(Optional) Standard access list number in the range from 1 to 199. If
specified, a broadcast must pass the access list to be forwarded.
(Optional) Extended access list number in the range from 1300 to 2699.
Disabled; all IP
directed broadcasts are dropped.
command was introduced.
default behavior changed to directed broadcasts being dropped.
command was integrated into Cisco IOS Release 12.2(33)SRA.
command is supported in the Cisco IOS Release 12.2SX train. Support in a
specific 12.2SX release of this train depends on your feature set, platform,
and platform hardware.
Cisco IOS XE 3.3SE
This command was implemented in Cisco IOS XE Release 3.3SE.
An IP directed
broadcast is an IP packet whose destination address is a valid broadcast
address for some IP subnet, but which originates from a node that is not itself
part of that destination subnet.
A router that is
not directly connected to its destination subnet forwards an IP directed
broadcast in the same way it would forward unicast IP packets destined to a
host on that subnet. When a directed broadcast packet reaches a router that is
directly connected to its destination subnet, that packet is “exploded” as a
broadcast on the destination subnet. The destination address in the IP header
of the packet is rewritten to the configured IP broadcast address for the
subnet, and the packet is sent as a link-layer broadcast.
ipdirected-broadcast command controls the explosion
of directed broadcasts when they reach their target subnets. The command
affects only the final transmission of the directed broadcast on its ultimate
destination subnet. It does not affect the transit unicast routing of IP
directedbroadcast is enabled for an interface, incoming IP
packets whose addresses identify them as directed broadcasts intended for the
subnet to which that interface is attached will be exploded as broadcasts on
that subnet. If an access list has been configured with the
ipdirected-broadcast command, only directed
broadcasts that are permitted by the access list in question will be forwarded;
all other directed broadcasts destined for the interface subnet will be
noipdirected-broadcast command has been configured for
an interface, directed broadcasts destined for the subnet to which that
interface is attached will be dropped, rather than being broadcast.
directed broadcasts, and particularly Internet Control Message Protocol (ICMP)
directed broadcasts, have been abused by malicious persons, we recommend that
security-conscious users disable theipdirected-broadcast command on any interface where
directed broadcasts are not needed and that they use access lists to limit the
number of exploded packets.
example enables forwarding of IP directed broadcasts on Ethernet interface 0:
Router(config)# interface ethernet 0
Router(config-if)# ip directed-broadcast
Specifies which protocols and ports the router forwards when forwarding