By default, IP
directed broadcasts are dropped; they are not forwarded. Dropping IP-directed
broadcasts makes routers less susceptible to denial-of-service attacks.
You can enable forwarding of
IP-directed broadcasts on an interface where the broadcast becomes a physical
(MAC-layer) broadcast. Only those protocols configured by using the
ip forward-protocol global configuration command
are forwarded.
You can specify an access list to control which broadcasts are forwarded. When an access list is specified, only those IP
packets permitted by the access list are eligible to be translated from directed broadcasts to physical broadcasts. For more
information on access lists, see the “Configuring ACLs" chapter in the Security section.