X-Git-Url: http://git.bitcoin.ninja/index.cgi?a=blobdiff_plain;f=README.md;fp=README.md;h=29d912e96fe809195ffbd543f576f5159ee96cb0;hb=1be9ba6c0ac85e0ea18d944f67ce4e5598d08660;hp=adcc99ab63cf0b295b3f2aa49909a65357a334d6;hpb=e63afbe176e13e0b1e3092837807cd5e06886da6;p=flowspec-xdp

diff --git a/README.md b/README.md
index adcc99a..29d912e 100644
--- a/README.md
+++ b/README.md
@@ -10,6 +10,14 @@ Note that correctly sorting rules is *not* implemented as it requires implementi
 wire serialization format and it may better be done inside bird/birdc. Thus, be vary careful using
 the terminal bit in the traffict action community.
 
+In addition to the communities specified in RFC 8955, two additional communities are supported which
+provide rate-limiting on a per-source basis. When the upper two bytes in an extended community are
+0x8306 (rate in bytes) or 0x830c (rate in packets), we rate limit the same as 0x8006 or 0x800c
+except that the rate limit is applied per source address. The encoding mirrors the non-per-source
+encoding in that the last 4 octets are the floating-point rate limit. Instead of a 2 octet
+AS/ignored value, the third octet is reserved and the fourth octet is a prefix length mask, which
+is applied to the source IP before rate-limiting.
+
 `install.sh` provides a simple example script which will compile and install a generated XDP program
 from the rules in bird's `flowspec4` and `flowspec6` routing tables. It will drop any packets which
 match any flowspec filter.