By default, IP
directed broadcasts are dropped; they are not forwarded. Dropping IP-directed
broadcasts makes routers less susceptible to denial-of-service attacks.
You can enable forwarding of
IP-directed broadcasts on an interface where the broadcast becomes a physical
(MAC-layer) broadcast. Only those protocols configured by using the
ip forward-protocol global configuration command
are forwarded.
You can specify an access
list to control which broadcasts are forwarded. When an access list is
specified, only those IP packets permitted by the access list are eligible to
be translated from directed broadcasts to physical broadcasts. For more
information on access lists, see the “Information about Network Security with
ACLs" section in the Security Configuration Guide.