Stopping IP croadcasts from reaching a device

I am testing an IP device on our LAN and need to stop all IP broadcasts such as browser announcements from reaching that device. I did it by putting a router inbetween our LAN and the control network that this device is on and this worked fine. My question is: Are there any other ways of doing this without having to segment it with a router? I think that maybe a VLAN might be able to accomplish this using a Cisco Catalyst switch but I'm not positive. Could someone verify this for me and also suggest any other options or switch brands (If it is possible to do it with a switch at all) that might work? This device still needs to be accessible to all traffic specifically destined for it but the IP broadcasts should not reach it. Thanks!
GBPAsked:
Who is Participating?
 
scraig84Connect With a Mentor Commented:
By implementing VLANs you still need a router to make this VLAN accessible to the other VLANs and segments.  VLANS are simply multiple segments within the confines of a single device or group of devices.  They give more flexibility than the traditional segmentation by a single device.

However, getting back to your question, the router (or corresponding segment it serves) is still the basic boundary of a broadcast domain.  So there is really not many options that you have aside from placing some type of filtering software on the machine itself that does not listen to anything but packets destined specifically for it.  However, this still causes packet processing :).
0
 
lrmooreConnect With a Mentor Commented:
Agree with scraig84. Ethernet by design is comprised of both broadcast and collision domains. Setting up VLANs makes each broadcast domain smaller, but each VLAN is still considered a broadcast domain. A router is required to move packets between brodcast domains. If your goal is to have an application/server that cannot receive broadcasts then there are not many options other than using a router. That is the best way, but you could also use a layer 3 switch which is basically a very fast slimmmed down router with multiple ports.
One option would be Cisco's 3550 intelligent switches:
http://www.cisco.com/warp/public/cc/pd/si/casi/ca3550/prodlit/c355e_ds.htm

0
 
boiledfrogCommented:
Sorry if if this has been covered...

What kind of device?

If it's a PC running winXP Pro you can run the built in firewall - this can be set to ignore pretty much anything!
0
 
CbrackerCommented:
This may not work - I haven't tested it w/broadcast IP addresses, but if you are using Catalyst switch, have you tried putting an access list on the port blocking the broadcast IP?  
0
 
CleanupPingCommented:
GBP:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.