Solved

Stopping IP croadcasts from reaching a device

Posted on 2002-06-20
5
306 Views
Last Modified: 2010-04-11
I am testing an IP device on our LAN and need to stop all IP broadcasts such as browser announcements from reaching that device. I did it by putting a router inbetween our LAN and the control network that this device is on and this worked fine. My question is: Are there any other ways of doing this without having to segment it with a router? I think that maybe a VLAN might be able to accomplish this using a Cisco Catalyst switch but I'm not positive. Could someone verify this for me and also suggest any other options or switch brands (If it is possible to do it with a switch at all) that might work? This device still needs to be accessible to all traffic specifically destined for it but the IP broadcasts should not reach it. Thanks!
0
Comment
Question by:GBP
5 Comments
 
LVL 8

Accepted Solution

by:
scraig84 earned 25 total points
ID: 7097097
By implementing VLANs you still need a router to make this VLAN accessible to the other VLANs and segments.  VLANS are simply multiple segments within the confines of a single device or group of devices.  They give more flexibility than the traditional segmentation by a single device.

However, getting back to your question, the router (or corresponding segment it serves) is still the basic boundary of a broadcast domain.  So there is really not many options that you have aside from placing some type of filtering software on the machine itself that does not listen to anything but packets destined specifically for it.  However, this still causes packet processing :).
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 25 total points
ID: 7097240
Agree with scraig84. Ethernet by design is comprised of both broadcast and collision domains. Setting up VLANs makes each broadcast domain smaller, but each VLAN is still considered a broadcast domain. A router is required to move packets between brodcast domains. If your goal is to have an application/server that cannot receive broadcasts then there are not many options other than using a router. That is the best way, but you could also use a layer 3 switch which is basically a very fast slimmmed down router with multiple ports.
One option would be Cisco's 3550 intelligent switches:
http://www.cisco.com/warp/public/cc/pd/si/casi/ca3550/prodlit/c355e_ds.htm

0
 

Expert Comment

by:boiledfrog
ID: 7097920
Sorry if if this has been covered...

What kind of device?

If it's a PC running winXP Pro you can run the built in firewall - this can be set to ignore pretty much anything!
0
 
LVL 1

Expert Comment

by:Cbracker
ID: 7293466
This may not work - I haven't tested it w/broadcast IP addresses, but if you are using Catalyst switch, have you tried putting an access list on the port blocking the broadcast IP?  
0
 

Expert Comment

by:CleanupPing
ID: 9155589
GBP:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0

Featured Post

New My Cloud Pro Series - organize everything!

With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now