Configuring UDP Broadcast Helper

This chapter describes the User Datagram Protocol (UDP) Broadcast Helper feature. This feature allows applications in the Transmission Control Protocol/Internet Protocol (TCP/IP) stack to forward broadcast packets through a gateway (router) and to another network segment. The broadcast packets are typically requests from clients for access to servers, which may contain address, configuration, or name information.

A common application for UDP Broadcast Helper is related to the Bootstrap Protocol (BOOTP) and the Dynamic Host Configuration Protocol (DHCP). UDP Broadcast Helper for BOOTP and DHCP assists clients with finding their boot servers when the boot servers are located through a router and on another network segment.

3Com implements the BOOTP and DHCP relay agents in the bridge/router software, allowing existing BOOTP clients to interoperate with DHCP servers. The clients and associated servers do not need to reside on the same IP network or subnet, and changes to the client's initialization software is unnecessary.

This chapter provides information on how to configure UDP Broadcast Helper through the UDPHELP Service and how to verify the configuration. It also provides information on how to configure and customize the configuration.

For conceptual information, see "How UDP Broadcast Helper Works" later in this chapter.

UDP Broadcast Helper allows you to configure up to 32 UDP ports on your bridge/router using the ADD -UDPHELP ActivePorts command.

UDP Broadcast Helper supports several names of well-known services. The names of these services are mapped to specific UDP port numbers. (The name-to-UDP port mappings are also referred to as built-in names.) You can configure UDP ports using built-in names. Table 34 lists the supported service names, the UDP port numbers they are mapped to, and the mnemonic name for each name-to-UDP port mapping.

Table 34 Supported Service Name-to-UDP Port Mappings

UDP Port Description	UDP Port Number (Decimal)	Mnemonic Name
Daytime	13	DAYTIME
Time	37	TIME
Host name server	42	IEN116
Domain name server	53	DNS
(continued)
TACACS - database service	65	TACACS
Bootstrap protocol server	671	BPSERVER
Trivial file transfer	69	TFTP
HOSTS2 name server	81	HOSTS2
NIC host name server	101	NIC
Simple file transfer protocol	115	SFTP
NetBIOS name service	137	NBNAME
NetBIOS datagram service	138	NBDATA
AppleTalk Name Binding	202	ATNBP
AppleTalk zone information	206	ATZIS

1 BOOTP and DHCP use the same UDP port numbers: server port (67 decimal) and client port (68 decimal).

The UDP ports and built-in name mappings listed in Table 34 are reserved and cannot be changed or reconfigured.

Prerequisites

Before beginning this procedure, complete the following tasks:

• Log on to the bridge/router with Network Manager privilege.

• Set up ports and paths according to the Configuring Basic Ports and Paths chapter and the Configuring Advanced Ports and Paths chapter.

• Set up the client and server LANs and WANs according to the Configuring IP Routing chapter.

• Examine your network configuration and determine upon which bridge/routers UDP Broadcast Helper should be enabled.

• To determine what services are available through UDP Broadcast Helper, see Table 34. The number of services you want to configure determines the number of UDP ports you must configure.

• For each UDP port you intend to use, determine which networks or servers should receive related broadcast packets.

• Determine the IP addresses of the networks and servers that should receive broadcast packets.

To set up UDP Broadcast Helper, see Figure 115 and follow these steps:

Figure 115 Configuring UDP Broadcast Helper

A UDP port is part of an entity address and not related to an interface (port) on the bridge/router. In the command syntax, the UDP port does not need to be preceded by an exclamation point (!).

1 .   Enable UDP Broadcast Helper by entering:

SETDefault -UDPHELP CONTrol = Enable

2 .   Determine which UDP ports your bridge/router will be listening to or helping. Add each of these UDP ports to an active ports list using:

ADD -UDPHELP ActivePorts {<UDP port> | <name>}

You can specify a UDP port by either UDP port number or name. If you specify a UDP port by name, the name can be either a built-in or a name that you define.

If you want to specify a UDP port by a defined name, you must map the name to a UDP port number first as described in step 3, then add the UDP port to the active ports list as described in this step. To specify a UDP port by a defined name, you must perform step 3 first.

For example, to add UDP port 100, enter:

ADD -UDPHELP ActivePorts 100

To add a UDP port with the built-in name TIME, enter:

ADD -UDPHELP ActivePorts TIME

TIME is the name of a service that has a UDP port number mapped to it (see Table 34). In addition to specifying this UDP port by its built-in name, you can also specify this UDP by the port number mapped to this service. For example, you can enter:

ADD -UDPHELP ActivePorts 37

To add a UDP port with a name you define, for example, AAA, enter:

ADD -UDPHELP ActivePorts AAA

3 .   If you added a UDP port and specified it by port number, you can optionally define a name for the port and map the name to the port number. If you added a UDP port and specified it by a built-in name, skip this step and go on to step 4. If you want to add a UDP port and specify it by a name you defined, you must map the name to a UDP port number.

Use:

ADD -UDPHELP Name <name string> <UDP port>

For example, to map the defined name AAA to UDP port number 100, enter:

ADD -UDPHELP Name AAA 100

4 .   For each UDP port you added to the active ports list, 3Com recommends that you set up a list of networks and servers that should receive UDP broadcast packets.

After you add a UDP port to the active ports list, the bridge/router automatically forwards broadcast packets destined for the UDP port to all interfaces. You do not need to set up a list of networks and servers that should receive UDP broadcast packets. However, 3Com strongly recommends limiting the networks and server that receive UDP broadcast packets to help prevent broadcast storms and loops.

You can use one of the following syntaxes:

ADD -UDPHELP ForwardAddress <UDP port or name> <IP address>

ADD -UDPHELP ForwardAddress <UDP port or name> <IP address> <subnet mask>

ADD -UDPHELP ForwardAddress <UDP port or name> <IP address> <subnet mask> [Ones | Zeroes]

ADD -UDPHELP ForwardAddress <UDP port or name> <list of interfaces>

You can add up to 32 addresses to the forward address list.

For example, using the network configuration shown in Figure 115, add server 1 to a list for UDP port AAA by entering:

ADD -UDPHELP ForwardAddress AAA 30.0.0.1

The bridge/router forwards broadcast packets destined for UDP port AAA to server 1 only.

To add network 2 to a list for UDP port TIME, enter:

ADD -UDPHELP ForwardAddress TIME 20.0.0.0

The bridge/router forwards broadcast packets destined for UDP port TIME to all nodes on network 2.

The bridge/router does not rebroadcast packets through X.25, Frame Relay, and SMDS interfaces. You must add the IP address of each server to the list of servers that must receive UDP broadcast packets.

5 .   To limit the reach of a broadcast packet and the potential duration of broadcast storms, 3Com recommends you specify the default number of seconds that pass before a broadcast packet is discarded. Use:

SETDefault -UDPHELP TTLOverride = <seconds>(1-255)

Upon receiving a client's request packet, the bridge/router assigns the packet a time-to-live (TTL) value. The bridge/router assigns the lowest TTL value among the following possible sources:

• The TTL value of the incoming request packet minus one

• The TTL value configured by the -UDPHELP TTLOverride parameter

• The TTL value configured by the -IP DefaultTTL parameter

  If the TTL value configured by the -UDPHELP TTLOverride parameter is the lowest, the bridge/router forwards the packet with the TTL value configured by this parameter, which overrides the other TTL values.

For more information on the UDPHELP Service parameters used in this procedure, see the UDPHELP Service Parameters chapter in Reference for Enterprise OS Software. For more information on the -IP DefaultTTL parameter, see the IP Service Parameters chapter in Reference for Enterprise OS Software.

UDP Broadcast Helper allows you to set up BOOTP and DHCP so clients can boot from an unspecified server, which may be located through a router and on another network segment. The bridge/router forwards the BOOTPREQUEST packet and DHCP messages from a booting client to a server that can respond with the client's IP address.

If your network is quickly growing or changing, you may want to use the UDP Broadcast Helper for BOOTP instead of configuring a client to boot from one particular server, and then have to reconfigure the client to boot from another server if the network configuration changes.

By supporting both the BOOTP and DHCP relay agents, the bridge/router software allows existing BOOTP clients to interoperate with DHCP servers. BOOTP and DHCP clients and their associated servers often times do not reside on the same IP network or subnetwork. If the bridge/router software does not provide support for a relay agent, every subnet that has BOOTP and DHCP clients is required to have a BOOTP and DHCP server.

Prerequisites

Before beginning this procedure, complete the following tasks:

• Log on to the bridge/router with Network Manager privilege.

• Set up ports and paths according to the Configuring Basic Ports and Paths chapter and the Configuring Advanced Ports and Paths chapter.

• Set up the client and server LANs and WANs according to the Configuring IP Routing chapter.

• Examine your network configuration and determine which bridge/routers UDP Broadcast Helper for BOOTP should be enabled upon.

• Determine which networks or servers should receive BOOTPREQUEST packets.

• If possible, determine the IP addresses of the networks or servers that should receive BOOTPREQUEST packets.

To configure UDP Broadcast Helper for BOOTP and DHCP, see Figure 116 and follow these steps:

Figure 116 Configuring UDP Broadcast Helper for BOOTP

1 .   Enable UDP Broadcast Helper by entering:

SETDefault -UDPHELP CONTrol = Enable

2 .   Add a UDP port for the BOOTP or DHCP server to the active ports list.

You can specify either the built-in name BPSERVER or the UDP port number 67, which is mapped to built-in name BPSERVER. Both BOOTP and DHCP use the same UDP port numbers.

Enter either:

ADD -UDPHELP ActivePorts bpserver

or

ADD -UDPHELP ActivePorts 67

3 .   For UDP port 67 or BPSERVER, 3Com recommends that you set up a list of networks and servers that should receive the BOOTPREQUEST broadcast packets.

If your bridge/router is configured to boot from a server that is accessed through an X.25, Frame Relay, or SMDS interface, you must perform this step. The bridge/router does not rebroadcast BOOTPREQUEST packets over X.25, Frame Relay, or SMDS interfaces.

For an SMDS network, the group address functions as a LAN broadcast.

For X.25 and Frame Relay networks, the router duplicates the packet and forwards it to each configured or dynamically learned neighbor.

You need to configure the ForwardAddress parameter to eliminate unnecessary LAN broadcast packets using one of the following syntaxes:

ADD -UDPHELP ForwardAddress <UDP port or name> <IP address>

ADD -UDPHELP ForwardAddress <UDP port or name> <IP address> <subnet mask>

ADD -UDPHELP ForwardAddress <UDP port or name> <IP address> <subnet mask> [Ones | Zeroes]

ADD -UDPHELP ForwardAddress <UDP port or name> <list of interfaces>

You can add up to 32 addresses to the forward address list.

If you know the specific IP address of the server (or the network IP address where the servers resides) from which the client should obtain its IP address, add the address to the list.

For example, if the address of the server that responds to the BOOTPREQUEST packets is 10.1.0.1, you can add this address to the list by entering:

ADD -UDPHELP ForwardAddress 67 10.1.0.1

In the next two examples, you can specify the mnemonic name BPSERVER instead of 67.

To forward BOOTPREQUEST packets to all servers on a specific network, enter:

ADD -UDPHELP ForwardAddress 67 10.0.0.0

The bridge/router stores address 10.255.255.255 in the list, meaning that all servers (hosts) on network 10 will receive the BOOTPREQUEST packet.

4 .   Optionally, configure the bridge/router to detect unauthorized BOOTP and DHCP servers using:

ADD -UDPHELP AuthDHCPServer <IP address>

Specify the addresses of authorized servers. You can add up to 32 servers to the list.

Any BOOTPREPLY or DHCP OFFER packet received with an IP source address that does not match any server's IP address on the list is discarded, a system message is entered, and an SNMP trap is sent. For information about the trap, see "AuthDHCPServer" in Reference for Enterprise OS Software.

For more information on the parameters used in this procedure, see the UDPHELP Service Parameters chapter in Reference for Enterprise OS Software.

This completes the basic configuration for UDP Broadcast Helper for BOOTP and DHCP. Information on customizing the configuration of UDP Broadcast Helper for BOOTP is described later in this chapter.

This section summarizes the commands you need to know to verify UDP Broadcast Helper (including UDP Broadcast Helper for BOOTP) configuration and obtain related statistics.

Checking Parameter Settings

You can check the settings of all parameters associated with UDP Broadcast Helper and UDP Broadcast Helper for BOOTP by entering:

SHow -UDPHELP CONFiguration

You can obtain statistics related to UDP Broadcast Helper and BOOTP by entering:

SHow -SYS STATistics -UDPHELP

Statistics for UDP Broadcast Helper are displayed. For information on the elements of the display, see the Statistics Displays appendix.

You can customize UDP Broadcast Helper for BOOTP configuration by configuring the BootpMaxHops and BootpThreshold parameters in the UDPHELP Service. The BootpMaxHops parameter limits the number of hops that a BOOTPREQUEST packet can make on a network. The BootpThreshold parameter prioritizes and forwards BOOTPREQUEST packets to a server according to a predetermined plan and determines which clients are booted first.

Limiting the Number of Hops

By configuring the BootpMaxHops parameter and limiting the number of hops, you can control how far a BOOTPREQUEST packet can travel on a network. For example, if your network configuration is similar to that shown in Figure 117, you can set the BootpMaxHops value on bridge/router C so that clients in a given area of the network can only boot from a specific server or servers.

Figure 117 Limiting the Number of Hops for BOOTPREQUEST Packets

Prerequisites

Before beginning the procedure, make sure that you have configured UDP Broadcast Helper for BOOTP as described earlier in this chapter.

Procedure

For the following procedure, assume that a client on Network A needs to send BOOTPREQUEST packets to server B on network E. Because you do not know the IP address of server B and you have not configured the ForwardAddress parameter on any of the bridge/routers, each bridge/router will continue to forward the packet out each of its ports and flood the network with packets. To control this flood of packets, you can configure the BootpMaxHops parameter as follows:

1 .   On port 1 of bridge/router C, configure the BootpMaxHops parameter to 2 by entering:

SETDefault !1 -UDPHELP BootpMaxHops = 2

2 .   On port 2 of bridge/router C, configure the BootpMaxHops parameter to 1 by entering:

SETDefault !2 -UDPHELP BootpMaxHops = 1

When bridge/router C receives BOOTREQUEST packets from the clients on network A, it forwards the packets to the server on network E. However, bridge/router C receives and discards the BOOTPREQUEST packets from the clients on network B because the BootpMaxHops parameter value is set to 1 on port 2. Bridge/Router C discards the BOOTPREQUEST packets because the packets have already traversed one gateway, which is bridge/router B.

For additional information on the BootpMaxHops parameter, see the UDPHELP Service Parameters chapter in Reference for Enterprise OS Software.

By configuring the BootpThreshold parameter in the UDPHELP Service, you can determine which clients are booted first. For example, if your network configuration is similar to that shown in Figure 118, you can set the BootpThreshold value on each bridge/router port so that clients are booted according to a predetermined plan.

Figure 118 Determining Which Clients are Booted First

Prerequisites

Before beginning this procedure, complete the following tasks:

• Configure UDP Broadcast Helper for BOOTP as described earlier in this chapter.

• Determine which clients you want to boot first.

For the following procedure, assume that according to your predetermined plan, you want the clients on network A to be booted first, then the clients on network B, and then the clients on network D. You need to set the BootpThreshold parameter on bridge/router ports 1, 2, and 3 to different values so that the bridge/router will prioritize and forward the BOOTPREQUEST packets to the server in the proper order. To determine which clients are booted first, follow these steps:

1 .   Set the BootpThreshold value on port 1 to the lowest value of all three ports.

To change the setting, enter:

SETDefault !1 -UDPHELP BootpThreshold = 0

2 .   Set the BootpThreshold value on port 2 to the next lowest value of all three ports by entering:

SETDefault !2 -UDPHELP BootpThreshold = 40

3 .   Set the BootpThreshold value on port 3 to a value greater than that set for ports 1 and 2 by entering:

SETDefault !3 -UDPHELP BootpThreshold = 100

When all the clients send out BOOTPREQUEST packets (the Seconds Elapsed Field in the BOOTPREQUEST packet is initially set to 0) at the same time, the bridge/router forwards the packets received on port 1 because the Seconds Elapsed Field and BootpThreshold value match. The bridge/router discards the packets received on port 2 and 3 because the Seconds Elapsed Field in these packets is less than the BootpThreshold value configured for ports 2 and 3.

The clients on networks B and D increase the Seconds Elapsed Field value in the BOOTPREQUEST packets and resend the packets. When the Seconds Elapsed Field value is greater than or equal to the BootpThreshold value on port 2, the bridge/router forwards the packets from the clients on network B to the server on network C. The bridge/router continues to discard the BOOTPREQUEST packets from network D until the Seconds Elapsed Field value is greater than or equal to the BootpThreshold value for port 3.

For additional information on the BootpThreshold parameter, see the UDPHELP Service Parameters chapter in Reference for Enterprise OS Software.

When boot servers are located through a router on another network, UDP Broadcast Helper helps BOOTP and DHCP clients to locate the server and retrieve address, configuration, and name information. Without the implementation of this feature, broadcast packets will not be propagated outside of the same network.

Broadcast packets generally do not traverse a router; however, there are some situations in which it is useful to propagate broadcast packets to other networks.

For example, in the topology shown in Figure 119, a client on network 129.1.0.0 may require access to a time server on network 129.2.0.0. Normally broadcast requests from the client on network 129.1.0.0 would not be forwarded to servers on network 129.2.0.0; however, you can configure UDP Broadcast Helper to allow the forwarding of broadcast requests to servers on network 129.2.0.0.

Figure 119 Sample UDP Broadcast Helper Topology

UDP applications are identified within a packet by "well-known" port numbers. You can configure the bridge/router to allow broadcast packets to well-known port 37, which is the port number mapped to built-in name TIME for the time service, through to network 129.2.0.0.

BOOTP and DHCP Protocols

The BOOTP Protocol is built on the client-server model and allows a single BOOTP reply to specify many items needed for a client to boot, including the client IP address, the address of a gateway, and the address of a server.

The DHCP Protocol is an extension of the BOOTP Protocol and is also built on the client-server model. DHCP is specifically designed for servers in large network environments that have nomadic users and complex TCP/IP software configurations.

DHCP not only allows a host to automatically allocate reusable IP addresses and additional configuration parameters needed for client operations, it also allows the client/server host to configure host parameters not directly related to the IP Protocol. This feature allows the host to exchange packets with any other host on the Internet. However, DHCP does not register newly configured hosts with the Domain Name System and is not used to configure routers.

The 3Com implementation of UDP Broadcast Helper feature includes the BOOTP and DHCP relay agent, which allows clients and their associated servers not residing on the same IP network or subnetwork to communicate. Without the relay agent, every subnet that has BOOTP and DHCP clients would be required to have a BOOTP and DHCP server.

Although the BOOTP and DHCP Protocols uses the same UDP port numbers (67 and 68), they have some important differences as follows:

• DHCP allows IP addresses to be "leased" for a fixed length of time.

  Groups of hosts that do not need permanent IP addresses can lease an address from a limited pool of addresses. Also, a host that is only temporarily connected to the network can be assigned an IP address because the addresses can be reused when they are no longer needed by the original host.

• DHCP packet length is longer than BOOTP.

  The additional packet length allows a DHCP server to provide the client with all the IP configuration parameters that it needs to operate.

• DHCP is a more complicated protocol than BOOTP.

  DHCP has seven message types; BOOTP uses only two. In addition, DHCP requires complex state machines.