A packet must meet the following criteria to be considered for flooding:
The MAC address of the received frame must be all-ones broadcast address (ffff.ffff.ffff).
The IP destination address must be one of the following: all-ones broadcast (255.255.255.255), subnet broadcast for the receiving interface; major-net broadcast for the receiving interface if the no ip classless command is also configured; or any local IP broadcast address if the ip forward-protocol spanning-tree any-local-broadcast command is configured.
The IP time-to-live (TTL) value must be at least 2.
The IP protocol must be User Datagram Protocol (UDP) (17).
The UDP destination port must be TFTP, Domain Name System (DNS), Time, NetBIOS, ND, or BOOTP packet, or a UDP port specified by the ip forward-protocol udp command.
A flooded UDP datagram is given the destination address specified by the ip broadcast-address command on the output interface. The destination address can be set to any desired address. Thus, the destination address may change as the datagram propagates through the network. The source address is never changed. The TTL value is decremented.
After a decision has been made to send the datagram out on an interface (and the destination address possibly changed), the datagram is handed to the normal IP output routines and is therefore subject to access lists, if they are present on the output interface.
The ip forward-protocol spanning-tree command uses the database created by the bridging Spanning-Tree Protocol. Therefore, the transparent bridging option must be in the routing software, and bridging must be configured on each interface that is to participate in the flooding in order to support this capability.
If an interface does not have bridging configured, it still will be able to receive broadcasts, but it will never forward broadcasts received on that interface. Also, it will never use that interface to send broadcasts received on a different interface.
If no actual bridging is desired, you can configure a type-code bridging filter that will deny all packet types from being bridged. Refer to the Cisco IOS Bridging and IBM Networking Configuration Guide for more information about using access lists to filter bridged traffic. The spanning-tree database is still available to the IP forwarding code to use for the flooding.
The spanning-tree-based flooding mechanism forwards packets whose contents are all ones (255.255.255.255), all zeros (0.0.0.0), and, if subnetting is enabled, all networks (10.108.255.255 as an example in the network number 10.108.0.0). This mechanism also forward packets whose contents are the zeros version of the all-networks broadcast when subnetting is enabled (for example, 10.108.0.0).
This command is an extension of the ip helper-address command, in that the same packets that may be subject to the helper address and forwarded to a single network can now be flooded. Only one copy of the packet will be put on each network segment.