Telecominfraproject/archived-ols-ucentral-schema
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/ols-ucentral-schema.git synced 2026-03-20 03:39:31 +00:00
Code Issues Packages Projects Releases 4 Wiki Activity

Compare commits

base: Telecominfraproject:v4.0.0-rc1
Branches Tags
Telecominfraproject:main Telecominfraproject:release/v5.0.0 Telecominfraproject:staging-release-5.0.0-pki-2.0 Telecominfraproject:ols-969-priority-mapping-schema Telecominfraproject:ols-976-port-security-schema Telecominfraproject:ols-975-diffserv-schema Telecominfraproject:ols-970-rspan-schema Telecominfraproject:extend_mclag-group_schema_to_support_static_trunk Telecominfraproject:ols-909-add-port-autoneg-schema Telecominfraproject:OLS-849-add-xSTP-parameters Telecominfraproject:OLS-848-Schema-Intrusion-detection Telecominfraproject:OLS-838-Update-OLS-Schema-version-to-4.2.0 Telecominfraproject:correct-storm-control-indentation Telecominfraproject:ols-821-mclag-schema-correction Telecominfraproject:fix/fix_invalid_schema Telecominfraproject:ols-688-bpdu-guard Telecominfraproject:ols-822-lldp-peers-statemessage-enhancements Telecominfraproject:OLS_UpdateSchemaVersion_410 Telecominfraproject:ols-659-simplify-vlan-config Telecominfraproject:staging-OLS-644-global-dns Telecominfraproject:OLS-578-Tag-ols-ucentral-client-and-ols-ucentral-schema-4.0.0-pre-release Telecominfraproject:Sprint-8-OLS-ARP-Inspect-Schema Telecominfraproject:Sprint-8-OLS---Rate-Limiting-schema Telecominfraproject:OLS-556-Sprint-8-IPSourceGuard Telecominfraproject:OLS-556-Sprint-8-SubcribeRTEvents Telecominfraproject:OLS-550_Schema_Corrections_Pre4p0_Features Telecominfraproject:OLS-562-Add-schema-version-to-ols-ucentral-schema Telecominfraproject:OLS-545-Removal-of-AP-specific-schema-elements-from-ols-ucentral-schema Telecominfraproject:OLS-538_port_speed_enum_fix_40g Telecominfraproject:OLS-425_sprint6_schema Telecominfraproject:OLS_390_Move_uplink_interface_definition_to_state.yml_Add_version_connect.capabilities Telecominfraproject:OLS-390-Move-uplink_interface-definition-to-state.yml-add-version-to-connect.capabilities Telecominfraproject:OLS_319_sprint4_schema Telecominfraproject:OLS-295_capabilities_add_lacp_linkAggregation_jumboFrames Telecominfraproject:link_aggregation Telecominfraproject:change_port_mirror_type_to_array Telecominfraproject:lacp Telecominfraproject:jumbo_frames Telecominfraproject:OLS-229-generate-json-file-for-capabilities-connect.capabilities.yml Telecominfraproject:OLS-228-delta_counters Telecominfraproject:secure_http_server Telecominfraproject:fix_loop_detection_schema_instances_indentation Telecominfraproject:change_vrf_id_to_integer Telecominfraproject:schema_fixes_and_updates Telecominfraproject:default-values-for-schema/ethernet.yml-speed-and-duplex Telecominfraproject:next Telecominfraproject:1-incorrect-indentation-for-statelink-stateyml
Telecominfraproject:v5.0.0 Telecominfraproject:v4.1.0-rc1 Telecominfraproject:v4.0.0 Telecominfraproject:v4.0.0-rc1 Telecominfraproject:v3.2.7
...
compare: Telecominfraproject:main
Branches Tags
Telecominfraproject:main Telecominfraproject:release/v5.0.0 Telecominfraproject:staging-release-5.0.0-pki-2.0 Telecominfraproject:ols-969-priority-mapping-schema Telecominfraproject:ols-976-port-security-schema Telecominfraproject:ols-975-diffserv-schema Telecominfraproject:ols-970-rspan-schema Telecominfraproject:extend_mclag-group_schema_to_support_static_trunk Telecominfraproject:ols-909-add-port-autoneg-schema Telecominfraproject:OLS-849-add-xSTP-parameters Telecominfraproject:OLS-848-Schema-Intrusion-detection Telecominfraproject:OLS-838-Update-OLS-Schema-version-to-4.2.0 Telecominfraproject:correct-storm-control-indentation Telecominfraproject:ols-821-mclag-schema-correction Telecominfraproject:fix/fix_invalid_schema Telecominfraproject:ols-688-bpdu-guard Telecominfraproject:ols-822-lldp-peers-statemessage-enhancements Telecominfraproject:OLS_UpdateSchemaVersion_410 Telecominfraproject:ols-659-simplify-vlan-config Telecominfraproject:staging-OLS-644-global-dns Telecominfraproject:OLS-578-Tag-ols-ucentral-client-and-ols-ucentral-schema-4.0.0-pre-release Telecominfraproject:Sprint-8-OLS-ARP-Inspect-Schema Telecominfraproject:Sprint-8-OLS---Rate-Limiting-schema Telecominfraproject:OLS-556-Sprint-8-IPSourceGuard Telecominfraproject:OLS-556-Sprint-8-SubcribeRTEvents Telecominfraproject:OLS-550_Schema_Corrections_Pre4p0_Features Telecominfraproject:OLS-562-Add-schema-version-to-ols-ucentral-schema Telecominfraproject:OLS-545-Removal-of-AP-specific-schema-elements-from-ols-ucentral-schema Telecominfraproject:OLS-538_port_speed_enum_fix_40g Telecominfraproject:OLS-425_sprint6_schema Telecominfraproject:OLS_390_Move_uplink_interface_definition_to_state.yml_Add_version_connect.capabilities Telecominfraproject:OLS-390-Move-uplink_interface-definition-to-state.yml-add-version-to-connect.capabilities Telecominfraproject:OLS_319_sprint4_schema Telecominfraproject:OLS-295_capabilities_add_lacp_linkAggregation_jumboFrames Telecominfraproject:link_aggregation Telecominfraproject:change_port_mirror_type_to_array Telecominfraproject:lacp Telecominfraproject:jumbo_frames Telecominfraproject:OLS-229-generate-json-file-for-capabilities-connect.capabilities.yml Telecominfraproject:OLS-228-delta_counters Telecominfraproject:secure_http_server Telecominfraproject:fix_loop_detection_schema_instances_indentation Telecominfraproject:change_vrf_id_to_integer Telecominfraproject:schema_fixes_and_updates Telecominfraproject:default-values-for-schema/ethernet.yml-speed-and-duplex Telecominfraproject:next Telecominfraproject:1-incorrect-indentation-for-statelink-stateyml
Telecominfraproject:v5.0.0 Telecominfraproject:v4.1.0-rc1 Telecominfraproject:v4.0.0 Telecominfraproject:v4.0.0-rc1 Telecominfraproject:v3.2.7

51 Commits
v4.0.0-rc1 ... main

Author SHA1 Message Date
Mike Hansen
5aba2c37f3 Merge pull request #60 from Telecominfraproject/staging-release-5.0.0-pki-2.0 
Release 5.0.0 - Update schema version

No other changes

This will be the schema for the release/v5.0.0
 2026-02-26 12:51:58 -05:00
Mike Hansen
3fda75b7db Release 5.0.0 - Update schema version 2026-02-26 09:45:08 -05:00
Binny
f2a9d622e9 Merge pull request #56 from Telecominfraproject/ols-969-priority-mapping-schema 
ols-969-Schema for Priority Mapping-firstdraft
 2026-02-03 13:36:54 +05:30
Binny
f172a3630e ols-969-rev1-push 2026-01-30 19:03:48 +00:00
Binny
2c2a8810c8 ols-969-prio-mapping-rev1 2026-01-30 18:59:11 +00:00
Binny
ab89f53750 ols-969-Schema for Priority Mapping-firstdraft 2026-01-28 13:59:27 +00:00
Binny
a109852c33 Merge pull request #55 from Telecominfraproject/extend_mclag-group_schema_to_support_static_trunk 
MCLAG: extend mclag-group schema to support static trunk
 2026-01-21 10:56:53 +05:30
Binny
23bc815936 Merge pull request #54 from Telecominfraproject/ols-909-add-port-autoneg-schema 
ols-909-autoneg-port-draft
 2026-01-21 10:55:59 +05:30
jacky_chang
7bca1f897a MCLAG: extend mclag-group schema to support static trunk 
During our MCLAG feature development, we identified that the current mclag-group schema only considers the LACP-based use case.
Since Edgecore switches only support MLAG on static trunk interfaces, we currently have no way to specify static trunk parameters within the existing schema.

To address this limitation, we would like to propose adding a new field, trunk-id, to the mclag-group definition:
 2025-12-18 11:21:26 +08:00
Olexandr, Mazur
429bf9eb87 Merge pull request #53 from Telecominfraproject/wip/mclag_schema_additions 
MCLAG: extend schema and state with additional fields
 2025-12-08 17:02:04 +02:00
Oleksandr Mazur
e0d69521d5 MCLAG: extend schema and state with additional fields 
Current MCLAG configuration schema looks fine
yet misses some crucial keepalive and session configuration.

Not only that, there's no real state being back-reported
to the Gateway in a state message, which might complicate
remote debugging of configuration applied on the switch itself.

Signed-off-by: Oleksandr Mazur <oleksandr.mazur@plvision.eu>
 2025-12-05 15:00:42 +02:00
Binny
c7a8f2e727 ols-909-autoneg-port-draft 2025-12-03 12:56:52 +00:00
Binny
68c6e98fb0 Merge pull request #51 from Telecominfraproject/OLS-848-Schema-Intrusion-detection 
ols-848-intrusiondetection-draft-changes
 2025-11-26 17:42:33 +05:30
Binny
b6996ce24d Merge pull request #52 from Telecominfraproject/OLS-849-add-xSTP-parameters 
ols-849-new-stp-params-draft
 2025-11-26 17:41:51 +05:30
Binny
57c7138e64 ols-849-reviewcomments-made 2025-10-29 09:50:18 +00:00
Binny
2711412306 ols-848-comments-addressed 2025-10-29 09:44:19 +00:00
Binny
75e2910729 ols-849-new-stp-params-draft 2025-10-08 13:50:50 +00:00
Binny
f11d7d8181 ols-848-intrusiondetection-draft-changes 2025-10-08 11:47:20 +00:00
Binny
02f749cc11 Merge pull request #46 from Telecominfraproject/ols-821-mclag-schema-correction 
ols-821-mclag-schema-correcttion-draft Changes
 2025-10-07 12:06:22 +05:30
Mike Hansen
5b00327adc Merge pull request #50 from Telecominfraproject/correct-storm-control-indentation 
Fix indentation for storm-control configuration.
 2025-09-24 12:29:33 -04:00
Mike Hansen
117aa70d4f Fix indentation for storm-control configuration. 
Signed-off-by: Mike Hansen <mike.hansen@netexperience.com>
 2025-09-24 11:18:21 -04:00
Binny
c3073a9a45 ols-821-mclag-schema-final-draft 2025-09-16 06:10:50 +00:00
Binny
04a8901620 Merge pull request #47 from Telecominfraproject/ols-822-lldp-peers-statemessage-enhancements 
ols-822-lldp-enhanced-state-reporting-draft Review
 2025-09-16 11:37:54 +05:30
Olexandr, Mazur
23ebf25cba Merge pull request #48 from Telecominfraproject/fix/fix_invalid_schema 
Fix broken schema json file
 2025-09-05 12:38:40 +03:00
Oleksandr Mazur
c9b4970b29 Fix broken schema json file 
After latest main merge, there's some overlapping which effectively
breaks the schema (it becomes invalid json file, due to some objects
not ending where they should).

Run generate.sh to provide a complete valid generated json file.

Signed-off-by: Oleksandr Mazur <oleksandr.mazur@plvision.eu>
 2025-09-05 12:36:54 +03:00
Mike Hansen
fdf54a7e0e Merge pull request #44 from Telecominfraproject/ols-688-bpdu-guard 
ols-688-sprint-12-bpdu-guard-draft
 2025-09-03 13:39:44 -04:00
Binny
52e38ce792 Merge branch 'main' into ols-688-bpdu-guard 2025-09-03 23:05:31 +05:30
Binny
05849922ed ols-821-mclag-corrections-rev2 2025-08-22 15:19:46 +00:00
Binny
9228a6c290 ols-822-lldp-peerstate-enhancement-rev2 2025-08-22 14:57:34 +00:00
Mike Hansen
41e621b455 Merge pull request #45 from Telecominfraproject/ols-688-sprint-12-storm-control-draft 
ols-688-sprint-12-stormcontrol-draft
 2025-08-20 09:43:38 -04:00
Binny
30b5864ada ols-822-lldp-enhanced-state-reporting-draft 2025-08-18 14:52:15 +00:00
Binny
598af29d51 ols-821-mclag-schema-correcttion-draft 2025-08-18 13:38:01 +00:00
Binny
c79f7f4517 ols-688-sprint12-bpduguard-final-p2 2025-06-17 15:12:40 +00:00
Binny
0e43b3cb3a ols-688-sprint12-stormcontrol-finalreview-p2 2025-06-17 15:06:46 +00:00
Binny
67f3f14fab ols-688-sprint12-stormcontrol-finalreview 2025-06-17 04:12:10 +00:00
Binny
8c82a276d8 ols-688-sprint12-bpdu-guard-finalreview 2025-06-17 04:05:31 +00:00
Binny
a098465268 ols-688-bpdu-guard-first-reviewchange 2025-06-11 03:33:54 +00:00
Binny
040650cb5c ols-688-sprint-12-stormcontrol-draft 2025-06-09 04:09:55 +00:00
Binny
adf3514ae9 ols-688-sprint-12-bpdu-guard-draft 2025-06-08 18:16:46 +00:00
Mike Hansen
d8d4380977 Merge pull request #43 from Telecominfraproject/OLS_UpdateSchemaVersion_410 
Update OLS Schema version to 4.1.0, regenerate html
 2025-05-26 13:21:31 -04:00
Mike Hansen
c63ac1f5d9 Update OLS Schema version to 4.1.0, regenerate html 
Signed-off-by: Mike Hansen <mike.hansen@netexperience.com>
 2025-05-26 08:48:43 -04:00
Binny
37b9152b6e Merge pull request #42 from Telecominfraproject/ols-659-simplify-vlan-config 
OLS-659 proposal draft for bulk-vlan
 2025-05-16 06:29:12 +05:30
Binny
5db059b95b Merge pull request #41 from Telecominfraproject/ols-655-state-message-l2-loopdetection-info 
OLS-655 - STP and Loop Detection Protocol States in State Message
 2025-05-16 06:28:45 +05:30
Binny
5a7f055793 ols-655 final change to merge 2025-05-06 02:37:02 +00:00
Binny
2b7ce76453 ols-655-review-comments-part1 2025-04-23 20:33:39 +00:00
Binny
d1ab8b453b ols-659 changes_after_review1 2025-04-23 20:19:25 +00:00
Binny
e80a6d2166 OLS-659 proposal draft for bulk-vlan 2025-04-22 16:28:58 +00:00
Binny
6469510af1 OLS-655 draft changes 2025-04-21 16:24:18 +00:00
Mike Hansen
d84e5ee624 Merge pull request #40 from Telecominfraproject/staging-OLS-644-global-dns 
OLS-644: Global DNS configuration
 2025-04-10 09:03:18 -04:00
Tanya Singh
029cdb4ed9 OLS-644: Add Global DNS to switch.yml and use generate.sh to create the json files 
Signed-off-by: Tanya Singh <tanya_singh@accton.com>
 2025-04-10 17:13:03 +08:00
Tanya Singh
cd7d50997c OLS-644: Global DNS configuration 
Signed-off-by: Tanya Singh <tanya_singh@accton.com>
 2025-03-27 11:37:06 +08:00
18 changed files with 2425 additions and 222 deletions
Expand all files Collapse all files

4
capabilities/connect.capabilities.yml
View File

@@ -243,6 +243,7 @@ properties:
- Spanning-Tree-Per-VLAN
- Spanning-Tree-Per-VLAN-Rapid
- Spanning-Tree-MSTP
- BPDU-Guard
# L3
- SVI-StaticIPv4
- SVI-StaticIPv6
@@ -280,6 +281,8 @@ properties:
- MAC-ACL
- IP-ACL
- Guest-VLAN
- Storm-Control
- Access-Lockout
# Services
- Service-SSH
- Service-RSSH
@@ -300,6 +303,7 @@ properties:
- Service-Online-Check
- Service-CaptivePortal
- Service-PublicIpCheck
- Service-Global-DNS
# Tunneling
- Tunneling-VxLAN
- Tunneling-GRE

6
docs/ucentral-schema.html
View File

File diff suppressed because one or more lines are too long

8
docs/ucentral-state.html
View File

File diff suppressed because one or more lines are too long

2
docs/ucentral.capabilities.html
View File

File diff suppressed because one or more lines are too long

4
schema.json
View File

@@ -1,5 +1,5 @@
{
"major": 4,
"major": 5,
"minor": 0,
"patch": 0
"patch": 0
}

155
schema/ethernet.yml
View File

@@ -25,6 +25,13 @@ properties:
type: string
examples:
- cloud_uplink_port
autoneg:
description:
Controls whether link autonegotiation is enabled.
When set to true, the switch negotiates speed and duplex with the link partner.
When set to false, the configured speed and duplex values are forced.
type: boolean
default: true
speed:
description:
The link speed that shall be forced.
@@ -499,3 +506,151 @@ properties:
type: string
minLength: 1
maxLength: 32
bpdu-guard:
description: BPDU Guard configuration block. Enables protection against unexpected BPDUs
on edge ports to prevent loops and rogue switch connections.
type: object
properties:
enabled:
description: When true, the port will be placed into an error-disabled state if any BPDU is received.
type: boolean
auto-recovery-secs:
description: Time in 'seconds' after which a port that was err-disabled due to BPDU Guard
violation will be automatically re-enabled.
type: integer
default: 300
edge-port:
description: When true, the port behaves as an STP Edge Port. When false, the port
participates fully in STP and is treated as a normal switch port.
type: boolean
default: false
storm-control:
description: Storm Control configuration per storm type. Allows enabling or disabling traffic storm control for broadcast, multicast, and unknown unicast packets,
with independent packet-per-second (pps) thresholds. A limit-pps value of 0 implies the control is disabled for that traffic type.
type: object
properties:
broadcast-pps:
type: integer
minimum: 0
default: 0
description: Maximum allowed broadcast packets per second. 0 disables broadcast storm control.
multicast-pps:
type: integer
minimum: 0
default: 0
description: Maximum allowed multicast packets per second. 0 disables multicast storm control.
unknown-unicast-pps:
type: integer
minimum: 0
default: 0
description: Maximum allowed unknown unicast packets per second. 0 disables unknown unicast storm control.
qos-priority-mapping:
type: object
description: Interface-level QoS priority mapping configuration. Defines how ingress packet
markings (IP Precedence, CoS, DSCP) are interpreted and mapped to internal
per-hop behavior (PHB), drop precedence, and egress queue selection.
properties:
priority-untagged:
type: integer
description: Sets the default priority for incoming untagged Ethernet frames.
minimum: 0
maximum: 7
qos-map-trust-mode:
type: string
description: Determines which packet header field is trusted for ingress classification.
enum:
- cos
- dscp
- ip-precedence
qos-map-ipprec2dscp:
type: array
description: Maps IP Precedence values (07) in ingress packets to per-hop behavior (PHB)
and drop precedence. Used when trust mode is set to ip-precedence.
items:
type: object
properties:
preced:
type: integer
description: IP Precedence value in the incoming packet.
minimum: 0
maximum: 7
phb:
type: integer
description: Per-hop behavior (PHB) assigned to this IP Precedence.
minimum: 0
maximum: 63
drop-preced:
type: string
description: Drop precedence assigned for congestion control.
enum:
- green
- yellow
- red
qos-map-cos2dscp:
type: array
description: Maps CoS/CFI values in ingress packets to PHB and drop precedence.
Applied when trust mode is set to cos.
items:
type: object
properties:
cos:
type: integer
description: CoS value extracted from ingress frames.
minimum: 0
maximum: 7
cfi:
type: integer
description: Canonical Format Indicator (0 or 1).
minimum: 0
maximum: 1
phb:
type: integer
description: PHB assigned to this CoS/CFI mapping.
minimum: 0
maximum: 63
drop-preced:
type: string
description: Drop precedence for congestion handling.
enum:
- green
- yellow
- red
qos-map-dscpmutate:
type: array
description: Maps DSCP values (063) in ingress packets to custom PHB and drop precedence.
Used when trust mode is set to dscp.
items:
type: object
properties:
dscp:
type: integer
description: DSCP value from the IP header.
minimum: 0
maximum: 63
phb:
type: integer
description: PHB derived from DSCP-to-internal-priority mapping.
minimum: 0
maximum: 63
drop-preced:
type: string
description: Drop precedence classification for congestion.
enum:
- green
- yellow
- red
qos-map-phb2queue:
type: array
description: Maps PHB to output hardware queues for traffic scheduling.
items:
type: object
properties:
phb:
type: integer
description: Per-hop behavior value (internal priority).
minimum: 0
maximum: 63
queue-id:
type: integer
description: Hardware queue ID chosen for this PHB.
minimum: 0

10
schema/interface.vlan.yml
View File

@@ -8,7 +8,15 @@ properties:
The individual physical network devices contained within the interface
need to be told explicitly if egress traffic shall be tagged.
type: integer
maximum: 4050
maximum: 4094
range-start:
decription: Start vlan-id of the specified range
type: integer
maximum: 4094
range-end:
decription: End vlan-id of the specified range
type: integer
maximum: 4094
proto:
decription:
The L2 vlan tag that shall be added (1q,1ad)

266
schema/switch.yml
View File

@@ -45,6 +45,56 @@ properties:
enum:
- upstream
- downstream
bridge-prio:
description: Bridge priority for root election. Ranging from 061440 (in steps of 4096)
type: integer
default: 32768
forward-delay-secs:
description: Time in seconds a port stays in Listening and Learning states
before transitioning to Forwarding.
type: integer
hello-time-secs:
description: Determines how often switches send BPDU.
type: integer
max-age-secs:
description: Maximum time (in seconds) before a BPDU is considered invalid.
type: integer
pathcost-method:
description: Specifies the method used for path cost calculation.
- short, 16-bit values (065535), IEEE 802.1D
- long, 32-bit values (0200,000,000), IEEE 802.1w
type: string
enum:
- short
- long
bpdu-flooding:
description: Configures how BPDUs are flooded to spanning-tree disabled ports.
- to-all, Flood to all STP-disabled ports
- to-vlan, Flood to STP-disabled ports within the same VLAN
type: string
enum:
- to-all
- to-vlan
bpdu-tx-limit:
description: Maximum number of BPDU transmissions allowed per Hello interval.
type: integer
root-guard:
description: Enable Root Guard globally to prevent designated ports from becoming root.
type: boolean
mst-region:
description: MSTP region-wide configuration. Applicable when protocol is mstp.
type: object
properties:
name:
description: Name of multiple spanning tree region.
type: string
maxLength: 32
minLength: 1
revision:
description: MST region revision number.
type: integer
maximum: 65535
minimum: 0
instances:
description:
Define a list of configuration for each STP instance.
@@ -55,40 +105,43 @@ properties:
type: object
properties:
id:
description:
Indicates instance to configure.
description: Indicates instance to configure.
Depends on current STP protocol
If RPVSTP/PVSTP - vlan id
If MSTP - instance id
type: integer
enabled:
description:
Enable STP on this instance.
description: Enable STP on this instance.
type: boolean
default: true
priority:
description:
Bridge priority.
description: MST priority.
type: integer
default: 32768
forward_delay:
description:
Defines the amount of time a switch port stays in the Listening
forward-delay:
description: Defines the amount of time a switch port stays in the Listening
and Learning states before transitioning to the Forwarding state.
type: integer
default: 15
hello_time:
description:
Determines how often switches send BPDU.
hello-time:
description: Determines how often switches send BPDU.
type: integer
default: 2
max_age:
description:
Specifies the maximum time that a switch port should wait to
receive a BPDU from its neighbor before
max-age:
description: Specifies the maximum time that a switch port should wait to
receive a BPDU from its neighbor before
considering the link as failed or disconnected.
type: integer
default: 20
path-cost:
description: Path cost for this MST instance.
type: integer
vlan-start:
description: VLAN starting range assigned to this MST instance.
type: integer
vlan-end:
description: VLAN ending range assigned to this MST instance.
type: integer
ieee8021x:
description:
This section describes the global 802.1X (port access control) configuration.
@@ -423,6 +476,10 @@ properties:
description: This section defines the MC-LAG configuration parameters for the switch.
type: object
properties:
global-gateway-mac:
description: (Optional) Global Unique MCLAG system MAC address that is assigned to the MCLAG domain on both peers
type: string
format: uc-mac
mclag-domains:
description: List of MC-LAG domain configurations for the switch.
type: array
@@ -435,62 +492,109 @@ properties:
minimum: 1
maximum: 1024
default: 1
gateway-mac:
description:
(Optional) Per-domain Unique MCLAG system MAC address that is assigned to the MCLAG domain on both peers
This MAC address is used as the virtual MAC address for the Layer 3 VLAN Interfaces (Switch Virtual Interfaces or SVIs) across both MCLAG peers
type: string
format: uc-mac
source-ip:
description: IPv4 address of the MCLAG keepalive link on the local switch
type: string
format: ipv4
examples:
- 192.168.0.5
peer-ip:
description: IPv4 address of the MCLAG keepalive link on the peer switch
type: string
format: ipv4
examples:
- 192.168.0.5
system-mac-address:
description: (Optional) Unique MCLAG system MAC address that is assigned to the MCLAG domain on both peers
type: string
format: uc-mac
keepalive-interval:
description: Interval (in seconds) between sending keepalive messages over the peer link to determine if the remote peer is up or down
type: integer
default: 30
minimum: 1
maximum: 64
session-timeout:
description: Time (in seconds) to wait before shutting down an MCLAG session with a remote peer if no keepalive reply is received
type: integer
default: 50
minimum: 1
maximum: 64
peer-link:
description: Configures the peer-link, which could be a physical port or a trunk group that connects the two MC-LAG peer switches.
type: object
properties:
type:
link-type:
description: Defines the type of peer-link, either 'port' or 'trunk-group'
type: string
enum:
- port
- trunk-group
default: trunk-group
value:
description: Specifies the port or trunk-group ID for the peer-link.
port-id:
description: Specifies the physical port name used as peer-link (only valid if type = port).
type: string
examples:
- "Ethernet1"
- "Ethernet2"
trunk-id:
description: Specifies the trunk group ID used as peer-link (only valid if type = trunk-group).
type: integer
minimum: 1
maximum: 64
mclag-group:
description: Configures the MC-LAG group, which binds the interfaces into a multi-chassis LAG.
type: object
properties:
group-id:
description: Defines the unique MC-LAG group identifier.
type: integer
minimum: 1
maximum: 128
members:
description: List of interfaces that participate in the MC-LAG group.
type: array
items:
type: string
description: Interface names that are part of the MC-LAG group.
examples:
- eth0
- eth1
lacp-config:
description: LACP configuration settings for the MC-LAG group.
type: object
properties:
lacp-enable:
description: Enables or disables LACP for the MC-LAG group.
type: boolean
default: true
lacp-role:
description: Configures the LACP role as 'actor' or 'partner'
description: Configures the MC-LAG group(s), which binds the interfaces into a multi-chassis LAG.
type: array
items:
type: object
properties:
group-id:
description: Defines the unique MC-LAG group identifier.
type: integer
minimum: 1
maximum: 128
members:
description: List of interfaces that participate in the MC-LAG group.
type: array
items:
type: string
enum:
- actor
- partner
default: actor
lacp-timeout:
description: Sets the LACP timeout as either 'short' or 'long'.
type: string
enum:
- short
- long
default: long
description: Interface names that are part of the MC-LAG group.
examples:
- Ethernet0
- Ethernet1
lacp-config:
description: LACP configuration settings for the MC-LAG group.
type: object
properties:
lacp-enable:
description: Enables or disables LACP for the MC-LAG group.
type: boolean
default: true
lacp-role:
description: Configures the LACP role as 'actor' or 'partner'
type: string
enum:
- actor
- partner
default: actor
lacp-timeout:
description: Sets the LACP timeout as either 'short' or 'long'.
type: string
enum:
- short
- long
default: long
trunk-id:
description: Specifies the trunk group ID used as the mclag-group.
type: integer
minimum: 1
maximum: 64
system-priority:
description: Specifies the system priority used by the switch for LACP negotiations.
type: integer
@@ -537,6 +641,49 @@ properties:
minLength: 1
examples:
- "A VoIP Phone"
intrusion-detection-access-lockout:
description: Enables protection against unauthorized login attempts by locking user access
after a specified number of failed authentication attempts within a defined period.
type: object
properties:
lockout-attempt-count:
description: Number of consecutive failed login attempts allowed before the user account is locked.
type: integer
minimum: 1
lockout-period-seconds:
description: Duration (in seconds) for which the user account remains locked after exceeding the failed attempt threshold.
type: integer
qos-queue-config:
type: object
description: Global configuration for QoS priority queue scheduling and processing on L2 switches.
properties:
queue-scheduler-mode:
type: string
description: Sets the scheduling mode used for processing each of the Class of Service (CoS) priority queues.
enum:
- strict
- wrr
- strict-wrr
- wfq
- dwrr
queue-config:
type: array
description: List of priority queue configurations applied at the global QoS layer.
items:
type: object
properties:
queue-id:
type: integer
description: Identifier of the priority queue under configuration.
minimum: 0
queue-weight:
type: integer
description: Assigns weights to the CoS priority queues when using WRR or hybrid scheduling modes.
minimum: 1
queue-strict-mode:
type: boolean
description: Ensures that the highest priority packets are always serviced first, ahead of all other traffic.
default: false
arp-inspect:
$ref: "https://ucentral.io/schema/v1/switch/arp-inspect/"
ip-source-guard:
@@ -545,3 +692,8 @@ properties:
$ref: "https://ucentral.io/schema/v1/switch/rtevent/"
acl:
$ref: "https://ucentral.io/schema/v1/switch/acl/"
dns:
description: Define a global list of dns servers.
type: array
items:
type: string

7
state/interface.yml
View File

@@ -15,8 +15,11 @@ items:
name:
type: string
description:
The administrative name of this logical interface. This field is
freetext
The administrative name of this logical interface. This field is freetext
vlan_id:
description: VLAN-ID of the logical interface
type: integer
maximum: 4094
ntp_server:
type: string
description:

93
state/link-state.yml
View File

@@ -191,3 +191,96 @@ properties:
description:
Max power (in Watts) module can drain.
type: number
loop-detect-protocol:
description: Status and protocol information for loop detection or prevention mechanisms
active on this interface. Includes STP/xSTP/MSTP, Loopback Detection (LBD), etc.
type: object
properties:
stp:
description: Spanning Tree Protocol (IEEE 802.1D/RSTP/MSTP) state on the port.
type: object
properties:
protocol:
type: string
description: Variant of STP running (e.g., STP, RSTP, MSTP, RPVST+).
examples:
- RSTP
- MSTP
state:
type: string
description: STP state of the port.
enum:
- disabled
- blocking
- listening
- learning
- forwarding
role:
type: string
description: Role of the port in STP topology.
enum:
- root
- designated
- alternate
- backup
- disabled
bridge-id:
type: string
description: STP Bridge ID
root-bridge-id:
type: string
description: STP Root Bridge ID for the instance.
oper-edge-port:
type: boolean
description: Whether the port is operating as an edge port (no BPDU expected).
cost:
type: integer
description: Operational path cost of the port.
designated-cost:
type: integer
description: Cost advertised by the designated port.
transitions:
type: integer
description: Number of STP state transitions (forwarding/discarding) on this port.
bpdu-guard:
type: string
description: Runtime status of BPDU Guard on the port, when it detects any issue.
- `errdisabled`- Port is shutdown due to BPDU violation.
- `recovering`- Temporarily disabled and in auto-recovery interval.
enum:
- errdisabled
- recovering
lbd:
description: Loopback Detection (LBD) status on this port.
type: object
properties:
enabled:
type: boolean
description: Whether LBD is enabled on this port.
state:
type: string
description: Current loop detection status.
enum:
- no_loop
- loop_detected
- disabled
action:
type: string
description: Action taken when loop is detected (e.g., block, shutdown).
enum:
- none
- block
- shutdown
storm-status:
description: Runtime status of Storm Control feature on the port for each storm type.
type: object
properties:
broadcast:
type: boolean
description: Runtime status of Broadcast Storm Control on the port. Return `true`if Storm condition is detected.
multicast:
type: boolean
description: Runtime status of Multicast Storm Control on the port. Return `true`if Storm condition is detected.
unknown-unicast:
type: boolean
description: Runtime status of Unknown Unicast Storm Control on the port. Return `true`if Storm condition is detected.

55
state/lldp-peers.yml
View File

@@ -49,6 +49,10 @@ items:
type: string
description: Provides a textual description of the remote port, typically describing the interface or its purpose.
example: "Ethernet Port on unit 1, port 2"
lldp-remote-sys-name:
type: string
description: Provides a textual description of the system name string (as defined by the sending device)
example: "Datacenter Switch-1"
lldp-remote-port-max-mtu:
type: string
description: Displays the maximum transmission unit (MTU) size that the remote port supports, indicating the largest packet size the port can handle.
@@ -117,6 +121,19 @@ items:
type: string
description: Displays the PoE class of the remote device, indicating its power consumption classification.
enum: ["Class-1", "Class-2", "Class-3", "Class-4","Class-5", "Class-6", "Class-7", "Class-8"]
lldp-remote-port-power-priority:
type: string
description: Indicates the power priority level assigned to the PD.
enum:
- low
- high
- critical
lldp-remote-port-pd-requested-power:
type: number
description: Power requested by the PD in watts (0.1W resolution possible). The values must be presented with real values like 25.5, 20.5 etc.
lldp-remote-port-pse-available-power:
type: number
description: Power that the PSE port is able to provide in watts (0.1W resolution).
lldp-remote-port-lag-info:
type: object
description: Provides information about the remote ports involvement in Link Aggregation Groups (LAG), if applicable.
@@ -129,4 +146,40 @@ items:
description: Shows whether Link Aggregation is enabled on the remote port.
lldp-remote-port-lag-port-id:
type: integer
description: Displays the identifier of the Link Aggregation Group (LAG) that the remote port belongs to.
description: Displays the identifier of the Link Aggregation Group (LAG) that the remote port belongs to.
lldp-remote-port-location:
type: object
description: Location information provided by LLDP-MED.
properties:
location-subtype:
type: string
description: Indicates the type of location information being conveyed.
enum:
- coordinate
- civic-address
- elin
civic-addr:
type: array
description: Civic address information consisting of CA-Type and CA-Value pairs as per LLDP-MED.
items:
type: object
properties:
ca-type:
type: integer
description: Civic Address Type identifier (e.g., 1 = Language, 3 = Country, 6 = A1 state/province, etc.)
ca-value:
type: string
description: Civic Address Value corresponding to the type.
coordinates:
type: object
description: Location coordinates information.
properties:
latitude:
type: string
description: Latitude in decimal degrees (e.g., +37.7749).
longitude:
type: string
description: Longitude in decimal degrees (e.g., -122.4194).
elin:
type: string
description: Emergency Location Identification Number (ELIN) assigned to endpoint location

108
state/state.yml
View File

@@ -114,3 +114,111 @@ properties:
blocked-interface:
type: string
description: The interface (e.g., port) where the blocked entry was detected.
stp:
description: Global status and configuration of the Spanning Tree Protocol (STP) across the switch.
Supports variants like STP, RSTP, MSTP. Includes bridge-wide parameters and protocol behavior.
type: object
properties:
enabled:
type: boolean
description: Whether STP is enabled globally on the switch.
mode:
type: string
description: Operational STP mode used across the switch.
enum:
- stp
- rstp
- mstp
- pvst
- rpvstp
transmission-limit:
type: integer
description: Maximum number of BPDUs that can be transmitted per hello time.
path-cost-method:
type: string
description: Indicates whether "Short" or "Long" path cost method is in use.
enum:
- short
- long
max-hops:
type: integer
description: Maximum hop count used in MSTP.
instances:
type: array
description: List of STP instances (e.g., MSTP instances).
items:
type: object
properties:
instance-id:
type: integer
description: Instance number (for MSTP or multiple-instance support).
vlans:
type: string
description: VLAN ranges associated with the STP instance.
example: "1-4094"
bridge-priority:
type: integer
description: Bridge priority value for STP election.
bridge-hello-time:
type: integer
description: Hello Time interval (in seconds) configured on the bridge.
bridge-max-age:
type: integer
description: Max Age value (in seconds) used for aging STP information.
bridge-forward-delay:
type: integer
description: Delay (in seconds) before transitioning port to forwarding state.
remaining-hops:
type: integer
description: Remaining hop count from the Root Bridge to this bridge.
root-bridge-id:
type: string
description: Bridge ID of the current Root Bridge.
root-port:
type: string
description: Local interface acting as Root Port.
example:
- Ëthernet1
root-cost:
type: integer
description: Cumulative cost to reach the Root Bridge.
topology-changes:
type: integer
description: Total number of topology changes detected.
last-topology-change-seconds:
type: integer
description: Time (in seconds) since the last topology change.
access-lockout:
type: object
description: Represents the operational state and statistics of the Intrusion Detection and Access Lockout feature.
properties:
user-sessions:
type: array
description: Displays a list of user sessions being tracked for failed login attempts.
items:
type: object
properties:
username:
type: string
description: The username associated with the login attempts being tracked.
source-ip:
type: string
description: The IP address from which the login attempts originated.
failed-attempts:
type: integer
description: The number of consecutive failed login attempts recorded for this user session.
status:
type: string
description: Indicates whether the user account is currently locked or active.
enum:
- active
- locked
last-failed-attempt-time:
type: integer
description: UNIX timestamp (in seconds) of the most recent failed login attempt.
lockout-start-time:
type: integer
description: UNIX timestamp (in seconds) when the user account was locked.
lockout-expiry-time:
type: integer
description: UNIX timestamp (in seconds) when the lockout period will end and access will be restored.

78
state/unit.yml
View File

@@ -121,3 +121,81 @@ properties:
description:
Number of CoA requests that are sent if the NAS is configured to prohibit honoring of CoA-Request or Disconnect-Request packets for the specified session.
type: number
mclag-state:
description:
This section describes the global (switch's device) state of the underlying state of MCLAG system.
type: object
properties:
domains:
description:
holds MCLAG domain state information, including domain ID, role, session status,
peer link status, number of interfaces, and interface statuses.
type: array
items:
type: object
properties:
mclag-domain:
description: Configured domain-id state
type: integer
minimum: 1
maximum: 1024
default: 1
role:
description:
Role of the domain (Configured switch's domain-id state)
Active means local switch posesses primary control responsibility
(handles control protocol exchanges on behalf of the pair and is the default source for any shared virtual MAC addresses if they aren't explicitly configured)
Standby means that local switch is the redundant switch that monitors the Active peer, maintains synchronized state information and is ready to take over full control plane responsibility if the Active peer fails.
type: string
enum:
- active
- standby
session-status:
description:
Logical status of the underlying MCLAG session between local switch and remote peer switch.
The 'up' value shows the underlying session is fully setup.
(peers can exchange keepalive messages - if configured, the synchronization is happening and the overall state of link is operational)
The 'down' value means the logical session's status is <down> - potentially, peers can't establish a connection between each other;
(either through a misconfiguration, a routing problem in the field, or due to keepalive messages not being received)
The 'unknown' value means the state cannot be determined (no ports configured, remote peer issues etc)
type: string
enum:
- up
- down
- unknown
peer-link-status:
description:
Operational state of the physical link(s) directly connecting the two Multi-Chassis Link Aggregation Group (MCLAG) peer switches.
type: string
enum:
- up
- down
- unknown
interface-num:
description: Number of MCLAG interfaces configured within current domain id.
type: integer
interfaces:
description: List of configured interfaces statuses (that are part of this domain id)
type: array
items:
type: object
properties:
port:
description: Port name / identifier.
type: string
examples:
- Ethernet1
local-status:
description: Represents local port's status.
type: string
enum:
- up
- down
- unknown
remote-status:
description: Represents remote peer's port status.
type: string
enum:
- up
- down
- unknown

4
ucentral.capabilities.pretty.json
View File

@@ -310,6 +310,7 @@
"Spanning-Tree-Per-VLAN",
"Spanning-Tree-Per-VLAN-Rapid",
"Spanning-Tree-MSTP",
"BPDU-Guard",
"SVI-StaticIPv4",
"SVI-StaticIPv6",
"Interface-StaticIPv4",
@@ -342,6 +343,8 @@
"MAC-ACL",
"IP-ACL",
"Guest-VLAN",
"Storm-Control",
"Access-Lockout",
"Service-SSH",
"Service-RSSH",
"Service-Telnet",
@@ -361,6 +364,7 @@
"Service-Online-Check",
"Service-CaptivePortal",
"Service-PublicIpCheck",
"Service-Global-DNS",
"Tunneling-VxLAN",
"Tunneling-GRE",
"Tunneling-GRE6",

500
ucentral.schema.full.json
View File

@@ -219,6 +219,11 @@
"cloud_uplink_port"
]
},
"autoneg": {
"description": "Controls whether link autonegotiation is enabled. When set to true, the switch negotiates speed and duplex with the link partner. When set to false, the configured speed and duplex values are forced.",
"type": "boolean",
"default": true
},
"speed": {
"description": "The link speed that shall be forced.",
"type": "integer",
@@ -753,6 +758,187 @@
"maxLength": 32
}
}
},
"bpdu-guard": {
"description": "BPDU Guard configuration block. Enables protection against unexpected BPDUs on edge ports to prevent loops and rogue switch connections.",
"type": "object",
"properties": {
"enabled": {
"description": "When true, the port will be placed into an error-disabled state if any BPDU is received.",
"type": "boolean"
},
"auto-recovery-secs": {
"description": "Time in 'seconds' after which a port that was err-disabled due to BPDU Guard violation will be automatically re-enabled.",
"type": "integer",
"default": 300
}
}
},
"edge-port": {
"description": "When true, the port behaves as an STP Edge Port. When false, the port participates fully in STP and is treated as a normal switch port.",
"type": "boolean",
"default": false
},
"storm-control": {
"description": "Storm Control configuration per storm type. Allows enabling or disabling traffic storm control for broadcast, multicast, and unknown unicast packets, with independent packet-per-second (pps) thresholds. A limit-pps value of 0 implies the control is disabled for that traffic type.",
"type": "object",
"properties": {
"broadcast-pps": {
"type": "integer",
"minimum": 0,
"default": 0,
"description": "Maximum allowed broadcast packets per second. 0 disables broadcast storm control."
},
"multicast-pps": {
"type": "integer",
"minimum": 0,
"default": 0,
"description": "Maximum allowed multicast packets per second. 0 disables multicast storm control."
},
"unknown-unicast-pps": {
"type": "integer",
"minimum": 0,
"default": 0,
"description": "Maximum allowed unknown unicast packets per second. 0 disables unknown unicast storm control."
}
}
},
"qos-priority-mapping": {
"type": "object",
"description": "Interface-level QoS priority mapping configuration. Defines how ingress packet markings (IP Precedence, CoS, DSCP) are interpreted and mapped to internal per-hop behavior (PHB), drop precedence, and egress queue selection.",
"properties": {
"priority-untagged": {
"type": "integer",
"description": "Sets the default priority for incoming untagged Ethernet frames.",
"minimum": 0,
"maximum": 7
},
"qos-map-trust-mode": {
"type": "string",
"description": "Determines which packet header field is trusted for ingress classification.",
"enum": [
"cos",
"dscp",
"ip-precedence"
]
},
"qos-map-ipprec2dscp": {
"type": "array",
"description": "Maps IP Precedence values (0\u20137) in ingress packets to per-hop behavior (PHB) and drop precedence. Used when trust mode is set to ip-precedence.",
"items": {
"type": "object",
"properties": {
"preced": {
"type": "integer",
"description": "IP Precedence value in the incoming packet.",
"minimum": 0,
"maximum": 7
},
"phb": {
"type": "integer",
"description": "Per-hop behavior (PHB) assigned to this IP Precedence.",
"minimum": 0,
"maximum": 63
},
"drop-preced": {
"type": "string",
"description": "Drop precedence assigned for congestion control.",
"enum": [
"green",
"yellow",
"red"
]
}
}
}
},
"qos-map-cos2dscp": {
"type": "array",
"description": "Maps CoS/CFI values in ingress packets to PHB and drop precedence. Applied when trust mode is set to cos.",
"items": {
"type": "object",
"properties": {
"cos": {
"type": "integer",
"description": "CoS value extracted from ingress frames.",
"minimum": 0,
"maximum": 7
},
"cfi": {
"type": "integer",
"description": "Canonical Format Indicator (0 or 1).",
"minimum": 0,
"maximum": 1
},
"phb": {
"type": "integer",
"description": "PHB assigned to this CoS/CFI mapping.",
"minimum": 0,
"maximum": 63
},
"drop-preced": {
"type": "string",
"description": "Drop precedence for congestion handling.",
"enum": [
"green",
"yellow",
"red"
]
}
}
}
},
"qos-map-dscpmutate": {
"type": "array",
"description": "Maps DSCP values (0\u201363) in ingress packets to custom PHB and drop precedence. Used when trust mode is set to dscp.",
"items": {
"type": "object",
"properties": {
"dscp": {
"type": "integer",
"description": "DSCP value from the IP header.",
"minimum": 0,
"maximum": 63
},
"phb": {
"type": "integer",
"description": "PHB derived from DSCP-to-internal-priority mapping.",
"minimum": 0,
"maximum": 63
},
"drop-preced": {
"type": "string",
"description": "Drop precedence classification for congestion.",
"enum": [
"green",
"yellow",
"red"
]
}
}
}
},
"qos-map-phb2queue": {
"type": "array",
"description": "Maps PHB to output hardware queues for traffic scheduling.",
"items": {
"type": "object",
"properties": {
"phb": {
"type": "integer",
"description": "Per-hop behavior value (internal priority).",
"minimum": 0,
"maximum": 63
},
"queue-id": {
"type": "integer",
"description": "Hardware queue ID chosen for this PHB.",
"minimum": 0
}
}
}
}
}
}
}
}
@@ -809,6 +995,65 @@
]
}
},
"bridge-prio": {
"description": "Bridge priority for root election. Ranging from 0\u201361440 (in steps of 4096)",
"type": "integer",
"default": 32768
},
"forward-delay-secs": {
"description": "Time in seconds a port stays in Listening and Learning states before transitioning to Forwarding.",
"type": "integer"
},
"hello-time-secs": {
"description": "Determines how often switches send BPDU.",
"type": "integer"
},
"max-age-secs": {
"description": "Maximum time (in seconds) before a BPDU is considered invalid.",
"type": "integer"
},
"pathcost-method": {
"description": "Specifies the method used for path cost calculation. - short, 16-bit values (0\u201365535), IEEE 802.1D - long, 32-bit values (0\u2013200,000,000), IEEE 802.1w",
"type": "string",
"enum": [
"short",
"long"
]
},
"bpdu-flooding": {
"description": "Configures how BPDUs are flooded to spanning-tree disabled ports. - to-all, Flood to all STP-disabled ports - to-vlan, Flood to STP-disabled ports within the same VLAN",
"type": "string",
"enum": [
"to-all",
"to-vlan"
]
},
"bpdu-tx-limit": {
"description": "Maximum number of BPDU transmissions allowed per Hello interval.",
"type": "integer"
},
"root-guard": {
"description": "Enable Root Guard globally to prevent designated ports from becoming root.",
"type": "boolean"
},
"mst-region": {
"description": "MSTP region-wide configuration. Applicable when protocol is mstp.",
"type": "object",
"properties": {
"name": {
"description": "Name of multiple spanning tree region.",
"type": "string",
"maxLength": 32,
"minLength": 1
},
"revision": {
"description": "MST region revision number.",
"type": "integer",
"maximum": 65535,
"minimum": 0
}
}
},
"instances": {
"description": "Define a list of configuration for each STP instance. Meaning of this field depends on current STP protocol (switch.loop-detection.protocol)",
"type": "array",
@@ -825,24 +1070,36 @@
"default": true
},
"priority": {
"description": "Bridge priority.",
"description": "MST priority.",
"type": "integer",
"default": 32768
},
"forward_delay": {
"forward-delay": {
"description": "Defines the amount of time a switch port stays in the Listening and Learning states before transitioning to the Forwarding state.",
"type": "integer",
"default": 15
},
"hello_time": {
"hello-time": {
"description": "Determines how often switches send BPDU.",
"type": "integer",
"default": 2
},
"max_age": {
"max-age": {
"description": "Specifies the maximum time that a switch port should wait to receive a BPDU from its neighbor before considering the link as failed or disconnected.",
"type": "integer",
"default": 20
},
"path-cost": {
"description": "Path cost for this MST instance.",
"type": "integer"
},
"vlan-start": {
"description": "VLAN starting range assigned to this MST instance.",
"type": "integer"
},
"vlan-end": {
"description": "VLAN ending range assigned to this MST instance.",
"type": "integer"
}
}
}
@@ -1228,6 +1485,11 @@
"description": "This section defines the MC-LAG configuration parameters for the switch.",
"type": "object",
"properties": {
"global-gateway-mac": {
"description": "(Optional) Global Unique MCLAG system MAC address that is assigned to the MCLAG domain on both peers",
"type": "string",
"format": "uc-mac"
},
"mclag-domains": {
"description": "List of MC-LAG domain configurations for the switch.",
"type": "array",
@@ -1241,11 +1503,51 @@
"maximum": 1024,
"default": 1
},
"gateway-mac": {
"description": "(Optional) Per-domain Unique MCLAG system MAC address that is assigned to the MCLAG domain on both peers This MAC address is used as the virtual MAC address for the Layer 3 VLAN Interfaces (Switch Virtual Interfaces or SVIs) across both MCLAG peers",
"type": "string",
"format": "uc-mac"
},
"source-ip": {
"description": "IPv4 address of the MCLAG keepalive link on the local switch",
"type": "string",
"format": "ipv4",
"examples": [
"192.168.0.5"
]
},
"peer-ip": {
"description": "IPv4 address of the MCLAG keepalive link on the peer switch",
"type": "string",
"format": "ipv4",
"examples": [
"192.168.0.5"
]
},
"system-mac-address": {
"description": "(Optional) Unique MCLAG system MAC address that is assigned to the MCLAG domain on both peers",
"type": "string",
"format": "uc-mac"
},
"keepalive-interval": {
"description": "Interval (in seconds) between sending keepalive messages over the peer link to determine if the remote peer is up or down",
"type": "integer",
"default": 30,
"minimum": 1,
"maximum": 64
},
"session-timeout": {
"description": "Time (in seconds) to wait before shutting down an MCLAG session with a remote peer if no keepalive reply is received",
"type": "integer",
"default": 50,
"minimum": 1,
"maximum": 64
},
"peer-link": {
"description": "Configures the peer-link, which could be a physical port or a trunk group that connects the two MC-LAG peer switches.",
"type": "object",
"properties": {
"type": {
"link-type": {
"description": "Defines the type of peer-link, either 'port' or 'trunk-group'",
"type": "string",
"enum": [
@@ -1254,8 +1556,16 @@
],
"default": "trunk-group"
},
"value": {
"description": "Specifies the port or trunk-group ID for the peer-link.",
"port-id": {
"description": "Specifies the physical port name used as peer-link (only valid if type = port).",
"type": "string",
"examples": [
"Ethernet1",
"Ethernet2"
]
},
"trunk-id": {
"description": "Specifies the trunk group ID used as peer-link (only valid if type = trunk-group).",
"type": "integer",
"minimum": 1,
"maximum": 64
@@ -1263,54 +1573,63 @@
}
},
"mclag-group": {
"description": "Configures the MC-LAG group, which binds the interfaces into a multi-chassis LAG.",
"type": "object",
"properties": {
"group-id": {
"description": "Defines the unique MC-LAG group identifier.",
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"description": "List of interfaces that participate in the MC-LAG group.",
"type": "array",
"items": {
"type": "string",
"description": "Interface names that are part of the MC-LAG group.",
"examples": [
"eth0",
"eth1"
]
}
},
"lacp-config": {
"description": "LACP configuration settings for the MC-LAG group.",
"type": "object",
"properties": {
"lacp-enable": {
"description": "Enables or disables LACP for the MC-LAG group.",
"type": "boolean",
"default": true
},
"lacp-role": {
"description": "Configures the LACP role as 'actor' or 'partner'",
"description": "Configures the MC-LAG group(s), which binds the interfaces into a multi-chassis LAG.",
"type": "array",
"items": {
"type": "object",
"properties": {
"group-id": {
"description": "Defines the unique MC-LAG group identifier.",
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"description": "List of interfaces that participate in the MC-LAG group.",
"type": "array",
"items": {
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"description": "Sets the LACP timeout as either 'short' or 'long'.",
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
"description": "Interface names that are part of the MC-LAG group.",
"examples": [
"Ethernet0",
"Ethernet1"
]
}
},
"lacp-config": {
"description": "LACP configuration settings for the MC-LAG group.",
"type": "object",
"properties": {
"lacp-enable": {
"description": "Enables or disables LACP for the MC-LAG group.",
"type": "boolean",
"default": true
},
"lacp-role": {
"description": "Configures the LACP role as 'actor' or 'partner'",
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"description": "Sets the LACP timeout as either 'short' or 'long'.",
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
}
}
},
"trunk-id": {
"description": "Specifies the trunk group ID used as the mclag-group.",
"type": "integer",
"minimum": 1,
"maximum": 64
}
}
}
@@ -1379,6 +1698,62 @@
}
}
},
"intrusion-detection-access-lockout": {
"description": "Enables protection against unauthorized login attempts by locking user access after a specified number of failed authentication attempts within a defined period.",
"type": "object",
"properties": {
"lockout-attempt-count": {
"description": "Number of consecutive failed login attempts allowed before the user account is locked.",
"type": "integer",
"minimum": 1
},
"lockout-period-seconds": {
"description": "Duration (in seconds) for which the user account remains locked after exceeding the failed attempt threshold.",
"type": "integer"
}
}
},
"qos-queue-config": {
"type": "object",
"description": "Global configuration for QoS priority queue scheduling and processing on L2 switches.",
"properties": {
"queue-scheduler-mode": {
"type": "string",
"description": "Sets the scheduling mode used for processing each of the Class of Service (CoS) priority queues.",
"enum": [
"strict",
"wrr",
"strict-wrr",
"wfq",
"dwrr"
]
},
"queue-config": {
"type": "array",
"description": "List of priority queue configurations applied at the global QoS layer.",
"items": {
"type": "object",
"properties": {
"queue-id": {
"type": "integer",
"description": "Identifier of the priority queue under configuration.",
"minimum": 0
},
"queue-weight": {
"type": "integer",
"description": "Assigns weights to the CoS priority queues when using WRR or hybrid scheduling modes.",
"minimum": 1
},
"queue-strict-mode": {
"type": "boolean",
"description": "Ensures that the highest priority packets are always serviced first, ahead of all other traffic.",
"default": false
}
}
}
}
}
},
"arp-inspect": {
"type": "object",
"description": "Global configuration for ARP Inspection on the switch.",
@@ -1803,6 +2178,13 @@
}
}
}
},
"dns": {
"description": "Define a global list of dns servers.",
"type": "array",
"items": {
"type": "string"
}
}
}
},
@@ -1873,7 +2255,17 @@
"id": {
"description": "This is the pvid of the vlan that shall be assigned to the interface. The individual physical network devices contained within the interface need to be told explicitly if egress traffic shall be tagged.",
"type": "integer",
"maximum": 4050
"maximum": 4094
},
"range-start": {
"decription": "Start vlan-id of the specified range",
"type": "integer",
"maximum": 4094
},
"range-end": {
"decription": "End vlan-id of the specified range",
"type": "integer",
"maximum": 4094
},
"proto": {
"decription": "The L2 vlan tag that shall be added (1q,1ad)",

419
ucentral.schema.json
View File

@@ -217,6 +217,10 @@
"cloud_uplink_port"
]
},
"autoneg": {
"type": "boolean",
"default": true
},
"speed": {
"type": "integer",
"enum": [
@@ -668,6 +672,160 @@
"maxLength": 32
}
}
},
"bpdu-guard": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"auto-recovery-secs": {
"type": "integer",
"default": 300
}
}
},
"edge-port": {
"type": "boolean",
"default": false
},
"storm-control": {
"type": "object",
"properties": {
"broadcast-pps": {
"type": "integer",
"minimum": 0,
"default": 0
},
"multicast-pps": {
"type": "integer",
"minimum": 0,
"default": 0
},
"unknown-unicast-pps": {
"type": "integer",
"minimum": 0,
"default": 0
}
}
},
"qos-priority-mapping": {
"type": "object",
"properties": {
"priority-untagged": {
"type": "integer",
"minimum": 0,
"maximum": 7
},
"qos-map-trust-mode": {
"type": "string",
"enum": [
"cos",
"dscp",
"ip-precedence"
]
},
"qos-map-ipprec2dscp": {
"type": "array",
"items": {
"type": "object",
"properties": {
"preced": {
"type": "integer",
"minimum": 0,
"maximum": 7
},
"phb": {
"type": "integer",
"minimum": 0,
"maximum": 63
},
"drop-preced": {
"type": "string",
"enum": [
"green",
"yellow",
"red"
]
}
}
}
},
"qos-map-cos2dscp": {
"type": "array",
"items": {
"type": "object",
"properties": {
"cos": {
"type": "integer",
"minimum": 0,
"maximum": 7
},
"cfi": {
"type": "integer",
"minimum": 0,
"maximum": 1
},
"phb": {
"type": "integer",
"minimum": 0,
"maximum": 63
},
"drop-preced": {
"type": "string",
"enum": [
"green",
"yellow",
"red"
]
}
}
}
},
"qos-map-dscpmutate": {
"type": "array",
"items": {
"type": "object",
"properties": {
"dscp": {
"type": "integer",
"minimum": 0,
"maximum": 63
},
"phb": {
"type": "integer",
"minimum": 0,
"maximum": 63
},
"drop-preced": {
"type": "string",
"enum": [
"green",
"yellow",
"red"
]
}
}
}
},
"qos-map-phb2queue": {
"type": "array",
"items": {
"type": "object",
"properties": {
"phb": {
"type": "integer",
"minimum": 0,
"maximum": 63
},
"queue-id": {
"type": "integer",
"minimum": 0
}
}
}
}
}
}
}
},
@@ -1071,6 +1229,54 @@
]
}
},
"bridge-prio": {
"type": "integer",
"default": 32768
},
"forward-delay-secs": {
"type": "integer"
},
"hello-time-secs": {
"type": "integer"
},
"max-age-secs": {
"type": "integer"
},
"pathcost-method": {
"type": "string",
"enum": [
"short",
"long"
]
},
"bpdu-flooding": {
"type": "string",
"enum": [
"to-all",
"to-vlan"
]
},
"bpdu-tx-limit": {
"type": "integer"
},
"root-guard": {
"type": "boolean"
},
"mst-region": {
"type": "object",
"properties": {
"name": {
"type": "string",
"maxLength": 32,
"minLength": 1
},
"revision": {
"type": "integer",
"maximum": 65535,
"minimum": 0
}
}
},
"instances": {
"type": "array",
"items": {
@@ -1087,17 +1293,26 @@
"type": "integer",
"default": 32768
},
"forward_delay": {
"forward-delay": {
"type": "integer",
"default": 15
},
"hello_time": {
"hello-time": {
"type": "integer",
"default": 2
},
"max_age": {
"max-age": {
"type": "integer",
"default": 20
},
"path-cost": {
"type": "integer"
},
"vlan-start": {
"type": "integer"
},
"vlan-end": {
"type": "integer"
}
}
}
@@ -1424,6 +1639,10 @@
"mclag-config": {
"type": "object",
"properties": {
"global-gateway-mac": {
"type": "string",
"format": "uc-mac"
},
"mclag-domains": {
"type": "array",
"items": {
@@ -1435,10 +1654,44 @@
"maximum": 1024,
"default": 1
},
"gateway-mac": {
"type": "string",
"format": "uc-mac"
},
"source-ip": {
"type": "string",
"format": "ipv4",
"examples": [
"192.168.0.5"
]
},
"peer-ip": {
"type": "string",
"format": "ipv4",
"examples": [
"192.168.0.5"
]
},
"system-mac-address": {
"type": "string",
"format": "uc-mac"
},
"keepalive-interval": {
"type": "integer",
"default": 30,
"minimum": 1,
"maximum": 64
},
"session-timeout": {
"type": "integer",
"default": 50,
"minimum": 1,
"maximum": 64
},
"peer-link": {
"type": "object",
"properties": {
"type": {
"link-type": {
"type": "string",
"enum": [
"port",
@@ -1446,7 +1699,14 @@
],
"default": "trunk-group"
},
"value": {
"port-id": {
"type": "string",
"examples": [
"Ethernet1",
"Ethernet2"
]
},
"trunk-id": {
"type": "integer",
"minimum": 1,
"maximum": 64
@@ -1454,46 +1714,54 @@
}
},
"mclag-group": {
"type": "object",
"properties": {
"group-id": {
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"type": "array",
"items": {
"type": "string",
"examples": [
"eth0",
"eth1"
]
}
},
"lacp-config": {
"type": "object",
"properties": {
"lacp-enable": {
"type": "boolean",
"default": true
},
"lacp-role": {
"type": "array",
"items": {
"type": "object",
"properties": {
"group-id": {
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"type": "array",
"items": {
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
"examples": [
"Ethernet0",
"Ethernet1"
]
}
},
"lacp-config": {
"type": "object",
"properties": {
"lacp-enable": {
"type": "boolean",
"default": true
},
"lacp-role": {
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
}
}
},
"trunk-id": {
"type": "integer",
"minimum": 1,
"maximum": 64
}
}
}
@@ -1553,6 +1821,53 @@
}
}
},
"intrusion-detection-access-lockout": {
"type": "object",
"properties": {
"lockout-attempt-count": {
"type": "integer",
"minimum": 1
},
"lockout-period-seconds": {
"type": "integer"
}
}
},
"qos-queue-config": {
"type": "object",
"properties": {
"queue-scheduler-mode": {
"type": "string",
"enum": [
"strict",
"wrr",
"strict-wrr",
"wfq",
"dwrr"
]
},
"queue-config": {
"type": "array",
"items": {
"type": "object",
"properties": {
"queue-id": {
"type": "integer",
"minimum": 0
},
"queue-weight": {
"type": "integer",
"minimum": 1
},
"queue-strict-mode": {
"type": "boolean",
"default": false
}
}
}
}
}
},
"arp-inspect": {
"$ref": "#/$defs/switch.arp-inspect"
},
@@ -1564,6 +1879,12 @@
},
"acl": {
"$ref": "#/$defs/switch.acl"
},
"dns": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
@@ -1572,7 +1893,17 @@
"properties": {
"id": {
"type": "integer",
"maximum": 4050
"maximum": 4094
},
"range-start": {
"decription": "Start vlan-id of the specified range",
"type": "integer",
"maximum": 4094
},
"range-end": {
"decription": "End vlan-id of the specified range",
"type": "integer",
"maximum": 4094
},
"proto": {
"decription": "The L2 vlan tag that shall be added (1q,1ad)",

500
ucentral.schema.pretty.json
View File

@@ -253,6 +253,11 @@
"cloud_uplink_port"
]
},
"autoneg": {
"description": "Controls whether link autonegotiation is enabled. When set to true, the switch negotiates speed and duplex with the link partner. When set to false, the configured speed and duplex values are forced.",
"type": "boolean",
"default": true
},
"speed": {
"description": "The link speed that shall be forced.",
"type": "integer",
@@ -787,6 +792,187 @@
"maxLength": 32
}
}
},
"bpdu-guard": {
"description": "BPDU Guard configuration block. Enables protection against unexpected BPDUs on edge ports to prevent loops and rogue switch connections.",
"type": "object",
"properties": {
"enabled": {
"description": "When true, the port will be placed into an error-disabled state if any BPDU is received.",
"type": "boolean"
},
"auto-recovery-secs": {
"description": "Time in 'seconds' after which a port that was err-disabled due to BPDU Guard violation will be automatically re-enabled.",
"type": "integer",
"default": 300
}
}
},
"edge-port": {
"description": "When true, the port behaves as an STP Edge Port. When false, the port participates fully in STP and is treated as a normal switch port.",
"type": "boolean",
"default": false
},
"storm-control": {
"description": "Storm Control configuration per storm type. Allows enabling or disabling traffic storm control for broadcast, multicast, and unknown unicast packets, with independent packet-per-second (pps) thresholds. A limit-pps value of 0 implies the control is disabled for that traffic type.",
"type": "object",
"properties": {
"broadcast-pps": {
"type": "integer",
"minimum": 0,
"default": 0,
"description": "Maximum allowed broadcast packets per second. 0 disables broadcast storm control."
},
"multicast-pps": {
"type": "integer",
"minimum": 0,
"default": 0,
"description": "Maximum allowed multicast packets per second. 0 disables multicast storm control."
},
"unknown-unicast-pps": {
"type": "integer",
"minimum": 0,
"default": 0,
"description": "Maximum allowed unknown unicast packets per second. 0 disables unknown unicast storm control."
}
}
},
"qos-priority-mapping": {
"type": "object",
"description": "Interface-level QoS priority mapping configuration. Defines how ingress packet markings (IP Precedence, CoS, DSCP) are interpreted and mapped to internal per-hop behavior (PHB), drop precedence, and egress queue selection.",
"properties": {
"priority-untagged": {
"type": "integer",
"description": "Sets the default priority for incoming untagged Ethernet frames.",
"minimum": 0,
"maximum": 7
},
"qos-map-trust-mode": {
"type": "string",
"description": "Determines which packet header field is trusted for ingress classification.",
"enum": [
"cos",
"dscp",
"ip-precedence"
]
},
"qos-map-ipprec2dscp": {
"type": "array",
"description": "Maps IP Precedence values (0\u20137) in ingress packets to per-hop behavior (PHB) and drop precedence. Used when trust mode is set to ip-precedence.",
"items": {
"type": "object",
"properties": {
"preced": {
"type": "integer",
"description": "IP Precedence value in the incoming packet.",
"minimum": 0,
"maximum": 7
},
"phb": {
"type": "integer",
"description": "Per-hop behavior (PHB) assigned to this IP Precedence.",
"minimum": 0,
"maximum": 63
},
"drop-preced": {
"type": "string",
"description": "Drop precedence assigned for congestion control.",
"enum": [
"green",
"yellow",
"red"
]
}
}
}
},
"qos-map-cos2dscp": {
"type": "array",
"description": "Maps CoS/CFI values in ingress packets to PHB and drop precedence. Applied when trust mode is set to cos.",
"items": {
"type": "object",
"properties": {
"cos": {
"type": "integer",
"description": "CoS value extracted from ingress frames.",
"minimum": 0,
"maximum": 7
},
"cfi": {
"type": "integer",
"description": "Canonical Format Indicator (0 or 1).",
"minimum": 0,
"maximum": 1
},
"phb": {
"type": "integer",
"description": "PHB assigned to this CoS/CFI mapping.",
"minimum": 0,
"maximum": 63
},
"drop-preced": {
"type": "string",
"description": "Drop precedence for congestion handling.",
"enum": [
"green",
"yellow",
"red"
]
}
}
}
},
"qos-map-dscpmutate": {
"type": "array",
"description": "Maps DSCP values (0\u201363) in ingress packets to custom PHB and drop precedence. Used when trust mode is set to dscp.",
"items": {
"type": "object",
"properties": {
"dscp": {
"type": "integer",
"description": "DSCP value from the IP header.",
"minimum": 0,
"maximum": 63
},
"phb": {
"type": "integer",
"description": "PHB derived from DSCP-to-internal-priority mapping.",
"minimum": 0,
"maximum": 63
},
"drop-preced": {
"type": "string",
"description": "Drop precedence classification for congestion.",
"enum": [
"green",
"yellow",
"red"
]
}
}
}
},
"qos-map-phb2queue": {
"type": "array",
"description": "Maps PHB to output hardware queues for traffic scheduling.",
"items": {
"type": "object",
"properties": {
"phb": {
"type": "integer",
"description": "Per-hop behavior value (internal priority).",
"minimum": 0,
"maximum": 63
},
"queue-id": {
"type": "integer",
"description": "Hardware queue ID chosen for this PHB.",
"minimum": 0
}
}
}
}
}
}
}
},
@@ -1267,6 +1453,65 @@
]
}
},
"bridge-prio": {
"description": "Bridge priority for root election. Ranging from 0\u201361440 (in steps of 4096)",
"type": "integer",
"default": 32768
},
"forward-delay-secs": {
"description": "Time in seconds a port stays in Listening and Learning states before transitioning to Forwarding.",
"type": "integer"
},
"hello-time-secs": {
"description": "Determines how often switches send BPDU.",
"type": "integer"
},
"max-age-secs": {
"description": "Maximum time (in seconds) before a BPDU is considered invalid.",
"type": "integer"
},
"pathcost-method": {
"description": "Specifies the method used for path cost calculation. - short, 16-bit values (0\u201365535), IEEE 802.1D - long, 32-bit values (0\u2013200,000,000), IEEE 802.1w",
"type": "string",
"enum": [
"short",
"long"
]
},
"bpdu-flooding": {
"description": "Configures how BPDUs are flooded to spanning-tree disabled ports. - to-all, Flood to all STP-disabled ports - to-vlan, Flood to STP-disabled ports within the same VLAN",
"type": "string",
"enum": [
"to-all",
"to-vlan"
]
},
"bpdu-tx-limit": {
"description": "Maximum number of BPDU transmissions allowed per Hello interval.",
"type": "integer"
},
"root-guard": {
"description": "Enable Root Guard globally to prevent designated ports from becoming root.",
"type": "boolean"
},
"mst-region": {
"description": "MSTP region-wide configuration. Applicable when protocol is mstp.",
"type": "object",
"properties": {
"name": {
"description": "Name of multiple spanning tree region.",
"type": "string",
"maxLength": 32,
"minLength": 1
},
"revision": {
"description": "MST region revision number.",
"type": "integer",
"maximum": 65535,
"minimum": 0
}
}
},
"instances": {
"description": "Define a list of configuration for each STP instance. Meaning of this field depends on current STP protocol (switch.loop-detection.protocol)",
"type": "array",
@@ -1283,24 +1528,36 @@
"default": true
},
"priority": {
"description": "Bridge priority.",
"description": "MST priority.",
"type": "integer",
"default": 32768
},
"forward_delay": {
"forward-delay": {
"description": "Defines the amount of time a switch port stays in the Listening and Learning states before transitioning to the Forwarding state.",
"type": "integer",
"default": 15
},
"hello_time": {
"hello-time": {
"description": "Determines how often switches send BPDU.",
"type": "integer",
"default": 2
},
"max_age": {
"max-age": {
"description": "Specifies the maximum time that a switch port should wait to receive a BPDU from its neighbor before considering the link as failed or disconnected.",
"type": "integer",
"default": 20
},
"path-cost": {
"description": "Path cost for this MST instance.",
"type": "integer"
},
"vlan-start": {
"description": "VLAN starting range assigned to this MST instance.",
"type": "integer"
},
"vlan-end": {
"description": "VLAN ending range assigned to this MST instance.",
"type": "integer"
}
}
}
@@ -1686,6 +1943,11 @@
"description": "This section defines the MC-LAG configuration parameters for the switch.",
"type": "object",
"properties": {
"global-gateway-mac": {
"description": "(Optional) Global Unique MCLAG system MAC address that is assigned to the MCLAG domain on both peers",
"type": "string",
"format": "uc-mac"
},
"mclag-domains": {
"description": "List of MC-LAG domain configurations for the switch.",
"type": "array",
@@ -1699,11 +1961,51 @@
"maximum": 1024,
"default": 1
},
"gateway-mac": {
"description": "(Optional) Per-domain Unique MCLAG system MAC address that is assigned to the MCLAG domain on both peers This MAC address is used as the virtual MAC address for the Layer 3 VLAN Interfaces (Switch Virtual Interfaces or SVIs) across both MCLAG peers",
"type": "string",
"format": "uc-mac"
},
"source-ip": {
"description": "IPv4 address of the MCLAG keepalive link on the local switch",
"type": "string",
"format": "ipv4",
"examples": [
"192.168.0.5"
]
},
"peer-ip": {
"description": "IPv4 address of the MCLAG keepalive link on the peer switch",
"type": "string",
"format": "ipv4",
"examples": [
"192.168.0.5"
]
},
"system-mac-address": {
"description": "(Optional) Unique MCLAG system MAC address that is assigned to the MCLAG domain on both peers",
"type": "string",
"format": "uc-mac"
},
"keepalive-interval": {
"description": "Interval (in seconds) between sending keepalive messages over the peer link to determine if the remote peer is up or down",
"type": "integer",
"default": 30,
"minimum": 1,
"maximum": 64
},
"session-timeout": {
"description": "Time (in seconds) to wait before shutting down an MCLAG session with a remote peer if no keepalive reply is received",
"type": "integer",
"default": 50,
"minimum": 1,
"maximum": 64
},
"peer-link": {
"description": "Configures the peer-link, which could be a physical port or a trunk group that connects the two MC-LAG peer switches.",
"type": "object",
"properties": {
"type": {
"link-type": {
"description": "Defines the type of peer-link, either 'port' or 'trunk-group'",
"type": "string",
"enum": [
@@ -1712,8 +2014,16 @@
],
"default": "trunk-group"
},
"value": {
"description": "Specifies the port or trunk-group ID for the peer-link.",
"port-id": {
"description": "Specifies the physical port name used as peer-link (only valid if type = port).",
"type": "string",
"examples": [
"Ethernet1",
"Ethernet2"
]
},
"trunk-id": {
"description": "Specifies the trunk group ID used as peer-link (only valid if type = trunk-group).",
"type": "integer",
"minimum": 1,
"maximum": 64
@@ -1721,54 +2031,63 @@
}
},
"mclag-group": {
"description": "Configures the MC-LAG group, which binds the interfaces into a multi-chassis LAG.",
"type": "object",
"properties": {
"group-id": {
"description": "Defines the unique MC-LAG group identifier.",
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"description": "List of interfaces that participate in the MC-LAG group.",
"type": "array",
"items": {
"type": "string",
"description": "Interface names that are part of the MC-LAG group.",
"examples": [
"eth0",
"eth1"
]
}
},
"lacp-config": {
"description": "LACP configuration settings for the MC-LAG group.",
"type": "object",
"properties": {
"lacp-enable": {
"description": "Enables or disables LACP for the MC-LAG group.",
"type": "boolean",
"default": true
},
"lacp-role": {
"description": "Configures the LACP role as 'actor' or 'partner'",
"description": "Configures the MC-LAG group(s), which binds the interfaces into a multi-chassis LAG.",
"type": "array",
"items": {
"type": "object",
"properties": {
"group-id": {
"description": "Defines the unique MC-LAG group identifier.",
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"description": "List of interfaces that participate in the MC-LAG group.",
"type": "array",
"items": {
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"description": "Sets the LACP timeout as either 'short' or 'long'.",
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
"description": "Interface names that are part of the MC-LAG group.",
"examples": [
"Ethernet0",
"Ethernet1"
]
}
},
"lacp-config": {
"description": "LACP configuration settings for the MC-LAG group.",
"type": "object",
"properties": {
"lacp-enable": {
"description": "Enables or disables LACP for the MC-LAG group.",
"type": "boolean",
"default": true
},
"lacp-role": {
"description": "Configures the LACP role as 'actor' or 'partner'",
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"description": "Sets the LACP timeout as either 'short' or 'long'.",
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
}
}
},
"trunk-id": {
"description": "Specifies the trunk group ID used as the mclag-group.",
"type": "integer",
"minimum": 1,
"maximum": 64
}
}
}
@@ -1837,6 +2156,62 @@
}
}
},
"intrusion-detection-access-lockout": {
"description": "Enables protection against unauthorized login attempts by locking user access after a specified number of failed authentication attempts within a defined period.",
"type": "object",
"properties": {
"lockout-attempt-count": {
"description": "Number of consecutive failed login attempts allowed before the user account is locked.",
"type": "integer",
"minimum": 1
},
"lockout-period-seconds": {
"description": "Duration (in seconds) for which the user account remains locked after exceeding the failed attempt threshold.",
"type": "integer"
}
}
},
"qos-queue-config": {
"type": "object",
"description": "Global configuration for QoS priority queue scheduling and processing on L2 switches.",
"properties": {
"queue-scheduler-mode": {
"type": "string",
"description": "Sets the scheduling mode used for processing each of the Class of Service (CoS) priority queues.",
"enum": [
"strict",
"wrr",
"strict-wrr",
"wfq",
"dwrr"
]
},
"queue-config": {
"type": "array",
"description": "List of priority queue configurations applied at the global QoS layer.",
"items": {
"type": "object",
"properties": {
"queue-id": {
"type": "integer",
"description": "Identifier of the priority queue under configuration.",
"minimum": 0
},
"queue-weight": {
"type": "integer",
"description": "Assigns weights to the CoS priority queues when using WRR or hybrid scheduling modes.",
"minimum": 1
},
"queue-strict-mode": {
"type": "boolean",
"description": "Ensures that the highest priority packets are always serviced first, ahead of all other traffic.",
"default": false
}
}
}
}
}
},
"arp-inspect": {
"$ref": "#/$defs/switch.arp-inspect"
},
@@ -1848,6 +2223,13 @@
},
"acl": {
"$ref": "#/$defs/switch.acl"
},
"dns": {
"description": "Define a global list of dns servers.",
"type": "array",
"items": {
"type": "string"
}
}
}
},
@@ -1858,7 +2240,17 @@
"id": {
"description": "This is the pvid of the vlan that shall be assigned to the interface. The individual physical network devices contained within the interface need to be told explicitly if egress traffic shall be tagged.",
"type": "integer",
"maximum": 4050
"maximum": 4094
},
"range-start": {
"decription": "Start vlan-id of the specified range",
"type": "integer",
"maximum": 4094
},
"range-end": {
"decription": "End vlan-id of the specified range",
"type": "integer",
"maximum": 4094
},
"proto": {
"decription": "The L2 vlan tag that shall be added (1q,1ad)",

428
ucentral.state.pretty.json
View File

@@ -158,6 +158,151 @@
}
}
}
},
"stp": {
"description": "Global status and configuration of the Spanning Tree Protocol (STP) across the switch. Supports variants like STP, RSTP, MSTP. Includes bridge-wide parameters and protocol behavior.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whether STP is enabled globally on the switch."
},
"mode": {
"type": "string",
"description": "Operational STP mode used across the switch.",
"enum": [
"stp",
"rstp",
"mstp",
"pvst",
"rpvstp"
]
},
"transmission-limit": {
"type": "integer",
"description": "Maximum number of BPDUs that can be transmitted per hello time."
},
"path-cost-method": {
"type": "string",
"description": "Indicates whether \"Short\" or \"Long\" path cost method is in use.",
"enum": [
"short",
"long"
]
},
"max-hops": {
"type": "integer",
"description": "Maximum hop count used in MSTP."
},
"instances": {
"type": "array",
"description": "List of STP instances (e.g., MSTP instances).",
"items": {
"type": "object",
"properties": {
"instance-id": {
"type": "integer",
"description": "Instance number (for MSTP or multiple-instance support)."
}
},
"vlans": {
"type": "string",
"description": "VLAN ranges associated with the STP instance.",
"example": "1-4094"
},
"bridge-priority": {
"type": "integer",
"description": "Bridge priority value for STP election."
},
"bridge-hello-time": {
"type": "integer",
"description": "Hello Time interval (in seconds) configured on the bridge."
},
"bridge-max-age": {
"type": "integer",
"description": "Max Age value (in seconds) used for aging STP information."
},
"bridge-forward-delay": {
"type": "integer",
"description": "Delay (in seconds) before transitioning port to forwarding state."
},
"remaining-hops": {
"type": "integer",
"description": "Remaining hop count from the Root Bridge to this bridge."
},
"root-bridge-id": {
"type": "string",
"description": "Bridge ID of the current Root Bridge."
},
"root-port": {
"type": "string",
"description": "Local interface acting as Root Port.",
"example": [
"\u00cbthernet1"
]
},
"root-cost": {
"type": "integer",
"description": "Cumulative cost to reach the Root Bridge."
},
"topology-changes": {
"type": "integer",
"description": "Total number of topology changes detected."
},
"last-topology-change-seconds": {
"type": "integer",
"description": "Time (in seconds) since the last topology change."
}
}
}
}
},
"access-lockout": {
"type": "object",
"description": "Represents the operational state and statistics of the Intrusion Detection and Access Lockout feature.",
"properties": {
"user-sessions": {
"type": "array",
"description": "Displays a list of user sessions being tracked for failed login attempts.",
"items": {
"type": "object",
"properties": {
"username": {
"type": "string",
"description": "The username associated with the login attempts being tracked."
},
"source-ip": {
"type": "string",
"description": "The IP address from which the login attempts originated."
},
"failed-attempts": {
"type": "integer",
"description": "The number of consecutive failed login attempts recorded for this user session."
},
"status": {
"type": "string",
"description": "Indicates whether the user account is currently locked or active.",
"enum": [
"active",
"locked"
]
},
"last-failed-attempt-time": {
"type": "integer",
"description": "UNIX timestamp (in seconds) of the most recent failed login attempt."
},
"lockout-start-time": {
"type": "integer",
"description": "UNIX timestamp (in seconds) when the user account was locked."
},
"lockout-expiry-time": {
"type": "integer",
"description": "UNIX timestamp (in seconds) when the lockout period will end and access will be restored."
}
}
}
}
}
}
},
"$defs": {
@@ -291,6 +436,92 @@
}
}
}
},
"mclag-state": {
"description": "This section describes the global (switch's device) state of the underlying state of MCLAG system.",
"type": "object",
"properties": {
"domains": {
"description": "holds MCLAG domain state information, including domain ID, role, session status, peer link status, number of interfaces, and interface statuses.",
"type": "array",
"items": {
"type": "object",
"properties": {
"mclag-domain": {
"description": "Configured domain-id state",
"type": "integer",
"minimum": 1,
"maximum": 1024,
"default": 1
},
"role": {
"description": "Role of the domain (Configured switch's domain-id state) Active means local switch posesses primary control responsibility (handles control protocol exchanges on behalf of the pair and is the default source for any shared virtual MAC addresses if they aren't explicitly configured) Standby means that local switch is the redundant switch that monitors the Active peer, maintains synchronized state information and is ready to take over full control plane responsibility if the Active peer fails.",
"type": "string",
"enum": [
"active",
"standby"
]
},
"session-status": {
"description": "Logical status of the underlying MCLAG session between local switch and remote peer switch. The 'up' value shows the underlying session is fully setup. (peers can exchange keepalive messages - if configured, the synchronization is happening and the overall state of link is operational) The 'down' value means the logical session's status is <down> - potentially, peers can't establish a connection between each other; (either through a misconfiguration, a routing problem in the field, or due to keepalive messages not being received) The 'unknown' value means the state cannot be determined (no ports configured, remote peer issues etc)",
"type": "string",
"enum": [
"up",
"down",
"unknown"
]
},
"peer-link-status": {
"description": "Operational state of the physical link(s) directly connecting the two Multi-Chassis Link Aggregation Group (MCLAG) peer switches.",
"type": "string",
"enum": [
"up",
"down",
"unknown"
]
},
"interface-num": {
"description": "Number of MCLAG interfaces configured within current domain id.",
"type": "integer"
},
"interfaces": {
"description": "List of configured interfaces statuses (that are part of this domain id)",
"type": "array",
"items": {
"type": "object",
"properties": {
"port": {
"description": "Port name / identifier.",
"type": "string",
"examples": [
"Ethernet1"
]
},
"local-status": {
"description": "Represents local port's status.",
"type": "string",
"enum": [
"up",
"down",
"unknown"
]
},
"remote-status": {
"description": "Represents remote peer's port status.",
"type": "string",
"enum": [
"up",
"down",
"unknown"
]
}
}
}
}
}
}
}
}
}
}
},
@@ -524,6 +755,11 @@
"type": "string",
"description": "The administrative name of this logical interface. This field is freetext"
},
"vlan_id": {
"description": "VLAN-ID of the logical interface",
"type": "integer",
"maximum": 4094
},
"ntp_server": {
"type": "string",
"description": "The upstream NTP server being used by this interface."
@@ -806,6 +1042,11 @@
"description": "Provides a textual description of the remote port, typically describing the interface or its purpose.",
"example": "Ethernet Port on unit 1, port 2"
},
"lldp-remote-sys-name": {
"type": "string",
"description": "Provides a textual description of the system name string (as defined by the sending device)",
"example": "Datacenter Switch-1"
},
"lldp-remote-port-max-mtu": {
"type": "string",
"description": "Displays the maximum transmission unit (MTU) size that the remote port supports, indicating the largest packet size the port can handle."
@@ -911,6 +1152,23 @@
"Class-7",
"Class-8"
]
},
"lldp-remote-port-power-priority": {
"type": "string",
"description": "Indicates the power priority level assigned to the PD.",
"enum": [
"low",
"high",
"critical"
]
},
"lldp-remote-port-pd-requested-power": {
"type": "number",
"description": "Power requested by the PD in watts (0.1W resolution possible). The values must be presented with real values like 25.5, 20.5 etc."
},
"lldp-remote-port-pse-available-power": {
"type": "number",
"description": "Power that the PSE port is able to provide in watts (0.1W resolution)."
}
}
},
@@ -931,6 +1189,56 @@
"description": "Displays the identifier of the Link Aggregation Group (LAG) that the remote port belongs to."
}
}
},
"lldp-remote-port-location": {
"type": "object",
"description": "Location information provided by LLDP-MED.",
"properties": {
"location-subtype": {
"type": "string",
"description": "Indicates the type of location information being conveyed.",
"enum": [
"coordinate",
"civic-address",
"elin"
]
},
"civic-addr": {
"type": "array",
"description": "Civic address information consisting of CA-Type and CA-Value pairs as per LLDP-MED.",
"items": {
"type": "object",
"properties": {
"ca-type": {
"type": "integer",
"description": "Civic Address Type identifier (e.g., 1 = Language, 3 = Country, 6 = A1 state/province, etc.)"
},
"ca-value": {
"type": "string",
"description": "Civic Address Value corresponding to the type."
}
}
}
},
"coordinates": {
"type": "object",
"description": "Location coordinates information.",
"properties": {
"latitude": {
"type": "string",
"description": "Latitude in decimal degrees (e.g., +37.7749)."
},
"longitude": {
"type": "string",
"description": "Longitude in decimal degrees (e.g., -122.4194)."
}
}
},
"elin": {
"type": "string",
"description": "Emergency Location Identification Number (ELIN) assigned to endpoint location"
}
}
}
}
}
@@ -1154,6 +1462,126 @@
"type": "number"
}
}
},
"loop-detect-protocol": {
"description": "Status and protocol information for loop detection or prevention mechanisms active on this interface. Includes STP/xSTP/MSTP, Loopback Detection (LBD), etc.",
"type": "object",
"properties": {
"stp": {
"description": "Spanning Tree Protocol (IEEE 802.1D/RSTP/MSTP) state on the port.",
"type": "object",
"properties": {
"protocol": {
"type": "string",
"description": "Variant of STP running (e.g., STP, RSTP, MSTP, RPVST+).",
"examples": [
"RSTP",
"MSTP"
]
},
"state": {
"type": "string",
"description": "STP state of the port.",
"enum": [
"disabled",
"blocking",
"listening",
"learning",
"forwarding"
]
},
"role": {
"type": "string",
"description": "Role of the port in STP topology.",
"enum": [
"root",
"designated",
"alternate",
"backup",
"disabled"
]
},
"bridge-id": {
"type": "string",
"description": "STP Bridge ID"
},
"root-bridge-id": {
"type": "string",
"description": "STP Root Bridge ID for the instance."
},
"oper-edge-port": {
"type": "boolean",
"description": "Whether the port is operating as an edge port (no BPDU expected)."
},
"cost": {
"type": "integer",
"description": "Operational path cost of the port."
},
"designated-cost": {
"type": "integer",
"description": "Cost advertised by the designated port."
},
"transitions": {
"type": "integer",
"description": "Number of STP state transitions (forwarding/discarding) on this port."
},
"bpdu-guard": {
"type": "string",
"description": "Runtime status of BPDU Guard on the port, when it detects any issue. - `errdisabled`- Port is shutdown due to BPDU violation. - `recovering`- Temporarily disabled and in auto-recovery interval.",
"enum": [
"errdisabled",
"recovering"
]
}
}
},
"lbd": {
"description": "Loopback Detection (LBD) status on this port.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whether LBD is enabled on this port."
},
"state": {
"type": "string",
"description": "Current loop detection status.",
"enum": [
"no_loop",
"loop_detected",
"disabled"
]
},
"action": {
"type": "string",
"description": "Action taken when loop is detected (e.g., block, shutdown).",
"enum": [
"none",
"block",
"shutdown"
]
}
}
}
}
},
"storm-status": {
"description": "Runtime status of Storm Control feature on the port for each storm type.",
"type": "object",
"properties": {
"broadcast": {
"type": "boolean",
"description": "Runtime status of Broadcast Storm Control on the port. Return `true`if Storm condition is detected."
},
"multicast": {
"type": "boolean",
"description": "Runtime status of Multicast Storm Control on the port. Return `true`if Storm condition is detected."
},
"unknown-unicast": {
"type": "boolean",
"description": "Runtime status of Unknown Unicast Storm Control on the port. Return `true`if Storm condition is detected."
}
}
}
}
},