In recent years, the concepts of Artificial Intelligence (AI) and Machine Learning (ML)...
3.8 Flowspec Policies
- The ON/OFF state of each policy
- A source ASN/prefix/country and port(s) for matching packets
- A destination prefix and port(s) for matching packets
- DSCP traffic classification value
- Protocols of matching packets, e.g., TCP, UDP, or ICMP
- Redirect IP or Provider for the redirect to VRF policies
- A note to describe the policy
- The available actions for the policy:
→ Display detailed information about the FlowSpec policy
→ Duplicate the Flowspec policy
→ Edit the Flowspec policy
→ Remove the Flowspec policy
- Policy by Prefix
- Policy by ASN
- Policy by Country
- Protocol/DSCP policy
- Source Prefix/ASN/Country/Port(s): The source ASN/prefix and port(s) of the IP packets that match. A prefix in CIDR notation or a single IP address should be provided. Multiple valid TCP/UDP ports can be provided, as well as port ranges.
- Destination Prefix/Port: The destination prefix/port attribute of the IP packets that match. Same rules as for Source Prefix/Port(s) apply
- Protocols: packet protocols that match the policy. Can be filtered down to one or a combination of the following protocols: TCP, UDP, ICMP
- DSCP traffic classification value
- Policy Type: The type of the policy (Throttle, Drop, Redirect, or Redirect IP)
- Provider specifies one of the provider identifiers where traffic will be redirected. The provider is set only for Redirect policies
- Rate limits the allowed bandwidth usage for matching traffic. The value is set only for Throttling policies. The rate specifies a number in the range of 1-4200 Mbps
- Exempted Prefixes/ASNs are the lists excluded from country policies. The fields are relevant to the country policies only.
core.flowspec.max, core.flowspec.max_ipv6, bgpd.peer.X.flowspec,peer.X.flowspec.ipv4.redirect_community, peer.X.flowspec.ipv6.redirect_community.