Wired Intelligent Edge

Hello,

I have a HPE 5510 switch which is comware 7 based.

I need “ip forward-broadcast”. So this isn’t hard to configure but in comware 5 it was possible to add an ACL to the “ip forward-broadcast”.

Acl 3001

rule 10 permit udp source 192.168.200.0 0.0.0.255 destination 10.0.0.255 0 destination-port eq 9

Comware 5: ip forward-broadcast acl 3001

Comware 7: ip forward-broadcast

So to have less broadcast forwarded how to add a acl to the “ip forward-broadcast”

Had the exact same question this morning:
You can just apply an acl to the interface with 'packet-filter 3001 outbound' (or inbound, depending of your network config).

Your ACL may be:

Acl 3001
  rule 10 permit udp source 192.168.200.0 0.0.0.255 destination 10.0.0.255 0 destination-port eq 9
  rule 15 deny ip destination 10.0.0.255 0
  rule 20 permit ip

Hope this can help someone avoiding loosing time…

I am having the same problem. about packet-filter solution, doesn't it block all unicast and multicast traffic too along with broadcast?

The rules I gave should let directed-broadcast work if coming from 192.168.200.0/24 and to udp port 9 (wake-on-lan), blocking all other directed-broadcast from outside of the LAN (but not multicast, which is 224/4 if my memory doesn't fail here)

This is true with "packet-filter filter route" on the interface you apply acl on, it may block internal broadcast on LAN if "packet-filter filter all" (don't remember which one is the default one…)

try this solution based on UDP-Helper, this should work for WOL for Comware 7:

Configuration files #

udp-helper enable
udp-helper port 9 # maybe port 7 too and sometimes 12287 as well
#
vlan 1 # Deployment-Server
#
vlan 2 # Client Lan
#
interface Vlan-interface1
ip address 10.110.1.1 255.255.0.0
ip forward-broadcast
udp-helper server 10.2.1.255
#

interface Vlan-interface2

ip address 10.2.1.2 255.255.0.0

---snipp---

Ralf