An IP directed broadcast is an IP packet whose destination address is a valid broadcast address for an IP subnet, but which originates from a node that is not itself a part of that destination subnet. Rationale: Directed broadcasts can be abused in several ways: a volumetric DOS attack against the NX-OS switch itself, the sent volume of data can be much larger than the received request a volumetric DOS attack against a third party (often called a 'smurf attack') a single-packet reconnaissance of a local subnet We recommend that you disable the ip directed-broadcast command on any interface where they are not required for some reason.