From: Kevin M. Woods (kev@xxxxxxx)
Date: Mon Aug 28 2000 - 03:35:44 GMT-3
The use of "no ip directed-broadcast" does not affect packets generated by
the router itself towards connected interfaces, thus what you've mentioned,
although useful, doesn't apply to this particular scenario.
Kevin
// Not very neat at all. You are pinging a broadcast address and getting
// replies which means your network is vulnerable to be a smurf amplifier.
// Unless you have a good reason, the very first config line you should put
// on an interface with an IP network hanging off it is 'no ip
// directed-broadcast". A lot of money and bandwidth is wasted because of
// improper configuration on routers on the internet. For more details see
// http://www.netscan.org. This does come in handy sometimes but should
// only be taken off briefly, if at all on an Internet-connected router.
//
// Bert
//
// Ben Rife wrote:
// >
// > To All,
// >
// > From a router, you can ping the network address and receive a reply from t
he
// > local hosts. Example:
// >
// > I have a router with an ethernet interface addr of 192.168.1.1 /24.
// > I ping the network address of 192.168.1.0 and received the following reply
:
// >
// > Reply to request 2 from 192.168.1.251, 1 ms
// > Reply to request 2 from 128.128.2.250, 1 ms
// > Reply to request 2 from 192.168.1.5, 1 ms
// > Reply to request 2 from 192.168.1.3, 1 ms
// >
// > I believe it lists the hosts in the order which they reply. Just a thought
!
// > Kinda a neat trick!
// >
// > HTH,
// >
// > Ben Rife
// > CCIE #5886
This archive was generated by hypermail 2.1.4 : Thu Jun 13 2002 - 08:24:31 GMT-3