您的位置: 首页  >  文章  >  Cisco ip helper-address

Cisco ip helper-address

分类: 文章 2022-08-09 18:08:31

当在接口使用ip helper-address命令,路由器会前传接收到的UDP广播报文到指定服务器地址
 

Cisco ip helper-address

Lab_B(config)#interface f0/0
Lab_B(config-if)#ip helper-address 192.168.254.251

下表列出了前传的数据包类型

Port or Protocol Meaning  On by Default
<0–65535> Port number (create your own)  
biff Biff (mail notification, comsat, 512)  
bootpc Bootstrap Protocol (BOOTP) client (68)  X
bootps Bootstrap Protocol (BOOTP) server (67) X
discard Discard (9)  
dnsix DNSIX security protocol auditing (195)  
domain Domain Name Service (DNS) (53) X
echo Echo (7)  
isakmp Internet Security Association and Key Management Protocol (ISAKMP) (500)  
mobile-ip Mobile IP registration (434)  
nameserver IEN116 name service (obsolete, 42)  
netbios-dgm NetBios datagram service (138) X
netbios-ns NetBios name service (137) X
netbios-ss NetBios session service (139)  
ntp Network Time Protocol (NTP) (123)  
pim-auto-rp PIM Auto-RP (496)  
rip Routing Information Protocol (RIP) (router, in.routed, 520)  

这些默认的前传类型,可以通过下面的命令关闭,只开启bootps UDP 67,来提高路由器的安全性

Lab_B(config)#no ip forward-protocol udp 69
Lab_B(config)#no ip forward-protocol udp 53
Lab_B(config)#no ip forward-protocol udp 37
Lab_B(config)#no ip forward-protocol udp 137
Lab_B(config)#no ip forward-protocol udp 138
Lab_B(config)#no ip forward-protocol udp 68
Lab_B(config)#no ip forward-protocol udp 49

相关推荐