcast?? But keeping its layer 3 subnet address, with it broadcast address?? I have never used this before so forgive me if I am going around in circles here . But Jareds example has shown me a use for it..
This is how directed broadcast works
Host 1 on 192.168.1.10/24 sends a L3 packet to 192.168.2.255
This packet is a regular unicast L3 packet, its L2 mac address will be source of the host and target of the DG
the Router (DG) receives the packet and recognises that it corresponds to a broadcast address on a different vlan
if ip-directed broadcasts are enabled it will send a L3 packet out of the interface corresponding to 192.168.2.0/24
This packet will have source address of the router on that subnet and destination of 192.168.2.255 the destination mac will be broadcast FF...
If you want to forward L2 broadcasts on one subnet to another subnet you have to use the helper ip address and ip forward-protocol