scottk/ols-ucentral-schema
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/ols-ucentral-schema.git synced 2025-10-29 17:22:23 +00:00
Code Issues Packages Projects Releases 3 Wiki Activity

Compare commits

base: scottk:correct-storm-control-indentation
Branches Tags
scottk:main scottk:OLS-849-add-xSTP-parameters scottk:OLS-848-Schema-Intrusion-detection scottk:OLS-838-Update-OLS-Schema-version-to-4.2.0 scottk:correct-storm-control-indentation scottk:ols-821-mclag-schema-correction scottk:fix/fix_invalid_schema scottk:ols-688-bpdu-guard scottk:ols-822-lldp-peers-statemessage-enhancements scottk:OLS_UpdateSchemaVersion_410 scottk:ols-659-simplify-vlan-config scottk:staging-OLS-644-global-dns scottk:OLS-578-Tag-ols-ucentral-client-and-ols-ucentral-schema-4.0.0-pre-release scottk:Sprint-8-OLS-ARP-Inspect-Schema scottk:Sprint-8-OLS---Rate-Limiting-schema scottk:OLS-556-Sprint-8-IPSourceGuard scottk:OLS-556-Sprint-8-SubcribeRTEvents scottk:OLS-550_Schema_Corrections_Pre4p0_Features scottk:OLS-562-Add-schema-version-to-ols-ucentral-schema scottk:OLS-545-Removal-of-AP-specific-schema-elements-from-ols-ucentral-schema scottk:OLS-538_port_speed_enum_fix_40g scottk:OLS-425_sprint6_schema scottk:OLS_390_Move_uplink_interface_definition_to_state.yml_Add_version_connect.capabilities scottk:OLS-390-Move-uplink_interface-definition-to-state.yml-add-version-to-connect.capabilities scottk:OLS_319_sprint4_schema scottk:OLS-295_capabilities_add_lacp_linkAggregation_jumboFrames scottk:link_aggregation scottk:change_port_mirror_type_to_array scottk:lacp scottk:jumbo_frames scottk:OLS-229-generate-json-file-for-capabilities-connect.capabilities.yml scottk:OLS-228-delta_counters scottk:secure_http_server scottk:fix_loop_detection_schema_instances_indentation scottk:change_vrf_id_to_integer scottk:schema_fixes_and_updates scottk:default-values-for-schema/ethernet.yml-speed-and-duplex scottk:next scottk:1-incorrect-indentation-for-statelink-stateyml
scottk:v4.1.0-rc1 scottk:v4.0.0 scottk:v4.0.0-rc1 scottk:v3.2.7
...
compare: scottk:OLS-848-Schema-Intrusion-detection
Branches Tags
scottk:OLS-849-add-xSTP-parameters scottk:OLS-848-Schema-Intrusion-detection scottk:OLS-838-Update-OLS-Schema-version-to-4.2.0 scottk:main scottk:correct-storm-control-indentation scottk:ols-821-mclag-schema-correction scottk:fix/fix_invalid_schema scottk:ols-688-bpdu-guard scottk:ols-822-lldp-peers-statemessage-enhancements scottk:OLS_UpdateSchemaVersion_410 scottk:ols-659-simplify-vlan-config scottk:staging-OLS-644-global-dns scottk:OLS-578-Tag-ols-ucentral-client-and-ols-ucentral-schema-4.0.0-pre-release scottk:Sprint-8-OLS-ARP-Inspect-Schema scottk:Sprint-8-OLS---Rate-Limiting-schema scottk:OLS-556-Sprint-8-IPSourceGuard scottk:OLS-556-Sprint-8-SubcribeRTEvents scottk:OLS-550_Schema_Corrections_Pre4p0_Features scottk:OLS-562-Add-schema-version-to-ols-ucentral-schema scottk:OLS-545-Removal-of-AP-specific-schema-elements-from-ols-ucentral-schema scottk:OLS-538_port_speed_enum_fix_40g scottk:OLS-425_sprint6_schema scottk:OLS_390_Move_uplink_interface_definition_to_state.yml_Add_version_connect.capabilities scottk:OLS-390-Move-uplink_interface-definition-to-state.yml-add-version-to-connect.capabilities scottk:OLS_319_sprint4_schema scottk:OLS-295_capabilities_add_lacp_linkAggregation_jumboFrames scottk:link_aggregation scottk:change_port_mirror_type_to_array scottk:lacp scottk:jumbo_frames scottk:OLS-229-generate-json-file-for-capabilities-connect.capabilities.yml scottk:OLS-228-delta_counters scottk:secure_http_server scottk:fix_loop_detection_schema_instances_indentation scottk:change_vrf_id_to_integer scottk:schema_fixes_and_updates scottk:default-values-for-schema/ethernet.yml-speed-and-duplex scottk:next scottk:1-incorrect-indentation-for-statelink-stateyml
scottk:v4.1.0-rc1 scottk:v4.0.0 scottk:v4.0.0-rc1 scottk:v3.2.7

7 Commits
correct-st ... OLS-848-Sc

Author SHA1 Message Date
Binny
2711412306 ols-848-comments-addressed 2025-10-29 09:44:19 +00:00
Binny
f11d7d8181 ols-848-intrusiondetection-draft-changes 2025-10-08 11:47:20 +00:00
Binny
02f749cc11 Merge pull request #46 from Telecominfraproject/ols-821-mclag-schema-correction 
ols-821-mclag-schema-correcttion-draft Changes
 2025-10-07 12:06:22 +05:30
Mike Hansen
5b00327adc Merge pull request #50 from Telecominfraproject/correct-storm-control-indentation 
Fix indentation for storm-control configuration.
 2025-09-24 12:29:33 -04:00
Binny
c3073a9a45 ols-821-mclag-schema-final-draft 2025-09-16 06:10:50 +00:00
Binny
05849922ed ols-821-mclag-corrections-rev2 2025-08-22 15:19:46 +00:00
Binny
598af29d51 ols-821-mclag-schema-correcttion-draft 2025-08-18 13:38:01 +00:00
8 changed files with 358 additions and 181 deletions
Expand all files Collapse all files

1
capabilities/connect.capabilities.yml
View File

@@ -282,6 +282,7 @@ properties:
- IP-ACL
- Guest-VLAN
- Storm-Control
- Access-Lockout
# Services
- Service-SSH
- Service-RSSH

104
schema/switch.yml
View File

@@ -439,58 +439,66 @@ properties:
description: Configures the peer-link, which could be a physical port or a trunk group that connects the two MC-LAG peer switches.
type: object
properties:
type:
link-type:
description: Defines the type of peer-link, either 'port' or 'trunk-group'
type: string
enum:
- port
- trunk-group
default: trunk-group
value:
description: Specifies the port or trunk-group ID for the peer-link.
port-id:
description: Specifies the physical port name used as peer-link (only valid if type = port).
type: string
examples:
- "Ethernet1"
- "Ethernet2"
trunk-id:
description: Specifies the trunk group ID used as peer-link (only valid if type = trunk-group).
type: integer
minimum: 1
maximum: 64
mclag-group:
description: Configures the MC-LAG group, which binds the interfaces into a multi-chassis LAG.
type: object
properties:
group-id:
description: Defines the unique MC-LAG group identifier.
type: integer
minimum: 1
maximum: 128
members:
description: List of interfaces that participate in the MC-LAG group.
type: array
items:
type: string
description: Interface names that are part of the MC-LAG group.
examples:
- eth0
- eth1
lacp-config:
description: LACP configuration settings for the MC-LAG group.
type: object
properties:
lacp-enable:
description: Enables or disables LACP for the MC-LAG group.
type: boolean
default: true
lacp-role:
description: Configures the LACP role as 'actor' or 'partner'
description: Configures the MC-LAG group(s), which binds the interfaces into a multi-chassis LAG.
type: array
items:
type: object
properties:
group-id:
description: Defines the unique MC-LAG group identifier.
type: integer
minimum: 1
maximum: 128
members:
description: List of interfaces that participate in the MC-LAG group.
type: array
items:
type: string
enum:
- actor
- partner
default: actor
lacp-timeout:
description: Sets the LACP timeout as either 'short' or 'long'.
type: string
enum:
- short
- long
default: long
description: Interface names that are part of the MC-LAG group.
examples:
- Ethernet0
- Ethernet1
lacp-config:
description: LACP configuration settings for the MC-LAG group.
type: object
properties:
lacp-enable:
description: Enables or disables LACP for the MC-LAG group.
type: boolean
default: true
lacp-role:
description: Configures the LACP role as 'actor' or 'partner'
type: string
enum:
- actor
- partner
default: actor
lacp-timeout:
description: Sets the LACP timeout as either 'short' or 'long'.
type: string
enum:
- short
- long
default: long
system-priority:
description: Specifies the system priority used by the switch for LACP negotiations.
type: integer
@@ -537,6 +545,18 @@ properties:
minLength: 1
examples:
- "A VoIP Phone"
intrusion-detection-access-lockout:
description: Enables protection against unauthorized login attempts by locking user access
after a specified number of failed authentication attempts within a defined period.
type: object
properties:
lockout-attempt-count:
description: Number of consecutive failed login attempts allowed before the user account is locked.
type: integer
minimum: 1
lockout-period-seconds:
description: Duration (in seconds) for which the user account remains locked after exceeding the failed attempt threshold.
type: integer
arp-inspect:
$ref: "https://ucentral.io/schema/v1/switch/arp-inspect/"
ip-source-guard:
@@ -549,4 +569,4 @@ properties:
description: Define a global list of dns servers.
type: array
items:
type: string
type: string

36
state/state.yml
View File

@@ -187,4 +187,38 @@ properties:
description: Total number of topology changes detected.
last-topology-change-seconds:
type: integer
description: Time (in seconds) since the last topology change.
description: Time (in seconds) since the last topology change.
access-lockout:
type: object
description: Represents the operational state and statistics of the Intrusion Detection and Access Lockout feature.
properties:
user-sessions:
type: array
description: Displays a list of user sessions being tracked for failed login attempts.
items:
type: object
properties:
username:
type: string
description: The username associated with the login attempts being tracked.
source-ip:
type: string
description: The IP address from which the login attempts originated.
failed-attempts:
type: integer
description: The number of consecutive failed login attempts recorded for this user session.
status:
type: string
description: Indicates whether the user account is currently locked or active.
enum:
- active
- locked
last-failed-attempt-time:
type: integer
description: UNIX timestamp (in seconds) of the most recent failed login attempt.
lockout-start-time:
type: integer
description: UNIX timestamp (in seconds) when the user account was locked.
lockout-expiry-time:
type: integer
description: UNIX timestamp (in seconds) when the lockout period will end and access will be restored.

1
ucentral.capabilities.pretty.json
View File

@@ -344,6 +344,7 @@
"IP-ACL",
"Guest-VLAN",
"Storm-Control",
"Access-Lockout",
"Service-SSH",
"Service-RSSH",
"Service-Telnet",

124
ucentral.schema.full.json
View File

@@ -1289,7 +1289,7 @@
"description": "Configures the peer-link, which could be a physical port or a trunk group that connects the two MC-LAG peer switches.",
"type": "object",
"properties": {
"type": {
"link-type": {
"description": "Defines the type of peer-link, either 'port' or 'trunk-group'",
"type": "string",
"enum": [
@@ -1298,8 +1298,16 @@
],
"default": "trunk-group"
},
"value": {
"description": "Specifies the port or trunk-group ID for the peer-link.",
"port-id": {
"description": "Specifies the physical port name used as peer-link (only valid if type = port).",
"type": "string",
"examples": [
"Ethernet1",
"Ethernet2"
]
},
"trunk-id": {
"description": "Specifies the trunk group ID used as peer-link (only valid if type = trunk-group).",
"type": "integer",
"minimum": 1,
"maximum": 64
@@ -1307,53 +1315,56 @@
}
},
"mclag-group": {
"description": "Configures the MC-LAG group, which binds the interfaces into a multi-chassis LAG.",
"type": "object",
"properties": {
"group-id": {
"description": "Defines the unique MC-LAG group identifier.",
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"description": "List of interfaces that participate in the MC-LAG group.",
"type": "array",
"items": {
"type": "string",
"description": "Interface names that are part of the MC-LAG group.",
"examples": [
"eth0",
"eth1"
]
}
},
"lacp-config": {
"description": "LACP configuration settings for the MC-LAG group.",
"type": "object",
"properties": {
"lacp-enable": {
"description": "Enables or disables LACP for the MC-LAG group.",
"type": "boolean",
"default": true
},
"lacp-role": {
"description": "Configures the LACP role as 'actor' or 'partner'",
"description": "Configures the MC-LAG group(s), which binds the interfaces into a multi-chassis LAG.",
"type": "array",
"items": {
"type": "object",
"properties": {
"group-id": {
"description": "Defines the unique MC-LAG group identifier.",
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"description": "List of interfaces that participate in the MC-LAG group.",
"type": "array",
"items": {
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"description": "Sets the LACP timeout as either 'short' or 'long'.",
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
"description": "Interface names that are part of the MC-LAG group.",
"examples": [
"Ethernet0",
"Ethernet1"
]
}
},
"lacp-config": {
"description": "LACP configuration settings for the MC-LAG group.",
"type": "object",
"properties": {
"lacp-enable": {
"description": "Enables or disables LACP for the MC-LAG group.",
"type": "boolean",
"default": true
},
"lacp-role": {
"description": "Configures the LACP role as 'actor' or 'partner'",
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"description": "Sets the LACP timeout as either 'short' or 'long'.",
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
}
}
}
}
@@ -1423,6 +1434,21 @@
}
}
},
"intrusion-detection-access-lockout": {
"description": "Enables protection against unauthorized login attempts by locking user access after a specified number of failed authentication attempts within a defined period.",
"type": "object",
"properties": {
"lockout-attempt-count": {
"description": "Number of consecutive failed login attempts allowed before the user account is locked.",
"type": "integer",
"minimum": 1
},
"lockout-period-seconds": {
"description": "Duration (in seconds) for which the user account remains locked after exceeding the failed attempt threshold.",
"type": "integer"
}
}
},
"arp-inspect": {
"type": "object",
"description": "Global configuration for ARP Inspection on the switch.",

102
ucentral.schema.json
View File

@@ -1474,7 +1474,7 @@
"peer-link": {
"type": "object",
"properties": {
"type": {
"link-type": {
"type": "string",
"enum": [
"port",
@@ -1482,7 +1482,14 @@
],
"default": "trunk-group"
},
"value": {
"port-id": {
"type": "string",
"examples": [
"Ethernet1",
"Ethernet2"
]
},
"trunk-id": {
"type": "integer",
"minimum": 1,
"maximum": 64
@@ -1490,45 +1497,48 @@
}
},
"mclag-group": {
"type": "object",
"properties": {
"group-id": {
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"type": "array",
"items": {
"type": "string",
"examples": [
"eth0",
"eth1"
]
}
},
"lacp-config": {
"type": "object",
"properties": {
"lacp-enable": {
"type": "boolean",
"default": true
},
"lacp-role": {
"type": "array",
"items": {
"type": "object",
"properties": {
"group-id": {
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"type": "array",
"items": {
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
"examples": [
"Ethernet0",
"Ethernet1"
]
}
},
"lacp-config": {
"type": "object",
"properties": {
"lacp-enable": {
"type": "boolean",
"default": true
},
"lacp-role": {
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
}
}
}
}
@@ -1589,6 +1599,18 @@
}
}
},
"intrusion-detection-access-lockout": {
"type": "object",
"properties": {
"lockout-attempt-count": {
"type": "integer",
"minimum": 1
},
"lockout-period-seconds": {
"type": "integer"
}
}
},
"arp-inspect": {
"$ref": "#/$defs/switch.arp-inspect"
},

124
ucentral.schema.pretty.json
View File

@@ -1747,7 +1747,7 @@
"description": "Configures the peer-link, which could be a physical port or a trunk group that connects the two MC-LAG peer switches.",
"type": "object",
"properties": {
"type": {
"link-type": {
"description": "Defines the type of peer-link, either 'port' or 'trunk-group'",
"type": "string",
"enum": [
@@ -1756,8 +1756,16 @@
],
"default": "trunk-group"
},
"value": {
"description": "Specifies the port or trunk-group ID for the peer-link.",
"port-id": {
"description": "Specifies the physical port name used as peer-link (only valid if type = port).",
"type": "string",
"examples": [
"Ethernet1",
"Ethernet2"
]
},
"trunk-id": {
"description": "Specifies the trunk group ID used as peer-link (only valid if type = trunk-group).",
"type": "integer",
"minimum": 1,
"maximum": 64
@@ -1765,53 +1773,56 @@
}
},
"mclag-group": {
"description": "Configures the MC-LAG group, which binds the interfaces into a multi-chassis LAG.",
"type": "object",
"properties": {
"group-id": {
"description": "Defines the unique MC-LAG group identifier.",
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"description": "List of interfaces that participate in the MC-LAG group.",
"type": "array",
"items": {
"type": "string",
"description": "Interface names that are part of the MC-LAG group.",
"examples": [
"eth0",
"eth1"
]
}
},
"lacp-config": {
"description": "LACP configuration settings for the MC-LAG group.",
"type": "object",
"properties": {
"lacp-enable": {
"description": "Enables or disables LACP for the MC-LAG group.",
"type": "boolean",
"default": true
},
"lacp-role": {
"description": "Configures the LACP role as 'actor' or 'partner'",
"description": "Configures the MC-LAG group(s), which binds the interfaces into a multi-chassis LAG.",
"type": "array",
"items": {
"type": "object",
"properties": {
"group-id": {
"description": "Defines the unique MC-LAG group identifier.",
"type": "integer",
"minimum": 1,
"maximum": 128
},
"members": {
"description": "List of interfaces that participate in the MC-LAG group.",
"type": "array",
"items": {
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"description": "Sets the LACP timeout as either 'short' or 'long'.",
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
"description": "Interface names that are part of the MC-LAG group.",
"examples": [
"Ethernet0",
"Ethernet1"
]
}
},
"lacp-config": {
"description": "LACP configuration settings for the MC-LAG group.",
"type": "object",
"properties": {
"lacp-enable": {
"description": "Enables or disables LACP for the MC-LAG group.",
"type": "boolean",
"default": true
},
"lacp-role": {
"description": "Configures the LACP role as 'actor' or 'partner'",
"type": "string",
"enum": [
"actor",
"partner"
],
"default": "actor"
},
"lacp-timeout": {
"description": "Sets the LACP timeout as either 'short' or 'long'.",
"type": "string",
"enum": [
"short",
"long"
],
"default": "long"
}
}
}
}
@@ -1881,6 +1892,21 @@
}
}
},
"intrusion-detection-access-lockout": {
"description": "Enables protection against unauthorized login attempts by locking user access after a specified number of failed authentication attempts within a defined period.",
"type": "object",
"properties": {
"lockout-attempt-count": {
"description": "Number of consecutive failed login attempts allowed before the user account is locked.",
"type": "integer",
"minimum": 1
},
"lockout-period-seconds": {
"description": "Duration (in seconds) for which the user account remains locked after exceeding the failed attempt threshold.",
"type": "integer"
}
}
},
"arp-inspect": {
"$ref": "#/$defs/switch.arp-inspect"
},

47
ucentral.state.pretty.json
View File

@@ -256,6 +256,53 @@
}
}
}
},
"access-lockout": {
"type": "object",
"description": "Represents the operational state and statistics of the Intrusion Detection and Access Lockout feature.",
"properties": {
"user-sessions": {
"type": "array",
"description": "Displays a list of user sessions being tracked for failed login attempts.",
"items": {
"type": "object",
"properties": {
"username": {
"type": "string",
"description": "The username associated with the login attempts being tracked."
},
"source-ip": {
"type": "string",
"description": "The IP address from which the login attempts originated."
},
"failed-attempts": {
"type": "integer",
"description": "The number of consecutive failed login attempts recorded for this user session."
},
"status": {
"type": "string",
"description": "Indicates whether the user account is currently locked or active.",
"enum": [
"active",
"locked"
]
},
"last-failed-attempt-time": {
"type": "integer",
"description": "UNIX timestamp (in seconds) of the most recent failed login attempt."
},
"lockout-start-time": {
"type": "integer",
"description": "UNIX timestamp (in seconds) when the user account was locked."
},
"lockout-expiry-time": {
"type": "integer",
"description": "UNIX timestamp (in seconds) when the lockout period will end and access will be restored."
}
}
}
}
}
}
},
"$defs": {