Manualshelf

User Manual

ManualsBrandsCabletron ManualsCables & InterconnectsCabletron Tpfot-2 10BT Transceiver 1 RJ45 Utp to 1 St MMf
171172173174175176177178179180
Enterasys X-Pedition User Reference Manual 147
Configuring IP Interfaces and Parameters
To forward UDP broadcast packets received on interface int2 to the host 10.2.48.8 for packets with
the destination port 111 (port mapper):
To forward UDP broadcast packets received on interface int3 to all other interfaces:
Configuring Direct Broadcast
Directed broadcast packets are network or subnet broadcast packets which are sent to a router to be
forwarded as broadcast packets. They can be misused to create Denial Of Service attacks. The XP
protects against this possibility by not forwarding directed broadcasts, by default. To enable the
forwarding of directed broadcasts, use the ip enable directed-broadcast command.
You can configure the XP to forward all directed broadcast traffic from the local subnet to a
specified IP address or all associated IP addresses. This is a more efficient method than defining
only one local interface and remote IP address destination at a time with the ip-helper command
when you are forwarding traffic from more than one interface in the local subnet to a remote
destination IP address.
To enable directed broadcast forwarding on the “int4” network interface:
Configuring Denial of Service (DOS)
By default, the XP installs flows in the hardware so that packets sent as directed broadcasts are
dropped in hardware, if directed broadcast is not enabled on the interface where the packet is
received. You can disable this feature, causing directed broadcast packets to be processed on the XP
even if directed broadcast is not enabled on the interface receiving the packet.
Similarly, the XP installs flows to drop packets destined for the XP for which service is not
provided by the XP. This prevents packets for unknown services from slowing the CPU. You can
disable this behavior, causing these packets to be processed by the CPU.
To cause directed broadcast packets to be processed on the XP, even if directed broadcast is not
enabled on the interface receiving the packet:
xp(config)# ip helper-address interface int2 10.2.48.8 111
xp(config)# ip helper-address interface int3 all-interfaces
xp(config)# ip enable directed-broadcast interface int4
xp(config)# ip dos disable directed-broadcast-protection