Configures Border Gateway Protocol flow specification (BGP flowspec) route validation at neighbor or peer-group level.
By default, flowspec validation is enabled at neighbor or peer-group level.
BGP address-family IPv4 flowspec configuration mode
Flowspec validation can be configured at neighbor, peer-group or address-family level with the neighbor-level configuration prioritized over peer-group level configuration and the peer-group level configuration prioritized over the address-level configuration.
Use the neighbor flowspec validation command to configure flowspec validation at neighbor or peer-group level. To configure flowspec validation at address-family level, refer to the flowspec validation command.
By default, flowspec validation is enabled. Use the no form of the command to completely disable flowspec validation at neighbor or peer-group level. To only disable redirect IP nexthop validation at neighbor or peer-group level, use the no form of the command specifying the redirect option.
The following example shows how to disable IPv4 flowspec validation. In this example, only redirect IP nexthop validation is disabled for a peer group named peer-group1 in the default VRF.
device# configure terminal device(config)# router bgp device(config-bgp-router)# address-family ipv4 flowspec device(config-bgp-ipv4fs)# no neighbor peer-group1 flowspec validation redirect