Thursday, May 5, 2011

Directed Broadcast Forwarding

A directed broadcast is a broadcast intended for all nodes on a non-local network.
Note: The ip directed-broadcast interface subcommand which enables Directed Broadcast Forwarding for an interface only forwards directed broadcast packets from remote networks.
Ex: By enabling DBF on RT2 Fa1/0, RT2 would only forwards directed broadcast traffic sourced from networks other than 10.20.20.0.


A packet destined to the directed broadcast address 10.20.20.255 is intended for all nodes whose network address is 10.20.20.0 (PC1 and PC2). A router which does not directly connect to 10.20.20.0 (RT1) simply forwards the directed broadcast address packet to its next hop (RT2, 10.10.10.2). A router on network 10.20.20.0 (RT2) which has directed broadcast forwarding enabled on Fa1/0 would accept and forward the packet to all nodes in 10.20.20.0.

Below shows the output of the debug ip packet privileged command on RT1 and RT2 before DBF is enabled on RT2 Fa1/0. PC1 and PC2 do not response when RT1 ping 10.20.20.255.
RT2#sh run int fa1/0
Building configuration...
!
interface FastEthernet1/0
 ip address 10.20.20.1 255.255.255.0
end
RT2#sh ip int fa1/0
FastEthernet1/0 is up, line protocol is up
  Internet address is 10.20.20.1/24
  Directed broadcast forwarding is disabled
--- output omitted ---
----------------------------------------------------------------------
RT1#ping 10.20.20.255 repeat 1
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 10.20.20.255, timeout is 2 seconds:
!
Success rate is 100 percent (1/1), round-trip min/avg/max = 44/44/44 ms
RT1#
00:07:21: IP: tableid=0, s=10.10.10.1 (local), d=10.20.20.255 (FastEthernet0/0), routed via RIB
00:07:21: IP: s=10.10.10.1 (local), d=10.20.20.255 (FastEthernet0/0), len 100, sending
00:07:21: IP: tableid=0, s=10.10.10.2 (FastEthernet0/0), d=10.10.10.1 (FastEthernet0/0), routed via RIB
00:07:21: IP: s=10.10.10.2 (FastEthernet0/0), d=10.10.10.1 (FastEthernet0/0), len 100, rcvd 3
----------------------------------------------------------------------
RT2#
00:07:21: IP: tableid=0, s=10.10.10.1 (FastEthernet0/0), d=10.20.20.255 (FastEthernet1/0), routed via RIB
00:07:21: IP: s=10.10.10.1 (FastEthernet0/0), d=10.20.20.255 (FastEthernet1/0), len100, rcvd 5
00:07:21: IP: tableid=0, s=10.10.10.2 (local), d=10.10.10.1 (FastEthernet0/0), routed via RIB
00:07:21: IP: s=10.10.10.2 (local), d=10.10.10.1 (FastEthernet0/0), len 100, sending
RT2#

Below shows the output of the debug ip packet privileged command on RT1 and RT2 after DBF is enabled on RT2 Fa1/0. PC1 and PC2 response to RT1 when RT1 ping 10.20.20.255.
RT2#sh run int fa1/0
Building configuration...
!
interface FastEthernet1/0
 ip address 10.20.20.1 255.255.255.0
 ip directed-broadcast
end
RT2#sh ip int fa1/0
FastEthernet1/0 is up, line protocol is up
  Internet address is 10.20.20.1/24
  Directed broadcast forwarding is enabled
--- output omitted ---
--------------------------------------------------
RT1#ping 10.20.20.255 repeat 1
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 10.20.20.255, timeout is 2 seconds:
!
Success rate is 100 percent (1/1), round-trip min/avg/max = 40/40/40 ms
RT1#
00:10:34: IP: tableid=0, s=10.10.10.1 (local), d=10.20.20.255 (FastEthernet0/0), routed via RIB
00:10:34: IP: s=10.10.10.1 (local), d=10.20.20.255 (FastEthernet0/0), len 100, sending
00:10:34: IP: tableid=0, s=10.10.10.2 (FastEthernet0/0), d=10.10.10.1 (FastEthernet0/0), routed via RIB
00:10:34: IP: s=10.10.10.2 (FastEthernet0/0), d=10.10.10.1 (FastEthernet0/0), len 100, rcvd 3
00:10:34: IP: tableid=0, s=10.20.20.2 (FastEthernet0/0), d=10.10.10.1 (FastEthernet0/0), routed via RIB
00:10:34: IP: s=10.20.20.2 (FastEthernet0/0), d=10.10.10.1 (FastEthernet0/0), len 100, rcvd 3
00:10:34: IP: tableid=0, s=10.20.20.3 (FastEthernet0/0), d=10.10.10.1 (FastEthernet0/0), routed via RIB
00:10:34: IP: s=10.20.20.3 (FastEthernet0/0), d=10.10.10.1 (FastEthernet0/0), len 100, rcvd 3
RT1#
--------------------------------------------------
RT2#
00:10:34: IP: tableid=0, s=10.10.10.1 (FastEthernet0/0), d=10.20.20.255 (FastEthernet1/0), routed via RIB
00:10:34: IP: s=10.10.10.1 (FastEthernet0/0), d=10.20.20.255 (FastEthernet1/0), g=255.255.255.255, len 100, forward directed broadcast
00:10:34: IP: s=10.10.10.1 (FastEthernet0/0), d=10.20.20.255 (FastEthernet1/0), len100, rcvd 5
00:10:34: IP: tableid=0, s=10.10.10.2 (local), d=10.10.10.1 (FastEthernet0/0), routed via RIB
00:10:34: IP: s=10.10.10.2 (local), d=10.10.10.1 (FastEthernet0/0), len 100, sending
00:10:34: IP: tableid=0, s=10.20.20.2 (FastEthernet1/0), d=10.10.10.1 (FastEthernet0/0), routed via RIB
00:10:34: IP: s=10.20.20.2 (FastEthernet1/0), d=10.10.10.1 (FastEthernet0/0), g=10.10.10.1, len 100, forward
00:10:34: IP: tableid=0, s=10.20.20.3 (FastEthernet1/0), d=10.10.10.1 (FastEthernet0/0), routed via RIB
00:10:34: IP: s=10.20.20.3 (FastEthernet1/0), d=10.10.10.1 (FastEthernet0/0), g=10.10.10.1, len 100, forward
RT2#
--------------------------------------------------
PC1#
xxxx: IP: s=10.10.10.1 (FastEthernet0/0), d=255.255.255.255, len 100, rcvd 2
xxxx: IP: s=10.20.20.2 (local), d=10.10.10.1 (FastEthernet0/0), len 100, sending
PC1#
--------------------------------------------------
PC2#
xxxx: IP: s=10.10.10.1 (FastEthernet0/0), d=255.255.255.255, len 100, rcvd 2
xxxx: IP: s=10.20.20.3 (local), d=10.10.10.1 (FastEthernet0/0), len 100, sending
PC2#

Below shows the output of the debug ip packet privileged command on RT2 when RT2 ping 10.20.20.255. The result is same regardless of the DBF configuration on RT2 Fa1/0.
RT2#ping 10.20.20.255 repeat 1
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 10.20.20.255, timeout is 2 seconds:

00:14:11: IP: s=10.20.20.1 (local), d=255.255.255.255 (FastEthernet1/0), len 100, sending broad/multicast
00:14:11: IP: tableid=0, s=10.20.20.2 (FastEthernet1/0), d=10.20.20.1 (FastEthernet1/0), routed via RIB
00:14:11: IP: s=10.20.20.2 (FastEthernet1/0), d=10.20.20.1 (FastEthernet1/0), len 100, rcvd 3
00:14:11: IP: tableid=0, s=10.20.20.3 (FastEthernet1/0), d=10.20.20.1 (FastEthernet1/0), routed via RIB
00:14:11: IP: s=10.20.20.3 (FastEthernet1/0), d=10.20.20.1 (FastEthernet1/0), len 100, rcvd 3
Reply to request 0 from 10.20.20.2, 24 ms
Reply to request 0 from 10.20.20.3, 40 ms
RT2#
--------------------------------------------------
PC1#
xxxx: IP: s=10.20.20.1 (FastEthernet0/0), d=255.255.255.255, len 100, rcvd 2
xxxx: IP: s=10.20.20.2 (local), d=10.20.20.1 (FastEthernet0/0), len 100, sending
PC1#

Below shows the output of the debug ip packet privileged command on RT2 when RT1 ping 255.255.255.255. PC1 and PC2 do not reply while RT2 reply when RT1 ping 255.255.255.255.
RT1#ping 255.255.255.255 rep 1
Type escape sequence to abort.
Sending 1, 100-byte ICMP Echos to 255.255.255.255, timeout is 2 seconds:

00:14:30: IP: s=10.10.10.1 (local), d=255.255.255.255 (FastEthernet0/0), len 100, sending broad/multicast
00:14:30: IP: tableid=0, s=10.10.10.2 (FastEthernet0/0), d=10.10.10.1 (FastEthernet0/0), routed via RIB
00:14:30: IP: s=10.10.10.2 (FastEthernet0/0), d=10.10.10.1 (FastEthernet0/0), len 100, rcvd 3
Reply to request 0 from 10.10.10.2, 84 ms
RT1#
--------------------------------------------------
RT2#
00:14:30: IP: s=10.10.10.1 (FastEthernet0/0), d=255.255.255.255, len 100, rcvd 2
00:14:30: IP: tableid=0, s=10.10.10.2 (local), d=10.10.10.1 (FastEthernet0/0), routed via RIB
00:14:30: IP: s=10.10.10.2 (local), d=10.10.10.1 (FastEthernet0/0), len 100, sending
RT2#

DoS (Denial-of-Service) attacks, eg: Smurf and Fraggle take advantage of directed broadcasts. Smurf attacks send a large number of ICMP Echo Request packets with a spoofed source address (victim) to a directed broadcast and cause all hosts to respond to the Echo Request packets, results in wasting network bandwidth resources and unnecessary processing on the victim host. As a result, it is recommended to disable Directed Broadcast Forwarding on any interface where directed broadcasts are not needed.
Posted by Yap Chin Hoong at 7:50 AM
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)