Hello! I'm trying to inject flowspec routes from bird to Juniper MX box:
route flow4 { dst 109.68.40.15/32; proto 17; dport 53; } { bgp_ext_community.add( (generic, 0x80060000, 0x0 ) ); }; route flow4 { dst 109.68.40.16/32; proto 17; dport 123; } { bgp_ext_community.add( (generic, 0x80060000, 0x000098968 ) ); }; The second flow specification should apply traffic-rate to traffic, but on Juniper these two flow routes have the same community: minotaur@br1-ki# run show route table DDoS-Mitigation.inetflow.0 detail |match "entry|Comm" 109.68.40.15,*,proto=17,dstport=53/term:3 (1 entry, 1 announced) Communities: traffic-rate:0:0 109.68.40.16,*,proto=17,dstport=123/term:4 (1 entry, 1 announced) Communities: traffic-rate:0:0 Can anyone explain how to correctly set rate-limiting to, for example, 5 Mbps in second specification? Thank you! -- Alexander Shikov Technical Staff, Digital Telecom IX Tel.: +380 44 201 14 07 Mob.: +380 50 410 30 57 http://dtel-ix.net/