Cisco CCNP / BCSI Exam Tutorial: Broadcasts And The IP Helper-Address Command

While routers accept and generate broadcasts, they do not forward them. This can be quite a problem when a broadcast needs to get to a device such as a DHCP or TFTP server that's on one side of a router with other subnets on the other side.


If a PC attempts to locate a DNS server with a broadcast, the broadcast will be stopped by the router and will never get to the DNS server. By configuring the ip helper-address command on the router, UDP broadcasts such as this will be translated into a unicast by the router, making the communication possible. The command should be configured on the interface that will be receiving the broadcasts.

R1(config)#int e0

R1(config-if)#ip helper-address ?

A.B.C.D IP destination address

R1(config-if)#ip helper-address 100.1.1.2

Now, you may be wondering if this command covers all UDP services. Sorry, you're not getting off that easy! The command does forward eight common UDP service broadcasts, though.

TIME, port 37

TACACS, port 49

DNS, port 53

BOOTP/DHCP Server, port 67

BOOTP/DHCP Client, port 68

TFTP, port 69

NetBIOS name service, port 137

NetBIOS datagram service, port 138

That's going to cover most scenarios where the ip helper-address command will be useful, but what about those situations where the broadcast you need forwarded is not on this list? You can use the ip forward-protocol command to add any UDP port number to the list.

Additionally, to remove protocols from the default list, use the no ip forward-protocol command. In the following example, we'll add the Network Time Protocol port to the forwarding list while removing the NetBIOS ports. Remember, you can use IOS Help to get a list of commonly filtered ports!

R1(config)#ip forward-protocol udp ?

<0-65535> Port number

biff Biff (mail notification, comsat, 512)

bootpc Bootstrap Protocol (BOOTP) client (68)

bootps Bootstrap Protocol (BOOTP) server (67)

discard Discard (9)

dnsix DNSIX security protocol auditing (195)

domain Domain Name Service (DNS, 53)

echo Echo (7)

isakmp Internet Security Association and Key Management Protocol (500)

mobile-ip Mobile IP registration (434)

nameserver IEN116 name service (obsolete, 42)

netbios-dgm NetBios datagram service (138)

netbios-ns NetBios name service (137)

netbios-ss NetBios session service (139)

ntp Network Time Protocol (123)

pim-auto-rp PIM Auto-RP (496)

rip Routing Information Protocol (router, in.routed, 520)

snmp Simple Network Management Protocol (161)


snmptrap SNMP Traps (162)

sunrpc Sun Remote Procedure Call (111)

syslog System Logger (514)

tacacs TAC Access Control System (49)

talk Talk (517)

tftp Trivial File Transfer Protocol (69)

time Time (37)

who Who service (rwho, 513)

xdmcp X Display Manager Control Protocol (177)



R1(config)#ip forward-protocol udp 123

R1(config)#no ip forward-protocol udp 137

R1(config)#no ip forward-protocol udp 138
As you can see, the ip helper-address command helps work around the fact that broadcasts aren't forwarded by routers by default, and if you just need to send one or two broadcast types, the other types can be turned off easily.

Cisco CCNP / BCMSN Exam Tutorial: Spanning Tree Protocol (STP) Timers

In your BCMSN / CCNP exam study, it's easy to overlook some of the details of Spanning Tree Protocol (STP). After all, you learned all of that in your CCNA studies, right? Not necessarily! While some of the BCMSN material will be a review for you, there are some details regarding familiar topics that you need to learn. That includes the timers for STP - Hello Time, MaxAge, and Forward Delay.

You may remember these timers from your CCNA studies as well, and you should also remember that these timers should not be changed lightly. What you might not have known is that if you decide to change any and all of these timers, that change must be configured on the root bridge! The root bridge will inform the nonroot switches of the change via BPDUs.

Hello Time is the interval between BPDUs, two seconds by default.

Forward Delay is the length of both the listening and learning STP stages, with a default value of 15 seconds.

Maximum Age, referred to by the switch as MaxAge, is the amount of time a switch will retain a BPDU's contents before discarding it. The default is 20 seconds.

The value of these timers can be changed with the spanning-tree vlan command shown below. Verify the changes with the show spanning-tree command.

SW1(config)#spanning-tree vlan 1 ?

forward-time Set the forward delay for the spanning tree

hello-time Set the hello interval for the spanning tree

max-age Set the max age interval for the spanning tree

priority Set the bridge priority for the spanning tree

root Configure switch as root


SW1(config)#spanning-tree vlan 1 hello-time 5

SW1(config)#spanning-tree vlan 1 max-age 30

SW1(config)#spanning-tree vlan 1 forward-time 20

SW1(config)#^Z

SW1#show spanning-tree vlan 1

VLAN0001

Spanning tree enabled protocol ieee

Root ID Priority 32769

Address 000f.90e1.c240

This bridge is the root

Hello Time 5 sec Max Age 30 sec Forward Delay 20 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)

Address 000f.90e1.c240

Hello Time 5 sec Max Age 30 sec Forward Delay 20 sec

Aging Time 300

Interface Role Sts Cost Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Fa0/11 Desg FWD 19 128.11 P2p

Fa0/12 Desg FWD 19 128.12 P2p

Again, you should always take great care in changing these timers. Those defaults are set for a reason - helping to prevent switching loops!

Cisco CCNA Certification: Cisco Switching Modes Tutorial

To pass the CCNA exam and earn that coveted certification, you've got to know Cisco switches inside and out. Among the many important details you've got to know are the three methods that Cisco switches use to forward frames, and the differences between the three.

The first switching method is Store-and-Forward. The name is the recipe, because that's just what the switch does - it stores the entire frame before beginning to forward it. This method allows for the greatest amount of error checking, since the Frame Check Sequence (FCS) can be run before the frame is forwarded. As always, there is a tradeoff, since this error checking process makes this the slowest of the three frame forwarding methods.

The quickest method is Cut-Through, where only the destination MAC address of the frame is examined before the forwarding process begins. This means that the part of the frame is actually being forwarded as it is still being received! The tradeoff here is that the FCS does not run, so there is absolutely no error checking with Cut-Through switching.

The middle ground between these two extremes is Fragment-Free, so named since fragmented frames will not be forwarded. The switch examines only the first 64 bytes of the frame for errors, since that is the part of the frame that will be damaged in case of a collision. There is error checking, but it is not as thorough as Store-and-Forward.

Keeping these three switching schemes straight is vital to your CCNA exam efforts, and it will help you in working with Cisco switches in the real world as well. Keep studying!

CCNA Certification Exam Tutorial: Cisco Switching Modes

To pass the CCNA exam and earn this important certification, you’ve got to know switching inside and out. While you’re learning all the basic switching theory, make sure to spend some time with the one of three switching modes Cisco routers can use.

Store-and-Forward is exactly what it sounds like. The entire frame will be stored before it is forwarded. This mode allows for the greatest amount of error checking, since a CRC (Cyclical Redundancy Check) is run against the frame before it is forwarded. If the frame contains an error, it is discarded. If there’s no problem with the frame, the frame is then forwarded to its proper destination.


While store-and-forward does perform error checking, the delay in processing the frame while this error check is run results in higher latency than the other modes you’re about to read about. The latency time can also vary, since not all frames are the same size.

Cut-through switching copies only the destination MAC address into its memory before beginning to forward the frame. Since the frame is being forwarded as soon as the destination MAC is read, there is less latency than store-and-forward. The drawback is that there is no error checking.

There is a middle ground, fragment-free switching. Only part of the frame is copied to memory before it is forwarded, but it’s the first 64 bytes of the frame, not just the destination MAC. (Why? Because if there is a problem with the frame, it’s most likely in the first 64 bytes.) There is a little more error checking than cut-through, but not as much latency as with store-and-forward.

Note that the latency of both cut-through and fragment-free is fixed; these modes always look at the first six or 64 bytes, respectively. Store-and-forward's latency depends on the size of the frame.
Learning the similarities and differences between these modes is an often-overlooked part of CCNA studies. Spend some time studying this important CCNA topic – you’ll be glad you did!