IP helper

We all are familiar with the IP helper command to allow DHCP requests (broadcast) passthrough a router to get as a unicast packet to a DHCP server. Pretty easy and simple.. But the IP helper can do more!
When there is a network with multiple vlans and you need the use the good old “net send” command from Windows computers on all computers on all the VLAN’s, you have to configure the IP helper.

There are three VLANs:
VLAN10: 192.168.10.0/24
VLAN20: 192.168.20.0/24
VLAN30: 192.168.30.0/24
Step 1:
Switch(config)#interface VLAN10
Switch(config-if)#ip helper-address 192.168.20.255
Switch(config-if)#ip helper-address 192.168.30.255
Switch(config-if)#ip directed broadcast
As you can see, we use the broadcast address of the other two VLAN’s, for sending the IP broadcast from VLAN10 to the other two VLANs as a broadcast. By default, a Cisco router is directed broadcast disabled for security purposes. Sending traffic to a broadcast address is disallowed by the no ip directed broadcast command.
Step 2:
ALL the default IP helper allowed-broadcast traffic is now forwarded to allt he other VLANs with this configuration. We have to limit this with the following configuration:
Switch(config)#no ip forward-protocol udp tftp
Switch(config)#no ip forward-protocol udp nameserver
Switch(config)#no ip forward-protocol udp domain
Switch(config)#no ip forward-protocol udp time
Switch(config)#no ip forward-protocol udp netbios-ns
Switch(config)#no ip forward-protocol udp netbios-dgm
Switch(config)#no ip forward-protocol udp tacacs
Switch(config)#no ip forward-protocol udp bootps
Switch(config)#no ip forward-protocol udp bootpc
To forward the net send traffic (UDP poort 137):
Switch(config)#ip forward-protocol udp 137
Repeat all the steps for the other 2 VLANs!