|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: IP flooding by using broadcast address
Edward Henigin wrote: > > On Sat, Jul 19, 1997 at 09:11:28PM -0700, Joe Rhett said: > > > I think it would be very wise of cisco to have a global flag > > > (or at least, a per-interface flag) which would prevent the > forwarding > > > of a packet to an all-ones address. If cisco won't add this > feature, > > > > Yes! > > I was just told that the interface command "no ip > direct-broadcast" > may be what I was asking for.. > At least on our (OpenROUTE Networks/Proteon) routers and those based on our code, you can control whether the router will forward packets which are directed broadcasts. For example, do you allow a packet addressed to 192.168.123.255 to travel to your network from a distance, and then be broadcast on a LAN medium that is used for the 192.168.123.0 subnet? Directed broadcasts can be useful within a company's internal network, but is not a good thing to allow on a border router. The original question, though, was about the source address. This could be addressed with filters, or with the addition of extra options. In our routers, filters could be constructed for this relatively easily. (I can't tell you about cisco product, though. I suspect they have many similar features). > Ed -- ------------------------------------------------------- Daniel Senie [email protected] OpenROUTE Networks, Inc. http://www.openroute.com/ 508-898-2800
|