Adtran
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
darra268
New Contributor II
‎06-22-2013 01:34 PM

Is it possible to have IP-helper addresses for 2 different servers on differing ports from the same interface?

Jump to solution

I need to forward udp bootps for dhcp relay and I also need to forward udp (from the same interface) on port 47808 to a different a internal IP. Will it forward the UDP traffic to both listed IP's and let them accept what they want? How would I make this happen?  

0 Kudos
Reply
1 Solution

Accepted Solutions
jayh
Honored Contributor
Honored Contributor
‎06-26-2013 03:53 PM

Re: Is it possible to have IP-helper addresses for 2 different servers on differing ports from the same interface?

Jump to solution

You can add multiple helper-address statements to the interface configuration.  Broadcasts will be sent as unicast to all of the helper addresses.  You can specify ports for UDP relay globally but not selectively, so both or all helpers will receive all forwarded broadcasts as unicast.  At the application layer the receiving servers should ignore the unwanted traffic.

router(config-eth 0/1)# ip helper-address 10.1.1.1

router(config-eth 0/1)# ip helper-address 10.2.2.2

router(config)# ip forward-protocol udp bootps

router(config)# ip forward-protocol udp 47808

You may also be able to restrict the unwanted traffic with an ACL outbound toward the server(s) receiving the traffic.

router(config-ext-nacl)# deny udp  any host 10.1.1.1 eq 47808

router(config-ext-nacl)# deny udp any host 10.2.2.2 eq bootps

router(config-ext-nacl)# permit ip any any

and apply to outbound interface policy. I haven't tested the filtering part but it should work.  You may need to treat the source as "self" in the access policy if the Adtran device considers forwarded broadcasts to be self-generated.

View solution in original post

0 Kudos
Reply
3 Replies
Anonymous
Not applicable
‎06-26-2013 02:41 PM

Re: Is it possible to have IP-helper addresses for 2 different servers on differing ports from the same interface?

Jump to solution

@darra268 - Thanks for posting your question on the forum!

Usually, I would say it is not possible to have 2 different ip-helper addresses on the same interface. However, you may be able to workaround this since one of the ports you want to forward is for DHCP.

First, you can set up UDP relay for port 47808 following this guide: Configuring UDP Relay in AOS - Quick Configuration Guide

Then for DHCP, you can use the dhcp relay destination command to specify the IP address you want DHCP requests to forward to. You can set this in the interface configuration with the following syntax:

ip dhcp relay destination <IP address>

An example of how to set this up can be found in this thread: Interface-level "dhcp relay destination" command issues

Please do not hesitate to let us know if you have any further questions.

Thanks,

Noor

Accept as Solution Reply
jayh
Honored Contributor
Honored Contributor
‎06-26-2013 03:53 PM

Re: Is it possible to have IP-helper addresses for 2 different servers on differing ports from the same interface?

Jump to solution

You can add multiple helper-address statements to the interface configuration.  Broadcasts will be sent as unicast to all of the helper addresses.  You can specify ports for UDP relay globally but not selectively, so both or all helpers will receive all forwarded broadcasts as unicast.  At the application layer the receiving servers should ignore the unwanted traffic.

router(config-eth 0/1)# ip helper-address 10.1.1.1

router(config-eth 0/1)# ip helper-address 10.2.2.2

router(config)# ip forward-protocol udp bootps

router(config)# ip forward-protocol udp 47808

You may also be able to restrict the unwanted traffic with an ACL outbound toward the server(s) receiving the traffic.

router(config-ext-nacl)# deny udp  any host 10.1.1.1 eq 47808

router(config-ext-nacl)# deny udp any host 10.2.2.2 eq bootps

router(config-ext-nacl)# permit ip any any

and apply to outbound interface policy. I haven't tested the filtering part but it should work.  You may need to treat the source as "self" in the access policy if the Adtran device considers forwarded broadcasts to be self-generated.

0 Kudos
Reply
darra268
New Contributor II
‎08-09-2013 11:24 AM

Re: Is it possible to have IP-helper addresses for 2 different servers on differing ports from the same interface?

Jump to solution


Both offered solutions worked up to a point. Because I ended up with a need to forward UDP to 3 different ports and systems, I ended up using the latter. It is working. Thanks!!

0 Kudos
Accept as Solution Reply