Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Stopping IP croadcasts from reaching a device

Posted on 2002-06-20
5
Medium Priority
?
315 Views
Last Modified: 2010-04-11
I am testing an IP device on our LAN and need to stop all IP broadcasts such as browser announcements from reaching that device. I did it by putting a router inbetween our LAN and the control network that this device is on and this worked fine. My question is: Are there any other ways of doing this without having to segment it with a router? I think that maybe a VLAN might be able to accomplish this using a Cisco Catalyst switch but I'm not positive. Could someone verify this for me and also suggest any other options or switch brands (If it is possible to do it with a switch at all) that might work? This device still needs to be accessible to all traffic specifically destined for it but the IP broadcasts should not reach it. Thanks!
0
Comment
Question by:GBP
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 8

Accepted Solution

by:
scraig84 earned 100 total points
ID: 7097097
By implementing VLANs you still need a router to make this VLAN accessible to the other VLANs and segments.  VLANS are simply multiple segments within the confines of a single device or group of devices.  They give more flexibility than the traditional segmentation by a single device.

However, getting back to your question, the router (or corresponding segment it serves) is still the basic boundary of a broadcast domain.  So there is really not many options that you have aside from placing some type of filtering software on the machine itself that does not listen to anything but packets destined specifically for it.  However, this still causes packet processing :).
0
 
LVL 79

Assisted Solution

by:lrmoore
lrmoore earned 100 total points
ID: 7097240
Agree with scraig84. Ethernet by design is comprised of both broadcast and collision domains. Setting up VLANs makes each broadcast domain smaller, but each VLAN is still considered a broadcast domain. A router is required to move packets between brodcast domains. If your goal is to have an application/server that cannot receive broadcasts then there are not many options other than using a router. That is the best way, but you could also use a layer 3 switch which is basically a very fast slimmmed down router with multiple ports.
One option would be Cisco's 3550 intelligent switches:
http://www.cisco.com/warp/public/cc/pd/si/casi/ca3550/prodlit/c355e_ds.htm

0
 

Expert Comment

by:boiledfrog
ID: 7097920
Sorry if if this has been covered...

What kind of device?

If it's a PC running winXP Pro you can run the built in firewall - this can be set to ignore pretty much anything!
0
 
LVL 1

Expert Comment

by:Cbracker
ID: 7293466
This may not work - I haven't tested it w/broadcast IP addresses, but if you are using Catalyst switch, have you tried putting an access list on the port blocking the broadcast IP?  
0
 

Expert Comment

by:CleanupPing
ID: 9155589
GBP:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0

Featured Post

Simplify Your Workload with One Tool

How do you combat today’s intelligent hacker while managing multiple domains and platforms? By simplifying your workload with one tool. With Lunarpages hosting through Plesk Onyx, you can:

Automate SSL generation and installation with two clicks
Experience total server control

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question