Skip navigation
Login   |   Register
Cisco Learning Home > CCDA Study Group > Discussions
45155 Views 5 Replies Latest reply: Jan 25, 2011 8:24 AM by ericleahy - CCNP, CCDP, CCNA SEC RSS

Currently Being Moderated

IP directed-broadcast command?

Jan 25, 2011 1:06 AM

ericleahy - CCNP, CCDP, CCNA SEC 206 posts since
Jan 8, 2010

Hey all,


Just need a little clarity on the interface command "ip directed-broadcast" command. Am I right in thinking that when this command is enabled on a router interface, it will accept an IP broadcast packet and forward it out another interface in a layer 2 broadcast frame??


Just a little mixed up on this one, thanks guys




  • Addy 106 posts since
    Oct 21, 2009

    Hi Eric,


    Directed broadcast, as opposed to all 1s broadcast (  or link local broadcast, is a broadcast directed to a specific subnet only. For instance a broadcast sent to the IP address is a broadcast to that particular subnet Since it can be exploited for Smurf attacks (DoS), ip directed broadcast is disabled by default in the 12.x IOS versions.


    There're some applications such as WoL, backups or other management tasks, for which directed broadcasts are enabled, but with an ACL defining the source & destination of the directed broadcast.


    If you're part of say subnet & an upstream router had subnet attached to it, you'll send a directed broadcast to the address & the router will relay it to the destination subnet. The packets will be routed like any other packets until it hits the destination router, which will send the broadcast from the interface which has the destination network directly attached to it.



    Join this discussion now: Login / Register
  • Eric, makes sense to me.  Packets get wrapped with a layer 2 header when sent out on L2 media regardless.  In this case they mean it's wrapped and sent with a destination MAC of all-hosts. 

    Join this discussion now: Login / Register
  • Jared 5,547 posts since
    Jul 27, 2008

    Hi Eric,


    I think that description is pretty accurate though.  I ran into IP directed broadcast a few years back when we wanted to start sending Wake On Lan packets across subnets.  A wake on lan packet is really just a layer 2 broadcast to tell the machines to power up.  Well, because it is a layer 2 broadcast, you have to be in the same subnet as the machine that you want to wake up.


    Well, with an IP directed broadcast, I can encapsulate that layer 2 broadcast into a layer 3 packet, send it to the intended IP subnets and then when it reaches its destination, the router will stip the IP information and reveal the broadcast Layer 2 frame.


    For all of the security issues there are with IP directed broadcast, there are good things too.  So, what I do is I enable IP directed broadcast, but protect it with an ACL so that only certain machines can send the IP directed broadcast.

    Join this discussion now: Login / Register


More Like This

  • Retrieving data ...

Bookmarked By (1)