This article provides configuration information to forward IP packets destined for a Layer 3 broadcast address.
In the following example, when an IP packet addressed as 10.10.10.255 is sent from the corporate network 192.168.1.0/24, the packets are dropped at the firewall located at the remote office. The intent is to send broadcast addresses addressed to a remote network from corporate network to detect hosts/machines located in a remote office.
Targeted Broadcast Diagram
By default, the router/firewall does not forward the IP packets destined for a Layer 3 broadcast address, as it is designed to break broadcast domain.
To forward IP packets destined for Layer 3 broadcast address, it is necessary to configure the targeted broadcast to an egress interface and/or routing engine.
Perform the following configuration to enable targeted broadcast:
- Configure the physical interface:
[edit] user@host# edit interfaces interface-name
- Configure the logical unit number:
edit interfaces interface-name] user@host# edit unit logical-unit-number
- Configure the protocol family inet:
[edit interfaces interface-name unit logical-unit-number] user@host# edit family inet
- Configure targeted broadcast:
[edit interfaces interface-name unit logical-unit-number family inet] user@host# edit targeted-broadcast
- Specify one of the following options:
- To send packets to the egress interface and to the Routing Engine:
[edit interfaces interface-name unit logical-unit-number family inet targeted-broadcast] user@host# set forward-and-send-to-re
- To send packets to only the egress interface:
[edit interfaces interface-name unit logical-unit-number family inet targeted-broadcast] user@host# set forward-only
This is not a supported feature in high-end SRX series of devices.