HP Comware: Forwarding subnet-directed broadcasts for Wake-on-LAN

Last week, my colleague Claudia and I have ported a HP ProVision configuration to HP Comware. Unexpectedly, it wasn’t routing or VLANs or OSPF that caused headaches, it was a Wake-on-LAN (WoL). Depending on the used tool, the magic packet (which wakes up the computer) is a broadcast ( or a subnet-directed broadcast (e.g. So it was important to know what tool the customer used.

This is how HP ProVision implements subnet-directed broadcasts:

ip directed-broadcast
ip udp-bcast-forward
vlan 99
     ip address
     ip forward-protocol udp 9
vlan 3
     ip address

The first two commands are issued globally. The “ip forward-protocol” statement has to be entered in the source VLAN (from which the magic packets are sent). The “ip forward-protocol” statement includes the protocol (udp), the destination¬†(the broadcast address of the subnet) and the udp port (WoL uses port 9). Pretty simple, right? But please note that this config works only for sunet-directed broadcasts. And it only works for WoL. If you need another port (e.g. udp port 7), you have to add an additional “ip forward-protocol” statement.

If you use HP Comware, the configuration differs in some points. You can enable the reception of subnet-directed broadcasts by entering “ip forward-broadcast” globally in the system-view. This is mandatory.

<HP> system-view
[HP] ip forward-broadcast

The next step is to tell the switch, to which destination it should forward subnet-directed broadcasts. This can be done by entering “ip forward-protocol” in the vlan-interface context.

[HP-Vlan-Interface99] ip forward-broadcast

The downside: All subnet-directed broadcasts will be forwarded, regardless of source, destination or protocol. To avoid this, you have to create a ACL and add this to the “ip forward-broadcast” statement. To create an ACL enter:

[HP]acl number 3001
[HP-acl-adv-3001] rule 10 permit udp source destination 0 destination-port eq 9
[HP-acl-adv-3001] quit
[HP] interface Vlan-interface 99
[HP-vlan99] ip forward-broadcast acl 3001

You have to bound the ACL to the source VLAN interface. The subnet-directed broadcast will be forwarded to the VLAN interface which is directly connected to the destination subnet, or if there is no directly connected interface, to a router which knows the way to the destination. If you have applied packet filter ACLs to VLAN interfaces, make sure that your forwarded subnet-directed broadcasts aren’t filtered!