scottk/ols-ucentral-schema
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/ols-ucentral-schema.git synced 2025-10-29 17:22:23 +00:00
Code Issues Packages Projects Releases 3 Wiki Activity

Compare commits

base: scottk:OLS-562-Add-schema-version-to-ols-ucentral-schema
Branches Tags
scottk:main scottk:OLS-849-add-xSTP-parameters scottk:OLS-848-Schema-Intrusion-detection scottk:OLS-838-Update-OLS-Schema-version-to-4.2.0 scottk:correct-storm-control-indentation scottk:ols-821-mclag-schema-correction scottk:fix/fix_invalid_schema scottk:ols-688-bpdu-guard scottk:ols-822-lldp-peers-statemessage-enhancements scottk:OLS_UpdateSchemaVersion_410 scottk:ols-659-simplify-vlan-config scottk:staging-OLS-644-global-dns scottk:OLS-578-Tag-ols-ucentral-client-and-ols-ucentral-schema-4.0.0-pre-release scottk:Sprint-8-OLS-ARP-Inspect-Schema scottk:Sprint-8-OLS---Rate-Limiting-schema scottk:OLS-556-Sprint-8-IPSourceGuard scottk:OLS-556-Sprint-8-SubcribeRTEvents scottk:OLS-550_Schema_Corrections_Pre4p0_Features scottk:OLS-562-Add-schema-version-to-ols-ucentral-schema scottk:OLS-545-Removal-of-AP-specific-schema-elements-from-ols-ucentral-schema scottk:OLS-538_port_speed_enum_fix_40g scottk:OLS-425_sprint6_schema scottk:OLS_390_Move_uplink_interface_definition_to_state.yml_Add_version_connect.capabilities scottk:OLS-390-Move-uplink_interface-definition-to-state.yml-add-version-to-connect.capabilities scottk:OLS_319_sprint4_schema scottk:OLS-295_capabilities_add_lacp_linkAggregation_jumboFrames scottk:link_aggregation scottk:change_port_mirror_type_to_array scottk:lacp scottk:jumbo_frames scottk:OLS-229-generate-json-file-for-capabilities-connect.capabilities.yml scottk:OLS-228-delta_counters scottk:secure_http_server scottk:fix_loop_detection_schema_instances_indentation scottk:change_vrf_id_to_integer scottk:schema_fixes_and_updates scottk:default-values-for-schema/ethernet.yml-speed-and-duplex scottk:next scottk:1-incorrect-indentation-for-statelink-stateyml
scottk:v4.1.0-rc1 scottk:v4.0.0 scottk:v4.0.0-rc1 scottk:v3.2.7
..
compare: scottk:v4.0.0
Branches Tags
scottk:OLS-849-add-xSTP-parameters scottk:OLS-848-Schema-Intrusion-detection scottk:OLS-838-Update-OLS-Schema-version-to-4.2.0 scottk:main scottk:correct-storm-control-indentation scottk:ols-821-mclag-schema-correction scottk:fix/fix_invalid_schema scottk:ols-688-bpdu-guard scottk:ols-822-lldp-peers-statemessage-enhancements scottk:OLS_UpdateSchemaVersion_410 scottk:ols-659-simplify-vlan-config scottk:staging-OLS-644-global-dns scottk:OLS-578-Tag-ols-ucentral-client-and-ols-ucentral-schema-4.0.0-pre-release scottk:Sprint-8-OLS-ARP-Inspect-Schema scottk:Sprint-8-OLS---Rate-Limiting-schema scottk:OLS-556-Sprint-8-IPSourceGuard scottk:OLS-556-Sprint-8-SubcribeRTEvents scottk:OLS-550_Schema_Corrections_Pre4p0_Features scottk:OLS-562-Add-schema-version-to-ols-ucentral-schema scottk:OLS-545-Removal-of-AP-specific-schema-elements-from-ols-ucentral-schema scottk:OLS-538_port_speed_enum_fix_40g scottk:OLS-425_sprint6_schema scottk:OLS_390_Move_uplink_interface_definition_to_state.yml_Add_version_connect.capabilities scottk:OLS-390-Move-uplink_interface-definition-to-state.yml-add-version-to-connect.capabilities scottk:OLS_319_sprint4_schema scottk:OLS-295_capabilities_add_lacp_linkAggregation_jumboFrames scottk:link_aggregation scottk:change_port_mirror_type_to_array scottk:lacp scottk:jumbo_frames scottk:OLS-229-generate-json-file-for-capabilities-connect.capabilities.yml scottk:OLS-228-delta_counters scottk:secure_http_server scottk:fix_loop_detection_schema_instances_indentation scottk:change_vrf_id_to_integer scottk:schema_fixes_and_updates scottk:default-values-for-schema/ethernet.yml-speed-and-duplex scottk:next scottk:1-incorrect-indentation-for-statelink-stateyml
scottk:v4.1.0-rc1 scottk:v4.0.0 scottk:v4.0.0-rc1 scottk:v3.2.7

37 Commits
OLS-562-Ad ... v4.0.0

Author SHA1 Message Date
Mike Hansen
d8d4380977 Merge pull request #43 from Telecominfraproject/OLS_UpdateSchemaVersion_410 
Update OLS Schema version to 4.1.0, regenerate html
 2025-05-26 13:21:31 -04:00
Mike Hansen
c63ac1f5d9 Update OLS Schema version to 4.1.0, regenerate html 
Signed-off-by: Mike Hansen <mike.hansen@netexperience.com>
 2025-05-26 08:48:43 -04:00
Binny
37b9152b6e Merge pull request #42 from Telecominfraproject/ols-659-simplify-vlan-config 
OLS-659 proposal draft for bulk-vlan
 2025-05-16 06:29:12 +05:30
Binny
5db059b95b Merge pull request #41 from Telecominfraproject/ols-655-state-message-l2-loopdetection-info 
OLS-655 - STP and Loop Detection Protocol States in State Message
 2025-05-16 06:28:45 +05:30
Binny
5a7f055793 ols-655 final change to merge 2025-05-06 02:37:02 +00:00
Binny
2b7ce76453 ols-655-review-comments-part1 2025-04-23 20:33:39 +00:00
Binny
d1ab8b453b ols-659 changes_after_review1 2025-04-23 20:19:25 +00:00
Binny
e80a6d2166 OLS-659 proposal draft for bulk-vlan 2025-04-22 16:28:58 +00:00
Binny
6469510af1 OLS-655 draft changes 2025-04-21 16:24:18 +00:00
Mike Hansen
d84e5ee624 Merge pull request #40 from Telecominfraproject/staging-OLS-644-global-dns 
OLS-644: Global DNS configuration
 2025-04-10 09:03:18 -04:00
Tanya Singh
029cdb4ed9 OLS-644: Add Global DNS to switch.yml and use generate.sh to create the json files 
Signed-off-by: Tanya Singh <tanya_singh@accton.com>
 2025-04-10 17:13:03 +08:00
Tanya Singh
cd7d50997c OLS-644: Global DNS configuration 
Signed-off-by: Tanya Singh <tanya_singh@accton.com>
 2025-03-27 11:37:06 +08:00
Mike Hansen
f394cb4019 Merge pull request #38 from Telecominfraproject/OLS-578-Tag-ols-ucentral-client-and-ols-ucentral-schema-4.0.0-pre-release 
[OLS-578] Tag ols-ucentral-client and ols-ucentral-schema 4.0.0 pre-r…
 2025-02-05 08:16:49 -05:00
Mike Hansen
5e345b22a3 [OLS-578] Tag ols-ucentral-client and ols-ucentral-schema 4.0.0 pre-release 
Update to 4.0.0

Signed-off-by: Mike Hansen <mike.hansen@netexperience.com>
 2025-02-04 12:21:40 -05:00
Mike Hansen
dcd935359c Merge pull request #36 from Telecominfraproject/Sprint-8-OLS-ARP-Inspect-Schema 
ols-556-sprint8-arp-inspect-schema-draft
 2025-02-04 12:09:05 -05:00
Mike Hansen
362e03a363 Resolving merge issues 2025-02-04 12:08:04 -05:00
Mike Hansen
51c5b1b9f4 Merge pull request #34 from Telecominfraproject/Sprint-8-OLS---Rate-Limiting-schema 
Sprint-8 OLS Rate Limiting Schema change
 2025-02-04 11:54:02 -05:00
Mike Hansen
5d50740f98 Resolving merge issues 2025-02-04 11:52:13 -05:00
Mike Hansen
01d4c80824 Merge pull request #33 from Telecominfraproject/OLS-556-Sprint-8-IPSourceGuard 
Sprint-8 OLS - IP Source Guard schema
 2025-02-04 11:42:40 -05:00
Mike Hansen
76cc0646e0 Resolving merge issues 2025-02-04 11:41:06 -05:00
Mike Hansen
ffe61ea929 Merge pull request #32 from Telecominfraproject/OLS-556-Sprint-8-SubcribeRTEvents 
RT event subscription Sprint-8 OLS
 2025-02-04 11:32:19 -05:00
Mike Hansen
078c2021eb Resolving merge issues 2025-02-04 11:31:29 -05:00
Mike Hansen
a1e044834b Merge pull request #35 from Telecominfraproject/OLS-550_Schema_Corrections_Pre4p0_Features 
ols-550 changes for old ols 3.2 features to align with schema design …
 2025-01-31 09:52:00 -05:00
Mike Hansen
18d5b2c475 Merge branch 'main' into OLS-550_Schema_Corrections_Pre4p0_Features 2025-01-31 09:49:56 -05:00
Mike Hansen
374fab81db ols-550 regenerate json files to pickup dhcp-snoop-port fix 
Signed-off-by: Mike Hansen <mike.hansen@netexperience.com>
 2025-01-31 09:41:51 -05:00
Binny
6bc313b440 corrected attribute names and moved ipsg config at switch level to separate file 2025-01-29 18:32:40 +00:00
Binny
1d052a18c2 created new files, and accomodated review comments 2025-01-29 15:36:13 +00:00
Binny
69bc3a60b7 changes to make rtevent a new file, and property names. 2025-01-29 14:46:01 +00:00
Binny
cb0069a356 correcting property names to align with review comments 2025-01-29 14:29:20 +00:00
Binny
e1a110bc7f ols-550 correcting the intendation for dhcp-snoop-port 2025-01-28 17:13:58 +00:00
Mike Hansen
63d1103ef3 Merge pull request #37 from Telecominfraproject/OLS-562-Add-schema-version-to-ols-ucentral-schema 
[OLS-562] Add schema version to ols-ucentral-schema
 2025-01-27 16:58:06 -05:00
Binny
77b79d1007 ols-550-Review feedback incorporated 2025-01-27 18:51:26 +00:00
Binny
59ad89be0f ols-556-sprint8-arp-inspect-schema-draft 2025-01-22 14:48:04 +00:00
Binny
8e32d2775a ols-550 changes for old ols 3.2 features to align with schema design and acl index and rule id suggestion 2025-01-21 06:54:14 +00:00
Binny
548b76a948 Sprint-8 OLS Rate Limiting Schema change 2025-01-15 14:40:44 +00:00
Binny
4f2a23741b Sprint-8 OLS - IP Source Guard schema 2025-01-15 14:31:51 +00:00
Binny
44c07718e3 Changes for RT event subscription 2025-01-15 14:10:01 +00:00
25 changed files with 2801 additions and 1173 deletions
Expand all files Collapse all files

1
capabilities/connect.capabilities.yml
View File

@@ -300,6 +300,7 @@ properties:
- Service-Online-Check
- Service-CaptivePortal
- Service-PublicIpCheck
- Service-Global-DNS
# Tunneling
- Tunneling-VxLAN
- Tunneling-GRE

18
docs/ucentral-schema.html
View File

File diff suppressed because one or more lines are too long

8
docs/ucentral-state.html
View File

File diff suppressed because one or more lines are too long

2
docs/ucentral.capabilities.html
View File

File diff suppressed because one or more lines are too long

6
schema.json
View File

@@ -1,5 +1,5 @@
{
"major": 3,
"minor": 2,
"patch": 7
"major": 4,
"minor": 1,
"patch": 0
}

133
schema/ethernet.yml
View File

@@ -367,4 +367,135 @@ properties:
lldp-notification:
type: boolean
description: Enables the transmission of SNMP trap notifications about LLDP changes.
default: false
default: false
ip-arp-inspect-port:
type: object
description: Configuration for ARP Inspection on specific interfaces or ports in the switch.
properties:
rate-limit-pps:
type: integer
description: Sets a rate limit (packets per second) for the ARP packets received on a port. Ensures that the port does not process ARP packets beyond the configured limit.
minimum: 0
maximum: 65535
trusted:
type: boolean
description: Configures the port as trusted, exempting it from ARP Inspection. Trusted ports bypass ARP validation checks.
rate-limit-port:
type: object
description: Configuration for ingress and egress rate limiting on a specific port (in kbps)
properties:
ingress-kbps:
type: integer
description: Sets the maximum allowed ingress (input) traffic rate for the port, in kilobits per second (kbps).
minimum: 64
maximum: 1000000000
egress-kbps:
type: integer
description: Sets the maximum allowed egress (output) traffic rate for the port, in kilobits per second (kbps).
minimum: 64
maximum: 1000000000
ip-source-guard-port:
type: object
description: Configuration of IP Source Guard (IPSG) on a physical interface in a Layer 2 switch.
properties:
rule:
type: string
description: Configures the switch to filter inbound traffic based on source IP address only,
or source IP address and corresponding MAC address combined.
enum:
- sip
- sip-mac
mode:
type: string
description: Specifies the learning mode to use for validation, either MAC address table or ACL table.
The system searches for source addresses in the specified table.
enum:
- mac
- acl
max-binding:
type: integer
description: Sets the maximum number of address entries that can be mapped to an interface
in the binding table. Includes both static entries and dynamically learned entries
via DHCP Snooping.
minimum: 1
maximum: 65535
acl:
description: A collection of access control entries that define the rules for filtering traffic through a network port.
type: array
items:
type: object
properties:
acl-inf-policy-preference:
description: Determines the priority of multiple ACL policies when more than one is applied to an interface, if any.
type: integer
minimum: 1
maximum: 64
default: 1
acl-inf-policy-ingress:
description: Specifies the ACL policy that is applied to incoming traffic on an interface.
type: string
maxLength: 32
minLength: 1
examples:
- blacklisted-macs
acl-inf-counters-ingress:
description: Tracks the number and type of packets that match the ingress ACL rules on an interface.
type: boolean
default: false
acl-inf-policy-egress:
description: Specifies the ACL policy that is applied to outgoing traffic from an interface.
type: string
maxLength: 32
minLength: 1
examples:
- blacklisted-macs
acl-inf-counters-egress:
description: Tracks the number and type of packets that match the egress ACL rules on an interface.
type: boolean
default: false
voice-vlan-intf-config:
description: Configure the Voice VLAN feature at the interface level, allowing for VoIP traffic to be prioritized on this specific port.
type: object
properties:
voice-vlan-intf-mode:
description: Specify the mode of placing this port on the voice VLAN.
type: string
default: "auto"
enum:
- none
- manual
- auto
voice-vlan-intf-priority:
description: Define the Class of Service (CoS) priority for VoIP traffic passing through this port, ensuring higher priority over other traffic types.
type: integer
default: 6
minimum: 0
maximum: 6
voice-vlan-intf-detect-voice:
description: Select the detection method for identifying VoIP traffic on this port, such as OUI-based detection or traffic pattern recognition.
type: string
default: "oui"
enum:
- oui
- lldp
voice-vlan-intf-security:
description: Enable or configure security filtering for VoIP traffic on the interface to protect against unauthorized devices.
type: boolean
default: false
dhcp-snoop-port:
description: Configuration for DHCP Snooping on a port level on a switch
type: object
properties:
dhcp-snoop-port-trust:
description: This parameter designates a switch port as trusted for DHCP messages, meaning it can forward DHCP offers and acknowledgments, which is essential for connecting to legitimate DHCP servers
type: boolean
default: false
dhcp-snoop-port-client-limit:
description: It sets a limit on the number of DHCP clients that can be associated with a single port, helping to prevent a single port from exhausting the networks IP address pool
type: integer
minimum: 1
dhcp-snoop-port-circuit-id:
description: Specifies DHCP Option 82 circuit ID suboption information. Often including information like the interface number and VLAN ID, this can be useful for network management and troubleshooting
type: string
minLength: 1
maxLength: 32

33
schema/interface.acl.yml
View File

@@ -1,33 +0,0 @@
description: A collection of access control entries that define the rules for filtering traffic through a network interface.
type: array
items:
type: object
properties:
acl-inf-policy-preference:
description: Determines the priority of multiple ACL policies when more than one is applied to an interface, if any.
type: integer
minimum: 1
maximum: 64
default: 1
acl-inf-policy-ingress:
description: Specifies the ACL policy that is applied to incoming traffic on an interface.
type: string
maxLength: 32
minLength: 1
examples:
- blacklisted-macs
acl-inf-counters-ingress:
description: Tracks the number and type of packets that match the ingress ACL rules on an interface.
type: boolean
default: false
acl-inf-policy-egress:
description: Specifies the ACL policy that is applied to outgoing traffic from an interface.
type: string
maxLength: 32
minLength: 1
examples:
- blacklisted-macs
acl-inf-counters-egress:
description: Tracks the number and type of packets that match the egress ACL rules on an interface.
type: boolean
default: false

16
schema/interface.dhcp-snoop-port.yml
View File

@@ -1,16 +0,0 @@
description: "Configuration for DHCP Snooping on a port level on a switch"
type: object
properties:
dhcp-snoop-port-trust:
description: "This parameter designates a switch port as trusted for DHCP messages, meaning it can forward DHCP offers and acknowledgments, which is essential for connecting to legitimate DHCP servers"
type: boolean
default: false
dhcp-snoop-port-client-limit:
description: "It sets a limit on the number of DHCP clients that can be associated with a single port, helping to prevent a single port from exhausting the networks IP address pool"
type: integer
minimum: 1
dhcp-snoop-port-circuit-id:
description: "Specifies DHCP Option 82 circuit ID suboption information. Often including information like the interface number and VLAN ID, this can be useful for network management and troubleshooting"
type: string
minLength: 1
maxLength: 32

14
schema/interface.ipv4.arp-inspect.yml Normal file
View File

@@ -0,0 +1,14 @@
type: object
description: Configuration for ARP Inspection on specific VLANs in the switch.
properties:
vlan-enable:
type: boolean
description: Enable or disable ARP Inspection for a specified VLAN.
vlan-acl-rule:
type: string
description: Specifies an ARP ACL to apply to one or more VLANs.
maxLength: 32
minLength: 1
vlan-acl-nodhcp-bindings:
type: boolean
description: Validate ARP packets against only the specified ACL without checking address bindings in the DHCP snooping database.

31
schema/interface.ipv4.yml
View File

@@ -200,35 +200,8 @@ properties:
description: "Enables DHCP Snooping on a VLAN"
type: boolean
default: false
voice-vlan-intf-config:
description: "Configure the Voice VLAN feature at the interface level, allowing for VoIP traffic to be prioritized on this specific port."
type: object
properties:
voice-vlan-intf-mode:
description: "Specify the mode of placing this port on the voice VLAN."
type: string
default: "auto"
enum:
- none
- manual
- auto
voice-vlan-intf-priority:
description: "Define the Class of Service (CoS) priority for VoIP traffic passing through this port, ensuring higher priority over other traffic types."
type: integer
default: 6
minimum: 0
maximum: 6
voice-vlan-intf-detect-voice:
description: "Select the detection method for identifying VoIP traffic on this port, such as OUI-based detection or traffic pattern recognition."
type: string
default: "oui"
enum:
- oui
- lldp
voice-vlan-intf-security:
description: "Enable or configure security filtering for VoIP traffic on the interface to protect against unauthorized devices."
type: boolean
default: false
ip-arp-inspect-vlan:
$ref: "https://ucentral.io/schema/v1/interface/ipv4/arp-inspect/"
dhcp:
$ref: "https://ucentral.io/schema/v1/interface/ipv4/dhcp/"
dhcp-leases:

10
schema/interface.vlan.yml
View File

@@ -8,7 +8,15 @@ properties:
The individual physical network devices contained within the interface
need to be told explicitly if egress traffic shall be tagged.
type: integer
maximum: 4050
maximum: 4094
range-start:
decription: Start vlan-id of the specified range
type: integer
maximum: 4094
range-end:
decription: End vlan-id of the specified range
type: integer
maximum: 4094
proto:
decription:
The L2 vlan tag that shall be added (1q,1ad)

6
schema/interface.yml
View File

@@ -68,11 +68,7 @@ properties:
$ref: "https://ucentral.io/schema/v1/interface/ipv4/"
ipv6:
$ref: "https://ucentral.io/schema/v1/interface/ipv6/"
acl:
$ref: "https://ucentral.io/schema/v1/interface/acl/"
dhcp-snoop-port:
$ref: "https://ucentral.io/schema/v1/interface/dhcp-snoop-port/"
broad-band:
$ref: "https://ucentral.io/schema/v1/interface/broad-band/"
tunnel:
$ref: "https://ucentral.io/schema/v1/interface/tunnel/"
$ref: "https://ucentral.io/schema/v1/interface/tunnel/"

110
schema/switch.acl.yml Normal file
View File

@@ -0,0 +1,110 @@
description: Contains all the access control rule definitions
type: array
uniqueItems: true
items:
type: object
properties:
acl-name:
description: The identifier or name for the Access Control List
type: string
maxLength: 32
minLength: 1
acl-type:
description: Type of the access control list
type: string
enum:
- ipv4
- ipv6
- ipv4Ext
- ipv6Ext
- mac
- arp
acl-rules:
description: access control rules under this ACL
type: object
additionalProperties:
type: array
uniqueItems: true
items:
type: object
properties:
acl-rule-action:
description: Defines whether to permit or deny traffic matching the rule
type: string
enum:
- permit
- deny
acl-source-macaddress:
description: Specifies the source MAC address to filter on
type: string
format: uc-mac
acl-source-macbitmask:
description: The mask applied to the source MAC address
type: string
format: uc-mac
acl-dest-macaddress:
description: Specifies the destination MAC address for the filter
type: string
format: uc-mac
acl-dest-macbitmask:
description: The mask applied to the destination MAC address
type: string
format: uc-mac
acl-packet-format:
description: Identifies the protocol encapsulated in the Ethernet frame by its EtherType
type: string
enum:
- any
- untagged-eth2
- untagged-802.3
- tagged-eth2
- tagged-802.3
acl-vlanid:
description: Specifies a VLAN ID to filter traffic from a specific VLAN
type: integer
minimum: 1
maximum: 4094
acl-vid-bitmask:
description: The mask applied to the VLAN ID
type: integer
minimum: 1
maximum: 4095
acl-ethertype:
description: Filters packets based on the custom EtherType field (HEX) in the Ethernet frame
type: string
default: "800"
acl-ethertype-bitmask:
description: The mask applied to the EtherType field
type: string
default: "FFFF"
acl-cos:
description: Filters based on the Class of Service (CoS) field in the frame
type: integer
minimum: 0
maximum: 7
acl-cos-bitmask:
description: The mask applied to the CoS field
type: integer
minimum: 0
maximum: 7
acl-ipv4-source-address:
description: The IPv4 address of the source to filter on
type: string
format: ipv4
acl-ipv4-source-subnetmask:
description: The subnet mask applied to the source IPv4 address
type: string
format: ipv4
acl-ipv4-dest-address:
description: The IPv4 address of the destination to filter on
type: string
format: ipv4
acl-ipv4-dest-subnetmask:
description: The subnet mask applied to the destination IPv4 address
type: string
format: ipv4
acl-ip-proto:
description: Filters based on the IP protocol number
type: integer
minimum: 0
maximum: 255

19
schema/switch.arp-inspect.yml Normal file
View File

@@ -0,0 +1,19 @@
type: object
description: Global configuration for ARP Inspection on the switch.
properties:
ip-arp-inspect:
type: boolean
description: Enable or disable ARP Inspection globally.
default: false
validate-dst-mac:
type: boolean
description: Validate that the destination MAC address in the Ethernet header matches the target MAC address in the ARP body for ARP responses.
validate-ip:
type: boolean
description: Validate ARP packets for unexpected or invalid IP addresses, such as 0.0.0.0, 255.255.255.255, and IP multicast addresses.
validate-allow-zeros:
type: boolean
description: Allow ARP packets where the sender IP address is 0.0.0.0.
validate-src-mac:
type: boolean
description: Validate that the source MAC address in the Ethernet header matches the sender MAC address in the ARP body for both ARP requests and responses.

29
schema/switch.ip-source-guard.yml Normal file
View File

@@ -0,0 +1,29 @@
type: object
description: Configuration for IP Source Guard global static bindings in a Layer 2 switch.
properties:
bindings:
type: array
description: List of static bindings for IP Source Guard.
items:
type: object
properties:
binding-mode:
type: string
description: Specifies the mode for adding a static address to the Source Guard ACL or MAC address binding table. It determines whether the binding is based on MAC addresses or ACLs.
enum:
- mac
- acl
binding-mac:
type: string
format: uc-mac
description: A valid unicast MAC address for binding to the Source Guard filtering table.
binding-vlans:
type: integer
description: The VLAN ID associated with the static binding for Source Guard filtering. Must be a valid, configured VLAN on the switch.
binding-ip:
type: string
format: ipv4
description: A valid unicast IPv4 address to associate with the Source Guard filtering table.
binding-port:
type: string
description: The physical interface (e.g., ethernet0, ethernet1) where the Source Guard binding applies.

162
schema/switch.rtevent.yml Normal file
View File

@@ -0,0 +1,162 @@
description: Configuration for enabling or disabling specific event categories and their sub-events.
type: object
properties:
port-status:
description: Enable/Disable Port Status events.
type: object
properties:
enabled:
description: Enable/Disable Port Status category.
type: boolean
default: false
sub-events:
type: object
properties:
wired.carrier-down:
type: boolean
description: Enable/Disable carrier down event.
default: false
wired.carrier-up:
type: boolean
description: Enable/Disable carrier up event.
default: false
module:
description: Enable/Disable Module events.
type: object
properties:
enabled:
type: boolean
description: Enable/Disable Module category.
default: false
sub-events:
type: object
properties:
module.plugout:
type: boolean
description: Enable/Disable module plugout event.
default: false
module.plugin:
type: boolean
description: Enable/Disable module plugin event.
default: false
stp:
description: Enable/Disable STP events.
type: object
properties:
enabled:
type: boolean
description: Enable/Disable STP category.
default: false
sub-events:
type: object
properties:
stp.loop-detected:
type: boolean
description: Enable/Disable loop detected event.
default: false
stp.loop-cleared:
type: boolean
description: Enable/Disable loop cleared event.
default: false
stp.state-change:
type: boolean
description: Enable/Disable state change event.
default: false
rstp:
description: Enable/Disable RSTP events.
type: object
properties:
enabled:
type: boolean
description: Enable/Disable RSTP category.
default: false
sub-events:
type: object
properties:
rstp.loop-detected:
type: boolean
description: Enable/Disable loop detected event.
default: false
rstp.loop-cleared:
type: boolean
description: Enable/Disable loop cleared event.
default: false
rstp.state-change:
type: boolean
description: Enable/Disable state change event.
default: false
fw-upgrade:
description: Enable/Disable Firmware Upgrade events.
type: object
properties:
enabled:
type: boolean
description: Enable/Disable Firmware Upgrade category.
default: false
sub-events:
type: object
properties:
upg.download-start:
type: boolean
description: Enable/Disable download start event.
default: false
upg.download-in-progress:
type: boolean
description: Enable/Disable download in progress event.
default: false
upg.download-failed:
type: boolean
description: Enable/Disable download failed event.
default: false
upg.validation-start:
type: boolean
description: Enable/Disable validation start event.
default: false
upg.validation-success:
type: boolean
description: Enable/Disable validation success event.
default: false
upg.validation-failed:
type: boolean
description: Enable/Disable validation failed event.
default: false
upg.backup-current-firmware:
type: boolean
description: Enable/Disable firmware backup event.
default: false
upg.install-start:
type: boolean
description: Enable/Disable install start event.
default: false
upg.install-failed:
type: boolean
description: Enable/Disable install failed event.
default: false
upg.reboot-start:
type: boolean
description: Enable/Disable reboot start event.
default: false
upg.success:
type: boolean
description: Enable/Disable upgrade success event.
default: false
dhcp-snooping:
description: Enable/Disable DHCP Snooping events.
type: object
properties:
enabled:
type: boolean
description: Enable/Disable DHCP Snooping category.
default: false
sub-events:
type: object
properties:
dhcp-snooping.violation-detected:
type: boolean
description: Enable/Disable DHCP Snooping violation detected event.
default: false
dhcp-snooping.violation-cleared:
type: boolean
description: Enable/Disable DHCP Snooping violation cleared event.
default: false
# Continue similarly for ARP Inspection, IPSG, PoE Status, PoE Fault, and Device Events.

201
schema/switch.yml
View File

@@ -1,4 +1,4 @@
description:
description:
This section defines the switch fabric specific features of a physical switch.
type: object
properties:
@@ -279,176 +279,6 @@ properties:
- drop
- keep
- replace
acl:
description: Contains all the access control rule definitions
type: array
items:
type: object
properties:
acl-type:
description: Type of the access control list
type: string
enum:
- ipv4
- ipv6
- ipv4Ext
- ipv6Ext
- mac
- arp
acl-name:
description: The identifier or name for the Access Control List
type: string
maxLength: 32
minLength: 1
acl-rule-action:
description: Defines whether to permit or deny traffic matching the rule
type: string
enum:
- permit
- deny
acl-source-macaddress:
description: Specifies the source MAC address to filter on
type: string
format: uc-mac
acl-source-macbitmask:
description: The mask applied to the source MAC address
type: string
format: uc-mac
acl-dest-macaddress:
description: Specifies the destination MAC address for the filter
type: string
format: uc-mac
acl-dest-macbitmask:
description: The mask applied to the destination MAC address
type: string
format: uc-mac
acl-packet-format:
description: Identifies the protocol encapsulated in the Ethernet frame by its EtherType
type: string
enum:
- any
- untagged-eth2
- untagged-802.3
- tagged-eth2
- tagged-802.3
acl-vlanid:
description: Specifies a VLAN ID to filter traffic from a specific VLAN
type: integer
minimum: 1
maximum: 4094
acl-vid-bitmask:
description: The mask applied to the VLAN ID
type: integer
minimum: 1
maximum: 4095
acl-ethertype:
description: Filters packets based on the custom EtherType field (HEX) in the Ethernet frame
type: string
default: "800"
acl-ethertype-bitmask:
description: The mask applied to the EtherType field
type: string
default: "FFFF"
acl-cos:
description: Filters based on the Class of Service (CoS) field in the frame
type: integer
minimum: 0
maximum: 7
acl-cos-bitmask:
description: The mask applied to the CoS field
type: integer
minimum: 0
maximum: 7
# IP-ACL (IPv4/IPv6) Parameters
acl-ipv4-source-address:
description: The IPv4 address of the source to filter on
type: string
format: ipv4
acl-ipv4-source-subnetmask:
description: The subnet mask applied to the source IPv4 address
type: string
format: ipv4
acl-ipv4-dest-address:
description: The IPv4 address of the destination to filter on
type: string
format: ipv4
acl-ipv4-dest-subnetmask:
description: The subnet mask applied to the destination IPv4 address
type: string
format: ipv4
acl-ipv6-source-address:
description: The IPv6 address of the source to filter on
type: string
format: ipv6
acl-ipv6-source-prefix-length:
description: Defines the length of the prefix used in filtering IPv6 source addresses
type: integer
minimum: 0
maximum: 128
acl-ipv6-dest-address:
description: The IPv6 address of the destination to filter on
type: string
format: ipv6
acl-ipv6-dest-prefix-length:
description: Defines the length of the prefix used in filtering IPv6 destination addresses
type: integer
minimum: 0
maximum: 128
acl-ip-proto:
description: Filters based on the IP protocol number
type: integer
minimum: 0
maximum: 255
acl-ipv6-next-header:
description: Specifies the next header type in IPv6 traffic, such as TCP, UDP, or ICMPv6
type: integer
minimum: 0
maximum: 255
acl-ipv6-flow-label:
description: Filters packets based on the IPv6 Flow Label field
type: integer
minimum: 0
maximum: 1048575
acl-ip-source-port:
description: Specifies the source port number for filtering
type: integer
minimum: 0
maximum: 65535
acl-ip-source-port-bitmask:
description: The mask applied to the source port number
type: integer
minimum: 0
maximum: 65535
acl-ip-dest-port:
description: Specifies the destination port number for filtering
type: integer
minimum: 0
maximum: 65535
acl-ip-dest-port-bitmask:
description: The mask applied to the destination port number
type: integer
minimum: 0
maximum: 65535
acl-ipv4-fragment-offset:
description: Filters based on IPv4 fragment offset for fragmented packets
type: integer
minimum: 0
maximum: 8191
acl-ipv6-fragment-offset:
description: Filters based on IPv6 fragment offset for fragmented packets
type: integer
minimum: 0
maximum: 8191
acl-ip-ttl:
description: Filters IPv4 traffic based on the TTL (Time to Live) value
type: integer
minimum: 0
maximum: 255
acl-ipv6-hop-limit:
description: Filters IPv6 traffic based on the hop limit value, equivalent to IPv4 TTL
type: integer
minimum: 0
maximum: 255
mvr-config:
description: This section defines the Multicast VLAN Registration (MVR) general configuration.
type: object
@@ -672,38 +502,51 @@ properties:
type: boolean
default: true
voice-vlan-config:
description: "This parameter enables or disables the overall configuration of the Voice VLAN feature on the switch. When enabled, it allows the system to classify and prioritize voice traffic."
description: This parameter enables or disables the overall configuration of the Voice VLAN feature on the switch. When enabled, it allows the system to classify and prioritize voice traffic.
type: object
properties:
voice-vlan-id:
description: "Specifies the VLAN ID assigned to the Voice VLAN. This is the unique identifier for the VLAN that will be used for prioritizing voice traffic."
description: Specifies the VLAN ID assigned to the Voice VLAN. This is the unique identifier for the VLAN that will be used for prioritizing voice traffic.
type: integer
minimum: 1
maximum: 4094
voice-vlan-ageing-time:
description: "Defines the time, in minutes, that a dynamic Voice VLAN entry remains in the VLAN after voice traffic is no longer detected. It helps manage resources by removing inactive voice devices from the VLAN after this time elapses."
description: Defines the time, in minutes, that a dynamic Voice VLAN entry remains in the VLAN after voice traffic is no longer detected. It helps manage resources by removing inactive voice devices from the VLAN after this time elapses.
type: integer
minimum: 5
maximum: 43200
default: 1440
voice-vlan-oui-config:
description: "Configures the Organizationally Unique Identifier (OUI) for identifying the voice devices (like IP phones)."
description: Configures the Organizationally Unique Identifier (OUI) for identifying the voice devices (like IP phones).
type: array
items:
type: object
properties:
voice-vlan-oui-mac:
description: "The specific MAC address pattern that corresponds to voice devices, as determined by the OUI. It is used for identifying and classifying voice traffic."
description: The specific MAC address pattern that corresponds to voice devices, as determined by the OUI. It is used for identifying and classifying voice traffic.
type: string
format: uc-mac
voice-vlan-oui-mask:
description: "A mask applied to the MAC address to help match the OUI more precisely. It ensures that the correct portion of the MAC address is evaluated to identify a device as a voice device."
description: A mask applied to the MAC address to help match the OUI more precisely. It ensures that the correct portion of the MAC address is evaluated to identify a device as a voice device.
type: string
format: uc-mac
voice-vlan-oui-description:
description: "A descriptive label or comment for the OUI configuration. This can help administrators keep track of which OUI belongs to which type of voice device or vendor."
description: A descriptive label or comment for the OUI configuration. This can help administrators keep track of which OUI belongs to which type of voice device or vendor.
type: string
maxLength: 32
minLength: 1
examples:
- "A VoIP Phone"
- "A VoIP Phone"
arp-inspect:
$ref: "https://ucentral.io/schema/v1/switch/arp-inspect/"
ip-source-guard:
$ref: "https://ucentral.io/schema/v1/switch/ip-source-guard/"
rt-events:
$ref: "https://ucentral.io/schema/v1/switch/rtevent/"
acl:
$ref: "https://ucentral.io/schema/v1/switch/acl/"
dns:
description: Define a global list of dns servers.
type: array
items:
type: string

7
state/interface.yml
View File

@@ -15,8 +15,11 @@ items:
name:
type: string
description:
The administrative name of this logical interface. This field is
freetext
The administrative name of this logical interface. This field is freetext
vlan_id:
description: VLAN-ID of the logical interface
type: integer
maximum: 4094
ntp_server:
type: string
description:

72
state/link-state.yml
View File

@@ -191,3 +191,75 @@ properties:
description:
Max power (in Watts) module can drain.
type: number
loop-detect-protocol:
description: Status and protocol information for loop detection or prevention mechanisms
active on this interface. Includes STP/xSTP/MSTP, Loopback Detection (LBD), etc.
type: object
properties:
stp:
description: Spanning Tree Protocol (IEEE 802.1D/RSTP/MSTP) state on the port.
type: object
properties:
protocol:
type: string
description: Variant of STP running (e.g., STP, RSTP, MSTP, RPVST+).
examples:
- RSTP
- MSTP
state:
type: string
description: STP state of the port.
enum:
- disabled
- blocking
- listening
- learning
- forwarding
role:
type: string
description: Role of the port in STP topology.
enum:
- root
- designated
- alternate
- backup
- disabled
bridge-id:
type: string
description: STP Bridge ID
root-bridge-id:
type: string
description: STP Root Bridge ID for the instance.
oper-edge-port:
type: boolean
description: Whether the port is operating as an edge port (no BPDU expected).
cost:
type: integer
description: Operational path cost of the port.
designated-cost:
type: integer
description: Cost advertised by the designated port.
transitions:
type: integer
description: Number of STP state transitions (forwarding/discarding) on this port.
lbd:
description: Loopback Detection (LBD) status on this port.
type: object
properties:
enabled:
type: boolean
description: Whether LBD is enabled on this port.
state:
type: string
description: Current loop detection status.
enum:
- no_loop
- loop_detected
- disabled
action:
type: string
description: Action taken when loop is detected (e.g., block, shutdown).
enum:
- none
- block
- shutdown

128
state/state.yml
View File

@@ -60,3 +60,131 @@ properties:
type: string
description:
Current interface that serves as the Uplink. Example Ethernet2.
arp-inspect-stats:
type: object
description: Statistics related to ARP Inspection activity in the switch.
properties:
arp-pkt-rcvd:
type: integer
description: Total number of ARP packets received.
arp-pkt-dropped-rate-limit:
type: integer
description: Number of ARP packets dropped due to rate limiting.
arp-pkt-processed:
type: integer
description: Total number of ARP packets processed by ARP Inspection.
arp-pkt-dropped-src-mac:
type: integer
description: Number of ARP packets dropped due to source MAC address validation failures.
arp-pkt-dropped-dst-mac:
type: integer
description: Number of ARP packets dropped due to destination MAC address validation failures.
arp-pkt-dropped-ip:
type: integer
description: Number of ARP packets dropped due to IP address validation failures."
arp-pkt-dropped-acl:
type: integer
description: Number of ARP packets dropped due to ARP ACL rules.
arp-pkt-dropped-dhcp:
type: integer
description: Number of ARP packets dropped due to DHCP snooping validation failures.
ip-source-guard:
type: object
description: Represents the configuration and state of IP Source Guard.
properties:
blocked-entries:
type: array
description: Displays a list of entries that are currently blocked by IP Source Guard (IPSG).
items:
type: object
properties:
blocked-mac:
type: string
description: The MAC address that has been blocked by IP Source Guard.
format: "mac-address"
blocked-ip:
type: string
description: The IP address that has been blocked by IP Source Guard.
format: "ipv4"
blocked-vlan:
type: integer
description: The VLAN ID associated with the blocked IP/MAC entry.
minimum: 1
maximum: 4095
blocked-interface:
type: string
description: The interface (e.g., port) where the blocked entry was detected.
stp:
description: Global status and configuration of the Spanning Tree Protocol (STP) across the switch.
Supports variants like STP, RSTP, MSTP. Includes bridge-wide parameters and protocol behavior.
type: object
properties:
enabled:
type: boolean
description: Whether STP is enabled globally on the switch.
mode:
type: string
description: Operational STP mode used across the switch.
enum:
- stp
- rstp
- mstp
- pvst
- rpvstp
transmission-limit:
type: integer
description: Maximum number of BPDUs that can be transmitted per hello time.
path-cost-method:
type: string
description: Indicates whether "Short" or "Long" path cost method is in use.
enum:
- short
- long
max-hops:
type: integer
description: Maximum hop count used in MSTP.
instances:
type: array
description: List of STP instances (e.g., MSTP instances).
items:
type: object
properties:
instance-id:
type: integer
description: Instance number (for MSTP or multiple-instance support).
vlans:
type: string
description: VLAN ranges associated with the STP instance.
example: "1-4094"
bridge-priority:
type: integer
description: Bridge priority value for STP election.
bridge-hello-time:
type: integer
description: Hello Time interval (in seconds) configured on the bridge.
bridge-max-age:
type: integer
description: Max Age value (in seconds) used for aging STP information.
bridge-forward-delay:
type: integer
description: Delay (in seconds) before transitioning port to forwarding state.
remaining-hops:
type: integer
description: Remaining hop count from the Root Bridge to this bridge.
root-bridge-id:
type: string
description: Bridge ID of the current Root Bridge.
root-port:
type: string
description: Local interface acting as Root Port.
example:
- Ëthernet1
root-cost:
type: integer
description: Cumulative cost to reach the Root Bridge.
topology-changes:
type: integer
description: Total number of topology changes detected.
last-topology-change-seconds:
type: integer
description: Time (in seconds) since the last topology change.

1
ucentral.capabilities.pretty.json
View File

@@ -361,6 +361,7 @@
"Service-Online-Check",
"Service-CaptivePortal",
"Service-PublicIpCheck",
"Service-Global-DNS",
"Tunneling-VxLAN",
"Tunneling-GRE",
"Tunneling-GRE6",

928
ucentral.schema.full.json
View File

@@ -588,6 +588,171 @@
"default": false
}
}
},
"ip-arp-inspect-port": {
"type": "object",
"description": "Configuration for ARP Inspection on specific interfaces or ports in the switch.",
"properties": {
"rate-limit-pps": {
"type": "integer",
"description": "Sets a rate limit (packets per second) for the ARP packets received on a port. Ensures that the port does not process ARP packets beyond the configured limit.",
"minimum": 0,
"maximum": 65535
},
"trusted": {
"type": "boolean",
"description": "Configures the port as trusted, exempting it from ARP Inspection. Trusted ports bypass ARP validation checks."
}
}
},
"rate-limit-port": {
"type": "object",
"description": "Configuration for ingress and egress rate limiting on a specific port (in kbps)",
"properties": {
"ingress-kbps": {
"type": "integer",
"description": "Sets the maximum allowed ingress (input) traffic rate for the port, in kilobits per second (kbps).",
"minimum": 64,
"maximum": 1000000000
},
"egress-kbps": {
"type": "integer",
"description": "Sets the maximum allowed egress (output) traffic rate for the port, in kilobits per second (kbps).",
"minimum": 64,
"maximum": 1000000000
}
}
},
"ip-source-guard-port": {
"type": "object",
"description": "Configuration of IP Source Guard (IPSG) on a physical interface in a Layer 2 switch.",
"properties": {
"rule": {
"type": "string",
"description": "Configures the switch to filter inbound traffic based on source IP address only, or source IP address and corresponding MAC address combined.",
"enum": [
"sip",
"sip-mac"
]
},
"mode": {
"type": "string",
"description": "Specifies the learning mode to use for validation, either MAC address table or ACL table. The system searches for source addresses in the specified table.",
"enum": [
"mac",
"acl"
]
},
"max-binding": {
"type": "integer",
"description": "Sets the maximum number of address entries that can be mapped to an interface in the binding table. Includes both static entries and dynamically learned entries via DHCP Snooping.",
"minimum": 1,
"maximum": 65535
}
}
},
"acl": {
"description": "A collection of access control entries that define the rules for filtering traffic through a network port.",
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-inf-policy-preference": {
"description": "Determines the priority of multiple ACL policies when more than one is applied to an interface, if any.",
"type": "integer",
"minimum": 1,
"maximum": 64,
"default": 1
},
"acl-inf-policy-ingress": {
"description": "Specifies the ACL policy that is applied to incoming traffic on an interface.",
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-ingress": {
"description": "Tracks the number and type of packets that match the ingress ACL rules on an interface.",
"type": "boolean",
"default": false
},
"acl-inf-policy-egress": {
"description": "Specifies the ACL policy that is applied to outgoing traffic from an interface.",
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-egress": {
"description": "Tracks the number and type of packets that match the egress ACL rules on an interface.",
"type": "boolean",
"default": false
}
}
}
},
"voice-vlan-intf-config": {
"description": "Configure the Voice VLAN feature at the interface level, allowing for VoIP traffic to be prioritized on this specific port.",
"type": "object",
"properties": {
"voice-vlan-intf-mode": {
"description": "Specify the mode of placing this port on the voice VLAN.",
"type": "string",
"default": "auto",
"enum": [
"none",
"manual",
"auto"
]
},
"voice-vlan-intf-priority": {
"description": "Define the Class of Service (CoS) priority for VoIP traffic passing through this port, ensuring higher priority over other traffic types.",
"type": "integer",
"default": 6,
"minimum": 0,
"maximum": 6
},
"voice-vlan-intf-detect-voice": {
"description": "Select the detection method for identifying VoIP traffic on this port, such as OUI-based detection or traffic pattern recognition.",
"type": "string",
"default": "oui",
"enum": [
"oui",
"lldp"
]
},
"voice-vlan-intf-security": {
"description": "Enable or configure security filtering for VoIP traffic on the interface to protect against unauthorized devices.",
"type": "boolean",
"default": false
}
}
},
"dhcp-snoop-port": {
"description": "Configuration for DHCP Snooping on a port level on a switch",
"type": "object",
"properties": {
"dhcp-snoop-port-trust": {
"description": "This parameter designates a switch port as \u2018trusted\u2019 for DHCP messages, meaning it can forward DHCP offers and acknowledgments, which is essential for connecting to legitimate DHCP servers",
"type": "boolean",
"default": false
},
"dhcp-snoop-port-client-limit": {
"description": "It sets a limit on the number of DHCP clients that can be associated with a single port, helping to prevent a single port from exhausting the network\u2019s IP address pool",
"type": "integer",
"minimum": 1
},
"dhcp-snoop-port-circuit-id": {
"description": "Specifies DHCP Option 82 circuit ID suboption information. Often including information like the interface number and VLAN ID, this can be useful for network management and troubleshooting",
"type": "string",
"minLength": 1,
"maxLength": 32
}
}
}
}
}
@@ -897,214 +1062,6 @@
}
}
},
"acl": {
"description": "Contains all the access control rule definitions",
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-type": {
"description": "Type of the access control list",
"type": "string",
"enum": [
"ipv4",
"ipv6",
"ipv4Ext",
"ipv6Ext",
"mac",
"arp"
]
},
"acl-name": {
"description": "The identifier or name for the Access Control List",
"type": "string",
"maxLength": 32,
"minLength": 1
},
"acl-rule-action": {
"description": "Defines whether to permit or deny traffic matching the rule",
"type": "string",
"enum": [
"permit",
"deny"
]
},
"acl-source-macaddress": {
"description": "Specifies the source MAC address to filter on",
"type": "string",
"format": "uc-mac"
},
"acl-source-macbitmask": {
"description": "The mask applied to the source MAC address",
"type": "string",
"format": "uc-mac"
},
"acl-dest-macaddress": {
"description": "Specifies the destination MAC address for the filter",
"type": "string",
"format": "uc-mac"
},
"acl-dest-macbitmask": {
"description": "The mask applied to the destination MAC address",
"type": "string",
"format": "uc-mac"
},
"acl-packet-format": {
"description": "Identifies the protocol encapsulated in the Ethernet frame by its EtherType",
"type": "string",
"enum": [
"any",
"untagged-eth2",
"untagged-802.3",
"tagged-eth2",
"tagged-802.3"
]
},
"acl-vlanid": {
"description": "Specifies a VLAN ID to filter traffic from a specific VLAN",
"type": "integer",
"minimum": 1,
"maximum": 4094
},
"acl-vid-bitmask": {
"description": "The mask applied to the VLAN ID",
"type": "integer",
"minimum": 1,
"maximum": 4095
},
"acl-ethertype": {
"description": "Filters packets based on the custom EtherType field (HEX) in the Ethernet frame",
"type": "string",
"default": "800"
},
"acl-ethertype-bitmask": {
"description": "The mask applied to the EtherType field",
"type": "string",
"default": "FFFF"
},
"acl-cos": {
"description": "Filters based on the Class of Service (CoS) field in the frame",
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-cos-bitmask": {
"description": "The mask applied to the CoS field",
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-ipv4-source-address": {
"description": "The IPv4 address of the source to filter on",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-source-subnetmask": {
"description": "The subnet mask applied to the source IPv4 address",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-address": {
"description": "The IPv4 address of the destination to filter on",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-subnetmask": {
"description": "The subnet mask applied to the destination IPv4 address",
"type": "string",
"format": "ipv4"
},
"acl-ipv6-source-address": {
"description": "The IPv6 address of the source to filter on",
"type": "string",
"format": "ipv6"
},
"acl-ipv6-source-prefix-length": {
"description": "Defines the length of the prefix used in filtering IPv6 source addresses",
"type": "integer",
"minimum": 0,
"maximum": 128
},
"acl-ipv6-dest-address": {
"description": "The IPv6 address of the destination to filter on",
"type": "string",
"format": "ipv6"
},
"acl-ipv6-dest-prefix-length": {
"description": "Defines the length of the prefix used in filtering IPv6 destination addresses",
"type": "integer",
"minimum": 0,
"maximum": 128
},
"acl-ip-proto": {
"description": "Filters based on the IP protocol number",
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ipv6-next-header": {
"description": "Specifies the next header type in IPv6 traffic, such as TCP, UDP, or ICMPv6",
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ipv6-flow-label": {
"description": "Filters packets based on the IPv6 Flow Label field",
"type": "integer",
"minimum": 0,
"maximum": 1048575
},
"acl-ip-source-port": {
"description": "Specifies the source port number for filtering",
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-source-port-bitmask": {
"description": "The mask applied to the source port number",
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-dest-port": {
"description": "Specifies the destination port number for filtering",
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-dest-port-bitmask": {
"description": "The mask applied to the destination port number",
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ipv4-fragment-offset": {
"description": "Filters based on IPv4 fragment offset for fragmented packets",
"type": "integer",
"minimum": 0,
"maximum": 8191
},
"acl-ipv6-fragment-offset": {
"description": "Filters based on IPv6 fragment offset for fragmented packets",
"type": "integer",
"minimum": 0,
"maximum": 8191
},
"acl-ip-ttl": {
"description": "Filters IPv4 traffic based on the TTL (Time to Live) value",
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ipv6-hop-limit": {
"description": "Filters IPv6 traffic based on the hop limit value, equivalent to IPv4 TTL",
"type": "integer",
"minimum": 0,
"maximum": 255
}
}
}
},
"mvr-config": {
"description": "This section defines the Multicast VLAN Registration (MVR) general configuration.",
"type": "object",
@@ -1421,6 +1378,438 @@
}
}
}
},
"arp-inspect": {
"type": "object",
"description": "Global configuration for ARP Inspection on the switch.",
"properties": {
"ip-arp-inspect": {
"type": "boolean",
"description": "Enable or disable ARP Inspection globally.",
"default": false
},
"validate-dst-mac": {
"type": "boolean",
"description": "Validate that the destination MAC address in the Ethernet header matches the target MAC address in the ARP body for ARP responses."
},
"validate-ip": {
"type": "boolean",
"description": "Validate ARP packets for unexpected or invalid IP addresses, such as 0.0.0.0, 255.255.255.255, and IP multicast addresses."
},
"validate-allow-zeros": {
"type": "boolean",
"description": "Allow ARP packets where the sender IP address is 0.0.0.0."
},
"validate-src-mac": {
"type": "boolean",
"description": "Validate that the source MAC address in the Ethernet header matches the sender MAC address in the ARP body for both ARP requests and responses."
}
}
},
"ip-source-guard": {
"type": "object",
"description": "Configuration for IP Source Guard global static bindings in a Layer 2 switch.",
"properties": {
"bindings": {
"type": "array",
"description": "List of static bindings for IP Source Guard.",
"items": {
"type": "object",
"properties": {
"binding-mode": {
"type": "string",
"description": "Specifies the mode for adding a static address to the Source Guard ACL or MAC address binding table. It determines whether the binding is based on MAC addresses or ACLs.",
"enum": [
"mac",
"acl"
]
},
"binding-mac": {
"type": "string",
"format": "uc-mac",
"description": "A valid unicast MAC address for binding to the Source Guard filtering table."
},
"binding-vlans": {
"type": "integer",
"description": "The VLAN ID associated with the static binding for Source Guard filtering. Must be a valid, configured VLAN on the switch."
},
"binding-ip": {
"type": "string",
"format": "ipv4",
"description": "A valid unicast IPv4 address to associate with the Source Guard filtering table."
},
"binding-port": {
"type": "string",
"description": "The physical interface (e.g., ethernet0, ethernet1) where the Source Guard binding applies."
}
}
}
}
}
},
"rt-events": {
"description": "Configuration for enabling or disabling specific event categories and their sub-events.",
"type": "object",
"properties": {
"port-status": {
"description": "Enable/Disable Port Status events.",
"type": "object",
"properties": {
"enabled": {
"description": "Enable/Disable Port Status category.",
"type": "boolean",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"wired.carrier-down": {
"type": "boolean",
"description": "Enable/Disable carrier down event.",
"default": false
},
"wired.carrier-up": {
"type": "boolean",
"description": "Enable/Disable carrier up event.",
"default": false
}
}
}
}
},
"module": {
"description": "Enable/Disable Module events.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/Disable Module category.",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"module.plugout": {
"type": "boolean",
"description": "Enable/Disable module plugout event.",
"default": false
},
"module.plugin": {
"type": "boolean",
"description": "Enable/Disable module plugin event.",
"default": false
}
}
}
}
},
"stp": {
"description": "Enable/Disable STP events.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/Disable STP category.",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"stp.loop-detected": {
"type": "boolean",
"description": "Enable/Disable loop detected event.",
"default": false
},
"stp.loop-cleared": {
"type": "boolean",
"description": "Enable/Disable loop cleared event.",
"default": false
},
"stp.state-change": {
"type": "boolean",
"description": "Enable/Disable state change event.",
"default": false
}
}
}
}
},
"rstp": {
"description": "Enable/Disable RSTP events.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/Disable RSTP category.",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"rstp.loop-detected": {
"type": "boolean",
"description": "Enable/Disable loop detected event.",
"default": false
},
"rstp.loop-cleared": {
"type": "boolean",
"description": "Enable/Disable loop cleared event.",
"default": false
},
"rstp.state-change": {
"type": "boolean",
"description": "Enable/Disable state change event.",
"default": false
}
}
}
}
},
"fw-upgrade": {
"description": "Enable/Disable Firmware Upgrade events.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/Disable Firmware Upgrade category.",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"upg.download-start": {
"type": "boolean",
"description": "Enable/Disable download start event.",
"default": false
},
"upg.download-in-progress": {
"type": "boolean",
"description": "Enable/Disable download in progress event.",
"default": false
},
"upg.download-failed": {
"type": "boolean",
"description": "Enable/Disable download failed event.",
"default": false
},
"upg.validation-start": {
"type": "boolean",
"description": "Enable/Disable validation start event.",
"default": false
},
"upg.validation-success": {
"type": "boolean",
"description": "Enable/Disable validation success event.",
"default": false
},
"upg.validation-failed": {
"type": "boolean",
"description": "Enable/Disable validation failed event.",
"default": false
},
"upg.backup-current-firmware": {
"type": "boolean",
"description": "Enable/Disable firmware backup event.",
"default": false
},
"upg.install-start": {
"type": "boolean",
"description": "Enable/Disable install start event.",
"default": false
},
"upg.install-failed": {
"type": "boolean",
"description": "Enable/Disable install failed event.",
"default": false
},
"upg.reboot-start": {
"type": "boolean",
"description": "Enable/Disable reboot start event.",
"default": false
},
"upg.success": {
"type": "boolean",
"description": "Enable/Disable upgrade success event.",
"default": false
}
}
}
}
},
"dhcp-snooping": {
"description": "Enable/Disable DHCP Snooping events.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Enable/Disable DHCP Snooping category.",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"dhcp-snooping.violation-detected": {
"type": "boolean",
"description": "Enable/Disable DHCP Snooping violation detected event.",
"default": false
},
"dhcp-snooping.violation-cleared": {
"type": "boolean",
"description": "Enable/Disable DHCP Snooping violation cleared event.",
"default": false
}
}
}
}
}
}
},
"acl": {
"description": "Contains all the access control rule definitions",
"type": "array",
"uniqueItems": true,
"items": {
"type": "object",
"properties": {
"acl-name": {
"description": "The identifier or name for the Access Control List",
"type": "string",
"maxLength": 32,
"minLength": 1
},
"acl-type": {
"description": "Type of the access control list",
"type": "string",
"enum": [
"ipv4",
"ipv6",
"ipv4Ext",
"ipv6Ext",
"mac",
"arp"
]
},
"acl-rules": {
"description": "access control rules under this ACL",
"type": "object",
"additionalProperties": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object",
"properties": {
"acl-rule-action": {
"description": "Defines whether to permit or deny traffic matching the rule",
"type": "string",
"enum": [
"permit",
"deny"
]
},
"acl-source-macaddress": {
"description": "Specifies the source MAC address to filter on",
"type": "string",
"format": "uc-mac"
},
"acl-source-macbitmask": {
"description": "The mask applied to the source MAC address",
"type": "string",
"format": "uc-mac"
},
"acl-dest-macaddress": {
"description": "Specifies the destination MAC address for the filter",
"type": "string",
"format": "uc-mac"
},
"acl-dest-macbitmask": {
"description": "The mask applied to the destination MAC address",
"type": "string",
"format": "uc-mac"
},
"acl-packet-format": {
"description": "Identifies the protocol encapsulated in the Ethernet frame by its EtherType",
"type": "string",
"enum": [
"any",
"untagged-eth2",
"untagged-802.3",
"tagged-eth2",
"tagged-802.3"
]
},
"acl-vlanid": {
"description": "Specifies a VLAN ID to filter traffic from a specific VLAN",
"type": "integer",
"minimum": 1,
"maximum": 4094
},
"acl-vid-bitmask": {
"description": "The mask applied to the VLAN ID",
"type": "integer",
"minimum": 1,
"maximum": 4095
},
"acl-ethertype": {
"description": "Filters packets based on the custom EtherType field (HEX) in the Ethernet frame",
"type": "string",
"default": "800"
},
"acl-ethertype-bitmask": {
"description": "The mask applied to the EtherType field",
"type": "string",
"default": "FFFF"
},
"acl-cos": {
"description": "Filters based on the Class of Service (CoS) field in the frame",
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-cos-bitmask": {
"description": "The mask applied to the CoS field",
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-ipv4-source-address": {
"description": "The IPv4 address of the source to filter on",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-source-subnetmask": {
"description": "The subnet mask applied to the source IPv4 address",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-address": {
"description": "The IPv4 address of the destination to filter on",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-subnetmask": {
"description": "The subnet mask applied to the destination IPv4 address",
"type": "string",
"format": "ipv4"
},
"acl-ip-proto": {
"description": "Filters based on the IP protocol number",
"type": "integer",
"minimum": 0,
"maximum": 255
}
}
}
}
}
}
}
},
"dns": {
"description": "Define a global list of dns servers.",
"type": "array",
"items": {
"type": "string"
}
}
}
},
@@ -1491,7 +1880,17 @@
"id": {
"description": "This is the pvid of the vlan that shall be assigned to the interface. The individual physical network devices contained within the interface need to be told explicitly if egress traffic shall be tagged.",
"type": "integer",
"maximum": 4050
"maximum": 4094
},
"range-start": {
"decription": "Start vlan-id of the specified range",
"type": "integer",
"maximum": 4094
},
"range-end": {
"decription": "End vlan-id of the specified range",
"type": "integer",
"maximum": 4094
},
"proto": {
"decription": "The L2 vlan tag that shall be added (1q,1ad)",
@@ -1829,40 +2228,23 @@
"type": "boolean",
"default": false
},
"voice-vlan-intf-config": {
"description": "Configure the Voice VLAN feature at the interface level, allowing for VoIP traffic to be prioritized on this specific port.",
"ip-arp-inspect-vlan": {
"type": "object",
"description": "Configuration for ARP Inspection on specific VLANs in the switch.",
"properties": {
"voice-vlan-intf-mode": {
"description": "Specify the mode of placing this port on the voice VLAN.",
"type": "string",
"default": "auto",
"enum": [
"none",
"manual",
"auto"
]
},
"voice-vlan-intf-priority": {
"description": "Define the Class of Service (CoS) priority for VoIP traffic passing through this port, ensuring higher priority over other traffic types.",
"type": "integer",
"default": 6,
"minimum": 0,
"maximum": 6
},
"voice-vlan-intf-detect-voice": {
"description": "Select the detection method for identifying VoIP traffic on this port, such as OUI-based detection or traffic pattern recognition.",
"type": "string",
"default": "oui",
"enum": [
"oui",
"lldp"
]
},
"voice-vlan-intf-security": {
"description": "Enable or configure security filtering for VoIP traffic on the interface to protect against unauthorized devices.",
"vlan-enable": {
"type": "boolean",
"default": false
"description": "Enable or disable ARP Inspection for a specified VLAN."
},
"vlan-acl-rule": {
"type": "string",
"description": "Specifies an ARP ACL to apply to one or more VLANs.",
"maxLength": 32,
"minLength": 1
},
"vlan-acl-nodhcp-bindings": {
"type": "boolean",
"description": "Validate ARP packets against only the specified ACL without checking address bindings in the DHCP snooping database."
}
}
},
@@ -2164,72 +2546,6 @@
}
}
},
"acl": {
"description": "A collection of access control entries that define the rules for filtering traffic through a network interface.",
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-inf-policy-preference": {
"description": "Determines the priority of multiple ACL policies when more than one is applied to an interface, if any.",
"type": "integer",
"minimum": 1,
"maximum": 64,
"default": 1
},
"acl-inf-policy-ingress": {
"description": "Specifies the ACL policy that is applied to incoming traffic on an interface.",
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-ingress": {
"description": "Tracks the number and type of packets that match the ingress ACL rules on an interface.",
"type": "boolean",
"default": false
},
"acl-inf-policy-egress": {
"description": "Specifies the ACL policy that is applied to outgoing traffic from an interface.",
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-egress": {
"description": "Tracks the number and type of packets that match the egress ACL rules on an interface.",
"type": "boolean",
"default": false
}
}
}
},
"dhcp-snoop-port": {
"description": "Configuration for DHCP Snooping on a port level on a switch",
"type": "object",
"properties": {
"dhcp-snoop-port-trust": {
"description": "This parameter designates a switch port as \u2018trusted\u2019 for DHCP messages, meaning it can forward DHCP offers and acknowledgments, which is essential for connecting to legitimate DHCP servers",
"type": "boolean",
"default": false
},
"dhcp-snoop-port-client-limit": {
"description": "It sets a limit on the number of DHCP clients that can be associated with a single port, helping to prevent a single port from exhausting the network\u2019s IP address pool",
"type": "integer",
"minimum": 1
},
"dhcp-snoop-port-circuit-id": {
"description": "Specifies DHCP Option 82 circuit ID suboption information. Often including information like the interface number and VLAN ID, this can be useful for network management and troubleshooting",
"type": "string",
"minLength": 1,
"maxLength": 32
}
}
},
"broad-band": {
"oneOf": [
{

810
ucentral.schema.json
View File

@@ -528,6 +528,501 @@
"default": false
}
}
},
"ip-arp-inspect-port": {
"type": "object",
"properties": {
"rate-limit-pps": {
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"trusted": {
"type": "boolean"
}
}
},
"rate-limit-port": {
"type": "object",
"properties": {
"ingress-kbps": {
"type": "integer",
"minimum": 64,
"maximum": 1000000000
},
"egress-kbps": {
"type": "integer",
"minimum": 64,
"maximum": 1000000000
}
}
},
"ip-source-guard-port": {
"type": "object",
"properties": {
"rule": {
"type": "string",
"enum": [
"sip",
"sip-mac"
]
},
"mode": {
"type": "string",
"enum": [
"mac",
"acl"
]
},
"max-binding": {
"type": "integer",
"minimum": 1,
"maximum": 65535
}
}
},
"acl": {
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-inf-policy-preference": {
"type": "integer",
"minimum": 1,
"maximum": 64,
"default": 1
},
"acl-inf-policy-ingress": {
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-ingress": {
"type": "boolean",
"default": false
},
"acl-inf-policy-egress": {
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-egress": {
"type": "boolean",
"default": false
}
}
}
},
"voice-vlan-intf-config": {
"type": "object",
"properties": {
"voice-vlan-intf-mode": {
"type": "string",
"default": "auto",
"enum": [
"none",
"manual",
"auto"
]
},
"voice-vlan-intf-priority": {
"type": "integer",
"default": 6,
"minimum": 0,
"maximum": 6
},
"voice-vlan-intf-detect-voice": {
"type": "string",
"default": "oui",
"enum": [
"oui",
"lldp"
]
},
"voice-vlan-intf-security": {
"type": "boolean",
"default": false
}
}
},
"dhcp-snoop-port": {
"type": "object",
"properties": {
"dhcp-snoop-port-trust": {
"type": "boolean",
"default": false
},
"dhcp-snoop-port-client-limit": {
"type": "integer",
"minimum": 1
},
"dhcp-snoop-port-circuit-id": {
"type": "string",
"minLength": 1,
"maxLength": 32
}
}
}
}
},
"switch.arp-inspect": {
"type": "object",
"properties": {
"ip-arp-inspect": {
"type": "boolean",
"default": false
},
"validate-dst-mac": {
"type": "boolean"
},
"validate-ip": {
"type": "boolean"
},
"validate-allow-zeros": {
"type": "boolean"
},
"validate-src-mac": {
"type": "boolean"
}
}
},
"switch.ip-source-guard": {
"type": "object",
"properties": {
"bindings": {
"type": "array",
"items": {
"type": "object",
"properties": {
"binding-mode": {
"type": "string",
"enum": [
"mac",
"acl"
]
},
"binding-mac": {
"type": "string",
"format": "uc-mac"
},
"binding-vlans": {
"type": "integer"
},
"binding-ip": {
"type": "string",
"format": "ipv4"
},
"binding-port": {
"type": "string"
}
}
}
}
}
},
"switch.rtevent": {
"type": "object",
"properties": {
"port-status": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"wired.carrier-down": {
"type": "boolean",
"default": false
},
"wired.carrier-up": {
"type": "boolean",
"default": false
}
}
}
}
},
"module": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"module.plugout": {
"type": "boolean",
"default": false
},
"module.plugin": {
"type": "boolean",
"default": false
}
}
}
}
},
"stp": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"stp.loop-detected": {
"type": "boolean",
"default": false
},
"stp.loop-cleared": {
"type": "boolean",
"default": false
},
"stp.state-change": {
"type": "boolean",
"default": false
}
}
}
}
},
"rstp": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"rstp.loop-detected": {
"type": "boolean",
"default": false
},
"rstp.loop-cleared": {
"type": "boolean",
"default": false
},
"rstp.state-change": {
"type": "boolean",
"default": false
}
}
}
}
},
"fw-upgrade": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"upg.download-start": {
"type": "boolean",
"default": false
},
"upg.download-in-progress": {
"type": "boolean",
"default": false
},
"upg.download-failed": {
"type": "boolean",
"default": false
},
"upg.validation-start": {
"type": "boolean",
"default": false
},
"upg.validation-success": {
"type": "boolean",
"default": false
},
"upg.validation-failed": {
"type": "boolean",
"default": false
},
"upg.backup-current-firmware": {
"type": "boolean",
"default": false
},
"upg.install-start": {
"type": "boolean",
"default": false
},
"upg.install-failed": {
"type": "boolean",
"default": false
},
"upg.reboot-start": {
"type": "boolean",
"default": false
},
"upg.success": {
"type": "boolean",
"default": false
}
}
}
}
},
"dhcp-snooping": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"default": false
},
"sub-events": {
"type": "object",
"properties": {
"dhcp-snooping.violation-detected": {
"type": "boolean",
"default": false
},
"dhcp-snooping.violation-cleared": {
"type": "boolean",
"default": false
}
}
}
}
}
}
},
"switch.acl": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object",
"properties": {
"acl-name": {
"type": "string",
"maxLength": 32,
"minLength": 1
},
"acl-type": {
"type": "string",
"enum": [
"ipv4",
"ipv6",
"ipv4Ext",
"ipv6Ext",
"mac",
"arp"
]
},
"acl-rules": {
"type": "object",
"additionalProperties": {
"type": "array",
"uniqueItems": true,
"items": {
"type": "object",
"properties": {
"acl-rule-action": {
"type": "string",
"enum": [
"permit",
"deny"
]
},
"acl-source-macaddress": {
"type": "string",
"format": "uc-mac"
},
"acl-source-macbitmask": {
"type": "string",
"format": "uc-mac"
},
"acl-dest-macaddress": {
"type": "string",
"format": "uc-mac"
},
"acl-dest-macbitmask": {
"type": "string",
"format": "uc-mac"
},
"acl-packet-format": {
"type": "string",
"enum": [
"any",
"untagged-eth2",
"untagged-802.3",
"tagged-eth2",
"tagged-802.3"
]
},
"acl-vlanid": {
"type": "integer",
"minimum": 1,
"maximum": 4094
},
"acl-vid-bitmask": {
"type": "integer",
"minimum": 1,
"maximum": 4095
},
"acl-ethertype": {
"type": "string",
"default": "800"
},
"acl-ethertype-bitmask": {
"type": "string",
"default": "FFFF"
},
"acl-cos": {
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-cos-bitmask": {
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-ipv4-source-address": {
"type": "string",
"format": "ipv4"
},
"acl-ipv4-source-subnetmask": {
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-address": {
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-subnetmask": {
"type": "string",
"format": "ipv4"
},
"acl-ip-proto": {
"type": "integer",
"minimum": 0,
"maximum": 255
}
}
}
}
}
}
}
},
@@ -788,180 +1283,6 @@
}
}
},
"acl": {
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-type": {
"type": "string",
"enum": [
"ipv4",
"ipv6",
"ipv4Ext",
"ipv6Ext",
"mac",
"arp"
]
},
"acl-name": {
"type": "string",
"maxLength": 32,
"minLength": 1
},
"acl-rule-action": {
"type": "string",
"enum": [
"permit",
"deny"
]
},
"acl-source-macaddress": {
"type": "string",
"format": "uc-mac"
},
"acl-source-macbitmask": {
"type": "string",
"format": "uc-mac"
},
"acl-dest-macaddress": {
"type": "string",
"format": "uc-mac"
},
"acl-dest-macbitmask": {
"type": "string",
"format": "uc-mac"
},
"acl-packet-format": {
"type": "string",
"enum": [
"any",
"untagged-eth2",
"untagged-802.3",
"tagged-eth2",
"tagged-802.3"
]
},
"acl-vlanid": {
"type": "integer",
"minimum": 1,
"maximum": 4094
},
"acl-vid-bitmask": {
"type": "integer",
"minimum": 1,
"maximum": 4095
},
"acl-ethertype": {
"type": "string",
"default": "800"
},
"acl-ethertype-bitmask": {
"type": "string",
"default": "FFFF"
},
"acl-cos": {
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-cos-bitmask": {
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-ipv4-source-address": {
"type": "string",
"format": "ipv4"
},
"acl-ipv4-source-subnetmask": {
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-address": {
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-subnetmask": {
"type": "string",
"format": "ipv4"
},
"acl-ipv6-source-address": {
"type": "string",
"format": "ipv6"
},
"acl-ipv6-source-prefix-length": {
"type": "integer",
"minimum": 0,
"maximum": 128
},
"acl-ipv6-dest-address": {
"type": "string",
"format": "ipv6"
},
"acl-ipv6-dest-prefix-length": {
"type": "integer",
"minimum": 0,
"maximum": 128
},
"acl-ip-proto": {
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ipv6-next-header": {
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ipv6-flow-label": {
"type": "integer",
"minimum": 0,
"maximum": 1048575
},
"acl-ip-source-port": {
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-source-port-bitmask": {
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-dest-port": {
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-dest-port-bitmask": {
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ipv4-fragment-offset": {
"type": "integer",
"minimum": 0,
"maximum": 8191
},
"acl-ipv6-fragment-offset": {
"type": "integer",
"minimum": 0,
"maximum": 8191
},
"acl-ip-ttl": {
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ipv6-hop-limit": {
"type": "integer",
"minimum": 0,
"maximum": 255
}
}
}
},
"mvr-config": {
"type": "object",
"properties": {
@@ -1231,6 +1552,24 @@
}
}
}
},
"arp-inspect": {
"$ref": "#/$defs/switch.arp-inspect"
},
"ip-source-guard": {
"$ref": "#/$defs/switch.ip-source-guard"
},
"rt-events": {
"$ref": "#/$defs/switch.rtevent"
},
"acl": {
"$ref": "#/$defs/switch.acl"
},
"dns": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
@@ -1239,7 +1578,17 @@
"properties": {
"id": {
"type": "integer",
"maximum": 4050
"maximum": 4094
},
"range-start": {
"decription": "Start vlan-id of the specified range",
"type": "integer",
"maximum": 4094
},
"range-end": {
"decription": "End vlan-id of the specified range",
"type": "integer",
"maximum": 4094
},
"proto": {
"decription": "The L2 vlan tag that shall be added (1q,1ad)",
@@ -1328,6 +1677,22 @@
}
}
},
"interface.ipv4.arp-inspect": {
"type": "object",
"properties": {
"vlan-enable": {
"type": "boolean"
},
"vlan-acl-rule": {
"type": "string",
"maxLength": 32,
"minLength": 1
},
"vlan-acl-nodhcp-bindings": {
"type": "boolean"
}
}
},
"interface.ipv4.dhcp": {
"type": "object",
"properties": {
@@ -1632,37 +1997,8 @@
"type": "boolean",
"default": false
},
"voice-vlan-intf-config": {
"type": "object",
"properties": {
"voice-vlan-intf-mode": {
"type": "string",
"default": "auto",
"enum": [
"none",
"manual",
"auto"
]
},
"voice-vlan-intf-priority": {
"type": "integer",
"default": 6,
"minimum": 0,
"maximum": 6
},
"voice-vlan-intf-detect-voice": {
"type": "string",
"default": "oui",
"enum": [
"oui",
"lldp"
]
},
"voice-vlan-intf-security": {
"type": "boolean",
"default": false
}
}
"ip-arp-inspect-vlan": {
"$ref": "#/$defs/interface.ipv4.arp-inspect"
},
"dhcp": {
"$ref": "#/$defs/interface.ipv4.dhcp"
@@ -1843,62 +2179,6 @@
}
}
},
"interface.acl": {
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-inf-policy-preference": {
"type": "integer",
"minimum": 1,
"maximum": 64,
"default": 1
},
"acl-inf-policy-ingress": {
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-ingress": {
"type": "boolean",
"default": false
},
"acl-inf-policy-egress": {
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-egress": {
"type": "boolean",
"default": false
}
}
}
},
"interface.dhcp-snoop-port": {
"type": "object",
"properties": {
"dhcp-snoop-port-trust": {
"type": "boolean",
"default": false
},
"dhcp-snoop-port-client-limit": {
"type": "integer",
"minimum": 1
},
"dhcp-snoop-port-circuit-id": {
"type": "string",
"minLength": 1,
"maxLength": 32
}
}
},
"interface.broad-band.wwan": {
"type": "object",
"properties": {
@@ -2150,12 +2430,6 @@
"ipv6": {
"$ref": "#/$defs/interface.ipv6"
},
"acl": {
"$ref": "#/$defs/interface.acl"
},
"dhcp-snoop-port": {
"$ref": "#/$defs/interface.dhcp-snoop-port"
},
"broad-band": {
"$ref": "#/$defs/interface.broad-band"
},

959
ucentral.schema.pretty.json
View File

File diff suppressed because it is too large Load Diff

270
ucentral.state.pretty.json
View File

@@ -85,6 +85,177 @@
"uplink_interface": {
"type": "string",
"description": "Current interface that serves as the Uplink. Example Ethernet2."
},
"arp-inspect-stats": {
"type": "object",
"description": "Statistics related to ARP Inspection activity in the switch.",
"properties": {
"arp-pkt-rcvd": {
"type": "integer",
"description": "Total number of ARP packets received."
},
"arp-pkt-dropped-rate-limit": {
"type": "integer",
"description": "Number of ARP packets dropped due to rate limiting."
},
"arp-pkt-processed": {
"type": "integer",
"description": "Total number of ARP packets processed by ARP Inspection."
},
"arp-pkt-dropped-src-mac": {
"type": "integer",
"description": "Number of ARP packets dropped due to source MAC address validation failures."
},
"arp-pkt-dropped-dst-mac": {
"type": "integer",
"description": "Number of ARP packets dropped due to destination MAC address validation failures."
},
"arp-pkt-dropped-ip": {
"type": "integer",
"description": "Number of ARP packets dropped due to IP address validation failures.\""
},
"arp-pkt-dropped-acl": {
"type": "integer",
"description": "Number of ARP packets dropped due to ARP ACL rules."
},
"arp-pkt-dropped-dhcp": {
"type": "integer",
"description": "Number of ARP packets dropped due to DHCP snooping validation failures."
}
}
},
"ip-source-guard": {
"type": "object",
"description": "Represents the configuration and state of IP Source Guard.",
"properties": {
"blocked-entries": {
"type": "array",
"description": "Displays a list of entries that are currently blocked by IP Source Guard (IPSG).",
"items": {
"type": "object",
"properties": {
"blocked-mac": {
"type": "string",
"description": "The MAC address that has been blocked by IP Source Guard.",
"format": "mac-address"
},
"blocked-ip": {
"type": "string",
"description": "The IP address that has been blocked by IP Source Guard.",
"format": "ipv4"
},
"blocked-vlan": {
"type": "integer",
"description": "The VLAN ID associated with the blocked IP/MAC entry.",
"minimum": 1,
"maximum": 4095
},
"blocked-interface": {
"type": "string",
"description": "The interface (e.g., port) where the blocked entry was detected."
}
}
}
}
}
},
"stp": {
"description": "Global status and configuration of the Spanning Tree Protocol (STP) across the switch. Supports variants like STP, RSTP, MSTP. Includes bridge-wide parameters and protocol behavior.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whether STP is enabled globally on the switch."
},
"mode": {
"type": "string",
"description": "Operational STP mode used across the switch.",
"enum": [
"stp",
"rstp",
"mstp",
"pvst",
"rpvstp"
]
},
"transmission-limit": {
"type": "integer",
"description": "Maximum number of BPDUs that can be transmitted per hello time."
},
"path-cost-method": {
"type": "string",
"description": "Indicates whether \"Short\" or \"Long\" path cost method is in use.",
"enum": [
"short",
"long"
]
},
"max-hops": {
"type": "integer",
"description": "Maximum hop count used in MSTP."
},
"instances": {
"type": "array",
"description": "List of STP instances (e.g., MSTP instances).",
"items": {
"type": "object",
"properties": {
"instance-id": {
"type": "integer",
"description": "Instance number (for MSTP or multiple-instance support)."
}
},
"vlans": {
"type": "string",
"description": "VLAN ranges associated with the STP instance.",
"example": "1-4094"
},
"bridge-priority": {
"type": "integer",
"description": "Bridge priority value for STP election."
},
"bridge-hello-time": {
"type": "integer",
"description": "Hello Time interval (in seconds) configured on the bridge."
},
"bridge-max-age": {
"type": "integer",
"description": "Max Age value (in seconds) used for aging STP information."
},
"bridge-forward-delay": {
"type": "integer",
"description": "Delay (in seconds) before transitioning port to forwarding state."
},
"remaining-hops": {
"type": "integer",
"description": "Remaining hop count from the Root Bridge to this bridge."
},
"root-bridge-id": {
"type": "string",
"description": "Bridge ID of the current Root Bridge."
},
"root-port": {
"type": "string",
"description": "Local interface acting as Root Port.",
"example": [
"\u00cbthernet1"
]
},
"root-cost": {
"type": "integer",
"description": "Cumulative cost to reach the Root Bridge."
},
"topology-changes": {
"type": "integer",
"description": "Total number of topology changes detected."
},
"last-topology-change-seconds": {
"type": "integer",
"description": "Time (in seconds) since the last topology change."
}
}
}
}
}
},
"$defs": {
@@ -451,6 +622,11 @@
"type": "string",
"description": "The administrative name of this logical interface. This field is freetext"
},
"vlan_id": {
"description": "VLAN-ID of the logical interface",
"type": "integer",
"maximum": 4094
},
"ntp_server": {
"type": "string",
"description": "The upstream NTP server being used by this interface."
@@ -1081,6 +1257,100 @@
"type": "number"
}
}
},
"loop-detect-protocol": {
"description": "Status and protocol information for loop detection or prevention mechanisms active on this interface. Includes STP/xSTP/MSTP, Loopback Detection (LBD), etc.",
"type": "object",
"properties": {
"stp": {
"description": "Spanning Tree Protocol (IEEE 802.1D/RSTP/MSTP) state on the port.",
"type": "object",
"properties": {
"protocol": {
"type": "string",
"description": "Variant of STP running (e.g., STP, RSTP, MSTP, RPVST+).",
"examples": [
"RSTP",
"MSTP"
]
},
"state": {
"type": "string",
"description": "STP state of the port.",
"enum": [
"disabled",
"blocking",
"listening",
"learning",
"forwarding"
]
},
"role": {
"type": "string",
"description": "Role of the port in STP topology.",
"enum": [
"root",
"designated",
"alternate",
"backup",
"disabled"
]
},
"bridge-id": {
"type": "string",
"description": "STP Bridge ID"
},
"root-bridge-id": {
"type": "string",
"description": "STP Root Bridge ID for the instance."
},
"oper-edge-port": {
"type": "boolean",
"description": "Whether the port is operating as an edge port (no BPDU expected)."
},
"cost": {
"type": "integer",
"description": "Operational path cost of the port."
},
"designated-cost": {
"type": "integer",
"description": "Cost advertised by the designated port."
},
"transitions": {
"type": "integer",
"description": "Number of STP state transitions (forwarding/discarding) on this port."
}
}
},
"lbd": {
"description": "Loopback Detection (LBD) status on this port.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whether LBD is enabled on this port."
},
"state": {
"type": "string",
"description": "Current loop detection status.",
"enum": [
"no_loop",
"loop_detected",
"disabled"
]
},
"action": {
"type": "string",
"description": "Action taken when loop is detected (e.g., block, shutdown).",
"enum": [
"none",
"block",
"shutdown"
]
}
}
}
}
}
}
},