scottk/ols-ucentral-schema
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/ols-ucentral-schema.git synced 2025-10-29 17:22:23 +00:00
Code Issues Packages Projects Releases 3 Wiki Activity

Compare commits

base: scottk:Sprint-8-OLS---Rate-Limiting-schema
Branches Tags
scottk:main scottk:OLS-849-add-xSTP-parameters scottk:OLS-848-Schema-Intrusion-detection scottk:OLS-838-Update-OLS-Schema-version-to-4.2.0 scottk:correct-storm-control-indentation scottk:ols-821-mclag-schema-correction scottk:fix/fix_invalid_schema scottk:ols-688-bpdu-guard scottk:ols-822-lldp-peers-statemessage-enhancements scottk:OLS_UpdateSchemaVersion_410 scottk:ols-659-simplify-vlan-config scottk:staging-OLS-644-global-dns scottk:OLS-578-Tag-ols-ucentral-client-and-ols-ucentral-schema-4.0.0-pre-release scottk:Sprint-8-OLS-ARP-Inspect-Schema scottk:Sprint-8-OLS---Rate-Limiting-schema scottk:OLS-556-Sprint-8-IPSourceGuard scottk:OLS-556-Sprint-8-SubcribeRTEvents scottk:OLS-550_Schema_Corrections_Pre4p0_Features scottk:OLS-562-Add-schema-version-to-ols-ucentral-schema scottk:OLS-545-Removal-of-AP-specific-schema-elements-from-ols-ucentral-schema scottk:OLS-538_port_speed_enum_fix_40g scottk:OLS-425_sprint6_schema scottk:OLS_390_Move_uplink_interface_definition_to_state.yml_Add_version_connect.capabilities scottk:OLS-390-Move-uplink_interface-definition-to-state.yml-add-version-to-connect.capabilities scottk:OLS_319_sprint4_schema scottk:OLS-295_capabilities_add_lacp_linkAggregation_jumboFrames scottk:link_aggregation scottk:change_port_mirror_type_to_array scottk:lacp scottk:jumbo_frames scottk:OLS-229-generate-json-file-for-capabilities-connect.capabilities.yml scottk:OLS-228-delta_counters scottk:secure_http_server scottk:fix_loop_detection_schema_instances_indentation scottk:change_vrf_id_to_integer scottk:schema_fixes_and_updates scottk:default-values-for-schema/ethernet.yml-speed-and-duplex scottk:next scottk:1-incorrect-indentation-for-statelink-stateyml
scottk:v4.1.0-rc1 scottk:v4.0.0 scottk:v4.0.0-rc1 scottk:v3.2.7
...
compare: scottk:main
Branches Tags
scottk:OLS-849-add-xSTP-parameters scottk:OLS-848-Schema-Intrusion-detection scottk:OLS-838-Update-OLS-Schema-version-to-4.2.0 scottk:main scottk:correct-storm-control-indentation scottk:ols-821-mclag-schema-correction scottk:fix/fix_invalid_schema scottk:ols-688-bpdu-guard scottk:ols-822-lldp-peers-statemessage-enhancements scottk:OLS_UpdateSchemaVersion_410 scottk:ols-659-simplify-vlan-config scottk:staging-OLS-644-global-dns scottk:OLS-578-Tag-ols-ucentral-client-and-ols-ucentral-schema-4.0.0-pre-release scottk:Sprint-8-OLS-ARP-Inspect-Schema scottk:Sprint-8-OLS---Rate-Limiting-schema scottk:OLS-556-Sprint-8-IPSourceGuard scottk:OLS-556-Sprint-8-SubcribeRTEvents scottk:OLS-550_Schema_Corrections_Pre4p0_Features scottk:OLS-562-Add-schema-version-to-ols-ucentral-schema scottk:OLS-545-Removal-of-AP-specific-schema-elements-from-ols-ucentral-schema scottk:OLS-538_port_speed_enum_fix_40g scottk:OLS-425_sprint6_schema scottk:OLS_390_Move_uplink_interface_definition_to_state.yml_Add_version_connect.capabilities scottk:OLS-390-Move-uplink_interface-definition-to-state.yml-add-version-to-connect.capabilities scottk:OLS_319_sprint4_schema scottk:OLS-295_capabilities_add_lacp_linkAggregation_jumboFrames scottk:link_aggregation scottk:change_port_mirror_type_to_array scottk:lacp scottk:jumbo_frames scottk:OLS-229-generate-json-file-for-capabilities-connect.capabilities.yml scottk:OLS-228-delta_counters scottk:secure_http_server scottk:fix_loop_detection_schema_instances_indentation scottk:change_vrf_id_to_integer scottk:schema_fixes_and_updates scottk:default-values-for-schema/ethernet.yml-speed-and-duplex scottk:next scottk:1-incorrect-indentation-for-statelink-stateyml
scottk:v4.1.0-rc1 scottk:v4.0.0 scottk:v4.0.0-rc1 scottk:v3.2.7

40 Commits
Sprint-8-O ... main

Author SHA1 Message Date
Binny
02f749cc11 Merge pull request #46 from Telecominfraproject/ols-821-mclag-schema-correction 
ols-821-mclag-schema-correcttion-draft Changes
 2025-10-07 12:06:22 +05:30
Mike Hansen
5b00327adc Merge pull request #50 from Telecominfraproject/correct-storm-control-indentation 
Fix indentation for storm-control configuration.
 2025-09-24 12:29:33 -04:00
Mike Hansen
117aa70d4f Fix indentation for storm-control configuration. 
Signed-off-by: Mike Hansen <mike.hansen@netexperience.com>
 2025-09-24 11:18:21 -04:00
Binny
c3073a9a45 ols-821-mclag-schema-final-draft 2025-09-16 06:10:50 +00:00
Binny
04a8901620 Merge pull request #47 from Telecominfraproject/ols-822-lldp-peers-statemessage-enhancements 
ols-822-lldp-enhanced-state-reporting-draft Review
 2025-09-16 11:37:54 +05:30
Olexandr, Mazur
23ebf25cba Merge pull request #48 from Telecominfraproject/fix/fix_invalid_schema 
Fix broken schema json file
 2025-09-05 12:38:40 +03:00
Oleksandr Mazur
c9b4970b29 Fix broken schema json file 
After latest main merge, there's some overlapping which effectively
breaks the schema (it becomes invalid json file, due to some objects
not ending where they should).

Run generate.sh to provide a complete valid generated json file.

Signed-off-by: Oleksandr Mazur <oleksandr.mazur@plvision.eu>
 2025-09-05 12:36:54 +03:00
Mike Hansen
fdf54a7e0e Merge pull request #44 from Telecominfraproject/ols-688-bpdu-guard 
ols-688-sprint-12-bpdu-guard-draft
 2025-09-03 13:39:44 -04:00
Binny
52e38ce792 Merge branch 'main' into ols-688-bpdu-guard 2025-09-03 23:05:31 +05:30
Binny
05849922ed ols-821-mclag-corrections-rev2 2025-08-22 15:19:46 +00:00
Binny
9228a6c290 ols-822-lldp-peerstate-enhancement-rev2 2025-08-22 14:57:34 +00:00
Mike Hansen
41e621b455 Merge pull request #45 from Telecominfraproject/ols-688-sprint-12-storm-control-draft 
ols-688-sprint-12-stormcontrol-draft
 2025-08-20 09:43:38 -04:00
Binny
30b5864ada ols-822-lldp-enhanced-state-reporting-draft 2025-08-18 14:52:15 +00:00
Binny
598af29d51 ols-821-mclag-schema-correcttion-draft 2025-08-18 13:38:01 +00:00
Binny
c79f7f4517 ols-688-sprint12-bpduguard-final-p2 2025-06-17 15:12:40 +00:00
Binny
0e43b3cb3a ols-688-sprint12-stormcontrol-finalreview-p2 2025-06-17 15:06:46 +00:00
Binny
67f3f14fab ols-688-sprint12-stormcontrol-finalreview 2025-06-17 04:12:10 +00:00
Binny
8c82a276d8 ols-688-sprint12-bpdu-guard-finalreview 2025-06-17 04:05:31 +00:00
Binny
a098465268 ols-688-bpdu-guard-first-reviewchange 2025-06-11 03:33:54 +00:00
Binny
040650cb5c ols-688-sprint-12-stormcontrol-draft 2025-06-09 04:09:55 +00:00
Binny
adf3514ae9 ols-688-sprint-12-bpdu-guard-draft 2025-06-08 18:16:46 +00:00
Mike Hansen
d8d4380977 Merge pull request #43 from Telecominfraproject/OLS_UpdateSchemaVersion_410 
Update OLS Schema version to 4.1.0, regenerate html
 2025-05-26 13:21:31 -04:00
Mike Hansen
c63ac1f5d9 Update OLS Schema version to 4.1.0, regenerate html 
Signed-off-by: Mike Hansen <mike.hansen@netexperience.com>
 2025-05-26 08:48:43 -04:00
Binny
37b9152b6e Merge pull request #42 from Telecominfraproject/ols-659-simplify-vlan-config 
OLS-659 proposal draft for bulk-vlan
 2025-05-16 06:29:12 +05:30
Binny
5db059b95b Merge pull request #41 from Telecominfraproject/ols-655-state-message-l2-loopdetection-info 
OLS-655 - STP and Loop Detection Protocol States in State Message
 2025-05-16 06:28:45 +05:30
Binny
5a7f055793 ols-655 final change to merge 2025-05-06 02:37:02 +00:00
Binny
2b7ce76453 ols-655-review-comments-part1 2025-04-23 20:33:39 +00:00
Binny
d1ab8b453b ols-659 changes_after_review1 2025-04-23 20:19:25 +00:00
Binny
e80a6d2166 OLS-659 proposal draft for bulk-vlan 2025-04-22 16:28:58 +00:00
Binny
6469510af1 OLS-655 draft changes 2025-04-21 16:24:18 +00:00
Mike Hansen
d84e5ee624 Merge pull request #40 from Telecominfraproject/staging-OLS-644-global-dns 
OLS-644: Global DNS configuration
 2025-04-10 09:03:18 -04:00
Tanya Singh
029cdb4ed9 OLS-644: Add Global DNS to switch.yml and use generate.sh to create the json files 
Signed-off-by: Tanya Singh <tanya_singh@accton.com>
 2025-04-10 17:13:03 +08:00
Tanya Singh
cd7d50997c OLS-644: Global DNS configuration 
Signed-off-by: Tanya Singh <tanya_singh@accton.com>
 2025-03-27 11:37:06 +08:00
Mike Hansen
f394cb4019 Merge pull request #38 from Telecominfraproject/OLS-578-Tag-ols-ucentral-client-and-ols-ucentral-schema-4.0.0-pre-release 
[OLS-578] Tag ols-ucentral-client and ols-ucentral-schema 4.0.0 pre-r…
 2025-02-05 08:16:49 -05:00
Mike Hansen
5e345b22a3 [OLS-578] Tag ols-ucentral-client and ols-ucentral-schema 4.0.0 pre-release 
Update to 4.0.0

Signed-off-by: Mike Hansen <mike.hansen@netexperience.com>
 2025-02-04 12:21:40 -05:00
Mike Hansen
dcd935359c Merge pull request #36 from Telecominfraproject/Sprint-8-OLS-ARP-Inspect-Schema 
ols-556-sprint8-arp-inspect-schema-draft
 2025-02-04 12:09:05 -05:00
Mike Hansen
362e03a363 Resolving merge issues 2025-02-04 12:08:04 -05:00
Mike Hansen
51c5b1b9f4 Merge pull request #34 from Telecominfraproject/Sprint-8-OLS---Rate-Limiting-schema 
Sprint-8 OLS Rate Limiting Schema change
 2025-02-04 11:54:02 -05:00
Binny
1d052a18c2 created new files, and accomodated review comments 2025-01-29 15:36:13 +00:00
Binny
59ad89be0f ols-556-sprint8-arp-inspect-schema-draft 2025-01-22 14:48:04 +00:00
20 changed files with 1293 additions and 199 deletions
Expand all files Collapse all files

3
capabilities/connect.capabilities.yml
View File

@@ -243,6 +243,7 @@ properties:
- Spanning-Tree-Per-VLAN
- Spanning-Tree-Per-VLAN-Rapid
- Spanning-Tree-MSTP
- BPDU-Guard
# L3
- SVI-StaticIPv4
- SVI-StaticIPv6
@@ -280,6 +281,7 @@ properties:
- MAC-ACL
- IP-ACL
- Guest-VLAN
- Storm-Control
# Services
- Service-SSH
- Service-RSSH
@@ -300,6 +302,7 @@ properties:
- Service-Online-Check
- Service-CaptivePortal
- Service-PublicIpCheck
- Service-Global-DNS
# Tunneling
- Tunneling-VxLAN
- Tunneling-GRE

10
docs/ucentral-schema.html
View File

File diff suppressed because one or more lines are too long

8
docs/ucentral-state.html
View File

File diff suppressed because one or more lines are too long

2
docs/ucentral.capabilities.html
View File

File diff suppressed because one or more lines are too long

6
schema.json
View File

@@ -1,5 +1,5 @@
{
"major": 3,
"minor": 2,
"patch": 7
"major": 4,
"minor": 1,
"patch": 0
}

50
schema/ethernet.yml
View File

@@ -368,6 +368,18 @@ properties:
type: boolean
description: Enables the transmission of SNMP trap notifications about LLDP changes.
default: false
ip-arp-inspect-port:
type: object
description: Configuration for ARP Inspection on specific interfaces or ports in the switch.
properties:
rate-limit-pps:
type: integer
description: Sets a rate limit (packets per second) for the ARP packets received on a port. Ensures that the port does not process ARP packets beyond the configured limit.
minimum: 0
maximum: 65535
trusted:
type: boolean
description: Configures the port as trusted, exempting it from ARP Inspection. Trusted ports bypass ARP validation checks.
rate-limit-port:
type: object
description: Configuration for ingress and egress rate limiting on a specific port (in kbps)
@@ -487,3 +499,41 @@ properties:
type: string
minLength: 1
maxLength: 32
bpdu-guard:
description: BPDU Guard configuration block. Enables protection against unexpected BPDUs
on edge ports to prevent loops and rogue switch connections.
type: object
properties:
enabled:
description: When true, the port will be placed into an error-disabled state if any BPDU is received.
type: boolean
auto-recovery-secs:
description: Time in 'seconds' after which a port that was err-disabled due to BPDU Guard
violation will be automatically re-enabled.
type: integer
default: 300
edge-port:
description: When true, the port behaves as an STP Edge Port. When false, the port
participates fully in STP and is treated as a normal switch port.
type: boolean
default: false
storm-control:
description: Storm Control configuration per storm type. Allows enabling or disabling traffic storm control for broadcast, multicast, and unknown unicast packets,
with independent packet-per-second (pps) thresholds. A limit-pps value of 0 implies the control is disabled for that traffic type.
type: object
properties:
broadcast-pps:
type: integer
minimum: 0
default: 0
description: Maximum allowed broadcast packets per second. 0 disables broadcast storm control.
multicast-pps:
type: integer
minimum: 0
default: 0
description: Maximum allowed multicast packets per second. 0 disables multicast storm control.
unknown-unicast-pps:
type: integer
minimum: 0
default: 0
description: Maximum allowed unknown unicast packets per second. 0 disables unknown unicast storm control.

14
schema/interface.ipv4.arp-inspect.yml Normal file
View File

@@ -0,0 +1,14 @@
type: object
description: Configuration for ARP Inspection on specific VLANs in the switch.
properties:
vlan-enable:
type: boolean
description: Enable or disable ARP Inspection for a specified VLAN.
vlan-acl-rule:
type: string
description: Specifies an ARP ACL to apply to one or more VLANs.
maxLength: 32
minLength: 1
vlan-acl-nodhcp-bindings:
type: boolean
description: Validate ARP packets against only the specified ACL without checking address bindings in the DHCP snooping database.

2
schema/interface.ipv4.yml
View File

@@ -200,6 +200,8 @@ properties:
description: "Enables DHCP Snooping on a VLAN"
type: boolean
default: false
ip-arp-inspect-vlan:
$ref: "https://ucentral.io/schema/v1/interface/ipv4/arp-inspect/"
dhcp:
$ref: "https://ucentral.io/schema/v1/interface/ipv4/dhcp/"
dhcp-leases:

10
schema/interface.vlan.yml
View File

@@ -8,7 +8,15 @@ properties:
The individual physical network devices contained within the interface
need to be told explicitly if egress traffic shall be tagged.
type: integer
maximum: 4050
maximum: 4094
range-start:
decription: Start vlan-id of the specified range
type: integer
maximum: 4094
range-end:
decription: End vlan-id of the specified range
type: integer
maximum: 4094
proto:
decription:
The L2 vlan tag that shall be added (1q,1ad)

19
schema/switch.arp-inspect.yml Normal file
View File

@@ -0,0 +1,19 @@
type: object
description: Global configuration for ARP Inspection on the switch.
properties:
ip-arp-inspect:
type: boolean
description: Enable or disable ARP Inspection globally.
default: false
validate-dst-mac:
type: boolean
description: Validate that the destination MAC address in the Ethernet header matches the target MAC address in the ARP body for ARP responses.
validate-ip:
type: boolean
description: Validate ARP packets for unexpected or invalid IP addresses, such as 0.0.0.0, 255.255.255.255, and IP multicast addresses.
validate-allow-zeros:
type: boolean
description: Allow ARP packets where the sender IP address is 0.0.0.0.
validate-src-mac:
type: boolean
description: Validate that the source MAC address in the Ethernet header matches the sender MAC address in the ARP body for both ARP requests and responses.

97
schema/switch.yml
View File

@@ -439,58 +439,66 @@ properties:
description: Configures the peer-link, which could be a physical port or a trunk group that connects the two MC-LAG peer switches.
type: object
properties:
type:
link-type:
description: Defines the type of peer-link, either 'port' or 'trunk-group'
type: string
enum:
- port
- trunk-group
default: trunk-group
value:
description: Specifies the port or trunk-group ID for the peer-link.
port-id:
description: Specifies the physical port name used as peer-link (only valid if type = port).
type: string
examples:
- "Ethernet1"
- "Ethernet2"
trunk-id:
description: Specifies the trunk group ID used as peer-link (only valid if type = trunk-group).
type: integer
minimum: 1
maximum: 64
mclag-group:
description: Configures the MC-LAG group, which binds the interfaces into a multi-chassis LAG.
type: object
properties:
group-id:
description: Defines the unique MC-LAG group identifier.
type: integer
minimum: 1
maximum: 128
members:
description: List of interfaces that participate in the MC-LAG group.
type: array
items:
type: string
description: Interface names that are part of the MC-LAG group.
examples:
- eth0
- eth1
lacp-config:
description: LACP configuration settings for the MC-LAG group.
type: object
properties:
lacp-enable:
description: Enables or disables LACP for the MC-LAG group.
type: boolean
default: true
lacp-role:
description: Configures the LACP role as 'actor' or 'partner'
description: Configures the MC-LAG group(s), which binds the interfaces into a multi-chassis LAG.
type: array
items:
type: object
properties:
group-id:
description: Defines the unique MC-LAG group identifier.
type: integer
minimum: 1
maximum: 128
members:
description: List of interfaces that participate in the MC-LAG group.
type: array
items:
type: string
enum:
- actor
- partner
default: actor
lacp-timeout:
description: Sets the LACP timeout as either 'short' or 'long'.
type: string
enum:
- short
- long
default: long
description: Interface names that are part of the MC-LAG group.
examples:
- Ethernet0
- Ethernet1
lacp-config:
description: LACP configuration settings for the MC-LAG group.
type: object
properties:
lacp-enable:
description: Enables or disables LACP for the MC-LAG group.
type: boolean
default: true
lacp-role:
description: Configures the LACP role as 'actor' or 'partner'
type: string
enum:
- actor
- partner
default: actor
lacp-timeout:
description: Sets the LACP timeout as either 'short' or 'long'.
type: string
enum:
- short
- long
default: long
system-priority:
description: Specifies the system priority used by the switch for LACP negotiations.
type: integer
@@ -537,9 +545,16 @@ properties:
minLength: 1
examples:
- "A VoIP Phone"
arp-inspect:
$ref: "https://ucentral.io/schema/v1/switch/arp-inspect/"
ip-source-guard:
$ref: "https://ucentral.io/schema/v1/switch/ip-source-guard/"
rt-events:
$ref: "https://ucentral.io/schema/v1/switch/rtevent/"
acl:
$ref: "https://ucentral.io/schema/v1/switch/acl/"
dns:
description: Define a global list of dns servers.
type: array
items:
type: string

7
state/interface.yml
View File

@@ -15,8 +15,11 @@ items:
name:
type: string
description:
The administrative name of this logical interface. This field is
freetext
The administrative name of this logical interface. This field is freetext
vlan_id:
description: VLAN-ID of the logical interface
type: integer
maximum: 4094
ntp_server:
type: string
description:

93
state/link-state.yml
View File

@@ -191,3 +191,96 @@ properties:
description:
Max power (in Watts) module can drain.
type: number
loop-detect-protocol:
description: Status and protocol information for loop detection or prevention mechanisms
active on this interface. Includes STP/xSTP/MSTP, Loopback Detection (LBD), etc.
type: object
properties:
stp:
description: Spanning Tree Protocol (IEEE 802.1D/RSTP/MSTP) state on the port.
type: object
properties:
protocol:
type: string
description: Variant of STP running (e.g., STP, RSTP, MSTP, RPVST+).
examples:
- RSTP
- MSTP
state:
type: string
description: STP state of the port.
enum:
- disabled
- blocking
- listening
- learning
- forwarding
role:
type: string
description: Role of the port in STP topology.
enum:
- root
- designated
- alternate
- backup
- disabled
bridge-id:
type: string
description: STP Bridge ID
root-bridge-id:
type: string
description: STP Root Bridge ID for the instance.
oper-edge-port:
type: boolean
description: Whether the port is operating as an edge port (no BPDU expected).
cost:
type: integer
description: Operational path cost of the port.
designated-cost:
type: integer
description: Cost advertised by the designated port.
transitions:
type: integer
description: Number of STP state transitions (forwarding/discarding) on this port.
bpdu-guard:
type: string
description: Runtime status of BPDU Guard on the port, when it detects any issue.
- `errdisabled`- Port is shutdown due to BPDU violation.
- `recovering`- Temporarily disabled and in auto-recovery interval.
enum:
- errdisabled
- recovering
lbd:
description: Loopback Detection (LBD) status on this port.
type: object
properties:
enabled:
type: boolean
description: Whether LBD is enabled on this port.
state:
type: string
description: Current loop detection status.
enum:
- no_loop
- loop_detected
- disabled
action:
type: string
description: Action taken when loop is detected (e.g., block, shutdown).
enum:
- none
- block
- shutdown
storm-status:
description: Runtime status of Storm Control feature on the port for each storm type.
type: object
properties:
broadcast:
type: boolean
description: Runtime status of Broadcast Storm Control on the port. Return `true`if Storm condition is detected.
multicast:
type: boolean
description: Runtime status of Multicast Storm Control on the port. Return `true`if Storm condition is detected.
unknown-unicast:
type: boolean
description: Runtime status of Unknown Unicast Storm Control on the port. Return `true`if Storm condition is detected.

55
state/lldp-peers.yml
View File

@@ -49,6 +49,10 @@ items:
type: string
description: Provides a textual description of the remote port, typically describing the interface or its purpose.
example: "Ethernet Port on unit 1, port 2"
lldp-remote-sys-name:
type: string
description: Provides a textual description of the system name string (as defined by the sending device)
example: "Datacenter Switch-1"
lldp-remote-port-max-mtu:
type: string
description: Displays the maximum transmission unit (MTU) size that the remote port supports, indicating the largest packet size the port can handle.
@@ -117,6 +121,19 @@ items:
type: string
description: Displays the PoE class of the remote device, indicating its power consumption classification.
enum: ["Class-1", "Class-2", "Class-3", "Class-4","Class-5", "Class-6", "Class-7", "Class-8"]
lldp-remote-port-power-priority:
type: string
description: Indicates the power priority level assigned to the PD.
enum:
- low
- high
- critical
lldp-remote-port-pd-requested-power:
type: number
description: Power requested by the PD in watts (0.1W resolution possible). The values must be presented with real values like 25.5, 20.5 etc.
lldp-remote-port-pse-available-power:
type: number
description: Power that the PSE port is able to provide in watts (0.1W resolution).
lldp-remote-port-lag-info:
type: object
description: Provides information about the remote ports involvement in Link Aggregation Groups (LAG), if applicable.
@@ -129,4 +146,40 @@ items:
description: Shows whether Link Aggregation is enabled on the remote port.
lldp-remote-port-lag-port-id:
type: integer
description: Displays the identifier of the Link Aggregation Group (LAG) that the remote port belongs to.
description: Displays the identifier of the Link Aggregation Group (LAG) that the remote port belongs to.
lldp-remote-port-location:
type: object
description: Location information provided by LLDP-MED.
properties:
location-subtype:
type: string
description: Indicates the type of location information being conveyed.
enum:
- coordinate
- civic-address
- elin
civic-addr:
type: array
description: Civic address information consisting of CA-Type and CA-Value pairs as per LLDP-MED.
items:
type: object
properties:
ca-type:
type: integer
description: Civic Address Type identifier (e.g., 1 = Language, 3 = Country, 6 = A1 state/province, etc.)
ca-value:
type: string
description: Civic Address Value corresponding to the type.
coordinates:
type: object
description: Location coordinates information.
properties:
latitude:
type: string
description: Latitude in decimal degrees (e.g., +37.7749).
longitude:
type: string
description: Longitude in decimal degrees (e.g., -122.4194).
elin:
type: string
description: Emergency Location Identification Number (ELIN) assigned to endpoint location

104
state/state.yml
View File

@@ -60,6 +60,34 @@ properties:
type: string
description:
Current interface that serves as the Uplink. Example Ethernet2.
arp-inspect-stats:
type: object
description: Statistics related to ARP Inspection activity in the switch.
properties:
arp-pkt-rcvd:
type: integer
description: Total number of ARP packets received.
arp-pkt-dropped-rate-limit:
type: integer
description: Number of ARP packets dropped due to rate limiting.
arp-pkt-processed:
type: integer
description: Total number of ARP packets processed by ARP Inspection.
arp-pkt-dropped-src-mac:
type: integer
description: Number of ARP packets dropped due to source MAC address validation failures.
arp-pkt-dropped-dst-mac:
type: integer
description: Number of ARP packets dropped due to destination MAC address validation failures.
arp-pkt-dropped-ip:
type: integer
description: Number of ARP packets dropped due to IP address validation failures."
arp-pkt-dropped-acl:
type: integer
description: Number of ARP packets dropped due to ARP ACL rules.
arp-pkt-dropped-dhcp:
type: integer
description: Number of ARP packets dropped due to DHCP snooping validation failures.
ip-source-guard:
type: object
description: Represents the configuration and state of IP Source Guard.
@@ -85,4 +113,78 @@ properties:
maximum: 4095
blocked-interface:
type: string
description: The interface (e.g., port) where the blocked entry was detected.
description: The interface (e.g., port) where the blocked entry was detected.
stp:
description: Global status and configuration of the Spanning Tree Protocol (STP) across the switch.
Supports variants like STP, RSTP, MSTP. Includes bridge-wide parameters and protocol behavior.
type: object
properties:
enabled:
type: boolean
description: Whether STP is enabled globally on the switch.
mode:
type: string
description: Operational STP mode used across the switch.
enum:
- stp
- rstp
- mstp
- pvst
- rpvstp
transmission-limit:
type: integer
description: Maximum number of BPDUs that can be transmitted per hello time.
path-cost-method:
type: string
description: Indicates whether "Short" or "Long" path cost method is in use.
enum:
- short
- long
max-hops:
type: integer
description: Maximum hop count used in MSTP.
instances:
type: array
description: List of STP instances (e.g., MSTP instances).
items:
type: object
properties:
instance-id:
type: integer
description: Instance number (for MSTP or multiple-instance support).
vlans:
type: string
description: VLAN ranges associated with the STP instance.
example: "1-4094"
bridge-priority:
type: integer
description: Bridge priority value for STP election.
bridge-hello-time:
type: integer
description: Hello Time interval (in seconds) configured on the bridge.
bridge-max-age:
type: integer
description: Max Age value (in seconds) used for aging STP information.
bridge-forward-delay:
type: integer
description: Delay (in seconds) before transitioning port to forwarding state.
remaining-hops:
type: integer
description: Remaining hop count from the Root Bridge to this bridge.
root-bridge-id:
type: string
description: Bridge ID of the current Root Bridge.
root-port:
type: string
description: Local interface acting as Root Port.
example:
- Ëthernet1
root-cost:
type: integer
description: Cumulative cost to reach the Root Bridge.
topology-changes:
type: integer
description: Total number of topology changes detected.
last-topology-change-seconds:
type: integer
description: Time (in seconds) since the last topology change.

3
ucentral.capabilities.pretty.json
View File

@@ -310,6 +310,7 @@
"Spanning-Tree-Per-VLAN",
"Spanning-Tree-Per-VLAN-Rapid",
"Spanning-Tree-MSTP",
"BPDU-Guard",
"SVI-StaticIPv4",
"SVI-StaticIPv6",
"Interface-StaticIPv4",
@@ -342,6 +343,7 @@
"MAC-ACL",
"IP-ACL",
"Guest-VLAN",
"Storm-Control",
"Service-SSH",
"Service-RSSH",
"Service-Telnet",
@@ -361,6 +363,7 @@
"Service-Online-Check",
"Service-CaptivePortal",
"Service-PublicIpCheck",
"Service-Global-DNS",
"Tunneling-VxLAN",
"Tunneling-GRE",
"Tunneling-GRE6",

235
ucentral.schema.full.json
View File

@@ -589,6 +589,22 @@
}
}
},
"ip-arp-inspect-port": {
"type": "object",
"description": "Configuration for ARP Inspection on specific interfaces or ports in the switch.",
"properties": {
"rate-limit-pps": {
"type": "integer",
"description": "Sets a rate limit (packets per second) for the ARP packets received on a port. Ensures that the port does not process ARP packets beyond the configured limit.",
"minimum": 0,
"maximum": 65535
},
"trusted": {
"type": "boolean",
"description": "Configures the port as trusted, exempting it from ARP Inspection. Trusted ports bypass ARP validation checks."
}
}
},
"rate-limit-port": {
"type": "object",
"description": "Configuration for ingress and egress rate limiting on a specific port (in kbps)",
@@ -737,6 +753,50 @@
"maxLength": 32
}
}
},
"bpdu-guard": {
"description": "BPDU Guard configuration block. Enables protection against unexpected BPDUs on edge ports to prevent loops and rogue switch connections.",
"type": "object",
"properties": {
"enabled": {
"description": "When true, the port will be placed into an error-disabled state if any BPDU is received.",
"type": "boolean"
},
"auto-recovery-secs": {
"description": "Time in 'seconds' after which a port that was err-disabled due to BPDU Guard violation will be automatically re-enabled.",
"type": "integer",
"default": 300
}
}
},
"edge-port": {
"description": "When true, the port behaves as an STP Edge Port. When false, the port participates fully in STP and is treated as a normal switch port.",
"type": "boolean",
"default": false
},
"storm-control": {
"description": "Storm Control configuration per storm type. Allows enabling or disabling traffic storm control for broadcast, multicast, and unknown unicast packets, with independent packet-per-second (pps) thresholds. A limit-pps value of 0 implies the control is disabled for that traffic type.",
"type": "object",
"properties": {
"broadcast-pps": {
"type": "integer",
"minimum": 0,
"default": 0,
"description": "Maximum allowed broadcast packets per second. 0 disables broadcast storm control."
},
"multicast-pps": {
"type": "integer",
"minimum": 0,
"default": 0,
"description": "Maximum allowed multicast packets per second. 0 disables multicast storm control."
},
"unknown-unicast-pps": {
"type": "integer",
"minimum": 0,
"default": 0,
"description": "Maximum allowed unknown unicast packets per second. 0 disables unknown unicast storm control."
}
}
}
}
}
@@ -1229,7 +1289,7 @@
"description": "Configures the peer-link, which could be a physical port or a trunk group that connects the two MC-LAG peer switches.",
"type": "object",
"properties": {
"type": {
"link-type": {
"description": "Defines the type of peer-link, either 'port' or 'trunk-group'",
"type": "string",
"enum": [
@@ -1238,8 +1298,16 @@
],
"default": "trunk-group"
},
"value": {
"description": "Specifies the port or trunk-group ID for the peer-link.",
"port-id": {
"description": "Specifies the physical port name used as peer-link (only valid if type = port).",
"type": "string",
"examples": [
"Ethernet1",
"Ethernet2"
]
},
"trunk-id": {
"description": "Specifies the trunk group ID used as peer-link (only valid if type = trunk-group).",
"type": "integer",
"minimum": 1,
"maximum": 64
@@ -1247,53 +1315,56 @@
}
},
"mclag-group": {
"description": "Configures the MC-LAG group, which binds the interfaces into a multi-chassis LAG.",
"type": "object",
"properties": {
"group-id": {
"description": "Defines the unique MC-LAG group identifier.",
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"description": "List of interfaces that participate in the MC-LAG group.",
"type": "array",
"items": {
"type": "string",
"description": "Interface names that are part of the MC-LAG group.",
"examples": [
"eth0",
"eth1"
]
}
},
"lacp-config": {
"description": "LACP configuration settings for the MC-LAG group.",
"type": "object",
"properties": {
"lacp-enable": {
"description": "Enables or disables LACP for the MC-LAG group.",
"type": "boolean",
"default": true
},
"lacp-role": {
"description": "Configures the LACP role as 'actor' or 'partner'",
"description": "Configures the MC-LAG group(s), which binds the interfaces into a multi-chassis LAG.",
"type": "array",
"items": {
"type": "object",
"properties": {
"group-id": {
"description": "Defines the unique MC-LAG group identifier.",
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"description": "List of interfaces that participate in the MC-LAG group.",
"type": "array",
"items": {
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"description": "Sets the LACP timeout as either 'short' or 'long'.",
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
"description": "Interface names that are part of the MC-LAG group.",
"examples": [
"Ethernet0",
"Ethernet1"
]
}
},
"lacp-config": {
"description": "LACP configuration settings for the MC-LAG group.",
"type": "object",
"properties": {
"lacp-enable": {
"description": "Enables or disables LACP for the MC-LAG group.",
"type": "boolean",
"default": true
},
"lacp-role": {
"description": "Configures the LACP role as 'actor' or 'partner'",
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"description": "Sets the LACP timeout as either 'short' or 'long'.",
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
}
}
}
}
@@ -1363,6 +1434,33 @@
}
}
},
"arp-inspect": {
"type": "object",
"description": "Global configuration for ARP Inspection on the switch.",
"properties": {
"ip-arp-inspect": {
"type": "boolean",
"description": "Enable or disable ARP Inspection globally.",
"default": false
},
"validate-dst-mac": {
"type": "boolean",
"description": "Validate that the destination MAC address in the Ethernet header matches the target MAC address in the ARP body for ARP responses."
},
"validate-ip": {
"type": "boolean",
"description": "Validate ARP packets for unexpected or invalid IP addresses, such as 0.0.0.0, 255.255.255.255, and IP multicast addresses."
},
"validate-allow-zeros": {
"type": "boolean",
"description": "Allow ARP packets where the sender IP address is 0.0.0.0."
},
"validate-src-mac": {
"type": "boolean",
"description": "Validate that the source MAC address in the Ethernet header matches the sender MAC address in the ARP body for both ARP requests and responses."
}
}
},
"ip-source-guard": {
"type": "object",
"description": "Configuration for IP Source Guard global static bindings in a Layer 2 switch.",
@@ -1760,6 +1858,13 @@
}
}
}
},
"dns": {
"description": "Define a global list of dns servers.",
"type": "array",
"items": {
"type": "string"
}
}
}
},
@@ -1830,7 +1935,17 @@
"id": {
"description": "This is the pvid of the vlan that shall be assigned to the interface. The individual physical network devices contained within the interface need to be told explicitly if egress traffic shall be tagged.",
"type": "integer",
"maximum": 4050
"maximum": 4094
},
"range-start": {
"decription": "Start vlan-id of the specified range",
"type": "integer",
"maximum": 4094
},
"range-end": {
"decription": "End vlan-id of the specified range",
"type": "integer",
"maximum": 4094
},
"proto": {
"decription": "The L2 vlan tag that shall be added (1q,1ad)",
@@ -2168,6 +2283,26 @@
"type": "boolean",
"default": false
},
"ip-arp-inspect-vlan": {
"type": "object",
"description": "Configuration for ARP Inspection on specific VLANs in the switch.",
"properties": {
"vlan-enable": {
"type": "boolean",
"description": "Enable or disable ARP Inspection for a specified VLAN."
},
"vlan-acl-rule": {
"type": "string",
"description": "Specifies an ARP ACL to apply to one or more VLANs.",
"maxLength": 32,
"minLength": 1
},
"vlan-acl-nodhcp-bindings": {
"type": "boolean",
"description": "Validate ARP packets against only the specified ACL without checking address bindings in the DHCP snooping database."
}
}
},
"dhcp": {
"description": "This section describes the DHCP server configuration",
"type": "object",

200
ucentral.schema.json
View File

@@ -529,6 +529,19 @@
}
}
},
"ip-arp-inspect-port": {
"type": "object",
"properties": {
"rate-limit-pps": {
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"trusted": {
"type": "boolean"
}
}
},
"rate-limit-port": {
"type": "object",
"properties": {
@@ -655,6 +668,63 @@
"maxLength": 32
}
}
},
"bpdu-guard": {
"type": "object",
"properties": {
"enabled": {
"type": "boolean"
},
"auto-recovery-secs": {
"type": "integer",
"default": 300
}
}
},
"edge-port": {
"type": "boolean",
"default": false
},
"storm-control": {
"type": "object",
"properties": {
"broadcast-pps": {
"type": "integer",
"minimum": 0,
"default": 0
},
"multicast-pps": {
"type": "integer",
"minimum": 0,
"default": 0
},
"unknown-unicast-pps": {
"type": "integer",
"minimum": 0,
"default": 0
}
}
}
}
},
"switch.arp-inspect": {
"type": "object",
"properties": {
"ip-arp-inspect": {
"type": "boolean",
"default": false
},
"validate-dst-mac": {
"type": "boolean"
},
"validate-ip": {
"type": "boolean"
},
"validate-allow-zeros": {
"type": "boolean"
},
"validate-src-mac": {
"type": "boolean"
}
}
},
@@ -1404,7 +1474,7 @@
"peer-link": {
"type": "object",
"properties": {
"type": {
"link-type": {
"type": "string",
"enum": [
"port",
@@ -1412,7 +1482,14 @@
],
"default": "trunk-group"
},
"value": {
"port-id": {
"type": "string",
"examples": [
"Ethernet1",
"Ethernet2"
]
},
"trunk-id": {
"type": "integer",
"minimum": 1,
"maximum": 64
@@ -1420,45 +1497,48 @@
}
},
"mclag-group": {
"type": "object",
"properties": {
"group-id": {
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"type": "array",
"items": {
"type": "string",
"examples": [
"eth0",
"eth1"
]
}
},
"lacp-config": {
"type": "object",
"properties": {
"lacp-enable": {
"type": "boolean",
"default": true
},
"lacp-role": {
"type": "array",
"items": {
"type": "object",
"properties": {
"group-id": {
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"type": "array",
"items": {
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
"examples": [
"Ethernet0",
"Ethernet1"
]
}
},
"lacp-config": {
"type": "object",
"properties": {
"lacp-enable": {
"type": "boolean",
"default": true
},
"lacp-role": {
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
}
}
}
}
@@ -1519,6 +1599,9 @@
}
}
},
"arp-inspect": {
"$ref": "#/$defs/switch.arp-inspect"
},
"ip-source-guard": {
"$ref": "#/$defs/switch.ip-source-guard"
},
@@ -1527,6 +1610,12 @@
},
"acl": {
"$ref": "#/$defs/switch.acl"
},
"dns": {
"type": "array",
"items": {
"type": "string"
}
}
}
},
@@ -1535,7 +1624,17 @@
"properties": {
"id": {
"type": "integer",
"maximum": 4050
"maximum": 4094
},
"range-start": {
"decription": "Start vlan-id of the specified range",
"type": "integer",
"maximum": 4094
},
"range-end": {
"decription": "End vlan-id of the specified range",
"type": "integer",
"maximum": 4094
},
"proto": {
"decription": "The L2 vlan tag that shall be added (1q,1ad)",
@@ -1624,6 +1723,22 @@
}
}
},
"interface.ipv4.arp-inspect": {
"type": "object",
"properties": {
"vlan-enable": {
"type": "boolean"
},
"vlan-acl-rule": {
"type": "string",
"maxLength": 32,
"minLength": 1
},
"vlan-acl-nodhcp-bindings": {
"type": "boolean"
}
}
},
"interface.ipv4.dhcp": {
"type": "object",
"properties": {
@@ -1928,6 +2043,9 @@
"type": "boolean",
"default": false
},
"ip-arp-inspect-vlan": {
"$ref": "#/$defs/interface.ipv4.arp-inspect"
},
"dhcp": {
"$ref": "#/$defs/interface.ipv4.dhcp"
},

241
ucentral.schema.pretty.json
View File

@@ -623,6 +623,22 @@
}
}
},
"ip-arp-inspect-port": {
"type": "object",
"description": "Configuration for ARP Inspection on specific interfaces or ports in the switch.",
"properties": {
"rate-limit-pps": {
"type": "integer",
"description": "Sets a rate limit (packets per second) for the ARP packets received on a port. Ensures that the port does not process ARP packets beyond the configured limit.",
"minimum": 0,
"maximum": 65535
},
"trusted": {
"type": "boolean",
"description": "Configures the port as trusted, exempting it from ARP Inspection. Trusted ports bypass ARP validation checks."
}
}
},
"rate-limit-port": {
"type": "object",
"description": "Configuration for ingress and egress rate limiting on a specific port (in kbps)",
@@ -771,6 +787,77 @@
"maxLength": 32
}
}
},
"bpdu-guard": {
"description": "BPDU Guard configuration block. Enables protection against unexpected BPDUs on edge ports to prevent loops and rogue switch connections.",
"type": "object",
"properties": {
"enabled": {
"description": "When true, the port will be placed into an error-disabled state if any BPDU is received.",
"type": "boolean"
},
"auto-recovery-secs": {
"description": "Time in 'seconds' after which a port that was err-disabled due to BPDU Guard violation will be automatically re-enabled.",
"type": "integer",
"default": 300
}
}
},
"edge-port": {
"description": "When true, the port behaves as an STP Edge Port. When false, the port participates fully in STP and is treated as a normal switch port.",
"type": "boolean",
"default": false
},
"storm-control": {
"description": "Storm Control configuration per storm type. Allows enabling or disabling traffic storm control for broadcast, multicast, and unknown unicast packets, with independent packet-per-second (pps) thresholds. A limit-pps value of 0 implies the control is disabled for that traffic type.",
"type": "object",
"properties": {
"broadcast-pps": {
"type": "integer",
"minimum": 0,
"default": 0,
"description": "Maximum allowed broadcast packets per second. 0 disables broadcast storm control."
},
"multicast-pps": {
"type": "integer",
"minimum": 0,
"default": 0,
"description": "Maximum allowed multicast packets per second. 0 disables multicast storm control."
},
"unknown-unicast-pps": {
"type": "integer",
"minimum": 0,
"default": 0,
"description": "Maximum allowed unknown unicast packets per second. 0 disables unknown unicast storm control."
}
}
}
}
},
"switch.arp-inspect": {
"type": "object",
"description": "Global configuration for ARP Inspection on the switch.",
"properties": {
"ip-arp-inspect": {
"type": "boolean",
"description": "Enable or disable ARP Inspection globally.",
"default": false
},
"validate-dst-mac": {
"type": "boolean",
"description": "Validate that the destination MAC address in the Ethernet header matches the target MAC address in the ARP body for ARP responses."
},
"validate-ip": {
"type": "boolean",
"description": "Validate ARP packets for unexpected or invalid IP addresses, such as 0.0.0.0, 255.255.255.255, and IP multicast addresses."
},
"validate-allow-zeros": {
"type": "boolean",
"description": "Allow ARP packets where the sender IP address is 0.0.0.0."
},
"validate-src-mac": {
"type": "boolean",
"description": "Validate that the source MAC address in the Ethernet header matches the sender MAC address in the ARP body for both ARP requests and responses."
}
}
},
@@ -1660,7 +1747,7 @@
"description": "Configures the peer-link, which could be a physical port or a trunk group that connects the two MC-LAG peer switches.",
"type": "object",
"properties": {
"type": {
"link-type": {
"description": "Defines the type of peer-link, either 'port' or 'trunk-group'",
"type": "string",
"enum": [
@@ -1669,8 +1756,16 @@
],
"default": "trunk-group"
},
"value": {
"description": "Specifies the port or trunk-group ID for the peer-link.",
"port-id": {
"description": "Specifies the physical port name used as peer-link (only valid if type = port).",
"type": "string",
"examples": [
"Ethernet1",
"Ethernet2"
]
},
"trunk-id": {
"description": "Specifies the trunk group ID used as peer-link (only valid if type = trunk-group).",
"type": "integer",
"minimum": 1,
"maximum": 64
@@ -1678,53 +1773,56 @@
}
},
"mclag-group": {
"description": "Configures the MC-LAG group, which binds the interfaces into a multi-chassis LAG.",
"type": "object",
"properties": {
"group-id": {
"description": "Defines the unique MC-LAG group identifier.",
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"description": "List of interfaces that participate in the MC-LAG group.",
"type": "array",
"items": {
"type": "string",
"description": "Interface names that are part of the MC-LAG group.",
"examples": [
"eth0",
"eth1"
]
}
},
"lacp-config": {
"description": "LACP configuration settings for the MC-LAG group.",
"type": "object",
"properties": {
"lacp-enable": {
"description": "Enables or disables LACP for the MC-LAG group.",
"type": "boolean",
"default": true
},
"lacp-role": {
"description": "Configures the LACP role as 'actor' or 'partner'",
"description": "Configures the MC-LAG group(s), which binds the interfaces into a multi-chassis LAG.",
"type": "array",
"items": {
"type": "object",
"properties": {
"group-id": {
"description": "Defines the unique MC-LAG group identifier.",
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"description": "List of interfaces that participate in the MC-LAG group.",
"type": "array",
"items": {
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"description": "Sets the LACP timeout as either 'short' or 'long'.",
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
"description": "Interface names that are part of the MC-LAG group.",
"examples": [
"Ethernet0",
"Ethernet1"
]
}
},
"lacp-config": {
"description": "LACP configuration settings for the MC-LAG group.",
"type": "object",
"properties": {
"lacp-enable": {
"description": "Enables or disables LACP for the MC-LAG group.",
"type": "boolean",
"default": true
},
"lacp-role": {
"description": "Configures the LACP role as 'actor' or 'partner'",
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"description": "Sets the LACP timeout as either 'short' or 'long'.",
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
}
}
}
}
@@ -1794,6 +1892,9 @@
}
}
},
"arp-inspect": {
"$ref": "#/$defs/switch.arp-inspect"
},
"ip-source-guard": {
"$ref": "#/$defs/switch.ip-source-guard"
},
@@ -1802,6 +1903,13 @@
},
"acl": {
"$ref": "#/$defs/switch.acl"
},
"dns": {
"description": "Define a global list of dns servers.",
"type": "array",
"items": {
"type": "string"
}
}
}
},
@@ -1812,7 +1920,17 @@
"id": {
"description": "This is the pvid of the vlan that shall be assigned to the interface. The individual physical network devices contained within the interface need to be told explicitly if egress traffic shall be tagged.",
"type": "integer",
"maximum": 4050
"maximum": 4094
},
"range-start": {
"decription": "Start vlan-id of the specified range",
"type": "integer",
"maximum": 4094
},
"range-end": {
"decription": "End vlan-id of the specified range",
"type": "integer",
"maximum": 4094
},
"proto": {
"decription": "The L2 vlan tag that shall be added (1q,1ad)",
@@ -1913,6 +2031,26 @@
}
}
},
"interface.ipv4.arp-inspect": {
"type": "object",
"description": "Configuration for ARP Inspection on specific VLANs in the switch.",
"properties": {
"vlan-enable": {
"type": "boolean",
"description": "Enable or disable ARP Inspection for a specified VLAN."
},
"vlan-acl-rule": {
"type": "string",
"description": "Specifies an ARP ACL to apply to one or more VLANs.",
"maxLength": 32,
"minLength": 1
},
"vlan-acl-nodhcp-bindings": {
"type": "boolean",
"description": "Validate ARP packets against only the specified ACL without checking address bindings in the DHCP snooping database."
}
}
},
"interface.ipv4.dhcp": {
"description": "This section describes the DHCP server configuration",
"type": "object",
@@ -2264,6 +2402,9 @@
"type": "boolean",
"default": false
},
"ip-arp-inspect-vlan": {
"$ref": "#/$defs/interface.ipv4.arp-inspect"
},
"dhcp": {
"$ref": "#/$defs/interface.ipv4.dhcp"
},

333
ucentral.state.pretty.json
View File

@@ -86,6 +86,44 @@
"type": "string",
"description": "Current interface that serves as the Uplink. Example Ethernet2."
},
"arp-inspect-stats": {
"type": "object",
"description": "Statistics related to ARP Inspection activity in the switch.",
"properties": {
"arp-pkt-rcvd": {
"type": "integer",
"description": "Total number of ARP packets received."
},
"arp-pkt-dropped-rate-limit": {
"type": "integer",
"description": "Number of ARP packets dropped due to rate limiting."
},
"arp-pkt-processed": {
"type": "integer",
"description": "Total number of ARP packets processed by ARP Inspection."
},
"arp-pkt-dropped-src-mac": {
"type": "integer",
"description": "Number of ARP packets dropped due to source MAC address validation failures."
},
"arp-pkt-dropped-dst-mac": {
"type": "integer",
"description": "Number of ARP packets dropped due to destination MAC address validation failures."
},
"arp-pkt-dropped-ip": {
"type": "integer",
"description": "Number of ARP packets dropped due to IP address validation failures.\""
},
"arp-pkt-dropped-acl": {
"type": "integer",
"description": "Number of ARP packets dropped due to ARP ACL rules."
},
"arp-pkt-dropped-dhcp": {
"type": "integer",
"description": "Number of ARP packets dropped due to DHCP snooping validation failures."
}
}
},
"ip-source-guard": {
"type": "object",
"description": "Represents the configuration and state of IP Source Guard.",
@@ -120,6 +158,104 @@
}
}
}
},
"stp": {
"description": "Global status and configuration of the Spanning Tree Protocol (STP) across the switch. Supports variants like STP, RSTP, MSTP. Includes bridge-wide parameters and protocol behavior.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whether STP is enabled globally on the switch."
},
"mode": {
"type": "string",
"description": "Operational STP mode used across the switch.",
"enum": [
"stp",
"rstp",
"mstp",
"pvst",
"rpvstp"
]
},
"transmission-limit": {
"type": "integer",
"description": "Maximum number of BPDUs that can be transmitted per hello time."
},
"path-cost-method": {
"type": "string",
"description": "Indicates whether \"Short\" or \"Long\" path cost method is in use.",
"enum": [
"short",
"long"
]
},
"max-hops": {
"type": "integer",
"description": "Maximum hop count used in MSTP."
},
"instances": {
"type": "array",
"description": "List of STP instances (e.g., MSTP instances).",
"items": {
"type": "object",
"properties": {
"instance-id": {
"type": "integer",
"description": "Instance number (for MSTP or multiple-instance support)."
}
},
"vlans": {
"type": "string",
"description": "VLAN ranges associated with the STP instance.",
"example": "1-4094"
},
"bridge-priority": {
"type": "integer",
"description": "Bridge priority value for STP election."
},
"bridge-hello-time": {
"type": "integer",
"description": "Hello Time interval (in seconds) configured on the bridge."
},
"bridge-max-age": {
"type": "integer",
"description": "Max Age value (in seconds) used for aging STP information."
},
"bridge-forward-delay": {
"type": "integer",
"description": "Delay (in seconds) before transitioning port to forwarding state."
},
"remaining-hops": {
"type": "integer",
"description": "Remaining hop count from the Root Bridge to this bridge."
},
"root-bridge-id": {
"type": "string",
"description": "Bridge ID of the current Root Bridge."
},
"root-port": {
"type": "string",
"description": "Local interface acting as Root Port.",
"example": [
"\u00cbthernet1"
]
},
"root-cost": {
"type": "integer",
"description": "Cumulative cost to reach the Root Bridge."
},
"topology-changes": {
"type": "integer",
"description": "Total number of topology changes detected."
},
"last-topology-change-seconds": {
"type": "integer",
"description": "Time (in seconds) since the last topology change."
}
}
}
}
}
},
"$defs": {
@@ -486,6 +622,11 @@
"type": "string",
"description": "The administrative name of this logical interface. This field is freetext"
},
"vlan_id": {
"description": "VLAN-ID of the logical interface",
"type": "integer",
"maximum": 4094
},
"ntp_server": {
"type": "string",
"description": "The upstream NTP server being used by this interface."
@@ -768,6 +909,11 @@
"description": "Provides a textual description of the remote port, typically describing the interface or its purpose.",
"example": "Ethernet Port on unit 1, port 2"
},
"lldp-remote-sys-name": {
"type": "string",
"description": "Provides a textual description of the system name string (as defined by the sending device)",
"example": "Datacenter Switch-1"
},
"lldp-remote-port-max-mtu": {
"type": "string",
"description": "Displays the maximum transmission unit (MTU) size that the remote port supports, indicating the largest packet size the port can handle."
@@ -873,6 +1019,23 @@
"Class-7",
"Class-8"
]
},
"lldp-remote-port-power-priority": {
"type": "string",
"description": "Indicates the power priority level assigned to the PD.",
"enum": [
"low",
"high",
"critical"
]
},
"lldp-remote-port-pd-requested-power": {
"type": "number",
"description": "Power requested by the PD in watts (0.1W resolution possible). The values must be presented with real values like 25.5, 20.5 etc."
},
"lldp-remote-port-pse-available-power": {
"type": "number",
"description": "Power that the PSE port is able to provide in watts (0.1W resolution)."
}
}
},
@@ -893,6 +1056,56 @@
"description": "Displays the identifier of the Link Aggregation Group (LAG) that the remote port belongs to."
}
}
},
"lldp-remote-port-location": {
"type": "object",
"description": "Location information provided by LLDP-MED.",
"properties": {
"location-subtype": {
"type": "string",
"description": "Indicates the type of location information being conveyed.",
"enum": [
"coordinate",
"civic-address",
"elin"
]
},
"civic-addr": {
"type": "array",
"description": "Civic address information consisting of CA-Type and CA-Value pairs as per LLDP-MED.",
"items": {
"type": "object",
"properties": {
"ca-type": {
"type": "integer",
"description": "Civic Address Type identifier (e.g., 1 = Language, 3 = Country, 6 = A1 state/province, etc.)"
},
"ca-value": {
"type": "string",
"description": "Civic Address Value corresponding to the type."
}
}
}
},
"coordinates": {
"type": "object",
"description": "Location coordinates information.",
"properties": {
"latitude": {
"type": "string",
"description": "Latitude in decimal degrees (e.g., +37.7749)."
},
"longitude": {
"type": "string",
"description": "Longitude in decimal degrees (e.g., -122.4194)."
}
}
},
"elin": {
"type": "string",
"description": "Emergency Location Identification Number (ELIN) assigned to endpoint location"
}
}
}
}
}
@@ -1116,6 +1329,126 @@
"type": "number"
}
}
},
"loop-detect-protocol": {
"description": "Status and protocol information for loop detection or prevention mechanisms active on this interface. Includes STP/xSTP/MSTP, Loopback Detection (LBD), etc.",
"type": "object",
"properties": {
"stp": {
"description": "Spanning Tree Protocol (IEEE 802.1D/RSTP/MSTP) state on the port.",
"type": "object",
"properties": {
"protocol": {
"type": "string",
"description": "Variant of STP running (e.g., STP, RSTP, MSTP, RPVST+).",
"examples": [
"RSTP",
"MSTP"
]
},
"state": {
"type": "string",
"description": "STP state of the port.",
"enum": [
"disabled",
"blocking",
"listening",
"learning",
"forwarding"
]
},
"role": {
"type": "string",
"description": "Role of the port in STP topology.",
"enum": [
"root",
"designated",
"alternate",
"backup",
"disabled"
]
},
"bridge-id": {
"type": "string",
"description": "STP Bridge ID"
},
"root-bridge-id": {
"type": "string",
"description": "STP Root Bridge ID for the instance."
},
"oper-edge-port": {
"type": "boolean",
"description": "Whether the port is operating as an edge port (no BPDU expected)."
},
"cost": {
"type": "integer",
"description": "Operational path cost of the port."
},
"designated-cost": {
"type": "integer",
"description": "Cost advertised by the designated port."
},
"transitions": {
"type": "integer",
"description": "Number of STP state transitions (forwarding/discarding) on this port."
},
"bpdu-guard": {
"type": "string",
"description": "Runtime status of BPDU Guard on the port, when it detects any issue. - `errdisabled`- Port is shutdown due to BPDU violation. - `recovering`- Temporarily disabled and in auto-recovery interval.",
"enum": [
"errdisabled",
"recovering"
]
}
}
},
"lbd": {
"description": "Loopback Detection (LBD) status on this port.",
"type": "object",
"properties": {
"enabled": {
"type": "boolean",
"description": "Whether LBD is enabled on this port."
},
"state": {
"type": "string",
"description": "Current loop detection status.",
"enum": [
"no_loop",
"loop_detected",
"disabled"
]
},
"action": {
"type": "string",
"description": "Action taken when loop is detected (e.g., block, shutdown).",
"enum": [
"none",
"block",
"shutdown"
]
}
}
}
}
},
"storm-status": {
"description": "Runtime status of Storm Control feature on the port for each storm type.",
"type": "object",
"properties": {
"broadcast": {
"type": "boolean",
"description": "Runtime status of Broadcast Storm Control on the port. Return `true`if Storm condition is detected."
},
"multicast": {
"type": "boolean",
"description": "Runtime status of Multicast Storm Control on the port. Return `true`if Storm condition is detected."
},
"unknown-unicast": {
"type": "boolean",
"description": "Runtime status of Unknown Unicast Storm Control on the port. Return `true`if Storm condition is detected."
}
}
}
}
},