IP flooding by using broadcast address

• Previous message (by thread): IP flooding by using broadcast address
• Next message (by thread): To ListOwner
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Edward Henigin wrote:
> 
> On Sat, Jul 19, 1997 at 09:11:28PM -0700, Joe Rhett said:
> > >     I think it would be very wise of cisco to have a global flag
> > > (or at least, a per-interface flag) which would prevent the
> forwarding
> > > of a packet to an all-ones address.  If cisco won't add this
> feature,
> >
> > Yes!
> 
>         I was just told that the interface command "no ip
> direct-broadcast"
> may be what I was asking for..
> 

At least on our (OpenROUTE Networks/Proteon) routers and those based on
our code, you can control whether the router will forward packets which
are directed broadcasts. For example, do you allow a packet addressed to
192.168.123.255 to travel to your network from a distance, and then be
broadcast on a LAN medium that is used for the 192.168.123.0 subnet?

Directed broadcasts can be useful within a company's internal network,
but is not a good thing to allow on a border router.

The original question, though, was about the source address. This could
be addressed with filters, or with the addition of extra options. In our
routers, filters could be constructed for this relatively easily.

(I can't tell you about cisco product, though. I suspect they have many
similar features).

>         Ed

-- 
-------------------------------------------------------
Daniel Senie                  dts at openroute.com
OpenROUTE Networks, Inc.      http://www.openroute.com/
508-898-2800

• Previous message (by thread): IP flooding by using broadcast address
• Next message (by thread): To ListOwner
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]