Name
ip directed-broadcast — interface
Synopsis
ip directed-broadcast [access-list]
no ip directed-broadcastConfigures
Broadcast forwarding
Default
Enabled (disabled for IOS 12.0 and later)
Description
By default, the router automatically translates directed broadcasts to physical broadcasts within your network. In other words, Layer 3 broadcasts to the IP broadcast address (10.10.1.255 for the subnet 10.10.1.0/24) are translated into Layer 2 broadcasts with an address appropriate for the interface (e.g., ff:ff:ff:ff:ff:ff for an Ethernet interface).
While this can be useful, an interface that is configured to the outside world could allow a potential hacker to flood your network by pinging the broadcast address on your interface. It is recommended that directed-broadcast is disabled on your external interfaces to prevent this attack from occurring. Directed broadcast is also the primary mechanism used for the “smurf” attack. It is recommended that you disable directed broadcast on all your interfaces unless you have a very good reason to use it.
Example
To disable directed broadcasts:
interface serial 0
no ip directed-broadcast