try pkttype match El Martes, 27 de Abril de 2004 16:46, Aleksandar Milivojevic escribió: > sschlesi@xxxxxxxxx wrote: > > hi, > > > > I'm trying to stop broadcasts getting forwarded, but I'm not sure how to > > do this. i read that *.255 - which are afaik broadcast addresses - doesnt > > guarantie that its a broadcast. then i read that its possible by matching > > the mac address, because broadcast will have ff:ff:ff:ff:ff:ff . but I'm > > not sure if that's all nonsense. > > IP broadcast address does not need to end with 255. It is convention on > C class subnets to give it address of 255 (all ones), however > theoretically it can be any address, as long as you define it as > broadcast address on all of your machines. If you subnet C class to > even smaller subnets and use "all ones" convetion for broadcast address, > broadcast address will not end in 255 (for example, using "all ones" > convetion, broadcast address of 192.168.1.0/25 would be 192.168.1.127). > Same goes for A or B class subnets (If your network is defined as > 192.168.0.0/16, broadcast address (using convention) would be > 192.168.255.255, so in this case 192.168.12.255 is not broadcast > address, it's just a host in 192.168.0.0/16). > > However, do note that 255.255.255.255 is always valid broadcast address! > > The answer to your second question is, yes, on Ethernet > ff:ff:ff:ff:ff:ff is always an (Ethernet) broadcast. Ethernet > broadcasts are not the same as IP broadcast. However, IP broadcasts > packets will be encapsulated into Ethernet broadcast packets (unless you > have something really wrong in your configuraion). Do note that I saw > at least one broken higher level protocol implementation (no, it wasn't > IP) that spit out everything using Ethernet broadcasts. > > As David already told you, broadcasts should not be routed (if you want > them to be routed, you usually need to read tips-and-tricks section in > your router configuration, and do something to make it work). So the > router is the place to have them blocked.
