FLOWSPEC CONFIGURATION Flashcards

You may prefer our related Brainscape-certified flashcards:
1
Q

What should be removed from P4 before configuring Flowspec?

A

All static routes and static redistribution into BGP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What role does P4 play in this Flowspec configuration?

A

P4 acts as the Flowspec ‘server’ or distribution point.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which command configures all PEs to install Flowspec policies locally on all interfaces?

A

‘flowspec local-install interface-all’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the command to enable Flowspec on P4?

A

‘flowspec’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What command enables the ipv4 flowspec BGP address-family on PE routers?

A

‘address-family ipv4 flowspec’ in BGP configuration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What command activates the neighbor 10.4.4.4 in the ipv4 Flowspec address-family on PE routers?

A

‘neighbor 10.4.4.4 activate’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is the purpose of the ‘route-reflector-client’ command in the BGP configuration on P4?

A

It configures P4 as a route reflector for ipv4 Flowspec.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How do you check the BGP flowspec summary on PE1?

A

‘show bgp ipv4 flowspec sum’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which command on P4 defines a policy to drop traffic from a specific source address?

A

‘class-map type traffic match-all’ followed by ‘match source-address’ and a ‘policy-map’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What does the ‘drop’ action in a policy-map do?

A

It drops the matched traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

How do you associate a policy-map with Flowspec on P4?

A

‘service-policy type pbr ‘ under ‘flowspec’ configuration.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

How can you verify if PE1 received and installed the Flowspec policy?

A

‘show flowspec ipv4 sum’ or ‘show flowspec ipv4’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What does the ‘police rate’ command in a policy-map do?

A

It rate-limits traffic to the specified rate (in bps).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What command can you use to apply a rate-limit instead of dropping traffic?

A

‘police rate’ command in a policy-map.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What happens if traffic matches multiple policies in Flowspec?

A

The policies may conflict, such as one dropping traffic and the other applying a rate-limit, and the last applied policy will take effect.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

How can you define a policy to match ICMP traffic in Flowspec?

A

Use ‘class-map type traffic match-all’ with ‘match protocol icmp’ followed by a ‘policy-map’ with policing or other actions.

17
Q

What command installs a service-policy for ICMP traffic in the ipv4 Flowspec address-family?

A

‘service-policy type pbr ‘ under ‘flowspec’ address-family configuration.

18
Q

What is the default action if no specific Flowspec policy is matched?

A

No action is taken if no policy is matched.