cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
darra268
New Contributor II

Is it possible to have IP-helper addresses for 2 different servers on differing ports from the same interface?

Jump to solution

I need to forward udp bootps for dhcp relay and I also need to forward udp (from the same interface) on port 47808 to a different a internal IP. Will it forward the UDP traffic to both listed IP's and let them accept what they want? How would I make this happen?  

0 Kudos
1 Solution

Accepted Solutions
jayh
Honored Contributor
Honored Contributor

Re: Is it possible to have IP-helper addresses for 2 different servers on differing ports from the same interface?

Jump to solution

You can add multiple helper-address statements to the interface configuration.  Broadcasts will be sent as unicast to all of the helper addresses.  You can specify ports for UDP relay globally but not selectively, so both or all helpers will receive all forwarded broadcasts as unicast.  At the application layer the receiving servers should ignore the unwanted traffic.

router(config-eth 0/1)# ip helper-address 10.1.1.1

router(config-eth 0/1)# ip helper-address 10.2.2.2

router(config)# ip forward-protocol udp bootps

router(config)# ip forward-protocol udp 47808

You may also be able to restrict the unwanted traffic with an ACL outbound toward the server(s) receiving the traffic.

router(config-ext-nacl)# deny udp  any host 10.1.1.1 eq 47808

router(config-ext-nacl)# deny udp any host 10.2.2.2 eq bootps

router(config-ext-nacl)# permit ip any any

and apply to outbound interface policy. I haven't tested the filtering part but it should work.  You may need to treat the source as "self" in the access policy if the Adtran device considers forwarded broadcasts to be self-generated.

View solution in original post

0 Kudos
3 Replies
Anonymous
Not applicable

Re: Is it possible to have IP-helper addresses for 2 different servers on differing ports from the same interface?

Jump to solution

@darra268 - Thanks for posting your question on the forum!

Usually, I would say it is not possible to have 2 different ip-helper addresses on the same interface. However, you may be able to workaround this since one of the ports you want to forward is for DHCP.

First, you can set up UDP relay for port 47808 following this guide: Configuring UDP Relay in AOS - Quick Configuration Guide

Then for DHCP, you can use the dhcp relay destination command to specify the IP address you want DHCP requests to forward to. You can set this in the interface configuration with the following syntax:

ip dhcp relay destination <IP address>

An example of how to set this up can be found in this thread: Interface-level "dhcp relay destination" command issues

Please do not hesitate to let us know if you have any further questions.

Thanks,

Noor

jayh
Honored Contributor
Honored Contributor

Re: Is it possible to have IP-helper addresses for 2 different servers on differing ports from the same interface?

Jump to solution

You can add multiple helper-address statements to the interface configuration.  Broadcasts will be sent as unicast to all of the helper addresses.  You can specify ports for UDP relay globally but not selectively, so both or all helpers will receive all forwarded broadcasts as unicast.  At the application layer the receiving servers should ignore the unwanted traffic.

router(config-eth 0/1)# ip helper-address 10.1.1.1

router(config-eth 0/1)# ip helper-address 10.2.2.2

router(config)# ip forward-protocol udp bootps

router(config)# ip forward-protocol udp 47808

You may also be able to restrict the unwanted traffic with an ACL outbound toward the server(s) receiving the traffic.

router(config-ext-nacl)# deny udp  any host 10.1.1.1 eq 47808

router(config-ext-nacl)# deny udp any host 10.2.2.2 eq bootps

router(config-ext-nacl)# permit ip any any

and apply to outbound interface policy. I haven't tested the filtering part but it should work.  You may need to treat the source as "self" in the access policy if the Adtran device considers forwarded broadcasts to be self-generated.

0 Kudos
darra268
New Contributor II

Re: Is it possible to have IP-helper addresses for 2 different servers on differing ports from the same interface?

Jump to solution


Both offered solutions worked up to a point. Because I ended up with a need to forward UDP to 3 different ports and systems, I ended up using the latter. It is working. Thanks!!