Configuring directed broadcast

A directed broadcast is a frame sent to the subnet broadcast address on a remote IP subnet. When you disable (or suppress) directed broadcasts on an interface, all frames sent to the subnet broadcast address for a local router interface are dropped. Disabling directed broadcasts protects hosts from possible denial-of-service (DOS) attacks. By default, this feature is enabled on the device.

Procedure

  1. Enter VLAN Interface Configuration mode:

    enable

    configure terminal

    interface vlan <1–4059>

  2. Configure the switch to forward directed broadcasts for a VLAN:

    ip directed-broadcast enable

Example

Enable directed broadcast on a VLAN:

Switch:1>enable
Switch:1#configure terminal
Switch:1(config)#interface vlan 2
Switch:1(config-if)#ip directed-broadcast enable

Display VLAN IDs with directed broadcast enabled:

Switch:1>show ip directed-broadcast vlan

                               Vlan Directed-Broadcast
    ==========================================================================================
    VLAN ID  DIRECTED-BROADCAST
    ------------------------------------------------------------------------------------------
    2        true

Variable Definitions

The following table defines parameters for the ip directed-broadcast command.

Variable

Value

enable

Enables the device to forward directed broadcast frames to the specified VLAN. The default setting for this feature is enabled.