Can switches on different vlans pass broadcast packets from one vlan to another?

We have several vlans in our network all of which have their own switch.
I was told that the switch can pass broadcast packets within it's own vlan but not across and to another vlan. The reason I'm asking is that I have an application on a windows 2008 r2 server that needs to use the computer browser service to look for other machines on the network. It can find other machines but only on it's own vlan. I can go to windows explorer and type in \\machine name\  and get to the specific machine but this application does not work that way.
If I put in all of the vlan ip ranges in the application it still will only find those workstations in the same vlan as the server.
I'm thinking this is because of the way the network switches are configured.
Can anyone shed some light for me on how switches on vlans works?
sweetwater4Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

DarrinZuroffCommented:
I couldn't tell you exactly how to configure it but I might be able to point you in the right direction.  You need to configure IP Helper which routes packets between different VLans.  You will need a router or switch capable of Layer 3 routing in order for this to work.  Perhaps someone else can elaborate, but if you search for IP Helper you will find a lot of information on the topic.
0
Faruk Onder YerliOwnerCommented:
Hi;

you can think VLAN like ip sub-net application which is located in layer2. If switch micro segmentation system doesn't have any bugs, switch never announce any type of frame another VLANs. Some special case, you can copy one VLAN frames to another VLAN. For example if you have voip system and you want to record all conversations, you may migrate all voip vlan data to data recorder port and you may record all voice in server. In cisco switches it is called "SPAN". If you don't have such conf in your switches it is impossible to hear to VLAN each other without router.

If you want to communicate 2 vlans each other, they can just talk in layer3. (if router is allowing to talk). \\machinename\ works as below.
- Broadcast machine name (layer2)
- get ip address (layer2)
- connect over ip
if your DNS server is allowing to use NETBIOS name for each domain server and computer, in that time it is working as below.
- ask DNS netbios name
- get IPaddress
- Connect over ip




 
0
Faruk Onder YerliOwnerCommented:
ip helper command can transfer L2 broadcast frame to specific host. not another VLAN. also ip helper can  usable in router not on switch. IP helper generally using for DHCP requests from servers.
0
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

sweetwater4Author Commented:
so equalizer basically are you saying that it can be done on the swith side but in layer 3?
0
Faruk Onder YerliOwnerCommented:
i am telling that layer2 broadcast message can trasferable to spesific host over ip helper command on router.
you never can send layer2 broadcast from one vlan the another vlan without  L3 encapsulation on L2 frame.
0
that1guy15Commented:
yeah broadcast will only traverse a layer two broadcast domain (aka VLAN). once it needs to pass from vlan to vlan then it must use routing (layer 3) which means that the broadcast must jump from one broadcast domain to another. For this to be done a router need to know were to send the broadcast. This is were the ip helper or directed broadcast command comes into play.

"ip helper-address" can be used to direct all broadcast from a VLAN to a specific IP address on another vlan or network. Is is commonly used for DHCP assignment across multiple vlans.

"ip directed-broadcast" is used for host on a vlan to broadcast out (usually discovery) to every device across multiple VLANS (aka broadcast domains). So it would allow a single host to broadcast out to find a device. This broadcast would then be forwarded by your router to the allowed vlans in your network.

Im guessing you will want to use directed broadcasts.

here is a link that explains both commands and how to configure them on your router or multi-layer switch.

http://www.cisco.com/en/US/docs/ios/12_3t/ip_addr/command/reference/ip1_i1gt.html#wp1168114
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Rick_O_ShayCommented:
In normal VLAN switching, by design, broadcasts are contained to the VLAN they originated in.

If your application can use an ip directed broadcast for each of the other VLAN IP ranges then your router,
or L3 function on your switch, will route those ip directed broadcasts normally to the subnet where they need to be delivered. With directed broadcast enabled on the router's interface where that destination subnet lives it would be sent as a normal broadcast to all stations on that VLAN.

With an ACL you can restrict the ability to pass IP directed broadcasts from only the server in question and drop all others that might be generated for denial of service purposes etc.

The IP helper works in the reverse in that it takes a broadcast received on one VLAN and converts it into a unicast packet to be routed to a single server on another VLAN.

Neither one affects the behavior of the local broadcasts sent and received on the VLAN.

0
lrmooreCommented:
Good information above, I'd just like to add something..
You need to understand how to your application broadcasts for other hosts. Does it use a simple subnet broadcast where it uses it's local IP address broadcast? For example, if the server's IP address is 192.168.1.100, it may use the subnet broadcast of 192.168.1.255. If this is the case, then the broadcast will never get anywhere else no matter what you do on the switch, because this is not only a L2 broadcast boundary, but also a layer3 boundary. If the server broadcasts all 1's - 255.255.255.255, then this is also difficult to propagate across subnets because there is no layer 3 boundary. The ideal situation is that you have a class B network address, subnetted into class C subnets, each vlan a class C, and the application does a classfull broadcast, ie.  172.16.1.100 host sends broadcast to 172.16.255.255
Now we have something that we can classify at Layer 3 as "directed broadcast" and we can do something with it, but only at layer 3. We can re-broadcast it to all vlans/subnets within the summary mask of 172.16.0.0/16
On a layer 3 device, like a router or L3 switch, we simply enable ip directed broadcasts on the interfaces, then add specific port commands as below, but you need to know the port number it broadcasts on:
 ip forward-protocol udp netbios-ns
 ip forward-protocol udp <port#>
0
kingmansonCommented:
Do you have a Windows domain or workgroup? For WIndows network browsing across subnets you need a domain controller. Each subnet will elect a master browser, which can be a client or server machine. That machine will maintain the master browse list for that subnet. If there is a server on that subnet the master browser will be a server but it could be a client and will be the client with the most recent OS. The subnet Master Browsers share their browse lists with domain controllers and one of the domain controllers is the Domain Master Browser.
0
kingmansonCommented:
BTW: Here is a link to network browser info at Microsoft:

http://technet.microsoft.com/en-us/library/bb726989.aspx

0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.