Generating layer-2 broadcast from a regular IP packet

The Wake-on-LAN discussion we had a while ago brought us nowhere; there's simply no way to generate UDP packets on the router. I thought I could use Application Performance Monitor's Tcl scripts to generate the packet, but it looks like APM has been removed from recent IOS releases (and it's not clear whether you can use APM without a peer router).

The discussion nonetheless had an interesting side effect. Robert Turnšek sent me an interesting trick: with static ARP you can generate layer-2 broadcasts with a layer-3 unicast packet.

Let's assume your LAN has IP prefix and you want to use as the IP address that will generate MAC-layer broadcasts (you need to give this address to a WOL program). Configure arp FFFF.FFFF.FFFF and you're done.

You might wonder how this technique differs from directed subnet broadcast. The important difference is that although every IP host on the subnet will receive the layer-2 broadcast, they will ignore the packet since it's not addressed to them. This solution is thus not vulnerable to the smurf attack.


  1. To achieve this goal I use "update arp" in dhcp pool. The same result but simpler management.
  2. Hi,

    this is the way i tested the Layer 2 Feature Stormcontrol Broadcast in NFRU Tests on every customer site with IPerf ;-)

  3. @Anonymous#1: this is not "arp security", it's a completely different problem (changing L3 unicast into L2 broadcast). How would you apply "update arp" to solve this problem?

    @Anonymous#2: thanks for the tip!

    @Anonymous#*: would you please consider using at least an alias, so I don't have to sequence-number the responses :)
Add comment