Use of the IP Helper commands on the Matrix DFE

  • 0
  • 1
  • Article
  • Updated 5 years ago
Article ID: 6871 

Products
Matrix N-Series DFE 

Goals
Clarification to the function of the IP/UDP Helper functionality of the Matrix DFE router. 

Symptoms
"ip helper-address"
"ip forward-protocol"
"Error: UDP port is not in the list to forward."
The 'ip forward-protocol udp 67' command not showing up in configs.
The 'ip forward-protocol' command not fully documented in the manual. 

Solution
For additional information, please see the Configuration Guide appropriate to your firmware. 

Note that as shown in this document, a given 'ip forward-protocol' command affects all interfaces for the specified router instance, and a given 'ip helper-address' command affects the specified interface for the specified router instance. 

By default, UDP forwarding as invoked by the 'ip helper-address' command is enabled for the following UDP ports:
  • Bootp server: bootps=port 67 (not in the Configuration Guide)
  • DNS: domain=port 53
  • IEN-116 name service: nameserver=port 42
  • NetBIOS datagram service: netbios-dgm=port 138
  • NetBIOS name service: netbios-ns=port 137
  • TACACS: tacacs=port 49
  • TFTP: tftp=port 69
  • Time service: time=port 37

The following command restores the default UDP port forwarding, shown above, as invoked by the 'ip helper-address' command. If the default ports are already in effect, there is no error message:

DFE(rw)->Router<instance>(config)#ip forward-protocol udp

The following command adds one or more additional services/ports on behalf of the 'ip helper-address' command. If the port/protocol is already in effect, there is no error message:

DFE(rw)->Router<instance>(config)#ip forward-protocol udp <UDP_port>

The following command removes one or more services/ports on behalf of the 'ip helper-address' command. If the port/protocol is not presently in effect, error message "Error: UDP port is not in the list to forward." is generated:

DFE(rw)->Router<instance>(config)#no ip forward-protocol udp <UDP_port>

The following command activates the helper function, forwarding services/ports as defaulted or overridden:

DFE(rw)->Router<instance>(config)#interface vlan <VLAN_ID>
DFE(rw)->Router<instance>(config-if(Vlan <VLAN_ID>))#ip helper-address <server_address>

When showing the results in the configuration via the 'show config' command, only the overrides to the default condition are displayed. 

Here is an example management session, with 5.x firmware (9964):

DFE(rw)->router 1

DFE(rw)->Router1>enable
DFE(rw)->Router1#config
Enter configuration commands:
DFE(rw)->Router1(config)#ip forward-protocol udp ?
<1-65535> Port number
bootps Bootstrap Protocol server (67)
domain Domain Name Service (53)
nameserver IEN116 name service (42)
netbios-dgm NetBIOS datagram service (138)
netbios-ns NetBIOS name service (137)
tacacs Terminal Access Controller Access Control System (49)
tftp Trivial File Transfer Protocol (69)
time Time (37)
<cr>

DFE(rw)->Router1(config)#ip forward-protocol udp bootps
DFE(rw)->Router1(config)#no ip forward-protocol udp 67
DFE(rw)->Router1(config)#no ip forward-protocol udp 120
Error: UDP port is not in the list to forward.
DFE(rw)->Router1(config)#interface vlan 1
DFE(rw)->Router1(config-if(Vlan 1))#ip helper-address 10.20.2.100
DFE(rw)->Router1(config-if(Vlan 1))#exit
DFE(rw)->Router1(config)#exit
DFE(rw)->Router1#write file
Saving information to config1...done
DFE(rw)->Router1#exit
DFE(rw)->show config router
This command shows non-default configurations only.
Use 'show config all' to show both default and non-default configurations.


begin
!
# ***** NON-DEFAULT CONFIGURATION *****
!
!
# Router instance 1 Configuration
begin router 1

set router 1
router 1

enable
config t
. . .
no ip forward-protocol udp bootps
. . .

DFE(rw)->

If multiple 'ip helper-address' commands are present on an interface, each referenced server will receive a copy of all helper-forwarded frames. 

Note: As of firmware 7.x, this product supports Service ACLs. Such an ACL needs to be set up to allow any desired broadcast protocols (e.g. DHCP, using UDP port 67) through, so that they may function via IP Helper.
Photo of FAQ User

FAQ User, Official Rep

  • 13,610 Points 10k badge 2x thumb

Posted 5 years ago

  • 0
  • 1

There are no replies.

This conversation is no longer open for comments or replies.