Hi Scott: The Cisco link is not very friendly...
Here is what I am trying to achive... R1 is in AS100 peering with R2 in AS200. R2 is also peering with R3 in AS200,ibgp. Cust Network 171.68.1.0/24 off of R3 is being Dos attacked by someone in AS100. What I want to do is to match this traffic, set it to a community value and then police it to 128bps Here is what I think I need to do but just don't know where and how to implement it ;-) on r3: router bgp 200 table-map QOS_2 ! route-map QOS_2 match community 2 set ip qos-group 2 ! ip community-list 2 permit 200:2 ! int f0/0---------------------------------->cust. network bgp-policy source QOS_2 rate-limit output qos-group 2 128000 1500 2000 conform-action transmit exceed-action drop on R2 I am having difficulty in matching traffic inbound for cust. network and setting community to 200:2. I can set this via PBR inbound on R2 but how do I tell BGP to send it to R3.....(unless similiar to remote black-hole triggering technique of creating another static route for cust. network to null0 matching tag 666, then creating another route-map matching this tag and setting the next-hop ...etc. etc..but I don't think this is correct). Any ideas?? Thx. -Nash
