/system/interfaces/{name}

put

https://switch-ip/rest/v10.08/system/interfaces/{name}

Recent Requests

Time	Status	User Agent
Retrieving recent requests…

Loading…

Path Params

name

string

required

Reference Resource: Interface
The interface name. For non-bonded ports, the interface name is the same as the associated port name. The name must otherwise be unique across all ports and interfaces of the system.

Body Params

mvrp_registration

string

enum

Defines the mode of operation of all the registrar state machines associated with the port. The different mode of operations are In "normal" mode, the Registrar responds to incoming MRP messages. In "fixed" mode, the Registrar ignores all MRP messages, and remains in the registered state. In "forbidden" mode, the Registrar ignores all MRP messages, and remains in the unregistered state.

Allowed:

bfd_detect_multiplier

integer

1 to 5

The number of negotiated min_rx_intervals that can occur before the BFD session is considered to be down.

ipv6_source_lockdown_enable

boolean

Enables IP Lockdown feature on the port. When set, IPv6 packets received from the clients on this port are forwarded only if there is an associated IP binding entry.

mpls_ldp_explicit_null

boolean

The value true indicates Explicit Null label will be advertised in situations where it would normally advertise an Implicit Null label.

pfc_priorities_config

integer

0 to 7

The user configured priorities for priority-based flow control. This field is only valid when interface_flowcontrol_pfc capability is present and the "pause" key of the user_config is set to "pfc".

dhcpv4_snooping_guard_policy

string

Reference Resource: DHCPv4_Snooping_Guard_Policy
DHCPv4 Guard Policy for Port.

policy_in_cfg

string

Reference Resource: Policy
Ingress Classifier Policy, potentially in flight, desired to be applied to this port, as identified in the policy.

cdp_pre_standard_mode

string

enum

Sets CDP pre standard mode in the interface : 'rx_only':If CDP voice VLAN query packet is received on this interface, the switch responds with the voice VLAN TLV included in its advertisements. 'tx_rx' :The switch includes voice VLAN TLV in its advertisements on this interface regardless of whether it has received a query packet from the peer. 'disable':If CDP voice VLAN query packet is received on this interface, switch updates CDP neighbor information received from the peer, but doesn't send any CDP advertisements to it.

Allowed:

dhcpv6_snooping_guard_policy

string

Reference Resource: DHCPv6_Snooping_Guard_Policy
DHCPv6 Guard Policy for Port.

pim_propagation_delay

object

Propagation Delay (in milliseconds) on this port.

policy_in_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of 'policy_in_cfg'. This value is changed to a random value each time any management interface modifies the 'policy_in_cfg' value. An empty value means no ingress policy has been configured for the port.

pim_mode

object

vsx_shutdown_on_split

boolean

Determines whether the port will be shutdown when VSX split occurs. This is only applicable to the ports that are not configured as MCLAG and SVIs that do not have any MCLAGs as members.

ipv6_address_autoconfig_enable

boolean

Enable automatic configuration of the IPv6 addresses.

device_profile

object

aaa_auth_precedence

object

Precedence order for Port Access Authentication: dot1x: IEEE 802.1X Authentication Protocol mac-auth: MAC Authentication Protocol. If empty, the default precedence order of dot1x followed by mac-auth will be used.

aclv4_out_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the 'aclv4_out_cfg' column. This value is changed to a random value each time any management interface modifies the 'aclv4_out_cfg' value. An empty value means no egress IPv4 ACL has been configured for the port.

lldp_med_loc_elin_info

string

length between 1 and 25

LLDP-MED Elin Location configured for this interface.

bond_mode

string

enum

The type of bonding used for a bonded port. Bond mode controls the selection of a interface from a group of aggregate interfaces with which to transmit a frame. This selection is performed with a hash function using either source and destination mac addresses (l2), ip addresses (l3) or tcp/udp ports (l4) as parameters. Defaults to l3-src-dst-hash if not assigned.

Allowed:

selftest_disable

boolean

Specify true to disable and false to enable for the respective interface

aclv6_routed_in_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the 'aclv6_routed_in_cfg' column. This value is changed to a random value each time any management interface modifies the 'aclv6_routed_in_cfg' value. An empty value means no routed ingress IPv6 ACL has been configured for the VLAN interface.

mvrp_enable

boolean

The value true indicates MVRP is enabled on this port.

dhcpv6_snooping_configuration

object

ospfv3_if_cost

integer

1 to 65535

The output cost configured on the corresponding OSPFv3 interface. If not set, OSPFv3 will calculate cost for this interface based on link speed and reference bandwidth. Any configured value will override the automatic cost calculation.

vsx_active_forwarding_enable

boolean

Determines whether this port has VSX active-forwarding enabled or not. This should be set on Upstream SVIs only and not on downstream SVIs that have active-gateway enabled.

pim_override_interval

object

Override Interval (in milliseconds) on this port.

udld_compatibility

string

enum

UDLD compatibility mode.

Allowed:

aclv4_routed_in_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the 'aclv4_routed_in_cfg' column. This value is changed to a random value each time any management interface modifies the 'aclv4_routed_in_cfg' value. An empty value means no routed ingress IPv4 ACL has been configured for the VLAN interface.

port_access_disable_cdp_auth

boolean

Disable BPDU triggered authentication for CDP. This is only applicable when port access authentication is enabled for this port.

urpf_check

string

enum

Mode of unicast reverse path forwarding verification: 'loose': drop packets that are destined to the device itself and that have source IP that is not reachable. 'strict': drop packets that are destined to the device and that have source IP that is not reachable through the interface that the packet arrived on. 'disable': no reverse path verification.

Allowed:

l3_counters_enable

object

Indicates which L3 counters are enabled for this Port

mgmd_strict_version_enable

object

Process only the configured version packets. When a key-value is not specified, strict version is disabled.

rdisc_irdp_enable

boolean

When set to true, IRDP is enabled on the port. The default value is false.

policy_routed_in_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of 'policy_routed_in_cfg'. This value is changed to a random value each time any management interface modifies the 'policy_routed_in_cfg' value. An empty value means no routed ingress policy has been configured for the port.

ipv6_nd_ra_other_config_flag

boolean

When set it indicates that other configuration information(DNS) is available via DHCPV6.

port_security_static_client_mac_addr

array of strings

length ≤ 64

MAC addresses of the clients that should be authorized on this port.

port_security_static_client_mac_addr

mgmd_querier_interval

object

Interval between successive IGMP/MLD All Host Queries that will be sent. The default value is 125 sec.

loop_protect_stagger_count

int64

≥ 0

This determines the number of loop protect PDUs to be received before taking a receiver action.

mpls_ldp_discovery_transport_address

string

length ≤ 18

IP address to be advertised as the transport address in discovery hello messages.

port_access_security_violation

object

mgmd_last_member_query_interval

object

The time interval that the querier waits to receive a response from members to a group-specific query message. It also specifies the amount of time between successive group-specific query messages. The default value is 1 second.

mpls_ldp_discovery_hold_time

integer

15 to 65535

MPLS LDP discovery hold time is duration (in seconds). LSR will keep the peer in the discovered list without receiving a Hello message. An empty entry indicates the interface is configued with the global LDP table discovery hold time value. A non-zero entry indicates the user wants to override the global discovery hold time.

udld_rfc5171_compatibility_mode

string

enum

Configured UDLD operation mode for RFC5171. In normal mode, once the link is determined to be in unidirectional state (after it was deemed bidireccional), and no "Echo" is received, it is set to "undetermined" state. However, if a a UDLD packet with an empty "Echo" is received the interface will be set to "errDisabled". In aggressive , once a link is determined to be in unidirectional state (after it was deemed bidirectional), and no "Echo" is received, it is set to "errDisabled" state. The interface will also be set to "errDisabled" if a UDLD packet with an empty "Echo" is received.

Allowed:

ipv6_nd_ra_hoplimit

integer

0 to 255

The default value that will be used in RA message. If this value is not set, then global ipv6 hoplimit value will be used in RA message.

ospfv3_if_type

string

enum

The type of the OSPFv3 network interface. The default value is the type of the interface from the Interface table.

Allowed:

udld_retries

integer

3 to 10

Number of retries before changing the UDLD interface status to block.

icmp_unreachable_ratelimit

int64

1 to 4294967295

Rate limit (in milliseconds per message), that should be used for ICMP Unreachable messages. For the specific port, takes precedence over the same System configuration.

qos

string

length between 1 and 64

References schedule profile for this port. If this is unspecified, then the schedule profile referenced in System) table qos will be used.

mgmd_mld_static_groups

array of strings

length ≤ 9223372036854776000

List of MLD static group and source IP addresses. The entries are stored in the Source_Group format. Source is the Source IP Address and Group is the Group IP Address.

mgmd_mld_static_groups

icmp_redirect_disable

boolean

Disables ICMPv4 and ICMPv6 redirect messages. For the specific port, takes precedence over the same System configuration.

tunnel_endpoints

string

pim_lan_prune_delay_disable

object

This entry specifies whether LAN prune delay option is enabled on this port.

aclv6_routed_out_cfg

string

Reference Resource: ACL
IPv6 ACL for routed egress traffic, potentially in flight desired to be applied to this VLAN interface, as identified in the ACL. This configuration is applicable only when the port is a VLAN interface.

ipv6_nd_ra_max_interval

integer

4 to 1800

The maximum interval (in seconds) between sending router advertisements.

pim_bfd

object

'enable': Enables BFD on this interface overriding the PIM router BFD configuration bfd_all_interfaces_enable in PIM_Router. 'disable': Disables BFD on this interface overriding the PIM router BFD configuration bfd_all_interfaces_enable in PIM_Router. 'default': Keeps BFD enabled or disabled on this interface based on the PIM router BFD configuration bfd_all_interfaces_enable in PIM_Router.

ipv6_nd_icmpv6_redirects

boolean

Enable sending ICMPv6 redirect messages.

vsx_virtual_gw_mac_v6

string

length between 17 and 17

VSX virtual gateway MAC address for the corresponding virtual gateway IPv6 addresses.

vlan_tag

string

Reference Resource: VLAN
Specifies the Access or Native VLAN for this port. For a non-SVI, 'routing' interface, the value must be kept empty. For SVI, the value must reference the VLAN of the SVI.

other_config

object

pim_source_address

object

IP address used as the source address for the PIM protocol packets outbound on this port. If the value is not specified or empty then the primary IP of the port will be used as the source IP.

rdisc_irdp_broadcast

boolean

Specifies whether router advertisements should be sent using broadcast, 255.255.255.255 address. If the value is false (which is a default) the packets would be sent to multicast 224.0.0.1 address.

mgmd_snoop_fastlearn_enable

object

Set this value to true to enable IGMP/MLD fastlearn for the port and false to disable IGMP/MLD fastlearn. By default the feature is disabled for IGMP/MLD.

ospf_if_out_cost

integer

1 to 65535

The output cost configured on the corresponding OSPFv2 interface. If not set, OSPF will calculate cost for this interface based on link speed and reference bandwidth. Any configured value will override the automatic cost calculation.

ipv6_nd_prefix_default

object

ipv6_nd_ra_managed_flag

boolean

When set it indicates that addresses are available via DHCPV6.

pim_dense_max_graft_retries

object

Number of times the port will re-transmit PIM graft datagrams.

aclmac_in_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the 'aclmac_in_cfg' column. This value is changed to a random value each time any management interface modifies the 'aclmac_in_cfg' value. An empty value means no ingress MAC ACL has been configured for the port.

rdisc_irdp_preference

int64

-4294967296 to 4294967295

Specifies the preference level of this routing switch. Higher value indicates higher router preference. The default preference value is 0.

mgmd_querier_max_response_time

object

The time interval to wait for a response to a IGMP/MLD query. The default value is 10 seconds.

ip_mtu

integer

68 to 9198

The user configured IP MTU of a port. This would be applicable for both IPv4 and IPv6.

ospfv3_ipsec_ah

object

IPsec Authentication Header (AH) configuration. Specifies Security Parameters Index (SPI), authentication type and key to use. IPsec AH is preferred over IPsec Encapsulating Security Payload (ESP) if ospfv3_ipsec_ah and ospfv3_ipsec_esp both are configured.

q_profile

string

length between 1 and 64

References queue profile for this port. If this is unspecified, then the queue profile referenced in System) table q_profile will be used.

routing

boolean

Indicates whether the interface is routing or Layer 2. For routing interfaces, 'vrf' has to be properly populated. If not configured, default behavior depends on interface 'type': 'vlan': 'true' 'gre_ipv4 tunnel': 'true' 'ipv6_in_ipv4 tunnel': 'true' 'ipv6_in_ipv6 tunnel': 'true' 'loopback': 'true' 'system': 'true' 'lag': 'true' 'vxlan': 'false' 'ubt': 'false'

ipv6_nd_router_preference

string

enum

The preference associated with the default router.

Allowed:

mgmd_mld_version

integer

1 to 2

The MLD protocol version to use. When MLD is disabled, this field would be empty. If there is a version mismatch between L2 and L3 VLAN, it will pick the lowest version.

ospf_if_type

string

enum

The type of the OSPFv2 network interface. The default value is the type of the interface from the Interface table.

Allowed:

igmp_router_alert_check_enable

boolean

Enable IGMP router-alert checking on this interface. This is only applicable to L3 interfaces.

loop_protect_action

string

enum

This determines action for the Loop-protect feature.The value is set to "tx- port-disable" for disabling the sending port on detecting a loop, "tx-rx- disable" disables both sending and receiving ports when loop is detected and "do-not-disable" will not disable any port. Default value is tx-port-disable.

Allowed:

vsx_sync

array of strings

length ≤ 9223372036854776000

Controls which attributes should be synchronized between VSX peers. '^acl.' : all attributes that control the association with the ACLs will be synchronized. '.irdp.' : all attributes that control the IRDP will be synchronized. '^qos.' : all attributes that control the Quality of Service will be synchronized. 'rate_limits' : all attributes that control rate-limits will be synchronized. '^vlan.' : all attributes that control the association with the VLANs will be synchronized. '^vsx_virtual.': all attributes that control the association with the VSX active-gateways will be synchronized. 'virtual_gw_l3_src_mac_enable': attribute that controls the active-gateways l3 source MAC will be synchronized '^policy.' : all attributes that control the association with the Policies will be synchronized. 'portfilter' : attribute that controls static portfiltering will be synchronized. 'client_ip_track_configuration' : attribute that controls the client track ip will be synchronized. 'device_fingerprint_configuration' : attribute controls device fingerprinting will be synchronized. 'mgmd_acl' : Attribute that associates ACL with IGMP/MLD will be synchroized. 'mgmd_enable' : Attribute that controls the multicast IGMP/MLD will be synchroized. 'mgmd_robustness' : Attribute that controls number of retries for query will be synchronized. 'mgmd_querier_max_response_time' : Attribute that controls time interval for response of IGMP/MLD query will be synchronized. 'mgmd_mld_version' : Attribute that controls mld version will be synchronized. 'mgmd_querier_interval' : Attribute that controls interval between IGMP/MLD queries will be synchronized. 'mgmd_last_member_query_interval' : Attributes that control time interval that querier waits to receive response will be synchronized. 'mgmd_querier_enable' : Attribute that controls querier enable/disable will be synchronized. 'mgmd_mld_static_groups' : Attribute that controls list of static MLD groups will be synchronized. 'mgmd_igmp_static_groups' : Attribute that controls list of static IGMP groups will be synchronized. 'mgmd_igmp_version' : Attribute that controls IGMP L3 Interface Version will be synchronized. 'macsec_policy' : Attribute that controls the MACsec policy association to a port will be synchronized. 'mka_policy' : Attribute that controls the MKA policy association to a port will be synchronized. 'pim_mode' : Attribute that controls the multicast PIM will be synchroized. 'pim_trig_hello_interval' : Attribute that controls the multicast PIM hello delay will be synchroized. 'pim_hello_interval' : Attribute that controls the multicast PIM hello interval will be synchroized. 'pim_lan_prune_delay_disable' : Attribute that controls the multicast PIM lan prune delay will be synchroized. 'pim_override_interval' : Attribute that controls the multicast PIM override interval will be synchroized. 'pim_propagation_delay' : Attribute that controls the multicast PIM propagation delay will be synchroized. 'pim_vsx_virtual_neighbor' : Attribute that controls the multicast PIM vsx virtual neighbor will be synchroized. 'pim_source_address': Attribute that controls the multicast PIM source ip will be synchroized. 'pim_bfd' : Attribute that controls the multicast PIM bfd will be synchroized.

vsx_sync

aaa_auth_priority

object

Priority order for Port Access Authentication: dot1x: IEEE 802.1X Authentication Protocol mac-auth: MAC Authentication Protocol. If not set, priority will follow the 'aaa_auth_precedence' order.

aclv6_routed_in_cfg

string

Reference Resource: ACL
IPv6 ACL for routed ingress traffic, potentially in flight desired to be applied to this VLAN interface, as identified in the ACL. This configuration is applicable only when the port is a VLAN interface.

interfaces

array of strings

length ≤ 16

Reference Resource: Interface
The port's interfaces. If there is more than one, this is a bonded Port. A maximum of 16 interfaces can be assigned to a port.

interfaces

ospfv3_dead_interval

integer

1 to 65535

The time duration, in seconds, that a neighbor should wait for a Hello packet before tearing down adjacencies with the local router.

ospfv3_hello_interval

integer

1 to 65535

The Hello packet will be sent every hello interval timer value seconds. This value must be the same for all routers attached to a common network.

rate_interval

integer

5 to 300

Interval in seconds to calculate interface rate statistics.

dhcpv4_snooping_configuration

object

aclv4_out_cfg

string

Reference Resource: ACL
Egress IPv4 ACL, potentially in flight, desired to be applied to this port, as identified in the ACL.

ospfv3_transmit_delay

integer

1 to 1800

The estimated time in seconds to transmit an LSA to a neighbor. The transmit delay timer increments the age of LSAs in the update packets to accommodate transmission and propagation delays for the interface. The timer is more important on very low speed links where the transmission delay is more significant.

port_access_critical_auth_role

string

Reference Resource: Port_Access_Role
The role to be applied for clients, that failed authentication due to unreachable authentication servers.

aclv4_routed_out_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the currently configured routed egress IPv4 ACL that corresponds to this configuration version value. This value is changed to a random value each time any management interface modifies the configured routed egress IPv4 ACL value. An empty value means no routed egress IPv4 ACL has been configured for the VLAN interface.

mpls_admin

string

enum

The administrative state of MPLS in the Interface.

Allowed:

process_grat_arp

boolean

Disable processing gratituous ARP packets received on this port. This is only applicable to Layer-3 interfaces (SVIs, Routed ports or L3 LAG).

mka_policy

string

Reference Resource: MKA_Policy
MKA policy associated with the port.

vlan_trunks

array of strings

length ≤ 4096

Reference Resource: VLAN
List of VLANs that this port is allowed to pass traffic for. When the list is empty, it means that the port will be allowed to pass traffic for all VLANs configured on the device. This is only relevant if 'vlan_mode' is 'native-tagged' or 'native-untagged' and ignored for 'access'. 'native-tagged' or 'native-untagged' port always trunks its native ('vlan_tag') VLAN, regardless of whether it's included in 'vlan_trunks'.

vlan_trunks

ipv6_nd_ra_dnssl

object

Key-value pairs that maps DNS prefixes to their lifetime in seconds.

ospfv3_bfd

string

enum

Specifies whether OSPFv3 router global BFD mode should be overridden for this particular interface: 'enable': Enables BFD, regardless of OSPFv3 router bfd_all_interfaces_enable. 'disable': Disables BFD, regardless of OSPFv3 router bfd_all_interfaces_enable. 'default': Keeps BFD disabled or enabled according to OSPFv3 router bfd_all_interfaces_enable.

Allowed:

ipv6_nd_ra_lifetime

integer

0 to 9000

The lifetime associated with the default router in units of seconds.

ospfv3_ipsec_esp

object

IPsec Encapsulating Security Payload (ESP) configuration. Specifies Security Parameters Index (SPI), encryption/authentication type and key to use. IPsec Authentication Header (AH) is preferred over IPsec ESP if ospfv3_ipsec_ah and ospfv3_ipsec_esp both are configured.

port_access_reject_role

string

Reference Resource: Port_Access_Role
The role to be applied for clients that failed authentication.

port_access_fallback_role

string

Reference Resource: Port_Access_Role
The role that will be applied to clients that have not been assigned a role via any of the onboarding methods.

mgmd_enable

object

Enable or disable IGMP/MLD on the L3 Port. By default, IGMP/MLD is disabled on the L3 Port.

mvrp_timers

object

Specifies the different timers and their corresponding intervals in centiseconds. The MVRP standard defines all timer intervals in centiseconds(cs). 100 cs is 1 second.

bfd_min_tx_interval

integer

50 to 20000

The shortest interval, in milliseconds, at which BFD sessions can transmit BFD control messages. Messages will actually be transmitted at a slower rate if the remote endpoints cannot receive them as quickly as specified. If not present, the system value is used.

mgmd_querier_enable

object

Enable/Disable the IGMP/MLD Querier Functionality on the L3 Port. The default value is disabled.

ospf_auth_type

string

enum

The type of OSPFv2 authentication. If not set, then parent area level authentication holds for the port.

ospfv3_retransmit_interval

integer

1 to 1800

The number of seconds between LSA retransmissions. It is also used when retransmitting Database Description and Link State Request Packets.

rdisc_irdp_timers

object

aclv4_in_cfg

string

Reference Resource: ACL
Ingress IPv4 ACL, potentially in flight, desired to be applied to this port, as identified in the ACL.

bond_active_slave

string

port_access_auth_mode

string

enum

Indicates, whether each individual client on the port needs to be authenticated separately to gain access to the network. client-mode: every client needs to be authenticated to be granted network access. device-mode: only one of the attached clients must be authenticated for all clients to be granted network access. multi-domain:limit the number of authenticated clients to one 'voice' client and a configured number of 'data' clients. By default allowed 'data' client is also one.

Allowed:

bfd_min_rx_interval

integer

100 to 20000

The shortest interval, in milliseconds, at which BFD sessions can receive BFD control messages. Remote endpoints may send messages at a slower rate. If not present, the system value is used.

ipv6_nd_suppress_ra

object

pim_dr_priority

object

Designated Router(DR) Priority for this port.

ipv6_nd_ns_interval

integer

1000 to 3600000

The interval (in milliseconds) between neighbor solicitation messages.

ipv6_neighbor_timeout

integer

30 to 28800

Determines the time interval in seconds till when an IPv6 neighbor entry is valid.

mac

string

The MAC address to use for this port for the purpose of choosing the bridge's MAC address. This column does not necessarily reflect the port's actual MAC address, nor will setting it change the port's actual MAC address.

virtual_ip4_routers

object

Reference Resource: VRRP
The port's VRRP groups (or VR instances) for IPv4 address family. A maximum of 32 VRRP groups can be assigned to a port.

mvrp_forbidden_vlans

array of integers

length ≤ 4094

Specifies the VLANs that should not be learned on the port. If the registration mode of the port is "forbidden" and there are no VLANs in the forbidden list , then none of the VLANs are learned on this port.

mvrp_forbidden_vlans

aclv6_out_cfg

string

Reference Resource: ACL
Egress IPv6 ACL, potentially in flight, desired to be applied to this port, as identified in the ACL.

vsx_virtual_gw_mac_v4

string

length between 17 and 17

VSX virtual gateway MAC address for the corresponding virtual gateway IPv4 addresses.

vsx_virtual_ip6

array of strings

length ≤ 9223372036854776000

List of active gateway IPv6 addresses.

vsx_virtual_ip6

mgmd_robustness

object

The number of times to retry a query. The default value is 2.

udld_enable

boolean

UDLD protocol is enabled or not on this interface.

aclv4_routed_in_cfg

string

Reference Resource: ACL
IPv4 ACL for routed ingress traffic, potentially in flight desired to be applied to this VLAN interface, as identified in the ACL. This configuration is applicable only when the port is a VLAN interface.

port_access_critical_voice_role

string

Reference Resource: Port_Access_Role
The role to be applied to 'voice' client that have failed re-authentication due to servers being unreachable.

port_access_allow_bpdu

array of strings

length ≤ 2

Enables LLDP and/or CDP BPDU to be accepted before authentication.

port_access_allow_bpdu

options

object

ip6_addresses

object

Reference Resource: IP6_Address
References IPv6 addresses and prefixes of the port.

user_config

object

Key-value pairs that stores the user configuration of Interface.

port_security

object

ospf_if_shutdown

boolean

Shut OSPF down on this interface.

virtual_ip6_routers

object

Reference Resource: VRRP
The port's VRRP groups (or VR instances) for IPv6 address family. A maximum of 32 VRRP groups can be assigned to a port.

mgmd_igmp_version

integer

2 to 3

The IGMP protocol version to use. When IGMP is disabled, this field would be empty. If there is a version mismatch between L2 and L3 VLAN, it will pick the lowest version.

mpls_ldp_session_hold_time

integer

15 to 65535

MPLS LDP session hold time is duration (in seconds) an LDP session will not be torn down in the absence of a keep alive message. An empty entry indicates the interface is configued with the global LDP table session hold time value. A non-zero entry indicates the user wants to override the global session hold time.

ipv6_nd_mtu

integer

1280 to 65535

The MTU option is used in router advertisement messages to ensure that all nodes on a link use the same MTU value.

stp_config

object

This represents information regarding stp port level configuration.

ospf_auth_sha_keys

object

The authentication keys for OSPFv2 authentication type "sha".

vsx_linkup_delay_timer_disable

boolean

A value of 'true' disables vsx linkup delay timer for this port.

aclv6_routed_out_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the currently configured routed egress IPv6 ACL that corresponds to this configuration version vlaue. This value is changed to a random value each time any management interface modifies the configured routed egress IPv6 ACL value. An empty value means no routed egress IPv6 ACL has been configured for the VLAN interface.

arp_timeout

integer

30 to 28800

Determines the time interval in seconds till when a neighbor entry is valid.

ospf_auth_text_key

string

length ≥ 1

The authentication key for OSPFv2 authentication type "text".

ipv6_nd_ra_retransmit_timer

int64

0 to 4294967295

The value to be placed in retransmission timer field in router advertisement messages sent by router.

port_access_auth_configurations

object

Reference Resource: Port_Access_Auth_Configuration
Authentication method specific port-access configurations on this interface.

aclv6_in_cfg

string

Reference Resource: ACL
Ingress IPv6 ACL, potentially in flight, desired to be applied to this port, as identified in the ACL.

ipv6_address_linklocal_enable

boolean

Enables IPV6 link-local address when global unicast address is not configured.

ipv6_nd_ra_rdnss

object

Key-value pairs that maps RDNS server addresses to their lifetime in seconds.

ipv6_nd_ra_min_interval

integer

3 to 1350

The minimum interval (in seconds) between sending router advertisements.

port_security_static_sticky_client_mac_addr

object

MAC addresses of the sticky clients that should be authorized on this port.

aclv4_in_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the 'aclv4_in_cfg' column. This value is changed to a random value each time any management interface modifies the 'aclv4_in_cfg' value. An empty value means no ingress IPv4 ACL has been configured for the port.

port_access_disable_lldp_auth

boolean

Disable BPDU triggered authentication for LLDP. This is only applicable when port access authentication is enabled for this port.

udld_arubaos_compatibility_mode

string

enum

Configured UDLD operation mode for ArubaOS. In verify_then_forward the interface starts out blocked and will not forward traffic until UDLD determines that the interface is bidirectional. With forward_then_verify the interface starts out unblocked.

Allowed:

policy_routed_in_cfg

string

Reference Resource: Policy
Classifier policy for routed ingress traffic, potentially in flight, desired to be applied to this port, as identified in the policy.

vlan_mode

string

enum

VLAN mode for ports with 'routing' being 'false'. For those ports, it has to be set, otherwise the port will be held down. access: Port can carry traffic for only one VLAN and the VLAN is specified as part of vlan_tag. Packets ingressing and egressing this port will not have an 802.1Q VLAN tag. When the port is trunked, mode must be either native-tagged or native-untagged, value contained in vlan_trunks refers to the list of VLANs which have to be trunked, if it is empty then all VLANs have to be trunked. native-tagged: Port can carry traffic for multiple VLANs. One of the VLANs is designated as native and is specified as part of vlan_tag. Traffic for all VLANs on this port including the native VLAN will be 802.1Q VLAN tagged. native-untagged: Port can carry traffic for multiple VLANs. One of the VLANs is designated as native and the VLAN ID is specified as part of vlan_tag. Traffic for all VLANs except the native VLAN will be 802.1Q VLAN tagged Traffic for the native VLAN will not have an 802.1Q tag.

Allowed:

rate_limits

object

aclv6_in_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the 'aclv6_in_cfg' column. This value is changed to a random value each time any management interface modifies the 'aclv6_in_cfg' value. An empty value means no ingress IPv6 ACL has been configured for the port.

ospfv3_if_priority

integer

0 to 255

The router with the highest priority will be more eligible to become Designated Router. Setting the value to 0, makes the router ineligible to become Designated Router.

ospf_auth_md5_keys

object

The authentication keys for OSPFv2 authentication type "md5".

lacp

string

enum

Configures LACP on this port. LACP allows directly connected switches to negotiate which links may be bonded. LACP may be enabled on non-bonded ports for the benefit of any switches they may be connected to. active ports are allowed to initiate LACP negotiations. passive ports are allowed to participate in LACP negotiations initiated by a remote switch, but not allowed to initiate such negotiations themselves. If LACP is enabled on a port whose partner switch does not support LACP, the bond will be disabled. Defaults to off if unset.

Allowed:

aclv6_out_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the 'aclv6_out_cfg' column. This value is changed to a random value each time any management interface modifies the 'aclv6_out_cfg' value. An empty value means no egress IPv6 ACL has been configured for the port.

icmp_unreachable_disable

boolean

Disables ICMPv4 and ICMPv6 unreachable messages. For the specific port, takes precedence over the same System configuration.

macsec_policy

string

Reference Resource: MACsec_Policy
MACsec policy associated with the port.

aclmac_out_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the 'aclmac_out_cfg' column. This value is changed to a random value each time any management interface modifies the 'aclmac_out_cfg' value. An empty value means no egress MAC ACL has been configured for the port.

ipv4_source_lockdown_enable

boolean

Enables IP Lockdown feature on the port. When set, IPv4 packets received from the clients on this port are forwarded only if there is an associated IP binding entry.

port_access_clients_limit

integer

1 to 256

Maximum number of clients that can be authenticated on this port.

virtual_gw_l3_src_mac_enable

boolean

Enables the interface to use the virtual gateway MAC address as the source MAC for routed traffic. This is only applicable for SVI interfaces.

ipv6_nd_ra_reachable_time

integer

0 to 3600000

The time, in milliseconds, that a node assumes a neighbor is reachable after having received a reachability confirmation.

udld_interval

integer

10 to 90000

The time interval in milliseconds to send UDLD packets. If 'udld_compatibility' value is 'rfc5171' and time interval is below valid range for RFC 5171 (7000 - 90000), then it will be forced to 7000.

port_access_allow_flood_traffic

boolean

Enables transmission of flood-traffic (broadcast, multicast and unknown unicast) out ports that are security blocked. A port is security blocked when authentication is enabled for that port and no client has yet been authenticated on this port.

vlans_per_protocol

object

Reference Resource: VLAN
The list of protocol VLANs configured on the port.

ip4_address_secondary

array of strings

length ≤ 9223372036854776000

This is a list of secondary IPv4 addresses and subnet mask in the address/mask format.

ip4_address_secondary

pim_dense_graft_retry_interval

object

Time (in seconds) that this port waits for a PIM graft acknowledgement from its peer before it retransmit another graft datagram.

pim_dense_ttl_threshold

object

This is the minimum TTL value that state refresh messages received from a peer must have, to be eligible for forwarding to other peers.

pim_datapath_auto_include

object

vrf

string

Reference Resource: VRF
Indicates the VRF to which the port belongs if the port is routing. If not configured and if the port is routing, the port belongs to 'default' vrf.

ip6_address_custom_link_local

object

Reference Resource: IP6_Address
References user configured link-local IPv6 address of the port.

port_access_mda_data_clients_limit

integer

1 to 5

Maximum number of 'data' clients that can be authenticated on this port when multi-domain is enabled. If the number of 'data' clients on this port exceeds this client limit, it will be considered as a port-access violation and the configured threshold-violation action will be performed.

port_access_onboarding_precedence

object

Precedence order for Port Access Authentication: aaa: Onboard clients based on AAA authentication. device-profile: Onboard clients based on device-profile configuration. If empty, the default precedence order of aaa followed by device-profile will be used.

ospf_auth_keychain

string

Reference Resource: Keychain
The "Keychain" used for cryptographic authentication. Supports MD5, SHA-1, SHA-256, SHA-384 and SHA-512 algorithms.

port_access_concurrent_onboarding

boolean

Enable authentication methods to start concurrently for faster onboarding. If not set, clients are onboarded based on the order specified by port_access_onboarding_precedence.

nd_snooping_configuration

object

mpls_ldp_admin

string

enum

The administrative state of MPLS LDP in the Interface.

Allowed:

lldp_med_loc_civic_ca_info

object

Set of civic address elements.

aaa_port_access_radius_override_enable

boolean

Enables RADIUS override support. With this enabled, RADIUS attributes received from server will override corresponding client role attributes.

loop_protect_enable

boolean

When set to true, Loop-protect is enabled on this port. Default value is false.

pim_hello_interval

object

Interval (in seconds) at which PIM Hello messages are transmitted on this port.

aclmac_in_cfg

string

Reference Resource: ACL
Ingress MAC ACL, potentially in flight, desired to be applied to this port, as identified in the ACL.

aclmac_out_cfg

string

Reference Resource: ACL
Egress MAC ACL, potentially in flight, desired to be applied to this port, as identified in the ACL.

ospf_priority

integer

0 to 255

The router with the highest priority will be more eligible to become Designated Router. Setting the value to 0, makes the router ineligible to become Designated Router.

qos_config

object

port_access_pre_auth_role

string

Reference Resource: Port_Access_Role
The role to be applied for clients that are yet to be authenticated.

subintf_vlan

integer

1 to 4094

Specifies VLAN ID for the subinterface. This VLAN ID is used to send and receive 802.1Q tagged packets on a subinterface. Without an associated VLAN ID, a subinterface will remain in down state.

port_access_auth_role

string

Reference Resource: Port_Access_Role
The role to be applied for clients that have been authenticated but not received any specific role or attribute from the authentication server.

ospfv3_if_shutdown

boolean

Shutdown OSPFv3 on this interface.

ipv6_nd_dad_attempts

integer

0 to 15

The number of Neighbor discovery packets to be sent for duplicate address detection.

cdp_disable

boolean

Disables reception and transmission of CDP packets on the interface, regardless of the system level configuration.

lldp_med_loc_civic_info

string

length between 1 and 4

The civic info which includes 'country code' and 'what number' for advertisements specific to LLDP-MED.

mac_notify_type

array of strings

length ≤ 4

Define the four events that the SNMP Trap will monitor 1 - learned (On this port a MAC learn occured) 2 - removed (On the enabled port a MAC was removed) 3 - aged (On the enabled port a MAC has aged out) 4 - moved (On the enabled port a MAC has moved) empty - Empty value will be treated as invalid

mac_notify_type

pim_trig_hello_interval

object

Maximum time (in seconds) before this port transmits the initial PIM hello message on bootup or a triggered Hello message to a rebooting neighbor.

threshold_profile

string

Reference Resource: Threshold_Profile
Specifies the threshold-profile name for this port. If it is unspecified, the name (if present) of the threshold_profile_default column in System table will be used.

mgmd_acl

object

Reference Resource: ACL
Ingress ACL to filter processing of MGMD reports and leave messages received from hosts. When this is not configured, all MGMD reports and leave messages will be processed.

description

string

length ≤ 64

Description for the 'system' interfaces

vsx_virtual_ip4

array of strings

length ≤ 9223372036854776000

List of active gateway IPv4 addresses.

vsx_virtual_ip4

admin

string

enum

The administrative state of the Interface. If not configured, the default behavior depends on the 'type': 'mgmt': 'up' 'lag': 'down' 'vlan': 'up' 'gre_ipv4 tunnel': 'down' 'ipv6_in_ipv4 tunnel': 'down' 'ipv6_in_ipv6 tunnel': 'down' 'loopback': 'up' 'system': 'down' 'vxlan': 'down' 'ubt': 'down'

Allowed:

mgmd_igmp_static_groups

array of strings

length ≤ 9223372036854776000

List of IGMP static group and source IP addresses. The entries are stored in the Source_Group format.Source is the Source IP Address and Group is the Group IP Address.

mgmd_igmp_static_groups

loop_protect_vlan

array of strings

length ≤ 4094

Reference Resource: VLAN

loop_protect_vlan

ip4_address

string

length ≤ 18

The IPv4 address and subnet mask in the address/mask format. This is the primary IP address.

ospf_bfd

string

enum

Specifies whether OSPF router global BFD mode should be overridden for this particular interface: 'enable': Enables BFD, regardless of OSPF router bfd_all_interfaces_enable. 'disable': Disables BFD, regardless of OSPF router bfd_all_interfaces_enable. 'default': Keeps BFD disabled or enabled according to OSPF router bfd_all_interfaces_enable.

Allowed:

aclv4_routed_out_cfg

string

Reference Resource: ACL
IPv4 ACL for routed egress traffic, potentially in flight desired to be applied to this VLAN interface, as identified in the ACL. This configuration is applicable only when the port is a VLAN interface.

ospf_intervals

object

Responses

200

204

No Content

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

415

Unsupported Media Type

500

Internal Server Error

501

Not Implemented

503

Service Unavailable

Language

Loading…