Sending Wake-on-LAN (WOL) packet with IOS Tcl

Jónatan Þór Jónasson took the time to implement Wake-on-LAN functionality using UDP support introduced in Cisco IOS Tcl in release 15.1(1)T. He found a TCL/TK example of a magic packet being sent, used that as a base, and with small modifications got it to work on his router. Here‘s his code (it’s obviously a proof-of-concept, but you need just a few more lines to get a working Tclsh script):

proc WakeOnLan {broadcastAddr macAddr} {
set net [binary format H* [join [split $macAddr -:] ""]]
set pkt [binary format c* {0xff 0xff 0xff 0xff 0xff 0xff}]

for {set i 0} {$i < 16} {incr i} {
append pkt $net
}

# Open UDP and Send the Magic Paket.
set udpSock [udp_open]
fconfigure $udpSock -translation binary \
-remote [list $broadcastAddr 4580] \
-broadcast 1
puts $udpSock $pkt
flush $udpSock;
close $udpSock
}

For whatever reason, he wasn’t able to generate subnet-specific broadcasts; sending WOL packet to subnet-specific broadcast address didn’t work, while sending it to local broadcast address (255.255.255.255) did (obviously sending the packet through all router interfaces).

Remote WOL

Obviously you could use subnet broadcast address of a remote LAN as a unicast destination address if you’d want to wake a remote PC, but that would require directed broadcast support on the remote router, which is not always a good idea. It’s way better to configure a static ARP entry for a real unicast IP address on remote LAN with broadcast MAC address. In both cases, you shouldn’t specify the ‘-broadcast 1’ flag in Tcl (as you’re sending a unicast UDP packet).

6 comments:

  1. Static ARP entry vs. directed broadcast ACL?

    Ivan, I've always enabled ip directed broadcast with an ACL permitting only systems that really need to send directed broadcasts.

    Is there a practical advantage to the static ARP approach? The "save processing on remote systems via IP filtering on the endpoint" angle doesn't resonate with me because I trust the systems allowed by the ACL.

    If I should be re-evaluating my strategy I'd like to know :-)
  2. You know I can always find an academic corner case, in this case changing subnet mask in your LAN ;)

    Seriously, there's no need to reevaluate your strategy.
  3. If you can enable energywise on your switch/router, energywise knows how to send wol packets
  4. Thank you! It's wonderful having readers like you :)
  5. I try the script without succes. No error on router and checking with wireshark no packet sent. Someone can help me? I'm using a 1801 with IOS 15.1.4 adv. ent.
Add comment
Sidebar