BGP Flowspec Commands

class-map type traffic (BGP-flowspec)

To define a traffic class and the associated rules that match packets to the class, use the class-map type traffic command in XR Config mode. To remove an existing class map from the router, use the no form of this command.

class-map type traffic match-all class-map-name

Syntax Description

match-all

Specifies a match on all of the match criteria.

class-map-name

Name of the class for the class map.

Command Default

None

Command Modes

XR Config mode

Command History

Release

Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example shows how to specify class305 as the name of a class and defines a class map for this class. 

RP/0/RP0/CPU0:router# config
RP/0/RP0/CPU0:router(config)# class-map type traffic match-all class305
RP/0/RP0/CPU0:router(config-cmap)# match destination-address ipv4 59.2.1.2 255.255.255.0

class type traffic

To associate a previously configured traffic class with the policy map, and to enter the configuration mode for the specified system class, use the class type traffic command in the policy map configuration mode.

class type traffic class-name

Syntax Description

class-name

Name of the class for the class map. The class name is used for the class map and to configure policy for the class in the policy map.

Command Default

None

Command Modes

Policy map configuration mode

Command History

Release Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example shows how to associate a class map with the policy map: 

RP/0/RP0/CPU0:router# config
RP/0/RP0/CPU0:router(config)# policy-map type pbr p1
RP/0/RP0/CPU0:router(config-pmap)# class type traffic c1
RP/0/RP0/CPU0:router(config-pmap-c)# set dscp 34

destination prefix

To filter flowspec based on destination in flowspec network-layer reachability information (NLRI) using RPL, and apply on neighbor attach point, use the destination prefix command in route-policy configuration mode.

destination prefix {prefix-set-name | inline-prefix-set | parameter}

Syntax Description

prefix-set-name

Name of a prefix set.

inline-prefix-set

Inline prefix set. The inline prefix set must be enclosed in parentheses.

parameter

parameter

Parameter name. The parameter name must be preceded with a “$.”

Command Default

No default behavior or values

Command Modes

Route-policy configuration

Command History

Release

Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

Use the destination prefix command as a conditional expression within an if statement.


Note

  • For a list of all conditional expressions available within an if statement, see the if command.

  • This command takes either a named prefix set or an inline prefix set value as an argument. The condition returns true if the destination entry matches any entry in the prefix set or inline prefix set. An attempt to match a destination using a prefix set that is defined but contains no elements returns false.

  • The routing policy language (RPL) provides the ability to test destinations for a match to a list of prefix match specifications using the in operator. The destination prefix command is protocol-independent.

  • In Border Gateway Protocol (BGP), the destination of a route is also known as its network-layer reachability information (NLRI). It comprises a prefix value and a mask length.

  • RPL supports both 32-bit IPv4 prefixes, specified in dotted-decimal format, and 128-bit IPv6 prefixes, specified in colon-separated hexadecimal format.

Task ID

Task ID

Operations

route-policy

read, write

Examples

In this example, prefix filtering is done based on flowspec destination address: 

RP/0/RP0/CPU0:router(config)# route-policy policy-A
RP/0/RP0/CPU0:router(config-rpl)# If destination-prefix in pfx then

RP/0/RP0/CPU0:router(config-rpl-if)# Set next-hop 10.0.0.1
RP/0/RP0/CPU0:router(config-rpl-if)# Endif
RP/0/RP0/CPU0:router(config-rpl)# End-policy
In this example, a route policy and its where it is attached is shown: 
prefix-set ipv4_flow2
150.1.1.0/24,
150.2.1.0/24
end-set
!

route-policy ipv4_dest_pass
if destination-prefix in ipv4_flow2 then
pass
else
drop
endif
end-policy
!

router bgp 100
bgp router-id 1.1.1.1
address-family ipv4 unicast
!
address-family ipv6 unicast
!
address-family ipv4 flowspec
!
address-family ipv6 flowspec
!
neighbor 33.1.1.2
remote-as 200
address-family ipv4 unicast
route-policy pass in
route-policy pass out
!
address-family ipv4 flowspec
route-policy ipv4_dest_pass in
!
!

drop (BGP-flowspec)

To configure a traffic class to discard packets belonging to a specific class, use the drop command in policy-map class configuration mode. To disable the packet discarding action in a traffic class, use the no form of this command.

drop

Syntax Description

This command has no keywords or arguments.

Command Default

Disabled

Command Modes

Policy-map class configuration (config-pmap-c)

Command History

Release

Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example shows how to discard packets: 
RP/0/RP0/CPU0:router#config
RP/0/RP0/CPU0:router(config)# policy -map type pbr match_dest_110.1.1.x_drop
RP/0/RP0/CPU0:router(config-pmap)# class type traffic match_dest_110.1.1.x
RP/0/RP0/CPU0:router(config-pmap-c)# drop

flowspec

To enter BGP flowspec configuration mode, use the flowspec command in XR Config mode mode.

flowspec

Syntax Description

This command has no keywords or arguments.

Command Default

No default behavior or values.

Command Modes

XR Config mode

Command History

Release Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example shows how to enter flowspec configuration mode. 

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# flowspec
RP/0/RP0/CPU0:router(config-flowspec)#

flowspec disable

To disable flowspec configuration on all interfaces, use the flowspec disable command in interface configuration mode.

ipv4 flowspec disable

Syntax Description

ipv4

Specifies IPv4 interfaces.

Command Default

No default behavior or values.

Command Modes

Interface configuration

Command History

Release Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example shows how to disable flowspec configuration on all interfaces. 

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# interface GigabitEthernet 0/2/0/2
RP/0/RP0/CPU0:router(config-if)# ipv4 flowspec disable

hw-module profile flowspec ipv6-packet-len-enable

To enable the IPv6 packet length for an IPv6 interface, use this command in interface configuration mode. Use the no form of the command to disable the feature.

hw-module profile flowspec ipv6-packet-len-enable

Syntax Description

This command has no arguments or keywords.

Command Default

None

Command Modes

Interface configuration

Command History

Release Modification

Release 7.10.1

This command was introduced.

Usage Guidelines

After configuring the command, you must reload the router for the feature to take effect.

Examples

Router#config
Router(config)#hw-module profile flowspec ipv6-packet-len-enable
Thu Dec 15 09:15:49.226 UTC
In order to activate/deactivate this flowspec IPv6 packet-len profile, you must manually reload the chassis/all line cards
Router(config)#commit

local-install

To apply local installation of flowspec policy on all interfaces, use the local-install command in the appropriate command mode.

local-install interface-all

Syntax Description

interface-all

Installs flowspec policy on all interfaces.

Command Default

No default behavior or values.

Command Modes

IPv4 address family configuration

VRF IPv4 address family configuration

Command History

Release Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example show how to install flowspec policy on all interfaces under flowspec subaddress family configuration mode. 

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# flowspec
RP/0/RP0/CPU0:router(config-flowspec)# address-family ipv4
RP/0/RP0/CPU0:router(config-flowspec-af)# local-install interface-all

match destination-address

To identify a specific destination IP address explicitly as a match criterion in a class map, use the match destination-address command in the class map configuration mode. To remove a specific destination IP address from the matching criteria for a class map, use the no form of this command.

match destination-address {ipv4} address

no match destination-address {ipv4} address

Syntax Description

ipv4

Indicates an IPv4 address.

address

Specifies a destination address.

Command Default

No default behavior or values.

Command Modes

Class map configuration

Command History

Release Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example shows how to match a destination ipv4 address: 


RP/0/RP0/CPU0:router(config)#class-map type traffic match-all
RP/0/RP0/CPU0:router(config-cmap)# match destination-address ipv4 59.2.1.2 255.255.255.0

match destination-port

To identify a specific destination port as the match criterion for a class map, use the match destination-port command in class map configuration mode. To remove destination port-based match criteria from a class map, use the no form of this command.

match destination-port {destination-port-value | | [min-value - max-value]}

no match destination-port {destination-port-value | | [min-value - max-value]}

Syntax Description

destination-port-value

A port Number. Range is from 0 to 65535.

min-value

Lower limit of destination port range to match. Value range is 0 to 65535.

max-value

Upper limit of destination port range to match. Value range is 0 to 65535.

Command Default

No default behavior or values.

Command Modes

Class map configuration

Command History

Release Modification

Release 7.0.12

The min-value and max-value variables were added.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example shows how to match a destination port: 

RP/0/RP0/CPU0:router(config)# class-map type traffic match-all
RP/0/RP0/CPU0:router(config-cmap)# match destination-port 1

match dscp

To identify specific IP differentiated services code point (DSCP) values as match criteria for a class map, use the match dscp command in class map configuration mode. To remove a DSCP value from a class map, use the no form of this command.

match dscp { [ipv4 | ipv6] dscp-value [dscp-value1 . . . dscp-value7] | | [min-value - max-value]}

Syntax Description

ipv4

(Optional) Specifies the IPv4 DSCP value.

ipv6

(Optional) Specifies the IPv6 DSCP value.

dscp-value

IP DSCP value identifier that specifies the exact value or a range of values. Range is 0 - 63. Up to eight IP DSCP values can be specified to match packets. Reserved keywords can be specified instead of numeric values. IP DSCP Reserved Keywords describes the reserved keywords.

min-value

Lower limit of DSCP range to match. Value range is 0 - 63.

max-value

Upper limit of DSCP range to match. Value range is 0 - 63.

Command Default

Matching on IP Version 4 (IPv4) and IPv6 packets is the default.

Command Modes

Class map configuration

Command History

Release

Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

The match dscp command specifies a DSCP value that is used as the match criteria against which packets are checked to determine if they belong to the class specified by the class map.

To use the match dscp command, you must first enter the class-map command to specify the name of the class whose match criteria you want to establish. If you specify more than one match dscp command in a class map, only the last command entered applies.

The match dscp command examines the higher-order six bits in the type of service (ToS) byte of the IP header. Only one of the eight values is needed to yield a match (OR operation).

The command supports only eight IP DSCP values. If you try to configure more match statements after all the eight values are matched, the statements get rejected.

The IP DSCP value is used as a matching criterion only. The value has no mathematical significance. For instance, the IP DSCP value 2 is not greater than 1. The value simply indicates that a packet marked with the IP DSCP value of 2 should be treated differently than a packet marked with an IP DSCP value of 1. The treatment of these marked packets is defined by the user through the setting of policies in policy map class configuration mode.

Table 1. IP DSCP Reserved Keywords

DSCP Value

Reserved Keyword

0

default

10

AF11

12

AF12

14

AF13

18

AF21

20

AF22

22

AF23

26

AF31

28

AF32

30

AF33

34

AF41

36

AF42

38

AF43

46

EF

8

CS1

16

CS2

24

CS3

32

CS4

40

CS5

48

CS6

56

CS7

ipv4

ipv4 dscp

ipv6

ipv6 dscp

Task ID

Task ID

Operations

qos

read, write

Examples

This example shows how to configure the service policy called policy1 and attach service policy policy1 to an interface. In this example, class map dscp14 evaluates all packets entering HundredGigE 0/7/0/0 for an IP DSCP value of 14. If the incoming packet has been marked with the IP DSCP value of 14, the packet is queued to the class queue with the bandwidth setting of 300 kbps. 


RP/0/RP0/CPU0:router(config)# class-map dscp14
RP/0/RP0/CPU0:router(config-cmap)# match dscp ipv4 14
RP/0/RP0/CPU0:router(config-cmap)# exit

RP/0/RP0/CPU0:router(config)# policy-map policy1
RP/0/RP0/CPU0:router(config-pmap)# class dscp14
RP/0/RP0/CPU0:router(config-pmap-c)# bandwidth 300
RP/0/RP0/CPU0:router(config-pmap-c)# exit
RP/0/RP0/CPU0:router(config-pmap)# exit

RP/0/RP0/CPU0:router(config)# interface HundredGigE 0/7/0/0
RP/0/RP0/CPU0:router(config-if)# service-policy input policy1

match fragment-type

To identify a fragment-type as the match criterion for a class map, use the match fragment-type command in class map configuration mode. To remove fragment-type match criteria from a class map, use the no form of this command.

match fragment type [is-fragment]

Syntax Description

is-fragment

Matches is-fragment bit.

Command Default

No default behavior or values

Command Modes

Class map configuration

Command History

Release Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example shows how to match a fragment-type: 

RP/0/RP0/CPU0:router(config)# class-map type traffic match-all
RP/0/RP0/CPU0:router(config-cmap)# match fragment-type is-fragment

match icmp code

To identify an ICMP (Internet Control Message Protocol) code as the match criterion for a class map, use the match icmp type command in the class map configuration mode. To remove the icmp code-based match criteria from a class map, use the no form of this command.

match {ipv4} icmp-code {value | [min-value - max-value]}

no match {ipv4} icmp-code {value | [min-value - max-value]}

Syntax Description

ipv4

Indicates an IPv4 ICMP code.

min-value

Lower limit of ICMP type range to match. Value range is 0 to 255.

max-value

Upper limit of ICMP type range to match. Value range is 0 to 255.

Command Default

No default behavior or values.

Command Modes

Class map configuration

Command History

Release Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example shows how to match an IPv4 ICMP code: 

RP/0/RP0/CPU0:router(config)# class-map type traffic match-all
RP/0/RP0/CPU0:router(config-cmap)# match ipv4 icmp-code 1

match icmp type

To identify an ICMP (Internet Control Message Protocol) type as the match criterion for a class map, use the match icmp type command in class map configuration mode. To remove the icmp type-based match criteria from a class map, use the no form of this command.

match {ipv4} icmp-type {value | [min-value - max-value]}

no match {ipv4} icmp-type {value | [min-value - max-value]}

Syntax Description

ipv4

Indicates an IPv4 ICMP type.

min-value

Lower limit of ICMP type range to match. Value range is 0 to 255.

max-value

Upper limit of ICMP type range to match. Value range is 0 to 255.

Command Default

No default behavior or values.

Command Modes

Class map configuration

Command History

Release Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example shows how to match an IPv4 ICMP type: 

RP/0/RP0/CPU0:router(config)# class-map type traffic match-all
RP/0/RP0/CPU0:router(config-cmap)# match ipv4 icmp-type 1

match packet length

To specify the packet length in the IP header as a match criterion in a class map, use the match packet length command in class-map configuration mode. To remove a previously specified packet length as a match criterion, use the no form of this command.

match packet length {value | | [min-value - max-value]}

no match packet length {value | | [min-value - max-value]}

Syntax Description

value

IP packet length. Range is from 0 to 65535.

min-value

Minimum length value to match. Value range is 0 to 65535.

max-value

Minimum length value to match. Value range is 0 to 65535.

Command Default

No default behavior or values.

Command Modes

Class map configuration

Command History

Release Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example shows how to match a packet length value: 

RP/0/RP0/CPU0:router(config)# class-map type traffic match-all
RP/0/RP0/CPU0:router(config-cmap)# match packet length 3

match protocol

To identify a specific protocol as the match criterion for a class map, use the match protocol command in class map configuration mode. To remove protocol-based match criteria from a class map, use the no form of this command.

match [not] protocol {protocol-value [protocol-value1 . . . protocol-value7] | | [min-value - max-value]}

no match [not] protocol {protocol-value [protocol-value1 . . . protocol-value7] | | [ min-value - max-value]}

Syntax Description

not

(Optional) Negates the specified match result.

protocol-value

A protocol identifier. A single value for protocol-value (any combination of numbers and names) can be matched in one match statement.

min-value

Lower limit of protocol range to match. Value range is 0 - 255.

max-value

Upper limit of protocol range to match. Value range is 0 - 255.

Command Default

No default behavior or values.

Command Modes

Class map configuration

Command History

Release

Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

Definitions of traffic classes are based on match criteria, including protocols, access control lists (ACLs), input interfaces, QoS labels, and experimental (EXP) field values. Packets satisfying the match criteria for a class constitute the traffic for that class.

The match protocol command specifies the name of a protocol to be used as the match criteria against which packets are checked to determine if they belong to the class specified by the class map. Available protocol names are listed in the table that follows.

The protocol-value argument supports a range of protocol numbers. After you identify the class, you may use the match protocol command to configure its match criteria.

Table 2. Protocol Names and Descriptions

Name

Description

ahp

Authentication Header Protocol

eigrp

Cisco Enhanced Interior Gateway Routing Protocol

esp

Encapsulation Security Payload

gre

Cisco Generic Routing Encapsulation Tunneling

icmp

Internet Control Message Protocol

igmp

Internet Gateway Message Protocol

igrp

Cisco IGRP Routing protocol

ipinip

IP in IP tunneling

ipv4

Any IPv4 protocol

ipv6

Any IPv6 protocol

mpls

Any MPLS packet

nos

KA9Q NOS Compatible IP over IP Tunneling

ospf

Open Shortest Path First, Routing Protocol

pcp

Payload Compression Protocol

pim

Protocol Independent Multicast

sctp

Stream Control Transmission Protocol

tcp

Transport Control Protocol

udp

User Datagram Protocol

Task ID

Task ID

Operations

qos

read, write

Examples

In this example, all TCP packets belong to class class1: 


RP/0/RP0/CPU0:router(config)# class-map class1
RP/0/RP0/CPU0:router(config-cmap)# match protocol tcp

match source-address

To identify a specific source IP address explicitly as a match criterion in a class map, use the match source-address command in the class map configuration mode. To remove a specific source IP address from the matching criteria for a class map, use the no form of this command.

match source-address {ipv4} address

no match source-address {ipv4} address

Syntax Description

ipv4

Indicates an IPv4 address.

address

Specifies a source address.

Command Default

No default behavior or values.

Command Modes

Class map configuration

Command History

Release Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example shows how to match a source ipv4 address: 


RP/0/RP0/CPU0:router(config)#class-map type traffic match-all A
RP/0/RP0/CPU0:router(config-cmap)# match source-address ipv4 59.2.1.2 255.255.255.0

match source-port

To identify a specific source port as the match criterion for a class map, use the match source port command in class map configuration mode. To remove source port-based match criteria from a class map, use the no form of this command.

match source-port {source-port-value | | [min-value - max-value]}

no match source-port {source-port-value | | [min-value - max-value]}

Syntax Description

source-port-value

A port Number. Range is from 0 to 65535.

min-value

Lower limit of source port range to match. Value range is 0 to 65535.

max-value

Upper limit of source port range to match. Value range is 0 to 65535.

Command Default

No default behavior or values.

Command Modes

Class map configuration

Command History

Release Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example shows how to match a source port: 

RP/0/RP0/CPU0:router(config)# class-map type traffic match-all
RP/0/RP0/CPU0:router(config-cmap)# match source-port 1

match tcp flag

To identify a TCP flag as the match criterion for a class map, use the match tcp flag command in class map configuration mode. To remove the tcp flag based match criteria from a class map, use the no form of this command.

match tcp-flag value any

no match tcp-flag valueany

Syntax Description

value

TCP flag value. Range is from 1 to 4095 (hexadecimal).

any

Specifies a match based on any bit in the TCP flag.

Command Default

No default behavior or values.

Command Modes

Class map configuration

Command History

Release Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example shows how to match a TCP flag: 

RP/0/RP0/CPU0:router(config)# class-map type traffic match-all
RP/0/RP0/CPU0:router(config-cmap)# match tcp flag 2 any

redirect (BGP Flowspec)

To route the policy based routing (PBR) traffic to distributed denial-of-service scrubber (DDoS), use the redirect command in policy-map configuration mode. To return the PBR traffic to normal route, use the no form of this command.

redirect {default-route | nexthop } {IPv4-address | route-target {AS-number: index | IPv4-address: index } | vrf vrf-name}

no redirect [ default-route | nexthop ]

Syntax Description

default-route

Forwards to the default nexthop for this packet

nexthop

Forwards to specified nexthop

IPv4 address

Input IPv4 Nexthop address

route-target

Enter specific route-target string

AS-number: index

Enter 2-byte or 4-byte autonomous system number (AS) and index in hexa decimal or decimal format.

IPv4-address: index

Enter IPv4 address and index in hexa decimal or decimal format.

vrfvrf-name

Enter specific VRF name for the nexthop.

Command Default

None

Command Modes

Policy-map configuration

Command History

Release Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

The example shows how to redirect PBR traffic to virtual routing and forwarding (VRF) instance: 

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# policy-map type pbr test1
RP/0/RP0/CPU0:router(config-pmap)# class type traffic test1
RP/0/RP0/CPU0:router(config-pmap-c)# redirect nexthot vrf vrf1

service-policy

To configure service policy on a flowspec subaddress family interface, use the service-policy command in appropriate command mode.

service-policy type pbr policy-name

Syntax Description

type

Specifies type of the service policy.

pbr

Specifies a policy-based routing (PBR) policy map.

policy-name

Name of the policy map.

Command Default

No default behavior or values

Command Modes

IPv4 address family configuration

VRF IPv4 address family configuration

Command History

Release Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example shows how to setup service policy. 

RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# flowspec
RP/0/RP0/CPU0:router(config-flowspec)# address-family ipv4
RP/0/RP0/CPU0:router(config-flowspec-af)# service-policy type pbr policy100

show flowspec

To display flowspec policy information for an interface, use the show flowspec command in XR EXEC mode.

show flowspec {afi-all | client | ipv4 | summary | vrf}

Syntax Description

afi-all

Displays flowspec policy applied on IPv4 interfaces.

client

Displays flowspec client interfaces.

ipv4

Displays flowspec policy applied on IPv4 interfaces.

summary

Displays flowspec policy summary on all interfaces.

vrf

Displays flowspec policy applied on VRF interfaces.

Command Default

No default behavior or values.

Command Modes

XR EXEC mode

Command History

Release

Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

No specific guidelines impact the use of this command.

Examples

This example shows sample output from show flowspec command when vrf , ipv4 and summary keywords are used. 

RP/0/RP0/CPU0:router# show flowspec vrf vrf1 ipv4 summary
Mon May 19 12:59:41.226 PDT
Flowspec VRF+AFI table summary:
VRF: vrf1
  AFI: IPv4
    Total Flows:              3
    Total Service Policies:   1

source prefix

To filter flowspec based on source in flowspec network-layer reachability information (NLRI) using RPL, and apply on neighbor attach point, use the source prefix command in route-policy configuration mode.

source prefix {prefix-set-name | inline-prefix-set | parameter}

Syntax Description

prefix-set-name

Name of a prefix set.

inline-prefix-set

Inline prefix set. The inline prefix set must be enclosed in parentheses.

parameter

Parameter name. The parameter name must be preceded with a “$.”

Command Default

No default behavior or values.

Command Modes

Route-policy configuration

Command History

Release

Modification

Release 7.0.12

This command was introduced.

Usage Guidelines

Use the source prefix command as a conditional expression within an if statement. A comparison that references a prefix set with zero elements in it returns false.


Note

  • For a list of all conditional expressions available within an if statement, see the if command.

  • The source of a BGP route is the IP peering address of the neighboring router from which the route was received.

  • The prefix set can contain both IPv4 and IPv6 prefix specifications.

Task ID

Task ID

Operations

route-policy

read, write

Examples

In this example, prefix filtering is done based on flowspec source address: 


RP/0/RP0/CPU0:router(config)# route-policy policy-A
RP/0/RP0/CPU0:router(config-rpl)# If source-prefix in my-prefix-set then
pass