R2511-HP MSR Router Series Layer 3 - IP Services Configuration Guide(V5)
107
Optimizing IP performance
This chapter describes multiple features for IP performance optimization.
Enabling forwarding of directed broadcasts to a
directly connected network
A directed broadcast packet is destined for all hosts on a specific network. In the destination IP address
of the directed broadcast, the network ID identifies the target network, and the host ID is made up of all
ones.
If a device is allowed to forward directed broadcasts to a directly connected network, hackers can
exploit this vulnerability to attack the target network. However, this feature must be enabled for the
following functions:
• UDP Helper—Converts broadcasts to unicasts and forwards them to a specific server.
• Wake on LAN—Forwards directed broadcasts to wake up a specific host.
Enabling forwarding of directed broadcasts to a directly
connected network
Follow these guidelines when you enable the device to forward directed broadcasts:
• If an ACL is referenced in the ip forward-broadcast command, only packets permitted by the ACL
can be forwarded.
• If you execute the ip forward-broadcast command multiple times on an interface, the most recent
configuration takes effect. If the command executed last does not include acl acl-number, the ACL
configured previously is removed.
To enable the device to forward directed broadcasts:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter interface view.
interface interface-type interface-number
N/A
3. Enable the interface to
forward directed broadcasts.
ip forward-broadcast [ acl acl-number ]
Disabled by default.
Forwarding directed broadcasts configuration example
Network requirements
As shown in Figure 50:
• The host Administrator and Ethernet 1/1 of R o u t e r a r e i n t h e s a m e s u b n e t 1.1.1. 0 / 24 .