SDN/SDDC Retreat in Miami, Florida (November 4th-6th)
Separate SDN hype from real life!

Sending Wake-on-LAN (WOL) packet with IOS Tcl

Jónatan Þór Jónasson took the time to implement Wake-on-LAN functionality using UDP support introduced in Cisco IOS Tcl in release 15.1(1)T. He found a TCL/TK example of a magic packet being sent, used that as a base, and with small modifications got it to work on his router. Here‘s his code (it’s obviously a proof-of-concept, but you need just a few more lines to get a working Tclsh script):

proc WakeOnLan {broadcastAddr macAddr} {
     set net [binary format H* [join [split $macAddr -:] ""]]
     set pkt [binary format c* {0xff 0xff 0xff 0xff 0xff 0xff}]

     for {set i 0} {$i < 16} {incr i} {
        append pkt $net

     # Open UDP and Send the Magic Paket.
     set udpSock [udp_open]
     fconfigure $udpSock -translation binary \
          -remote [list $broadcastAddr 4580] \
          -broadcast 1
     puts $udpSock $pkt
     flush $udpSock;
     close $udpSock

For whatever reason, he wasn’t able to generate subnet-specific broadcasts; sending WOL packet to subnet-specific broadcast address didn’t work, while sending it to local broadcast address ( did (obviously sending the packet through all router interfaces).

Remote WOL

Obviously you could use subnet broadcast address of a remote LAN as a unicast destination address if you’d want to wake a remote PC, but that would require directed broadcast support on the remote router, which is not always a good idea. It’s way better to configure a static ARP entry for a real unicast IP address on remote LAN with broadcast MAC address. In both cases, you shouldn’t specify the ‘-broadcast 1’ flag in Tcl (as you’re sending a unicast UDP packet).


  1. huh gr8 :)

  2. Static ARP entry vs. directed broadcast ACL?

    Ivan, I've always enabled ip directed broadcast with an ACL permitting only systems that really need to send directed broadcasts.

    Is there a practical advantage to the static ARP approach? The "save processing on remote systems via IP filtering on the endpoint" angle doesn't resonate with me because I trust the systems allowed by the ACL.

    If I should be re-evaluating my strategy I'd like to know :-)

  3. You know I can always find an academic corner case, in this case changing subnet mask in your LAN ;)

    Seriously, there's no need to reevaluate your strategy.

  4. If you can enable energywise on your switch/router, energywise knows how to send wol packets

  5. Thank you! It's wonderful having readers like you :)

  6. I try the script without succes. No error on router and checking with wireshark no packet sent. Someone can help me? I'm using a 1801 with IOS 15.1.4 adv. ent.


You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.