From: Lou Ioanni (louisccie_r_s@yahoo.com)
Date: Wed Feb 21 2007 - 15:36:54 ART
It is a common practice for security, especially on edge routers. "no ip directed broadcast" protects against Smurf attacks
"The "smurf" attack, named after its exploit program, is one of the most recent in the category of network-level attacks against hosts. A perpetrator sends a large amount of ICMP echo (ping) traffic at IP broadcast addresses, all of it having a spoofed source address of a victim. If the routing device delivering traffic to those broadcast addresses, most hosts on that IP network will take the ICMP echo request and reply to it with an echo reply each, multiplying the traffic by the number of hosts responding. On a multi-access broadcast network, there could potentially be hundreds of machines to reply to each packet."
Sometimes it is necessary to enable ip directed broadcasts on an interface. For example recently I replace an existing device with Cisco 4500 and I disabled ip directed broadcast on all interfaces. Then the customer told me that one server was not seen (not accessible). He said that there was no default gateway configured on the server and that is the way always worked. When I enabled the "ip directed broadcast" on the interface the server was seen in the network without using a default gateway. Just have that in mind.
Thanks,
Loizos Y.
CCIE#10702 R & S
bobby bobby <ccie_boy@yahoo.com> wrote: Please i was confused in arguement with a colleque in the office.Please can
anyone enlighten me more on this command on a router .
no ip direct
broadcast
This archive was generated by hypermail 2.1.4 : Thu Mar 01 2007 - 07:38:47 ART