The other day I was setting up a Disaster Recovery DHCP server. Part of the testing process was to set up a test branch with an additional 'ip helper' command in the router so that it would start forwarding DHCP broadcasts across the WAN to the Disaster Recovery site. I entered the command and immediately started seeing traffic at the DR DHCP server. However, i was seeing more UDP traffic than just DHCP. I also started seeing errors like this in the event logs:
The master browser has received a server announcement from the computer <MACHINE> that believes that it is the master browser for the domain on transport NetBT_Tcpip_{66AC525D-CD06-401. The master browser is stopping or an election is being forced.
[more]Its not uncommon to see these messages from time to time, but i was seeing these non-stop for about an hour. After some searching i found that the 'ip helper-address' command that is standard in our Cisco router config turns on UDP broadcast forwarding for 8 different protocols. DHCP is one of them, but i wanted to turn it off for all the others. So, i found this command:
ip forward-protocol upd <protocol/port>
The previous command was supposed to fix it. The router would accept 'ip forward-protocol udp dhcp' , but it would not show up in the running config. Finally, I realized it is one of those commands that that you have to turn off what you don't want instead of turn on what you do, so i entered in these commands to stop the NETBIOS broadcast traffic:
no ip forward-protocol udp netbios-ns
no ip forward-protocol udp netbios-dgm