scottk/ols-ucentral-schema
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/ols-ucentral-schema.git synced 2025-10-30 01:32:26 +00:00
Code Issues Packages Projects Releases 3 Wiki Activity

Compare commits

base: scottk:link_aggregation
Branches Tags
scottk:main scottk:OLS-849-add-xSTP-parameters scottk:OLS-848-Schema-Intrusion-detection scottk:OLS-838-Update-OLS-Schema-version-to-4.2.0 scottk:correct-storm-control-indentation scottk:ols-821-mclag-schema-correction scottk:fix/fix_invalid_schema scottk:ols-688-bpdu-guard scottk:ols-822-lldp-peers-statemessage-enhancements scottk:OLS_UpdateSchemaVersion_410 scottk:ols-659-simplify-vlan-config scottk:staging-OLS-644-global-dns scottk:OLS-578-Tag-ols-ucentral-client-and-ols-ucentral-schema-4.0.0-pre-release scottk:Sprint-8-OLS-ARP-Inspect-Schema scottk:Sprint-8-OLS---Rate-Limiting-schema scottk:OLS-556-Sprint-8-IPSourceGuard scottk:OLS-556-Sprint-8-SubcribeRTEvents scottk:OLS-550_Schema_Corrections_Pre4p0_Features scottk:OLS-562-Add-schema-version-to-ols-ucentral-schema scottk:OLS-545-Removal-of-AP-specific-schema-elements-from-ols-ucentral-schema scottk:OLS-538_port_speed_enum_fix_40g scottk:OLS-425_sprint6_schema scottk:OLS_390_Move_uplink_interface_definition_to_state.yml_Add_version_connect.capabilities scottk:OLS-390-Move-uplink_interface-definition-to-state.yml-add-version-to-connect.capabilities scottk:OLS_319_sprint4_schema scottk:OLS-295_capabilities_add_lacp_linkAggregation_jumboFrames scottk:link_aggregation scottk:change_port_mirror_type_to_array scottk:lacp scottk:jumbo_frames scottk:OLS-229-generate-json-file-for-capabilities-connect.capabilities.yml scottk:OLS-228-delta_counters scottk:secure_http_server scottk:fix_loop_detection_schema_instances_indentation scottk:change_vrf_id_to_integer scottk:schema_fixes_and_updates scottk:default-values-for-schema/ethernet.yml-speed-and-duplex scottk:next scottk:1-incorrect-indentation-for-statelink-stateyml
scottk:v4.1.0-rc1 scottk:v4.0.0 scottk:v4.0.0-rc1 scottk:v3.2.7
..
compare: scottk:OLS_319_sprint4_schema
Branches Tags
scottk:OLS-849-add-xSTP-parameters scottk:OLS-848-Schema-Intrusion-detection scottk:OLS-838-Update-OLS-Schema-version-to-4.2.0 scottk:main scottk:correct-storm-control-indentation scottk:ols-821-mclag-schema-correction scottk:fix/fix_invalid_schema scottk:ols-688-bpdu-guard scottk:ols-822-lldp-peers-statemessage-enhancements scottk:OLS_UpdateSchemaVersion_410 scottk:ols-659-simplify-vlan-config scottk:staging-OLS-644-global-dns scottk:OLS-578-Tag-ols-ucentral-client-and-ols-ucentral-schema-4.0.0-pre-release scottk:Sprint-8-OLS-ARP-Inspect-Schema scottk:Sprint-8-OLS---Rate-Limiting-schema scottk:OLS-556-Sprint-8-IPSourceGuard scottk:OLS-556-Sprint-8-SubcribeRTEvents scottk:OLS-550_Schema_Corrections_Pre4p0_Features scottk:OLS-562-Add-schema-version-to-ols-ucentral-schema scottk:OLS-545-Removal-of-AP-specific-schema-elements-from-ols-ucentral-schema scottk:OLS-538_port_speed_enum_fix_40g scottk:OLS-425_sprint6_schema scottk:OLS_390_Move_uplink_interface_definition_to_state.yml_Add_version_connect.capabilities scottk:OLS-390-Move-uplink_interface-definition-to-state.yml-add-version-to-connect.capabilities scottk:OLS_319_sprint4_schema scottk:OLS-295_capabilities_add_lacp_linkAggregation_jumboFrames scottk:link_aggregation scottk:change_port_mirror_type_to_array scottk:lacp scottk:jumbo_frames scottk:OLS-229-generate-json-file-for-capabilities-connect.capabilities.yml scottk:OLS-228-delta_counters scottk:secure_http_server scottk:fix_loop_detection_schema_instances_indentation scottk:change_vrf_id_to_integer scottk:schema_fixes_and_updates scottk:default-values-for-schema/ethernet.yml-speed-and-duplex scottk:next scottk:1-incorrect-indentation-for-statelink-stateyml
scottk:v4.1.0-rc1 scottk:v4.0.0 scottk:v4.0.0-rc1 scottk:v3.2.7

8 Commits
link_aggre ... OLS_319_sp

Author SHA1 Message Date
Binny
53c239b60d OLS-319 incorporated most review comments, revised files 2024-09-23 07:47:42 +00:00
Binny
9a994374b5 OLS-319 Schema changes for 3.2 Sprint-4 Features to private Branch - Edits 2024-09-19 16:54:23 +00:00
Binny
44ed03b3f7 OLS-319 Schema changes for 3.2 Sprint-4 Features to private Branch 2024-09-19 16:51:30 +00:00
Binny
a72be45c21 OLS-319 test commit schema to priv repo 2024-09-19 09:27:16 +00:00
Mike Hansen
7c62326155 change port mirror type to array 
-- rebased and merge changes from https://github.com/Telecominfraproject/ols-ucentral-schema/pull/23 into main

Signed-off-by: Mike Hansen <mike.hansen@netexperience.com>
 2024-09-09 10:08:22 -04:00
Mike Hansen
5291c3da99 Merge pull request #24 from Telecominfraproject/OLS-295_capabilities_add_lacp_linkAggregation_jumboFrames 
[OLS-295] Add LACP, Link-Aggregation, and Jumbo-Frames to capabilities
 2024-09-06 09:17:10 -04:00
Mike Hansen
1b12452eeb [OLS-295] Add LACP, Link-Aggregation, and Jumbo-Frames to capabilities 
In ols-ucentral-schema->capabilities->connect.capabilities.yml->supported-features
Added enums for
  - Jumbo-Frames
  - LACP
  - Link-Aggregation

Regenerated json files.

Signed-off-by: Mike Hansen <mike.hansen@netexperience.com>
 2024-09-04 14:50:31 -04:00
Mike Hansen
76504b1ad6 Merge pull request #20 from Telecominfraproject/link_aggregation 
support link aggregation
 2024-08-13 09:19:28 -04:00
14 changed files with 1955 additions and 39 deletions
Expand all files Collapse all files

8
capabilities/connect.capabilities.yml
View File

@@ -133,6 +133,9 @@ properties:
enum:
# L2
- VLAN
- Jumbo-Frames
- Link-Aggregation-LACP
- Link-Aggregation-Static
- Port-Isolation
- Spanning-Tree
- Spanning-Tree-Rapid
@@ -160,6 +163,7 @@ properties:
- Routing-IPv6-DHCP-Stateful
- Routing-IPv6-DHCP-Stateless
- Routing-IPv6-Port-Forward
- Multicast-VLAN-Registration
# PoE
- PoE-Reset
# .1X
@@ -170,6 +174,9 @@ properties:
- System-SwUpdate
- System-SwUpdate-Partial
- Port-Mirroring
# Security
- MAC-ACL
- Guest-VLAN
# Services
- Service-SSH
- Service-RSSH
@@ -180,6 +187,7 @@ properties:
- Service-GPS
- Service-IGMP
- Service-NTP
- Service-NTP-Client
- Service-MDNS
- Service-QoS
- Service-Syslog

7
schema/ethernet.yml
View File

@@ -18,6 +18,13 @@ properties:
- LAN*
- WAN*
- "*"
name:
description:
This is a free text field, stating the administrative name of the
port. It may contain spaces and special characters, not exceeding 64 characters.
type: string
examples:
- cloud_uplink_port
speed:
description:
The link speed that shall be forced.

33
schema/interface.acl.yml Normal file
View File

@@ -0,0 +1,33 @@
description: A collection of access control entries that define the rules for filtering traffic through a network interface.
type: array
items:
type: object
properties:
acl-inf-policy-preference:
description: Determines the priority of multiple ACL policies when more than one is applied to an interface, if any.
type: integer
minimum: 1
maximum: 64
default: 1
acl-inf-policy-ingress:
description: Specifies the ACL policy that is applied to incoming traffic on an interface.
type: string
maxLength: 32
minLength: 1
examples:
- blacklisted-macs
acl-inf-counters-ingress:
description: Tracks the number and type of packets that match the ingress ACL rules on an interface.
type: boolean
default: false
acl-inf-policy-egress:
description: Specifies the ACL policy that is applied to outgoing traffic from an interface.
type: string
maxLength: 32
minLength: 1
examples:
- blacklisted-macs
acl-inf-counters-egress:
description: Tracks the number and type of packets that match the egress ACL rules on an interface.
type: boolean
default: false

16
schema/interface.dhcp-snoop-port.yml Normal file
View File

@@ -0,0 +1,16 @@
description: "Configuration for DHCP Snooping on a port level on a switch"
type: object
properties:
dhcp-snoop-port-trust:
description: "This parameter designates a switch port as trusted for DHCP messages, meaning it can forward DHCP offers and acknowledgments, which is essential for connecting to legitimate DHCP servers"
type: boolean
default: false
dhcp-snoop-port-client-limit:
description: "It sets a limit on the number of DHCP clients that can be associated with a single port, helping to prevent a single port from exhausting the networks IP address pool"
type: integer
minimum: 1
dhcp-snoop-port-circuit-id:
description: "Specifies DHCP Option 82 circuit ID suboption information. Often including information like the interface number and VLAN ID, this can be useful for network management and troubleshooting"
type: string
minLength: 1
maxLength: 32

32
schema/interface.ipv4.yml
View File

@@ -150,6 +150,34 @@ properties:
format: ipv4
examples:
- 225.0.0.1
mvr:
type: object
description: MVR attributes on a given interface
properties:
mvr-intf-mvr-role:
type: string
description: Configure an interface as an MVR receiver or source port. A port which is not configured as an MVR receiver or source port can use IGMP snooping to join or leave multicast groups using the standard rules for multicast filtering.
enum:
- none
- source
- receiver
mvr-intf-immed-leave:
type: string
description: Switch to immediately remove an interface from a multicast stream as soon as it receives a leave message for that group. Applies to only receiver role ports.
enum:
- none
- by-host-ip
- by-group
default: by-group
mvr-intf-assoc-domain:
type: integer
description: Map the port to a specific domain.
maximum: 10
minimum: 1
required:
- mvr-intf-mvr-role
- mvr-intf-immed-leave
- mvr-intf-assoc-domain
send-hostname:
description:
include the devices hostname inside DHCP requests
@@ -168,6 +196,10 @@ properties:
examples:
- 8.8.8.8
- 4.4.4.4
dhcp-snoop-vlan-enable:
description: "Enables DHCP Snooping on a VLAN"
type: boolean
default: false
dhcp:
$ref: "https://ucentral.io/schema/v1/interface/ipv4/dhcp/"
dhcp-leases:

4
schema/interface.yml
View File

@@ -68,6 +68,10 @@ properties:
$ref: "https://ucentral.io/schema/v1/interface/ipv4/"
ipv6:
$ref: "https://ucentral.io/schema/v1/interface/ipv6/"
acl:
$ref: "https://ucentral.io/schema/v1/interface/acl/"
dhcp-snooop-port:
$ref: "https://ucentral.io/schema/v1/interface/dhcp-snoop-port/"
broad-band:
$ref: "https://ucentral.io/schema/v1/interface/broad-band/"
ssids:

292
schema/switch.yml
View File

@@ -5,18 +5,20 @@ properties:
port-mirror:
description:
Enable mirror of traffic from multiple minotor ports to a single analysis port.
type: object
properties:
monitor-ports:
description:
The list of ports that we want to mirror.
type: array
items:
type: array
items:
type: object
properties:
monitor-ports:
description:
The list of ports that we want to mirror.
type: array
items:
type: string
analysis-port:
description:
The port that mirror'ed packets should be sent to.
type: string
analysis-port:
description:
The port that mirror'ed packets should be sent to.
type: string
loop-detection:
description:
Enable loop detection on the L2 switches/bridge.
@@ -240,3 +242,271 @@ properties:
Enables Jumbo frames
type: boolean
default: false
dhcp-snooping:
description: DHCP Snooping configuration parameters
type: object
properties:
dhcp-snoop-enable:
description: "Enables DHCP Snooping on the network switch, which is a security feature that prevents unauthorized DHCP servers from offering IP addresses"
type: boolean
default: false
dhcp-snoop-rate-limit:
description: "Sets a limit on the number of DHCP packets per second that can be received on an untrusted interface to prevent DHCP flooding attacks"
type: integer
minimum: 1
maximum: 2048
dhcp-snoop-mac-verify:
description: "This option ensures that the MAC address in a DHCP request matches the source MAC address of the packet, providing an additional layer of security"
type: boolean
default: false
dhcp-snoop-inf-opt-82:
description: "This refers to the insertion of information option 82 in DHCP packets, which adds more details about the clients location and network information for tracking and control purposes"
type: boolean
default: false
dhcp-snoop-inf-opt-encode-subopt:
description: "This parameter allows for the encoding of sub-options within option 82 to further specify client information"
type: boolean
default: false
dhcp-snoop-inf-opt-remoteid:
description: "It specifies the remote ID sub-option in option 82, which typically includes information like the circuit ID or remote host identifier"
type: string
maxLength: 32
minLength: 1
dhcp-snoop-inf-opt-policy:
description: "This defines the policy for handling packets with option 82, determining whether they should be forwarded or dropped based on the configuration"
type: string
enum:
- drop
- keep
- replace
acl:
description: Contains all the access control rule definitions
type: array
items:
type: object
properties:
acl-type:
description: Type of the access control list
type: string
enum:
- ipv4
- ipv6
- ipv4Ext
- ipv6Ext
- mac
- arp
acl-name:
description: The identifier or name for the Access Control List
type: string
maxLength: 32
minLength: 1
acl-rule-action:
description: Defines whether to permit or deny traffic matching the rule
type: string
enum:
- permit
- deny
acl-source-macaddress:
description: Specifies the source MAC address to filter on
type: string
format: uc-mac
acl-source-macbitmask:
description: The mask applied to the source MAC address
type: string
format: uc-mac
acl-dest-macaddress:
description: Specifies the destination MAC address for the filter
type: string
format: uc-mac
acl-dest-macbitmask:
description: The mask applied to the destination MAC address
type: string
format: uc-mac
acl-packet-format:
description: Identifies the protocol encapsulated in the Ethernet frame by its EtherType
type: string
enum:
- any
- untagged-eth2
- untagged-802.3
- tagged-eth2
- tagged-802.3
acl-vlanid:
description: Specifies a VLAN ID to filter traffic from a specific VLAN
type: integer
minimum: 1
maximum: 4094
acl-vid-bitmask:
description: The mask applied to the VLAN ID
type: integer
minimum: 1
maximum: 4095
acl-ethertype:
description: Filters packets based on the custom EtherType field (HEX) in the Ethernet frame
type: string
default: "800"
acl-ethertype-bitmask:
description: The mask applied to the EtherType field
type: string
default: "FFFF"
acl-cos:
description: Filters based on the Class of Service (CoS) field in the frame
type: integer
minimum: 0
maximum: 7
acl-cos-bitmask:
description: The mask applied to the CoS field
type: integer
minimum: 0
maximum: 7
acl-ip-type:
description: Filters traffic based on the IP protocol type (none, IPv4, or IPv6)
type: string
enum:
- none
- ipv4
- ipv6
acl-ipv4-source-address:
description: The IPv4 address of the source to filter on
type: string
format: ipv4
acl-ipv4-source-subnetmask:
description: The subnet mask applied to the source IPv4 address
type: string
format: ipv4
acl-ipv4-dest-address:
description: The IPv4 address of the destination to filter on
type: string
format: ipv4
acl-ipv4-dest-subnetmask:
description: The subnet mask applied to the destination IPv4 address
type: string
format: ipv4
acl-ip-proto:
description: Filters based on the IP protocol number
type: integer
minimum: 0
maximum: 255
acl-ip-source-port:
description: Specifies the source port number for filtering
type: integer
minimum: 1
maximum: 65535
acl-ip-source-port-bitmask:
description: The mask applied to the source port number
type: integer
minimum: 0
maximum: 65535
acl-ip-dest-port:
description: Specifies the destination port number for filtering
type: integer
minimum: 1
maximum: 65535
acl-ip-dest-port-bitmask:
description: The mask applied to the destination port number
type: integer
minimum: 0
maximum: 65535
mvr-config:
description: This section defines the Multicast VLAN Registration (MVR) general configuration.
type: object
properties:
mvr-enable:
description: Enable/Disable MVR globally on the switch.
type: boolean
default: false
mvr-proxy-query-intvl:
description:
This command configures the interval (in seconds) at which the receiver port sends out general queries.
The maximum value is determined based on 12 hours as maximum interval, and minimum as 1 second as allowed value.
type: integer
default: 125
maximum: 43200
minimum: 1
mvr-proxy-switching:
description:
Enable the MVR proxy switching mode, where the source port acts as a host, and the receiver port
acts as an MVR router with querier service enabled.
type: boolean
default: false
mvr-robustness-val:
description:
Configure the expected packet loss, and thereby the number of times to generate report
and group-specific queries when changes are learned about downstream groups,
and the number of times group-specific queries are sent to downstream receiver ports.
Right configuration ensures that multicast group memberships are correctly maintained
even if some control messages are lost due to network issues.
type: integer
default: 2
maximum: 255
minimum: 1
mvr-source-port-mode:
description:
Configure the switch to forward only multicast streams that a source port has dynamically
joined or to forward all multicast groups.
type: string
default: forward
enum:
- dynamic
- forward
mvr-domain-config:
description: Configure the Multicast VLAN Registration (MVR) domains.
type: array
items:
type: object
properties:
mvr-domain-id:
description: Unique identifier for a Multicast Domain defined under the MVR.
type: integer
minimum: 1
maximum: 10
default: 1
mvr-domain-enable:
description: Enable/disable Multicast VLAN Registration (MVR) for a specific domain.
type: boolean
default: false
mvr-domain-vlan-id:
description:
Per domain Level Multicast VLAN ID. Specifies the VLAN through which MVR multicast data is received.
This is the VLAN to which all source ports must be assigned.
type: integer
minimum: 1
maximum: 4094
default: 1
mvr-domain-upstream-sip:
description: Configures the source IP address assigned to all MVR control packets sent upstream on all domains or on a specified domain.
type: string
format: ipv4
examples:
- 192.168.0.5
mvr-group-config:
type: array
description: List of MVR groups (or profiles) configuration.
items:
type: object
properties:
mvr-group-name:
type: string
description: The name of a MVR group that consists of one or more MVR group addresses
maxLength: 16
minLength: 1
mvr-group-range-start:
type: string
format: ipv4
description: Start IP address on the range of MVR group addresses that maps to a profile/MVR group
mvr-group-range-end:
type: string
format: ipv4
description: Statically configure all multicast group addresses that will join an MVR VLAN. Map a range of MVR group addresses to a profile
mvr-group-assoc-domain:
descpription: Map the MVR Group to a secific domain. There can be many profiles under a single domain
type: array
items:
type: integer
maximum: 10
minimum: 1
required:
- mvr-group-name
- mvr-group-range-start
- mvr-group-range-end
- mvr-group-assoc-domain

4
state/interface.ipv4.yml
View File

@@ -12,6 +12,10 @@ properties:
type: string
description:
The public IP address of internet connection.
uplink_interface:
type: string
description:
Current interface that serves as the Uplink. Example Ethernet2.
leasetime:
type: number
description:

115
state/interface.yml
View File

@@ -74,3 +74,118 @@ items:
type: array
items:
type: string
mvr:
type: object
description: MVR statistics on interface
properties:
mvr-intf-fwd-status:
description: Shows if MVR traffic is being forwarded or discarded.
type: boolean
mvr-intf-igmp-count-reports:
description: The number of IGMP membership reports received on this interface.
type: integer
mvr-intf-igmp-count-leave:
description: The number of leave messages received on this interface.
type: integer
mvr-intf-igmp-count-gquery:
description: The number of general query messages received on this interface.
type: integer
mvr-intf-igmp-count-gssquery:
description: The number of group specific or group-and-source specific query messages received on this interface.
type: integer
mvr-intf-igmp-count-drop:
description: The number of times a report, leave, or query was dropped.
type: integer
mvr-intf-igmp-count-joinsucc:
description: The number of times a multicast group was successfully joined.
type: integer
mvr-intf-igmp-count-actgroups:
description: The number of MVR groups active on this interface.
type: integer
acl-stats:
description: "Represents the overall statistics for ACLs on the OLS device."
type: object
properties:
acl-intf-stats:
description: "A list of ACL-related statistics, each corresponding to a specific interface or port."
type: array
items:
type: object
properties:
acl-intf-id:
description: "The identifier for the interface or port to which the ACL statistics apply."
type: string
acl-type:
description: "Type of the access control list."
type: string
enum:
- none
- ipv4
- ipv6
- ipv4Ext
- ipv6Ext
- mac
- arp
acl-rule-action:
description: "Indicates the action (permit or deny) taken when an ACL rule is matched."
type: string
enum:
- permit
- deny
acl-hit-count:
description: "The number of times an ACL rule has been matched by traffic."
type: number
acl-rule-resource-util:
description: "Shows the percentage of this user-configured ACL rule as a percentage of total ACL rules."
type: integer
minimum: 0
maximum: 100
acl-resource-stats:
description: "Represents the overall resource utilization statistics for ACLs."
type: object
properties:
acl-total-resource-util:
description: "Percentage of total ACL consumed resources amongst the resources available."
type: integer
minimum: 0
maximum: 100
dhcp-snoop-binding:
description: State message entry to show the binding table for DHCP Snooping
type: object
properties:
entries:
description: List of DHCP Snooping binding entries
type: array
items:
type: object
properties:
dhcp-snoop-bind-mac-address:
description: MAC address of the DHCP client in the DHCP Snooping binding table
type: string
format: uc-mac
dhcp-snoop-bind-ip-address:
description: IP address assigned to the MAC address in the DHCP Snooping binding table
type: string
format: ipv4
dhcp-snoop-bind-lease-seconds:
description: This indicates the lease time in seconds for the IP address assigned to the DHCP client, after which the IP address may be reassigned
type: integer
dhcp-snoop-bind-type:
description: Specifies the type of binding entry, such as dynamic or static, indicating how the IP address was assigned to the client
type: string
enum:
- dynamic
- static
dhcp-snoop-bind-vlan:
description: VLAN ID associated with the DHCP clients IP address, which helps in managing network segments
type: integer
minimum: 1
maximum: 4094
dhcp-snoop-bind-interf:
description: Identifies the interface through which the DHCP client is connected, aiding in network topology management
type: string
examples:
- "Ethernet1"
- "Unit-1/Port-2"
- "1-2"
- "Trunk 1"

7
ucentral.capabilities.pretty.json
View File

@@ -167,6 +167,9 @@
"type": "string",
"enum": [
"VLAN",
"Jumbo-Frames",
"Link-Aggregation-LACP",
"Link-Aggregation-Static",
"Port-Isolation",
"Spanning-Tree",
"Spanning-Tree-Rapid",
@@ -193,6 +196,7 @@
"Routing-IPv6-DHCP-Stateful",
"Routing-IPv6-DHCP-Stateless",
"Routing-IPv6-Port-Forward",
"Multicast-VLAN-Registration",
"PoE-Reset",
"Port-Access-Control",
"PAC-Dynamic-Auth",
@@ -200,6 +204,8 @@
"System-SwUpdate",
"System-SwUpdate-Partial",
"Port-Mirroring",
"MAC-ACL",
"Guest-VLAN",
"Service-SSH",
"Service-RSSH",
"Service-Telnet",
@@ -209,6 +215,7 @@
"Service-GPS",
"Service-IGMP",
"Service-NTP",
"Service-NTP-Client",
"Service-MDNS",
"Service-QoS",
"Service-Syslog",

459
ucentral.schema.full.json
View File

@@ -558,6 +558,13 @@
]
}
},
"name": {
"description": "This is a free text field, stating the administrative name of the port. It may contain spaces and special characters, not exceeding 64 characters.",
"type": "string",
"examples": [
"cloud_uplink_port"
]
},
"speed": {
"description": "The link speed that shall be forced.",
"type": "integer",
@@ -766,18 +773,21 @@
"properties": {
"port-mirror": {
"description": "Enable mirror of traffic from multiple minotor ports to a single analysis port.",
"type": "object",
"properties": {
"monitor-ports": {
"description": "The list of ports that we want to mirror.",
"type": "array",
"items": {
"type": "array",
"items": {
"type": "object",
"properties": {
"monitor-ports": {
"description": "The list of ports that we want to mirror.",
"type": "array",
"items": {
"type": "string"
}
},
"analysis-port": {
"description": "The port that mirror'ed packets should be sent to.",
"type": "string"
}
},
"analysis-port": {
"description": "The port that mirror'ed packets should be sent to.",
"type": "string"
}
}
},
@@ -1009,10 +1019,332 @@
"src-mac"
],
"default": "src-dst-mac"
},
"jumbo-frames": {
"description": "Enables Jumbo frames",
"type": "boolean",
"default": false
},
"dhcp-snooping": {
"description": "DHCP Snooping configuration parameters",
"type": "object",
"properties": {
"dhcp-snoop-enable": {
"description": "Enables DHCP Snooping on the network switch, which is a security feature that prevents unauthorized DHCP servers from offering IP addresses",
"type": "boolean",
"default": false
},
"dhcp-snoop-rate-limit": {
"description": "Sets a limit on the number of DHCP packets per second that can be received on an untrusted interface to prevent DHCP flooding attacks",
"type": "integer",
"minimum": 1,
"maximum": 2048
},
"dhcp-snoop-mac-verify": {
"description": "This option ensures that the MAC address in a DHCP request matches the source MAC address of the packet, providing an additional layer of security",
"type": "boolean",
"default": false
},
"dhcp-snoop-inf-opt-82": {
"description": "This refers to the insertion of information option 82 in DHCP packets, which adds more details about the client\u2019s location and network information for tracking and control purposes",
"type": "boolean",
"default": false
},
"dhcp-snoop-inf-opt-encode-subopt": {
"description": "This parameter allows for the encoding of sub-options within option 82 to further specify client information",
"type": "boolean",
"default": false
},
"dhcp-snoop-inf-opt-remoteid": {
"description": "It specifies the remote ID sub-option in option 82, which typically includes information like the circuit ID or remote host identifier",
"type": "string",
"maxLength": 32,
"minLength": 1
},
"dhcp-snoop-inf-opt-policy": {
"description": "This defines the policy for handling packets with option 82, determining whether they should be forwarded or dropped based on the configuration",
"type": "string",
"enum": [
"drop",
"keep",
"replace"
]
}
}
},
"acl": {
"description": "Contains all the access control rule definitions",
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-type": {
"description": "Type of the access control list",
"type": "string",
"enum": [
"ipv4",
"ipv6",
"ipv4Ext",
"ipv6Ext",
"mac",
"arp"
]
},
"acl-name": {
"description": "The identifier or name for the Access Control List",
"type": "string",
"maxLength": 32,
"minLength": 1
},
"acl-rule-action": {
"description": "Defines whether to permit or deny traffic matching the rule",
"type": "string",
"enum": [
"permit",
"deny"
]
},
"acl-source-macaddress": {
"description": "Specifies the source MAC address to filter on",
"type": "string",
"format": "uc-mac"
},
"acl-source-macbitmask": {
"description": "The mask applied to the source MAC address",
"type": "string",
"format": "uc-mac"
},
"acl-dest-macaddress": {
"description": "Specifies the destination MAC address for the filter",
"type": "string",
"format": "uc-mac"
},
"acl-dest-macbitmask": {
"description": "The mask applied to the destination MAC address",
"type": "string",
"format": "uc-mac"
},
"acl-packet-format": {
"description": "Identifies the protocol encapsulated in the Ethernet frame by its EtherType",
"type": "string",
"enum": [
"any",
"untagged-eth2",
"untagged-802.3",
"tagged-eth2",
"tagged-802.3"
]
},
"acl-vlanid": {
"description": "Specifies a VLAN ID to filter traffic from a specific VLAN",
"type": "integer",
"minimum": 1,
"maximum": 4094
},
"acl-vid-bitmask": {
"description": "The mask applied to the VLAN ID",
"type": "integer",
"minimum": 1,
"maximum": 4095
},
"acl-ethertype": {
"description": "Filters packets based on the custom EtherType field (HEX) in the Ethernet frame",
"type": "string",
"default": "800"
},
"acl-ethertype-bitmask": {
"description": "The mask applied to the EtherType field",
"type": "string",
"default": "FFFF"
},
"acl-cos": {
"description": "Filters based on the Class of Service (CoS) field in the frame",
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-cos-bitmask": {
"description": "The mask applied to the CoS field",
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-ip-type": {
"description": "Filters traffic based on the IP protocol type (none, IPv4, or IPv6)",
"type": "string",
"enum": [
"none",
"ipv4",
"ipv6"
]
},
"acl-ipv4-source-address": {
"description": "The IPv4 address of the source to filter on",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-source-subnetmask": {
"description": "The subnet mask applied to the source IPv4 address",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-address": {
"description": "The IPv4 address of the destination to filter on",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-subnetmask": {
"description": "The subnet mask applied to the destination IPv4 address",
"type": "string",
"format": "ipv4"
},
"acl-ip-proto": {
"description": "Filters based on the IP protocol number",
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ip-source-port": {
"description": "Specifies the source port number for filtering",
"type": "integer",
"minimum": 1,
"maximum": 65535
},
"acl-ip-source-port-bitmask": {
"description": "The mask applied to the source port number",
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-dest-port": {
"description": "Specifies the destination port number for filtering",
"type": "integer",
"minimum": 1,
"maximum": 65535
},
"acl-ip-dest-port-bitmask": {
"description": "The mask applied to the destination port number",
"type": "integer",
"minimum": 0,
"maximum": 65535
}
}
}
},
"mvr-config": {
"description": "This section defines the Multicast VLAN Registration (MVR) general configuration.",
"type": "object",
"properties": {
"mvr-enable": {
"description": "Enable/Disable MVR globally on the switch.",
"type": "boolean",
"default": false
},
"mvr-proxy-query-intvl": {
"description": "This command configures the interval (in seconds) at which the receiver port sends out general queries. The maximum value is determined based on 12 hours as maximum interval, and minimum as 1 second as allowed value.",
"type": "integer",
"default": 125,
"maximum": 43200,
"minimum": 1
},
"mvr-proxy-switching": {
"description": "Enable the MVR proxy switching mode, where the source port acts as a host, and the receiver port acts as an MVR router with querier service enabled.",
"type": "boolean",
"default": false
},
"mvr-robustness-val": {
"description": "Configure the expected packet loss, and thereby the number of times to generate report and group-specific queries when changes are learned about downstream groups, and the number of times group-specific queries are sent to downstream receiver ports. Right configuration ensures that multicast group memberships are correctly maintained even if some control messages are lost due to network issues.",
"type": "integer",
"default": 2,
"maximum": 255,
"minimum": 1
},
"mvr-source-port-mode": {
"description": "Configure the switch to forward only multicast streams that a source port has dynamically joined or to forward all multicast groups.",
"type": "string",
"default": "forward",
"enum": [
"dynamic",
"forward"
]
}
}
},
"mvr-domain-config": {
"description": "Configure the Multicast VLAN Registration (MVR) domains.",
"type": "array",
"items": {
"type": "object",
"properties": {
"mvr-domain-id": {
"description": "Unique identifier for a Multicast Domain defined under the MVR.",
"type": "integer",
"minimum": 1,
"maximum": 10,
"default": 1
},
"mvr-domain-enable": {
"description": "Enable/disable Multicast VLAN Registration (MVR) for a specific domain.",
"type": "boolean",
"default": false
},
"mvr-domain-vlan-id": {
"description": "Per domain Level Multicast VLAN ID. Specifies the VLAN through which MVR multicast data is received. This is the VLAN to which all source ports must be assigned.",
"type": "integer",
"minimum": 1,
"maximum": 4094,
"default": 1
},
"mvr-domain-upstream-sip": {
"description": "Configures the source IP address assigned to all MVR control packets sent upstream on all domains or on a specified domain.",
"type": "string",
"format": "ipv4",
"examples": [
"192.168.0.5"
]
}
}
}
},
"mvr-group-config": {
"type": "array",
"description": "List of MVR groups (or profiles) configuration.",
"items": {
"type": "object",
"properties": {
"mvr-group-name": {
"type": "string",
"description": "The name of a MVR group that consists of one or more MVR group addresses",
"maxLength": 16,
"minLength": 1
},
"mvr-group-range-start": {
"type": "string",
"format": "ipv4",
"description": "Start IP address on the range of MVR group addresses that maps to a profile/MVR group"
},
"mvr-group-range-end": {
"type": "string",
"format": "ipv4",
"description": "Statically configure all multicast group addresses that will join an MVR VLAN. Map a range of MVR group addresses to a profile"
},
"mvr-group-assoc-domain": {
"descpription": "Map the MVR Group to a secific domain. There can be many profiles under a single domain",
"type": "array",
"items": {
"type": "integer",
"maximum": 10,
"minimum": 1
}
}
},
"required": [
"mvr-group-name",
"mvr-group-range-start",
"mvr-group-range-end",
"mvr-group-assoc-domain"
]
}
}
}
},
@@ -1581,6 +1913,42 @@
}
}
}
},
"mvr": {
"type": "object",
"description": "MVR attributes on a given interface",
"properties": {
"mvr-intf-mvr-role": {
"type": "string",
"description": "Configure an interface as an MVR receiver or source port. A port which is not configured as an MVR receiver or source port can use IGMP snooping to join or leave multicast groups using the standard rules for multicast filtering.",
"enum": [
"none",
"source",
"receiver"
]
},
"mvr-intf-immed-leave": {
"type": "string",
"description": "Switch to immediately remove an interface from a multicast stream as soon as it receives a leave message for that group. Applies to only receiver role ports.",
"enum": [
"none",
"by-host-ip",
"by-group"
],
"default": "by-group"
},
"mvr-intf-assoc-domain": {
"type": "integer",
"description": "Map the port to a specific domain.",
"maximum": 10,
"minimum": 1
}
},
"required": [
"mvr-intf-mvr-role",
"mvr-intf-immed-leave",
"mvr-intf-assoc-domain"
]
}
}
},
@@ -1604,6 +1972,11 @@
]
}
},
"dhcp-snoop-vlan-enable": {
"description": "Enables DHCP Snooping on a VLAN",
"type": "boolean",
"default": false
},
"dhcp": {
"description": "This section describes the DHCP server configuration",
"type": "object",
@@ -1902,6 +2275,72 @@
}
}
},
"acl": {
"description": "A collection of access control entries that define the rules for filtering traffic through a network interface.",
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-inf-policy-preference": {
"description": "Determines the priority of multiple ACL policies when more than one is applied to an interface, if any.",
"type": "integer",
"minimum": 1,
"maximum": 64,
"default": 1
},
"acl-inf-policy-ingress": {
"description": "Specifies the ACL policy that is applied to incoming traffic on an interface.",
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-ingress": {
"description": "Tracks the number and type of packets that match the ingress ACL rules on an interface.",
"type": "boolean",
"default": false
},
"acl-inf-policy-egress": {
"description": "Specifies the ACL policy that is applied to outgoing traffic from an interface.",
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-egress": {
"description": "Tracks the number and type of packets that match the egress ACL rules on an interface.",
"type": "boolean",
"default": false
}
}
}
},
"dhcp-snooop-port": {
"description": "Configuration for DHCP Snooping on a port level on a switch",
"type": "object",
"properties": {
"dhcp-snoop-port-trust": {
"description": "This parameter designates a switch port as \u2018trusted\u2019 for DHCP messages, meaning it can forward DHCP offers and acknowledgments, which is essential for connecting to legitimate DHCP servers",
"type": "boolean",
"default": false
},
"dhcp-snoop-port-client-limit": {
"description": "It sets a limit on the number of DHCP clients that can be associated with a single port, helping to prevent a single port from exhausting the network\u2019s IP address pool",
"type": "integer",
"minimum": 1
},
"dhcp-snoop-port-circuit-id": {
"description": "Specifies DHCP Option 82 circuit ID suboption information. Often including information like the interface number and VLAN ID, this can be useful for network management and troubleshooting",
"type": "string",
"minLength": 1,
"maxLength": 32
}
}
},
"broad-band": {
"oneOf": [
{

396
ucentral.schema.json
View File

@@ -366,6 +366,12 @@
]
}
},
"name": {
"type": "string",
"examples": [
"cloud_uplink_port"
]
},
"speed": {
"type": "integer",
"enum": [
@@ -545,16 +551,19 @@
"type": "object",
"properties": {
"port-mirror": {
"type": "object",
"properties": {
"monitor-ports": {
"type": "array",
"items": {
"type": "array",
"items": {
"type": "object",
"properties": {
"monitor-ports": {
"type": "array",
"items": {
"type": "string"
}
},
"analysis-port": {
"type": "string"
}
},
"analysis-port": {
"type": "string"
}
}
},
@@ -755,6 +764,279 @@
"jumbo-frames": {
"type": "boolean",
"default": false
},
"dhcp-snooping": {
"type": "object",
"properties": {
"dhcp-snoop-enable": {
"type": "boolean",
"default": false
},
"dhcp-snoop-rate-limit": {
"type": "integer",
"minimum": 1,
"maximum": 2048
},
"dhcp-snoop-mac-verify": {
"type": "boolean",
"default": false
},
"dhcp-snoop-inf-opt-82": {
"type": "boolean",
"default": false
},
"dhcp-snoop-inf-opt-encode-subopt": {
"type": "boolean",
"default": false
},
"dhcp-snoop-inf-opt-remoteid": {
"type": "string",
"maxLength": 32,
"minLength": 1
},
"dhcp-snoop-inf-opt-policy": {
"type": "string",
"enum": [
"drop",
"keep",
"replace"
]
}
}
},
"acl": {
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-type": {
"type": "string",
"enum": [
"ipv4",
"ipv6",
"ipv4Ext",
"ipv6Ext",
"mac",
"arp"
]
},
"acl-name": {
"type": "string",
"maxLength": 32,
"minLength": 1
},
"acl-rule-action": {
"type": "string",
"enum": [
"permit",
"deny"
]
},
"acl-source-macaddress": {
"type": "string",
"format": "uc-mac"
},
"acl-source-macbitmask": {
"type": "string",
"format": "uc-mac"
},
"acl-dest-macaddress": {
"type": "string",
"format": "uc-mac"
},
"acl-dest-macbitmask": {
"type": "string",
"format": "uc-mac"
},
"acl-packet-format": {
"type": "string",
"enum": [
"any",
"untagged-eth2",
"untagged-802.3",
"tagged-eth2",
"tagged-802.3"
]
},
"acl-vlanid": {
"type": "integer",
"minimum": 1,
"maximum": 4094
},
"acl-vid-bitmask": {
"type": "integer",
"minimum": 1,
"maximum": 4095
},
"acl-ethertype": {
"type": "string",
"default": "800"
},
"acl-ethertype-bitmask": {
"type": "string",
"default": "FFFF"
},
"acl-cos": {
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-cos-bitmask": {
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-ip-type": {
"type": "string",
"enum": [
"none",
"ipv4",
"ipv6"
]
},
"acl-ipv4-source-address": {
"type": "string",
"format": "ipv4"
},
"acl-ipv4-source-subnetmask": {
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-address": {
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-subnetmask": {
"type": "string",
"format": "ipv4"
},
"acl-ip-proto": {
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ip-source-port": {
"type": "integer",
"minimum": 1,
"maximum": 65535
},
"acl-ip-source-port-bitmask": {
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-dest-port": {
"type": "integer",
"minimum": 1,
"maximum": 65535
},
"acl-ip-dest-port-bitmask": {
"type": "integer",
"minimum": 0,
"maximum": 65535
}
}
}
},
"mvr-config": {
"type": "object",
"properties": {
"mvr-enable": {
"type": "boolean",
"default": false
},
"mvr-proxy-query-intvl": {
"type": "integer",
"default": 125,
"maximum": 43200,
"minimum": 1
},
"mvr-proxy-switching": {
"type": "boolean",
"default": false
},
"mvr-robustness-val": {
"type": "integer",
"default": 2,
"maximum": 255,
"minimum": 1
},
"mvr-source-port-mode": {
"type": "string",
"default": "forward",
"enum": [
"dynamic",
"forward"
]
}
}
},
"mvr-domain-config": {
"type": "array",
"items": {
"type": "object",
"properties": {
"mvr-domain-id": {
"type": "integer",
"minimum": 1,
"maximum": 10,
"default": 1
},
"mvr-domain-enable": {
"type": "boolean",
"default": false
},
"mvr-domain-vlan-id": {
"type": "integer",
"minimum": 1,
"maximum": 4094,
"default": 1
},
"mvr-domain-upstream-sip": {
"type": "string",
"format": "ipv4",
"examples": [
"192.168.0.5"
]
}
}
}
},
"mvr-group-config": {
"type": "array",
"items": {
"type": "object",
"properties": {
"mvr-group-name": {
"type": "string",
"maxLength": 16,
"minLength": 1
},
"mvr-group-range-start": {
"type": "string",
"format": "ipv4"
},
"mvr-group-range-end": {
"type": "string",
"format": "ipv4"
},
"mvr-group-assoc-domain": {
"descpription": "Map the MVR Group to a secific domain. There can be many profiles under a single domain",
"type": "array",
"items": {
"type": "integer",
"maximum": 10,
"minimum": 1
}
}
},
"required": [
"mvr-group-name",
"mvr-group-range-start",
"mvr-group-range-end",
"mvr-group-assoc-domain"
]
}
}
}
},
@@ -1302,6 +1584,38 @@
}
}
}
},
"mvr": {
"type": "object",
"properties": {
"mvr-intf-mvr-role": {
"type": "string",
"enum": [
"none",
"source",
"receiver"
]
},
"mvr-intf-immed-leave": {
"type": "string",
"enum": [
"none",
"by-host-ip",
"by-group"
],
"default": "by-group"
},
"mvr-intf-assoc-domain": {
"type": "integer",
"maximum": 10,
"minimum": 1
}
},
"required": [
"mvr-intf-mvr-role",
"mvr-intf-immed-leave",
"mvr-intf-assoc-domain"
]
}
}
},
@@ -1323,6 +1637,10 @@
]
}
},
"dhcp-snoop-vlan-enable": {
"type": "boolean",
"default": false
},
"dhcp": {
"$ref": "#/$defs/interface.ipv4.dhcp"
},
@@ -1502,6 +1820,62 @@
}
}
},
"interface.acl": {
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-inf-policy-preference": {
"type": "integer",
"minimum": 1,
"maximum": 64,
"default": 1
},
"acl-inf-policy-ingress": {
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-ingress": {
"type": "boolean",
"default": false
},
"acl-inf-policy-egress": {
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-egress": {
"type": "boolean",
"default": false
}
}
}
},
"interface.dhcp-snoop-port": {
"type": "object",
"properties": {
"dhcp-snoop-port-trust": {
"type": "boolean",
"default": false
},
"dhcp-snoop-port-client-limit": {
"type": "integer",
"minimum": 1
},
"dhcp-snoop-port-circuit-id": {
"type": "string",
"minLength": 1,
"maxLength": 32
}
}
},
"interface.broad-band.wwan": {
"type": "object",
"properties": {
@@ -2792,6 +3166,12 @@
"ipv6": {
"$ref": "#/$defs/interface.ipv6"
},
"acl": {
"$ref": "#/$defs/interface.acl"
},
"dhcp-snooop-port": {
"$ref": "#/$defs/interface.dhcp-snoop-port"
},
"broad-band": {
"$ref": "#/$defs/interface.broad-band"
},

464
ucentral.schema.pretty.json
View File

@@ -410,6 +410,13 @@
]
}
},
"name": {
"description": "This is a free text field, stating the administrative name of the port. It may contain spaces and special characters, not exceeding 64 characters.",
"type": "string",
"examples": [
"cloud_uplink_port"
]
},
"speed": {
"description": "The link speed that shall be forced.",
"type": "integer",
@@ -617,18 +624,21 @@
"properties": {
"port-mirror": {
"description": "Enable mirror of traffic from multiple minotor ports to a single analysis port.",
"type": "object",
"properties": {
"monitor-ports": {
"description": "The list of ports that we want to mirror.",
"type": "array",
"items": {
"type": "array",
"items": {
"type": "object",
"properties": {
"monitor-ports": {
"description": "The list of ports that we want to mirror.",
"type": "array",
"items": {
"type": "string"
}
},
"analysis-port": {
"description": "The port that mirror'ed packets should be sent to.",
"type": "string"
}
},
"analysis-port": {
"description": "The port that mirror'ed packets should be sent to.",
"type": "string"
}
}
},
@@ -865,6 +875,327 @@
"description": "Enables Jumbo frames",
"type": "boolean",
"default": false
},
"dhcp-snooping": {
"description": "DHCP Snooping configuration parameters",
"type": "object",
"properties": {
"dhcp-snoop-enable": {
"description": "Enables DHCP Snooping on the network switch, which is a security feature that prevents unauthorized DHCP servers from offering IP addresses",
"type": "boolean",
"default": false
},
"dhcp-snoop-rate-limit": {
"description": "Sets a limit on the number of DHCP packets per second that can be received on an untrusted interface to prevent DHCP flooding attacks",
"type": "integer",
"minimum": 1,
"maximum": 2048
},
"dhcp-snoop-mac-verify": {
"description": "This option ensures that the MAC address in a DHCP request matches the source MAC address of the packet, providing an additional layer of security",
"type": "boolean",
"default": false
},
"dhcp-snoop-inf-opt-82": {
"description": "This refers to the insertion of information option 82 in DHCP packets, which adds more details about the client\u2019s location and network information for tracking and control purposes",
"type": "boolean",
"default": false
},
"dhcp-snoop-inf-opt-encode-subopt": {
"description": "This parameter allows for the encoding of sub-options within option 82 to further specify client information",
"type": "boolean",
"default": false
},
"dhcp-snoop-inf-opt-remoteid": {
"description": "It specifies the remote ID sub-option in option 82, which typically includes information like the circuit ID or remote host identifier",
"type": "string",
"maxLength": 32,
"minLength": 1
},
"dhcp-snoop-inf-opt-policy": {
"description": "This defines the policy for handling packets with option 82, determining whether they should be forwarded or dropped based on the configuration",
"type": "string",
"enum": [
"drop",
"keep",
"replace"
]
}
}
},
"acl": {
"description": "Contains all the access control rule definitions",
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-type": {
"description": "Type of the access control list",
"type": "string",
"enum": [
"ipv4",
"ipv6",
"ipv4Ext",
"ipv6Ext",
"mac",
"arp"
]
},
"acl-name": {
"description": "The identifier or name for the Access Control List",
"type": "string",
"maxLength": 32,
"minLength": 1
},
"acl-rule-action": {
"description": "Defines whether to permit or deny traffic matching the rule",
"type": "string",
"enum": [
"permit",
"deny"
]
},
"acl-source-macaddress": {
"description": "Specifies the source MAC address to filter on",
"type": "string",
"format": "uc-mac"
},
"acl-source-macbitmask": {
"description": "The mask applied to the source MAC address",
"type": "string",
"format": "uc-mac"
},
"acl-dest-macaddress": {
"description": "Specifies the destination MAC address for the filter",
"type": "string",
"format": "uc-mac"
},
"acl-dest-macbitmask": {
"description": "The mask applied to the destination MAC address",
"type": "string",
"format": "uc-mac"
},
"acl-packet-format": {
"description": "Identifies the protocol encapsulated in the Ethernet frame by its EtherType",
"type": "string",
"enum": [
"any",
"untagged-eth2",
"untagged-802.3",
"tagged-eth2",
"tagged-802.3"
]
},
"acl-vlanid": {
"description": "Specifies a VLAN ID to filter traffic from a specific VLAN",
"type": "integer",
"minimum": 1,
"maximum": 4094
},
"acl-vid-bitmask": {
"description": "The mask applied to the VLAN ID",
"type": "integer",
"minimum": 1,
"maximum": 4095
},
"acl-ethertype": {
"description": "Filters packets based on the custom EtherType field (HEX) in the Ethernet frame",
"type": "string",
"default": "800"
},
"acl-ethertype-bitmask": {
"description": "The mask applied to the EtherType field",
"type": "string",
"default": "FFFF"
},
"acl-cos": {
"description": "Filters based on the Class of Service (CoS) field in the frame",
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-cos-bitmask": {
"description": "The mask applied to the CoS field",
"type": "integer",
"minimum": 0,
"maximum": 7
},
"acl-ip-type": {
"description": "Filters traffic based on the IP protocol type (none, IPv4, or IPv6)",
"type": "string",
"enum": [
"none",
"ipv4",
"ipv6"
]
},
"acl-ipv4-source-address": {
"description": "The IPv4 address of the source to filter on",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-source-subnetmask": {
"description": "The subnet mask applied to the source IPv4 address",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-address": {
"description": "The IPv4 address of the destination to filter on",
"type": "string",
"format": "ipv4"
},
"acl-ipv4-dest-subnetmask": {
"description": "The subnet mask applied to the destination IPv4 address",
"type": "string",
"format": "ipv4"
},
"acl-ip-proto": {
"description": "Filters based on the IP protocol number",
"type": "integer",
"minimum": 0,
"maximum": 255
},
"acl-ip-source-port": {
"description": "Specifies the source port number for filtering",
"type": "integer",
"minimum": 1,
"maximum": 65535
},
"acl-ip-source-port-bitmask": {
"description": "The mask applied to the source port number",
"type": "integer",
"minimum": 0,
"maximum": 65535
},
"acl-ip-dest-port": {
"description": "Specifies the destination port number for filtering",
"type": "integer",
"minimum": 1,
"maximum": 65535
},
"acl-ip-dest-port-bitmask": {
"description": "The mask applied to the destination port number",
"type": "integer",
"minimum": 0,
"maximum": 65535
}
}
}
},
"mvr-config": {
"description": "This section defines the Multicast VLAN Registration (MVR) general configuration.",
"type": "object",
"properties": {
"mvr-enable": {
"description": "Enable/Disable MVR globally on the switch.",
"type": "boolean",
"default": false
},
"mvr-proxy-query-intvl": {
"description": "This command configures the interval (in seconds) at which the receiver port sends out general queries. The maximum value is determined based on 12 hours as maximum interval, and minimum as 1 second as allowed value.",
"type": "integer",
"default": 125,
"maximum": 43200,
"minimum": 1
},
"mvr-proxy-switching": {
"description": "Enable the MVR proxy switching mode, where the source port acts as a host, and the receiver port acts as an MVR router with querier service enabled.",
"type": "boolean",
"default": false
},
"mvr-robustness-val": {
"description": "Configure the expected packet loss, and thereby the number of times to generate report and group-specific queries when changes are learned about downstream groups, and the number of times group-specific queries are sent to downstream receiver ports. Right configuration ensures that multicast group memberships are correctly maintained even if some control messages are lost due to network issues.",
"type": "integer",
"default": 2,
"maximum": 255,
"minimum": 1
},
"mvr-source-port-mode": {
"description": "Configure the switch to forward only multicast streams that a source port has dynamically joined or to forward all multicast groups.",
"type": "string",
"default": "forward",
"enum": [
"dynamic",
"forward"
]
}
}
},
"mvr-domain-config": {
"description": "Configure the Multicast VLAN Registration (MVR) domains.",
"type": "array",
"items": {
"type": "object",
"properties": {
"mvr-domain-id": {
"description": "Unique identifier for a Multicast Domain defined under the MVR.",
"type": "integer",
"minimum": 1,
"maximum": 10,
"default": 1
},
"mvr-domain-enable": {
"description": "Enable/disable Multicast VLAN Registration (MVR) for a specific domain.",
"type": "boolean",
"default": false
},
"mvr-domain-vlan-id": {
"description": "Per domain Level Multicast VLAN ID. Specifies the VLAN through which MVR multicast data is received. This is the VLAN to which all source ports must be assigned.",
"type": "integer",
"minimum": 1,
"maximum": 4094,
"default": 1
},
"mvr-domain-upstream-sip": {
"description": "Configures the source IP address assigned to all MVR control packets sent upstream on all domains or on a specified domain.",
"type": "string",
"format": "ipv4",
"examples": [
"192.168.0.5"
]
}
}
}
},
"mvr-group-config": {
"type": "array",
"description": "List of MVR groups (or profiles) configuration.",
"items": {
"type": "object",
"properties": {
"mvr-group-name": {
"type": "string",
"description": "The name of a MVR group that consists of one or more MVR group addresses",
"maxLength": 16,
"minLength": 1
},
"mvr-group-range-start": {
"type": "string",
"format": "ipv4",
"description": "Start IP address on the range of MVR group addresses that maps to a profile/MVR group"
},
"mvr-group-range-end": {
"type": "string",
"format": "ipv4",
"description": "Statically configure all multicast group addresses that will join an MVR VLAN. Map a range of MVR group addresses to a profile"
},
"mvr-group-assoc-domain": {
"descpription": "Map the MVR Group to a secific domain. There can be many profiles under a single domain",
"type": "array",
"items": {
"type": "integer",
"maximum": 10,
"minimum": 1
}
}
},
"required": [
"mvr-group-name",
"mvr-group-range-start",
"mvr-group-range-end",
"mvr-group-assoc-domain"
]
}
}
}
},
@@ -1490,6 +1821,42 @@
}
}
}
},
"mvr": {
"type": "object",
"description": "MVR attributes on a given interface",
"properties": {
"mvr-intf-mvr-role": {
"type": "string",
"description": "Configure an interface as an MVR receiver or source port. A port which is not configured as an MVR receiver or source port can use IGMP snooping to join or leave multicast groups using the standard rules for multicast filtering.",
"enum": [
"none",
"source",
"receiver"
]
},
"mvr-intf-immed-leave": {
"type": "string",
"description": "Switch to immediately remove an interface from a multicast stream as soon as it receives a leave message for that group. Applies to only receiver role ports.",
"enum": [
"none",
"by-host-ip",
"by-group"
],
"default": "by-group"
},
"mvr-intf-assoc-domain": {
"type": "integer",
"description": "Map the port to a specific domain.",
"maximum": 10,
"minimum": 1
}
},
"required": [
"mvr-intf-mvr-role",
"mvr-intf-immed-leave",
"mvr-intf-assoc-domain"
]
}
}
},
@@ -1513,6 +1880,11 @@
]
}
},
"dhcp-snoop-vlan-enable": {
"description": "Enables DHCP Snooping on a VLAN",
"type": "boolean",
"default": false
},
"dhcp": {
"$ref": "#/$defs/interface.ipv4.dhcp"
},
@@ -1712,6 +2084,72 @@
}
}
},
"interface.acl": {
"description": "A collection of access control entries that define the rules for filtering traffic through a network interface.",
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-inf-policy-preference": {
"description": "Determines the priority of multiple ACL policies when more than one is applied to an interface, if any.",
"type": "integer",
"minimum": 1,
"maximum": 64,
"default": 1
},
"acl-inf-policy-ingress": {
"description": "Specifies the ACL policy that is applied to incoming traffic on an interface.",
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-ingress": {
"description": "Tracks the number and type of packets that match the ingress ACL rules on an interface.",
"type": "boolean",
"default": false
},
"acl-inf-policy-egress": {
"description": "Specifies the ACL policy that is applied to outgoing traffic from an interface.",
"type": "string",
"maxLength": 32,
"minLength": 1,
"examples": [
"blacklisted-macs"
]
},
"acl-inf-counters-egress": {
"description": "Tracks the number and type of packets that match the egress ACL rules on an interface.",
"type": "boolean",
"default": false
}
}
}
},
"interface.dhcp-snoop-port": {
"description": "Configuration for DHCP Snooping on a port level on a switch",
"type": "object",
"properties": {
"dhcp-snoop-port-trust": {
"description": "This parameter designates a switch port as \u2018trusted\u2019 for DHCP messages, meaning it can forward DHCP offers and acknowledgments, which is essential for connecting to legitimate DHCP servers",
"type": "boolean",
"default": false
},
"dhcp-snoop-port-client-limit": {
"description": "It sets a limit on the number of DHCP clients that can be associated with a single port, helping to prevent a single port from exhausting the network\u2019s IP address pool",
"type": "integer",
"minimum": 1
},
"dhcp-snoop-port-circuit-id": {
"description": "Specifies DHCP Option 82 circuit ID suboption information. Often including information like the interface number and VLAN ID, this can be useful for network management and troubleshooting",
"type": "string",
"minLength": 1,
"maxLength": 32
}
}
},
"interface.broad-band.wwan": {
"description": "This Object defines the properties of a broad-band uplink.",
"type": "object",
@@ -3202,6 +3640,12 @@
"ipv6": {
"$ref": "#/$defs/interface.ipv6"
},
"acl": {
"$ref": "#/$defs/interface.acl"
},
"dhcp-snooop-port": {
"$ref": "#/$defs/interface.dhcp-snoop-port"
},
"broad-band": {
"$ref": "#/$defs/interface.broad-band"
},

157
ucentral.state.pretty.json
View File

@@ -335,6 +335,10 @@
"type": "string",
"description": "The public IP address of internet connection."
},
"uplink_interface": {
"type": "string",
"description": "Current interface that serves as the Uplink. Example Ethernet2."
},
"leasetime": {
"type": "number",
"description": "This is the leasetime if the IPv4 address of this logical interface was acquired via DHCPv4."
@@ -809,6 +813,159 @@
}
}
}
},
"mvr": {
"type": "object",
"description": "MVR statistics on interface",
"properties": {
"mvr-intf-fwd-status": {
"description": "Shows if MVR traffic is being forwarded or discarded.",
"type": "boolean"
},
"mvr-intf-igmp-count-reports": {
"description": "The number of IGMP membership reports received on this interface.",
"type": "integer"
},
"mvr-intf-igmp-count-leave": {
"description": "The number of leave messages received on this interface.",
"type": "integer"
},
"mvr-intf-igmp-count-gquery": {
"description": "The number of general query messages received on this interface.",
"type": "integer"
},
"mvr-intf-igmp-count-gssquery": {
"description": "The number of group specific or group-and-source specific query messages received on this interface.",
"type": "integer"
},
"mvr-intf-igmp-count-drop": {
"description": "The number of times a report, leave, or query was dropped.",
"type": "integer"
},
"mvr-intf-igmp-count-joinsucc": {
"description": "The number of times a multicast group was successfully joined.",
"type": "integer"
},
"mvr-intf-igmp-count-actgroups": {
"description": "The number of MVR groups active on this interface.",
"type": "integer"
}
}
},
"acl-stats": {
"description": "Represents the overall statistics for ACLs on the OLS device.",
"type": "object",
"properties": {
"acl-intf-stats": {
"description": "A list of ACL-related statistics, each corresponding to a specific interface or port.",
"type": "array",
"items": {
"type": "object",
"properties": {
"acl-intf-id": {
"description": "The identifier for the interface or port to which the ACL statistics apply.",
"type": "string"
},
"acl-type": {
"description": "Type of the access control list.",
"type": "string",
"enum": [
"none",
"ipv4",
"ipv6",
"ipv4Ext",
"ipv6Ext",
"mac",
"arp"
]
},
"acl-rule-action": {
"description": "Indicates the action (permit or deny) taken when an ACL rule is matched.",
"type": "string",
"enum": [
"permit",
"deny"
]
},
"acl-hit-count": {
"description": "The number of times an ACL rule has been matched by traffic.",
"type": "number"
},
"acl-rule-resource-util": {
"description": "Shows the percentage of this user-configured ACL rule as a percentage of total ACL rules.",
"type": "integer",
"minimum": 0,
"maximum": 100
}
}
}
}
}
},
"acl-resource-stats": {
"description": "Represents the overall resource utilization statistics for ACLs.",
"type": "object",
"properties": {
"acl-total-resource-util": {
"description": "Percentage of total ACL consumed resources amongst the resources available.",
"type": "integer",
"minimum": 0,
"maximum": 100
}
}
},
"dhcp-snoop-binding": {
"description": "State message entry to show the binding table for DHCP Snooping",
"type": "object",
"properties": {
"entries": {
"description": "List of DHCP Snooping binding entries",
"type": "array",
"items": {
"type": "object",
"properties": {
"dhcp-snoop-bind-mac-address": {
"description": "MAC address of the DHCP client in the DHCP Snooping binding table",
"type": "string",
"format": "uc-mac"
},
"dhcp-snoop-bind-ip-address": {
"description": "IP address assigned to the MAC address in the DHCP Snooping binding table",
"type": "string",
"format": "ipv4"
},
"dhcp-snoop-bind-lease-seconds": {
"description": "This indicates the lease time in seconds for the IP address assigned to the DHCP client, after which the IP address may be reassigned",
"type": "integer"
},
"dhcp-snoop-bind-type": {
"description": "Specifies the type of binding entry, such as dynamic or static, indicating how the IP address was assigned to the client",
"type": "string",
"enum": [
"dynamic",
"static"
]
},
"dhcp-snoop-bind-vlan": {
"description": "VLAN ID associated with the DHCP client\u2019s IP address, which helps in managing network segments",
"type": "integer",
"minimum": 1,
"maximum": 4094
},
"dhcp-snoop-bind-interf": {
"description": "Identifies the interface through which the DHCP client is connected, aiding in network topology management",
"type": "string",
"examples": [
"Ethernet1",
"Unit-1/Port-2",
"1-2",
"Trunk 1"
]
}
}
}
}
}
}
}
}