Name: Cisco ASR 9000 Series
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

PurposeCommand or Action

Specifies the IPv4 address family and enters address family

configuration submode, and initializes the global address

family.

address-family { ipv4 }

Example:

RP/0/RSP0/CPU0:router(config-bgp)# router bgp

100 neighbor 1.1.1.1 address-family ipv4

Step 4

Preserves the next-hop for the flowspec unchanged.flowspec next-hop unchanged

Example:

RP/0/RSP0/CPU0:router(config-bgp)# router bgp

Step 5

100 neighbor 1.1.1.1 address-family ipv4 flowspec

next-hop unchanged

Validate BGP Flowspec

BGP Flowspec validation is enabled by default for flowspec SAFI routes for IPv4. VPN routes are not subject

to the flow validation. A flow specification NLRI is validated to ensure that any one of the following conditions

holds true for the functionality to work:

•

The originator of the flow specification matches the originator of the best-match unicast route for the

destination prefix embedded in the flow specification.

•

There are no more specific unicast routes, when compared with the flow destination prefix, that have

been received from a different neighboring AS than the best-match unicast route, which has been

determined in the previous condition.

•

The AS_PATH and AS4_PATH attribute of the flow specification are empty.

•

The AS_PATH and AS4_PATH attribute of the flow specification does not contain AS_SET and

AS_SEQUENCE segments.

Any path which does not meet these conditions, is appropriately marked by BGP and not installed in flowspec

manager. Additionally, BGP enforces that the last AS added within the AS_PATH and AS4_PATH attribute

of a EBGP learned flow specification NLRI must match the last AS added within the AS_PATH and

AS4_PATH attribute of the best-match unicast route for the destination prefix embedded in the flow

specification. Also, when the redirect-to-IP extended community is present, by default, BGP enforces the

following check when receiving a flow-spec route from an eBGP peer:

If the flow-spec route has an IP next-hop X and includes a redirect-to-IP extended community, then the BGP

speaker discards the redirect-to-ip extended community (and not propagate it further with the flow-spec route)

if the last AS in the AS_PATH or AS4_PATH attribute of the longest prefix match for X does not match the

AS of the eBGP peer.

Disable Flowspec Redirect and Validation, on page 223 explains the procedure to disable BGP flowspec

validation.

Cisco ASR 9000 Series Aggregation Services Router Routing Configuration Guide, Release 5.3.x

222

Implementing BGP Flowspec

Validate BGP Flowspec

Series	ASR 9000
Category	Network Router
Modular Design	Yes
Redundancy	Yes (Hardware and Software)
Operating System	Cisco IOS XR
Interfaces/Ports	10G, 40G, 100G, 400G Ethernet
Expansion Slots	Varies by model
Routing Protocol	BGP, OSPF, IS-IS, EIGRP
Management	CLI, SNMP, NETCONF
Power Supply	Redundant
Port Density	Varies by model
Power Supply Options	AC, DC
Memory	Varies by model
Storage	Varies by model
Dimensions	Varies by model
Weight	Varies by model

Cisco ASR 9000 Series Routing Configuration Guide

Table of Contents

Other manuals for Cisco ASR 9000 Series

Questions and Answers:

Cisco ASR 9000 Series Specifications

Related product manuals