mirror of
https://github.com/Telecominfraproject/ols-ucentral-schema.git
synced 2025-10-29 09:12:20 +00:00
54358ff146
Declare dhcp-relay in interface.ipv4.dhcp.yml, aligns with client and allows setting per logical interface. - STP object typo #7 Fix spelling Additional: schema/ethernet.yml - make power limit an integer Signed-off-by: Mike Hansen <mike.hansen@netexperience.com>
203 lines
7.6 KiB
YAML
203 lines
7.6 KiB
YAML
description:
|
|
This section defines the linkk speed and duplex mode of the physical copper/fiber
|
|
ports of the device.
|
|
type: object
|
|
properties:
|
|
select-ports:
|
|
description:
|
|
The list of physical network devices that shall be configured.
|
|
The names are logical ones and wildcardable.
|
|
type: array
|
|
items:
|
|
type: string
|
|
examples:
|
|
- LAN1
|
|
- LAN2
|
|
- LAN3
|
|
- LAN4
|
|
- LAN*
|
|
- WAN*
|
|
- "*"
|
|
speed:
|
|
description:
|
|
The link speed that shall be forced.
|
|
type: integer
|
|
enum:
|
|
- 10
|
|
- 100
|
|
- 1000
|
|
- 2500
|
|
- 5000
|
|
- 10000
|
|
- 25000
|
|
- 100000
|
|
default: 1000
|
|
duplex:
|
|
description:
|
|
The duplex mode that shall be forced.
|
|
type: string
|
|
enum:
|
|
- half
|
|
- full
|
|
default: full
|
|
enabled:
|
|
description:
|
|
This allows forcing the port to down state by default.
|
|
type: boolean
|
|
default: true
|
|
services:
|
|
description:
|
|
The services that shall be offered on this L2 interface.
|
|
type: array
|
|
items:
|
|
type: string
|
|
examples:
|
|
- quality-of-service
|
|
poe:
|
|
description:
|
|
This section describes the ethernet poe-port configuration object.
|
|
type: object
|
|
properties:
|
|
admin-mode:
|
|
description:
|
|
Option to force admin state over selected port.
|
|
Setting to <false> immediately shuts down power.
|
|
Setting to <true> starts PoE hanshake
|
|
(Power sourcing equipment < - > Powered Device) sequence and
|
|
in case of success, power is being delivered to Powered Device.
|
|
type: boolean
|
|
default: false
|
|
do-reset:
|
|
description:
|
|
Option to force device's PSE (Power sourcing equipment)
|
|
to invoke a PoE port reset sequence.
|
|
This option can be used to reset PoE port without flickering
|
|
it via <admin-mode> down/up sequence.
|
|
type: boolean
|
|
detection:
|
|
description:
|
|
The detection mode is used to set the type of devices that are allowed for powering up.
|
|
The PoE controller can be configured to detect only IEEE standard devices
|
|
or pre-IEEE legacy devices (which were pre-standard - non-IEEE 802.3af compliant).
|
|
For example, if "dot3af" is used (PoE, max up to 15.4 W), and Powered Device drains >15.4W,
|
|
Power sourcing equipment won't allow this port to drain power.
|
|
type: string
|
|
examples:
|
|
- "2pt-dot3af"
|
|
- "2pt-dot3af+legacy"
|
|
- "4pt-dot3af"
|
|
- "4pt-dot3af+legacy"
|
|
- "dot3bt"
|
|
- "dot3bt+legacy"
|
|
- "legacy"
|
|
default: dot3bt
|
|
power-limit:
|
|
description:
|
|
Option to configure user defined absolute power limit PoE port can dain (in milliwatts, mW).
|
|
type: integer
|
|
default: 99900
|
|
priority:
|
|
description:
|
|
Option to set priority to each PoE port. When the PoE switch has less power available
|
|
and more ports are required to supply power, higher priority ports are receive power
|
|
in preference to lower priority ports.
|
|
type: string
|
|
default: low
|
|
examples:
|
|
- "critical"
|
|
- "high"
|
|
- "medium"
|
|
- "low"
|
|
ieee8021x:
|
|
description:
|
|
This section describes the per-port specific 802.1X (port access control) configuration.
|
|
type: object
|
|
properties:
|
|
is-authenticator:
|
|
description:
|
|
Configure PAE processing on port, as well as select this port as an Authenticator (configure PAC role to authenticator).
|
|
False configures the switch to not process PAC
|
|
type: boolean
|
|
default: false
|
|
authentication-mode:
|
|
description:
|
|
Configure PAE processing on port, as well as select this port as an Authenticator (configure PAC role to authenticator).
|
|
force-authorized - Disables IEEE 802.1X authentication and causes the port to change to the authorized state without any authentication exchange required.
|
|
The port sends and receives normal traffic without IEEE 802.1X-based authentication of the client.
|
|
force-unauthorized - Causes the port to remain in the unauthorized state, ignoring all attempts by the supplicant to authenticate.
|
|
The Device cannot provide authentication services to the supplicant through the port.
|
|
auto - Enables IEEE 802.1X authentication and causes the port to begin in the unauthorized state, allowing only EAPOL frames to be sent and received through the port.
|
|
The authentication process begins when the link state of the port changes from down to up or when an EAPOL-start frame is received. The Device requests the identity of the
|
|
supplicant and begins relaying authentication messages between the supplicant and the authentication server.
|
|
Each supplicant attempting to access the network is uniquely identified by the Device by using the supplicant MAC address.
|
|
type: string
|
|
enum:
|
|
- force-authorized
|
|
- force-unauthorized
|
|
- auto
|
|
default: force-authorized
|
|
host-mode:
|
|
description: |
|
|
Multi-auth - While in this mode, multiple devices are allowed to independently authenticate through the same port.
|
|
Multi-domain - While in this mode, the authenticator will allow one host from the data domain and one from the voice domain.
|
|
Multi-host - While in this mode, the first device to authenticate will open to the switchport so that all other devices can use the port. These other devices are not required to be authenticated independently.
|
|
Single-host - While in this mode, the switchport will only allow a single host to be authenticated and to pass traffic at a time.
|
|
type: string
|
|
enum:
|
|
- multi-auth
|
|
- multi-domain
|
|
- multi-host
|
|
- single-host
|
|
default: multi-auth
|
|
guest-vlan:
|
|
description:
|
|
Configure a VLAN as a guest VLAN on an interface if the switch receives no response in an authentication event.
|
|
type: integer
|
|
minimum: 1
|
|
maximum: 4094
|
|
unauthenticated-vlan:
|
|
description:
|
|
Configure the unauthenticated VLAN to use when the AAA server fails to recognize the client credentials
|
|
type: integer
|
|
minimum: 1
|
|
maximum: 4094
|
|
port-isolation:
|
|
description:
|
|
This section describes the per-port specific port-isolation matrix (to which ports selected port can forward traffic to) configuration.
|
|
Omitting this configuration completely fully disables any port-isolation configuration on this given port.
|
|
type: object
|
|
properties:
|
|
sessions:
|
|
description:
|
|
Allow selected port to forward traffic in the provided session-based format.
|
|
type: array
|
|
items:
|
|
type: object
|
|
properties:
|
|
id:
|
|
description:
|
|
Session id to configure.
|
|
type: integer
|
|
uplink:
|
|
description:
|
|
Configuration object for uplink interface(s)
|
|
type: object
|
|
properties:
|
|
interface-list:
|
|
description:
|
|
List of interfaces (either physical or trunk ports)
|
|
type: array
|
|
items:
|
|
type: string
|
|
downlink:
|
|
description:
|
|
Configuration object for downlink interface(s)
|
|
type: object
|
|
properties:
|
|
interface-list:
|
|
description:
|
|
List of interfaces (either physical or trunk ports)
|
|
type: array
|
|
items:
|
|
type: string
|