From: Pierre-Alex (paguanel@hotmail.com)
Date: Thu Jun 15 2006 - 07:47:06 ART
In the cisco Documentation , on the interface of the last hop router is
configured a "directed broacast" statement.
http://www.cisco.com/univercd/cc/td/doc/product/software/ios124/124cr/himc_r/
mlt_i1h.htm#wp1075964
I have labbed the example WITHOUT this command and the conversion worked
properly: my last hop router is sending broadcast.
Also I have not enable pim on the outgoing interface of the last hop router as
the example, and it is working too.
The way I explain theses results is as follows:
1. " By default, IP directed broadcasts are dropped; they are not forwarded.
By dropping IP directed broadcasts, routers are less susceptible to
denial-of-service attacks."
http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/12cgcr/np1_c/
1cprt2/1cipadr.htm#wp4443
In this case, the router is not receiving directed broadcast. It is receiving
a multicast flow from its upstream neighbor, so there is no issue of directed
broadcast.
2. When the router transforms the multicast flow it first creates a flow to
the directed broadcast address. Since the flow was originated INTERNALLY
(by no interface whatsoever), there is no issue of "fowarding a directed
broadcast" and therefore no restriction on converting this flow to broadcast.
So the router broadcasts its self-created directed broadcast.
3. Regarding enabling multicast on the source I suspect this is necessary so
that the first-hop router can create the (S,G) entry, as if it an actual
registration had occured. But on the destination I believe it is not
necessary , since the whole purpose is to direct traffic to users who are not
multicast able.
On first-hop router
(*, 225.1.1.1), 01:29:02/stopped, RP 150.1.2.2, flags: S
Incoming interface: Null, RPF nbr 0.0.0.0
Outgoing interface list:
Serial0/1, Forward/Sparse, 01:29:02/00:03:18
(10.1.2.200, 225.1.1.1), 01:12:28/00:03:29, flags: T
Incoming interface: FastEthernet0/0, RPF nbr 0.0.0.0
Outgoing interface list:
Serial0/1, Forward/Sparse, 01:12:28/00:03:18
I would appreciate some feedback / comment on my analysis. Working
configurations below.
Thank You,
Pierre-Alex
----------------
Diagram:
-----------------
Server(source)--F0/0--R2----multicast----r3-e0/0--R4(Receiver)
The source 10.1.2.200 is sending udp broadcast on dest port 65300
-----
Configs
-------
!r2
interface FastEthernet0/0
ip address 10.1.2.2 255.255.255.0
ip pim sparse-mode ! REQUIRED
ip multicast helper-map broadcast 225.1.1.1 100 ! REQUIRED: for conversion of
broadcast
duplex auto
speed auto
access-list 100 permit udp any any eq 65300
ip forward-protocol udp 65300
! REQUIRED: Allows the processing of incoming udp broadcast packets
! r3
interface Ethernet0/0
ip address dhcp
ip multicast helper-map 225.5.5.5 192.168.108.255 100
! I HAVE NOT ENABLED PIM ON THIS INTERFACE
R3#sh ip int e 0/0
Ethernet0/0 is up, line protocol is up
Internet address is 192.168.108.203/24
Broadcast address is 255.255.255.255
Address determined by DHCP
MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled !-----> I HAVE NOT ENABLED
DIRECTED BROADCASTS
Multicast reserved groups joined: 224.0.0.1 224.0.0.2 224.0.0.22
! r4 (receiver)
interface Ethernet0/0
ip address dhcp
ip access-group 100 in
half-duplex
access-list 100 permit udp any any eq 65300
access-list 100 permit ip any any
Extended IP access list 100
10 permit udp any any eq 65300 (251180 matches) !!! RECEIVER IS GETTING
THE TRAFFIC
20 permit ip any any (48 matches)
This archive was generated by hypermail 2.1.4 : Sat Jul 01 2006 - 07:57:32 ART