/system/interfaces/{Interface.name}

patch

https://switch-ip/rest/v10.13/system/interfaces/{Interface.name}

Recent Requests

Time	Status	User Agent
Retrieving recent requests…

Loading…

Path Params

Interface.name

string

required

Reference Resource: Interface
The interface name. For non-bonded ports, the interface name is the same as the associated port name. The name must otherwise be unique across all ports and interfaces of the system.

Body Params

q_profile

string

length between 1 and 64

References queue profile for this port. If this is unspecified, then the queue profile referenced in System) table q_profile will be used.

ipv6_nd_prefix_default

object

arp_inspection

object

urpf_check

string

enum

Mode of unicast reverse path forwarding verification: 'loose': drop packets that are destined to the device itself and that have source IP that is not reachable. 'strict': drop packets that are destined to the device and that have source IP that is not reachable through the interface that the packet arrived on. 'disable': no reverse path verification.

Allowed:

aclv4_in_cfg

string

Reference Resource: ACL
Ingress IPv4 ACL, potentially in flight, desired to be applied to this port, as identified in the ACL.

mgmd_last_member_query_interval

object

The time interval that the querier waits to receive a response from members to a group-specific query message. It also specifies the amount of time between successive group-specific query messages. The default value is 1 second.

ptp_clock_source_only

boolean

Set Port as PTP clock source only. When set to 'true', prohibits the Port from entering the clock sink or passive state.

policy_routed_in_cfg

string

Reference Resource: Policy
Classifier policy for routed ingress traffic, potentially in flight, desired to be applied to this port, as identified in the policy.

aclv4_in_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the 'aclv4_in_cfg' column. This value is changed to a random value each time any management interface modifies the 'aclv4_in_cfg' value. An empty value means no ingress IPv4 ACL has been configured for the port.

ospfv3_bfd

string

enum

Specifies whether OSPFv3 router global BFD mode should be overridden for this particular interface: 'enable': Enables BFD, regardless of OSPFv3 router bfd_all_interfaces_enable. 'disable': Disables BFD, regardless of OSPFv3 router bfd_all_interfaces_enable. 'default': Keeps BFD disabled or enabled according to OSPFv3 router bfd_all_interfaces_enable.

Allowed:

dhcpv4_snooping_guard_policy

string

Reference Resource: DHCPv4_Snooping_Guard_Policy
DHCPv4 Guard Policy for Port.

bfd_min_rx_interval

integer

100 to 20000

The shortest interval, in milliseconds, at which BFD sessions can receive BFD control messages. Remote endpoints may send messages at a slower rate. If not present, the system value is used.

port_access_allow_proxy_logoff

string

enum

Proxy logoff the client based on port status in protocol packet. Switch will clear authentication session of the host, if switch receives port down status in protocol packet. When not configured, no action is taken. This is only applicable when port-access authentication is enabled for this port.

Allowed:

ospf_auth_md5_keys

object

The authentication keys for OSPFv2 authentication type "md5".

pim_dense_max_graft_retries

object

Number of times the port will re-transmit PIM graft datagrams.

icmp_unreachable_ratelimit

int64

1 to 4294967295

Rate limit (in milliseconds per message), that should be used for ICMP Unreachable messages. For the specific port, takes precedence over the same System configuration.

ospf_auth_sha_keys

object

The authentication keys for OSPFv2 authentication type "sha".

ip_mtu

integer

68 to 9198

The user configured IP MTU of a port. This would be applicable for both IPv4 and IPv6.

device_profile

object

lacp

string

enum

Configures LACP on this port. LACP allows directly connected switches to negotiate which links may be bonded. LACP may be enabled on non-bonded ports for the benefit of any switches they may be connected to. active ports are allowed to initiate LACP negotiations. passive ports are allowed to participate in LACP negotiations initiated by a remote switch, but not allowed to initiate such negotiations themselves. If LACP is enabled on a port whose partner switch does not support LACP, the bond will be disabled. Defaults to off if unset.

Allowed:

inter_vxlan_bridging_mode

string

enum

This indicates the inter_vxlan_bridging mode configured on the tunnel. deny : Disable traffic bridging between tunnels on same L2VNI. static-evpn : Enable traffic bridging between static and dynamic tunnels on same L2VNI. static-all : Enable traffic bridging between all tunnels on same L2VNI.

Allowed:

udld_arubaos_compatibility_mode

string

enum

Configured UDLD operation mode for ArubaOS. In verify_then_forward the interface starts out blocked and will not forward traffic until UDLD determines that the interface is bidirectional. With forward_then_verify the interface starts out unblocked.

Allowed:

ospf_priority

integer

0 to 255

The router with the highest priority will be more eligible to become Designated Router. Setting the value to 0, makes the router ineligible to become Designated Router.

aclv4_routed_in_cfg

string

Reference Resource: ACL
IPv4 ACL for routed ingress traffic, potentially in flight desired to be applied to this VLAN interface, as identified in the ACL. This configuration is applicable only when the port is a VLAN interface.

lldp_med_loc_civic_info

string

length between 1 and 4

The civic info which includes 'country code' and 'what number' for advertisements specific to LLDP-MED. This column value can be empty.If not set civic info will not be advertise specific to LLDP-MED.

vsx_virtual_ip6

array of strings

length ≤ 9223372036854776000

List of active gateway IPv6 addresses.

vsx_virtual_ip6

lldp_med_loc_elin_info

string

length between 1 and 25

LLDP-MED Elin Location configured for this interface. This column value can be empty. If not set LLDP_MED Elin will not be configured for the interface

ipv6_nd_ra_other_config_flag

boolean

When set it indicates that other configuration information(DNS) is available via DHCPV6.

dhcpv6_snooping_configuration

object

ipv6_address_autoconfig_enable

boolean

Enable automatic configuration of the IPv6 addresses.

aclmac_out_cfg

string

Reference Resource: ACL
Egress MAC ACL, potentially in flight, desired to be applied to this port, as identified in the ACL.

ptp_enable

boolean

Enables PTP on this port.

policy_in_cfg

string

Reference Resource: Policy
Ingress Classifier Policy, potentially in flight, desired to be applied to this port, as identified in the policy.

port_access_mda_data_clients_limit

integer

1 to 5

Maximum number of 'data' clients that can be authenticated on this port when multi-domain is enabled. If the number of 'data' clients on this port exceeds this client limit, it will be considered as a port-access violation and the configured threshold-violation action will be performed.

port_access_clients_limit

integer

1 to 256

Maximum number of clients that can be authenticated on this port.

pim_mode

object

routing

boolean

Indicates whether the interface is routing or Layer 2. For routing interfaces, 'vrf' has to be properly populated. If not configured, default behavior depends on interface 'type': 'vlan': 'true' 'gre_ipv4 tunnel': 'true' 'ipv6_in_ipv4 tunnel': 'true' 'ipv6_in_ipv6 tunnel': 'true' 'loopback': 'true' 'system': 'false' 'lag': 'false' 'vxlan': 'false' 'ubt': 'false'

vxlan_counters

object

This indicates the type of VxLAN Counters enabled for this interface.

pim_lan_prune_delay_disable

object

This entry specifies whether LAN prune delay option is enabled on this port.

admin

string

enum

The administrative state of the Interface. If not configured, the default behavior depends on the 'type': 'mgmt': 'up' 'lag': 'down' 'vlan': 'up' 'gre_ipv4 tunnel': 'down' 'ipv6_in_ipv4 tunnel': 'down' 'ipv6_in_ipv6 tunnel': 'down' 'loopback': 'up' 'system': 'up' 'vxlan': 'down' 'ubt': 'down' When not set, the admin value will be based on the default behavior for the type of interface.

Allowed:

ipv6_nd_router_preference

string

enum

The preference associated with the default router.

Allowed:

policy_routed_in_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of 'policy_routed_in_cfg'. This value is changed to a random value each time any management interface modifies the 'policy_routed_in_cfg' value. An empty value means no routed ingress policy has been configured for the port.

ipv6_nd_ra_retransmit_timer

int64

0 to 4294967295

The value to be placed in retransmission timer field in router advertisement messages sent by router.

msrp_timers

object

Specifies the different timers and their corresponding intervals in centiseconds. The MSRP standard defines all timer intervals in centiseconds(cs). 100 cs is 1 second.

ip6_address_custom_link_local

object

Reference Resource: IP6_Address
References user configured link-local IPv6 address of the port.

rate_interval

integer

5 to 300

Interval in seconds to calculate interface rate statistics.

mgmd_querier_enable

object

Enable/Disable the IGMP/MLD Querier Functionality on the L3 Port. The default value is disabled.

mka_policy

string

Reference Resource: MKA_Policy
MKA policy associated with the port.

virtual_ip6_routers

object

Reference Resource: VRRP
The port's VRRP groups (or VR instances) for IPv6 address family. A maximum of 32 VRRP groups can be assigned to a port.

virtual_ip4_routers

object

Reference Resource: VRRP
The port's VRRP groups (or VR instances) for IPv4 address family. A maximum of 32 VRRP groups can be assigned to a port.

vlan_trunks

array of strings

length ≤ 4096

Reference Resource: VLAN
List of VLANs that this port is allowed to pass traffic for. When the list is empty, it means that the port will be allowed to pass traffic for all VLANs configured on the device. This is only relevant if 'vlan_mode' is 'native-tagged' or 'native-untagged' and ignored for 'access'. 'native-tagged' or 'native-untagged' port always trunks its native ('vlan_tag') VLAN, regardless of whether it's included in 'vlan_trunks'.

vlan_trunks

interfaces

array of strings

length ≤ 16

Reference Resource: Interface
The port's interfaces. If there is more than one, this is a bonded Port. A maximum of 16 interfaces can be assigned to a port.

interfaces

aclv6_routed_in_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the 'aclv6_routed_in_cfg' column. This value is changed to a random value each time any management interface modifies the 'aclv6_routed_in_cfg' value. An empty value means no routed ingress IPv6 ACL has been configured for the VLAN interface.

ipv6_nd_ra_lifetime

integer

0 to 9000

The lifetime associated with the default router in units of seconds.

ip_directed_broadcast

boolean

When set to true, IP Directed Broadcast is enabled on the port. Only supported for IPv4.

aclv6_out_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the 'aclv6_out_cfg' column. This value is changed to a random value each time any management interface modifies the 'aclv6_out_cfg' value. An empty value means no egress IPv6 ACL has been configured for the port.

ptp_1588v2_profile_timers

object

Configurable time intervals specific to 1588v2 Profile.

ospf_auth_type

string

enum

The type of OSPFv2 authentication. If not set, then parent area level authentication holds for the port.

persona

object

icmp_unreachable_disable

boolean

Disables ICMPv4 and ICMPv6 unreachable messages. For the specific port, takes precedence over the same System configuration.

ipv6_nd_ns_interval

integer

1000 to 3600000

The interval (in milliseconds) between neighbor solicitation messages.

mgmd_strict_version_enable

object

Process only the configured version packets. When a key-value is not specified, strict version is disabled.

ospfv3_if_cost

integer

1 to 65535

The output cost configured on the corresponding OSPFv3 interface. If not set, OSPFv3 will calculate cost for this interface based on link speed and reference bandwidth. Any configured value will override the automatic cost calculation.

aclv6_routed_out_cfg

string

Reference Resource: ACL
IPv6 ACL for routed egress traffic, potentially in flight desired to be applied to this VLAN interface, as identified in the ACL. This configuration is applicable only when the port is a VLAN interface.

ptp_peer_unicast_ip_address

array of strings

length ≤ 9223372036854776000

Specifies the list of PTP peer IP addresses for this port.

ptp_peer_unicast_ip_address

pim_dr_priority

object

Designated Router(DR) Priority for this port.

udld_rfc5171_compatibility_mode

string

enum

Configured UDLD operation mode for RFC5171. In normal mode, once the link is determined to be in unidirectional state (after it was deemed bidireccional), and no "Echo" is received, it is set to "undetermined" state. However, if a a UDLD packet with an empty "Echo" is received the interface will be set to "errDisabled". In aggressive , once a link is determined to be in unidirectional state (after it was deemed bidirectional), and no "Echo" is received, it is set to "errDisabled" state. The interface will also be set to "errDisabled" if a UDLD packet with an empty "Echo" is received.

Allowed:

ospf_bfd

string

enum

Specifies whether OSPF router global BFD mode should be overridden for this particular interface: 'enable': Enables BFD, regardless of OSPF router bfd_all_interfaces_enable. 'disable': Disables BFD, regardless of OSPF router bfd_all_interfaces_enable. 'default': Keeps BFD disabled or enabled according to OSPF router bfd_all_interfaces_enable.

Allowed:

bond_mode

string

enum

The type of bonding used for a bonded port. Bond mode controls the selection of a interface from a group of aggregate interfaces with which to transmit a frame. This selection is performed with a hash function using either source and destination mac addresses (l2), ip addresses (l3) or tcp/udp ports (l4) as parameters. Defaults to l3-src-dst-hash if not assigned.

Allowed:

pim_bfd

object

'enable': Enables BFD on this interface overriding the PIM router BFD configuration bfd_all_interfaces_enable in PIM_Router. 'disable': Disables BFD on this interface overriding the PIM router BFD configuration bfd_all_interfaces_enable in PIM_Router. 'default': Keeps BFD enabled or disabled on this interface based on the PIM router BFD configuration bfd_all_interfaces_enable in PIM_Router.

pim_datapath_auto_include

object

ospfv3_transmit_delay

integer

1 to 1800

The estimated time in seconds to transmit an LSA to a neighbor. The transmit delay timer increments the age of LSAs in the update packets to accommodate transmission and propagation delays for the interface. The timer is more important on very low speed links where the transmission delay is more significant.

ospf_if_out_cost

integer

1 to 65535

The output cost configured on the corresponding OSPFv2 interface. If not set, OSPF will calculate cost for this interface based on link speed and reference bandwidth. Any configured value will override the automatic cost calculation.

aclv6_routed_out_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the currently configured routed egress IPv6 ACL that corresponds to this configuration version vlaue. This value is changed to a random value each time any management interface modifies the configured routed egress IPv6 ACL value. An empty value means no routed egress IPv6 ACL has been configured for the VLAN interface.

mvrp_registration

string

enum

Defines the mode of operation of all the registrar state machines associated with the port. The different mode of operations are In "normal" mode, the Registrar responds to incoming MRP messages. In "fixed" mode, the Registrar ignores all MRP messages, and remains in the registered state. In "forbidden" mode, the Registrar ignores all MRP messages, and remains in the unregistered state.

Allowed:

port_access_pre_auth_role

string

Reference Resource: Port_Access_Role
The role to be applied for clients that are yet to be authenticated. When not set, no role is applied for clients while the authentication is in progress for the client.

other_config

object

pim_propagation_delay

object

Propagation Delay (in milliseconds) on this port.

port_access_onboarding_precedence

object

Precedence order for Port Access Authentication: aaa: Onboard clients based on AAA authentication. device-profile: Onboard clients based on device-profile configuration. If empty, the default precedence order of aaa followed by device-profile will be used.

aclv4_routed_out_cfg

string

Reference Resource: ACL
IPv4 ACL for routed egress traffic, potentially in flight desired to be applied to this VLAN interface, as identified in the ACL. This configuration is applicable only when the port is a VLAN interface.

dot1x_supplicant_policy

string

Reference Resource: Dot1X_Supplicant_Policy
The 802.1X supplicant policy associated with the port. If a policy is not configured, the default policy will be used on the port.

port_access_enable_client_auto_logoff

object

Configure port-access client automatic log-off.

macsec_policy

string

Reference Resource: MACsec_Policy
MACsec policy associated with the port. When not set, MACsec is not operational on the port even if there is a MKA policy associated with it.

ipfix_flow_monitor_in

object

Reference Resource: IPFIX_Flow_Monitor
Specifies the ingress IPFIX flow monitors desired to be applied on this port. A maximum of one IPv4 and one IPv6 IPFIX flow monitor can be configured.

port_access_reject_role

string

Reference Resource: Port_Access_Role
The role to be applied for clients that failed authentication When not set, no role is applied for clients that fail authentication.

mgmd_enable

object

Enable or disable IGMP/MLD on the L3 Port. By default, IGMP/MLD is disabled on the L3 Port.

app_recognition_enable

boolean

Enable Application Recognition for IPv4 and IPv6 traffic on this port. Application Recognition for either protocol family is not enabled by default. Application Recognition is only supported on physical ports.

portfilter

array of strings

length ≤ 9223372036854776000

Reference Resource: Port
Set of ports that must not egress packets that were received on this port.

portfilter

description

string

length ≤ 64

Description for the 'system' interfaces This column value can be empty.

arp_timeout

integer

30 to 28800

Determines the time interval in seconds till when a neighbor entry is valid.

vsx_virtual_gw_mac_v6

string

length between 17 and 17

VSX virtual gateway MAC address for the corresponding virtual gateway IPv6 addresses. If virtual gateway MAC is not configured, then device system MAC will be used as the gateway MAC.

vlan_mode

string

enum

VLAN mode for ports with 'routing' being 'false'. For those ports, it has to be set, otherwise the port will be held down. When vlan_mode is not set, it indicates that the port is in access mode. access: Port can carry traffic for only one VLAN and the VLAN is specified as part of vlan_tag. Packets ingressing and egressing this port will not have an 802.1Q VLAN tag. When the port is trunked, mode must be either native-tagged or native-untagged, value contained in vlan_trunks refers to the list of VLANs which have to be trunked, if it is empty then all VLANs have to be trunked. native-tagged: Port can carry traffic for multiple VLANs. One of the VLANs is designated as native and is specified as part of vlan_tag. Traffic for all VLANs on this port including the native VLAN will be 802.1Q VLAN tagged. native-untagged: Port can carry traffic for multiple VLANs. One of the VLANs is designated as native and the VLAN ID is specified as part of vlan_tag. Traffic for all VLANs except the native VLAN will be 802.1Q VLAN tagged Traffic for the native VLAN will not have an 802.1Q tag.

Allowed:

mvrp_enable

boolean

The value true indicates MVRP is enabled on this port.

port_security_static_client_mac_addr

array of strings

length ≤ 64

MAC addresses of the clients that should be authorized on this port.

port_security_static_client_mac_addr

ospfv3_ipsec_ah

object

IPsec Authentication Header (AH) configuration. Specifies Security Parameters Index (SPI), authentication type and key to use. IPsec AH is preferred over IPsec Encapsulating Security Payload (ESP) if ospfv3_ipsec_ah and ospfv3_ipsec_esp both are configured.

ip4_address

string

length ≤ 18

The IPv4 address and subnet mask in the address/mask format. This is the primary IP address.

rdisc_irdp_preference

int64

-4294967296 to 4294967295

Specifies the preference level of this routing switch. Higher value indicates higher router preference. The default preference value is 0.

pvlan_port_type

string

enum

Specifies the port's type in the context of Private VLANS. When not set, the port functions as an Inter Switch Link if it is carrying traffic for PVLANs.

Allowed:

port_access_auth_role

string

Reference Resource: Port_Access_Role
The role to be applied for clients that have been authenticated but not received any specific role or attribute from the authentication server. When not set, no role is applied for clients that successfully authenticated without a role assigned from the RADIUS server.

pfc_priorities_config

object

The user configured priorities for priority-based flow control. This field is only valid when interface_flowcontrol_pfc capability is present and the "pause" key of the user_config is set to "pfc".

mvrp_forbidden_vlans

array of integers

length ≤ 4094

Specifies the VLANs that should not be learned on the port. If the registration mode of the port is "forbidden" and there are no VLANs in the forbidden list , then none of the VLANs are learned on this port.

mvrp_forbidden_vlans

ip4_address_secondary

array of strings

length ≤ 9223372036854776000

This is a list of secondary IPv4 addresses and subnet mask in the address/mask format.

ip4_address_secondary

pim_dense_ttl_threshold

object

This is the minimum TTL value that state refresh messages received from a peer must have, to be eligible for forwarding to other peers.

ipv6_nd_dad_attempts

integer

0 to 15

The number of Neighbor discovery packets to be sent for duplicate address detection.

pim_vsx_virtual_neighbor

object

multicast_boundary_acl_out

object

Reference Resource: ACL
Egress multicast boundary ACL desired to be applied on the current interface to filter IGMP and PIM control packets. This is used to control if the current interface can be added as an outgoing interface in a multicast route or not. If the ACL denies IGMP and PIM joins, this interface will not be added as an outgoing interface.

policy_out_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of 'policy_out_cfg'. This value is changed to a random value each time any management interface modifies the 'policy_out_cfg' value. An empty value means no egress policy has been configured for the port.

port_access_security_violation

object

aaa_auth_precedence

object

Precedence order for Port Access Authentication: dot1x: IEEE 802.1X Authentication Protocol mac-auth: MAC Authentication Protocol. If empty, the default precedence order of dot1x followed by mac-auth will be used.

ospfv3_retransmit_interval

integer

1 to 1800

The number of seconds between LSA retransmissions. It is also used when retransmitting Database Description and Link State Request Packets.

subintf_vlan

integer

1 to 4094

Specifies VLAN ID for the subinterface. This VLAN ID is used to send and receive 802.1Q tagged packets on a subinterface. Without an associated VLAN ID, a subinterface will remain in down state.

ptp_aes67_profile_timers

object

Configurable time intervals specific to PTP AES67 Profile.

dot1x_supplicant_macsec_enable

boolean

Enable MACsec via EAP for 802.1X supplicant.

ospf_if_shutdown

boolean

Shut OSPF down on this interface.

user_config

object

Key-value pairs that stores the user configuration of Interface.

stp_config

object

This represents information regarding stp port level configuration.

ospfv3_if_type

string

enum

The type of the OSPFv3 network interface. The default value is the type of the interface from the Interface table. If not set, OSPFv3 interface is not up or not configured on that interface.

Allowed:

ospfv3_dead_interval

integer

1 to 65535

The time duration, in seconds, that a neighbor should wait for a Hello packet before tearing down adjacencies with the local router.

icmp_redirect_disable

boolean

Disables ICMPv4 and ICMPv6 redirect messages. For the specific port, takes precedence over the same System configuration.

ptp_aes_r16_profile_timers

object

Configurable time intervals specific to PTP AES-R16 2016 Profile.

msrp_enable

boolean

The value true indicates MSRP is enabled on this port.

unknown_unicast_forwarding_block

boolean

Specifies whether Unknown Unicast L2 Frames are egress blocked on this port.

dhcpv4_snooping_configuration

object

ptp_neighbor_prop_delay_threshold

int64

0 to 2147483648

Set threshold of measured mean propagation delay(in nano seconds) on the link attached to this port, relative to the LocalClock entity of the time-aware system at the other end of the link (i.e., expressed in the time base of the time-aware system at the other end of the link). This is specific to dot1as profile.

mac

string

The MAC address to use for this port for the purpose of choosing the bridge's MAC address. This column does not necessarily reflect the port's actual MAC address, nor will setting it change the port's actual MAC address.

pim_dense_graft_retry_interval

object

Time (in seconds) that this port waits for a PIM graft acknowledgement from its peer before it retransmit another graft datagram.

loop_protect_vlan

array of strings

length ≤ 4094

Reference Resource: VLAN

loop_protect_vlan

vsx_shutdown_on_split

boolean

Determines whether the port will be shutdown when VSX split occurs. This is only applicable to the ports that are not configured as MCLAG and SVIs that do not have any MCLAGs as members.

ipv6_nd_ra_reachable_time

integer

0 to 3600000

The time, in milliseconds, that a node assumes a neighbor is reachable after having received a reachability confirmation.

port_access_auth_mode

string

enum

Indicates, whether each individual client on the port needs to be authenticated separately to gain access to the network. client-mode: every client needs to be authenticated to be granted network access. device-mode: only one of the attached clients must be authenticated for all clients to be granted network access. multi-domain:limit the number of authenticated clients to one 'voice' client and a configured number of 'data' clients. By default allowed 'data' client is also one.

Allowed:

udld_interval

integer

10 to 90000

The time interval in milliseconds to send UDLD packets. If 'udld_compatibility' value is 'rfc5171' and time interval is below valid range for RFC 5171 (7000 - 90000), then it will be forced to 7000.

aaa_port_access_cached_critical_role_disable

boolean

Disables caching authenticated clients and their associated role information. When not set, the globally configured port_access_cached_critical_role configuration will be used.

bfd_echo_disable

boolean

Specifies whether BFD echo packets are enabled or not on sessions on this port.

mgmd_robustness

object

The number of times to retry a query. The default value is 2.

mgmd_acl

object

Reference Resource: ACL
Ingress ACL to filter processing of MGMD reports and leave messages received from hosts. When this is not configured, all MGMD reports and leave messages will be processed.

selftest_disable

boolean

Specify true to disable and false to enable for the respective interface

ssm_map_acl

object

Reference Resource: ACL
ACL to maintain group-source mapping for SSM group addresses. IGMPv1/IGMPv2/MLDv1 join and leave packets destined to SSM group address in the SSM map will be converted to (source, group) channels, for all the sources part of respective SSM map.

ipv6_nd_ra_managed_flag

boolean

When set it indicates that addresses are available via DHCPV6.

multicast_boundary_acl_in

object

Reference Resource: ACL
Ingress multicast boundary ACL desired to be applied on the current interface to filter all the multicast data and control packets.

vlan_translations

object

Reference Resource: VLAN
List of vlan translation rules configured on a port. This is only applicable to layer-2 trunk ports and ignored when configured on other types of ports.

aclmac_in_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the 'aclmac_in_cfg' column. This value is changed to a random value each time any management interface modifies the 'aclmac_in_cfg' value. An empty value means no ingress MAC ACL has been configured for the port.

aclmac_in_cfg

string

Reference Resource: ACL
Ingress MAC ACL, potentially in flight, desired to be applied to this port, as identified in the ACL.

port_security_static_sticky_client_mac_addr

object

MAC addresses of the sticky clients that should be authorized on this port.

mgmd_igmp_static_groups

array of strings

length ≤ 9223372036854776000

List of IGMP static group and source IP addresses. The entries are stored in the Source_Group format.Source is the Source IP Address and Group is the Group IP Address.

mgmd_igmp_static_groups

aclv6_out_cfg

string

Reference Resource: ACL
Egress IPv6 ACL, potentially in flight, desired to be applied to this port, as identified in the ACL.

mgmd_snoop_fastlearn_enable

object

Set this value to true to enable IGMP/MLD fastlearn for the port and false to disable IGMP/MLD fastlearn. By default the feature is disabled for IGMP/MLD.

pim_bsr_boundary

object

port_access_ubt_fallback_role

string

Reference Resource: Port_Access_Role
The role that will be applied to clients when corresponding UBT zone is not reachable. When not set, no role is applied for the client when the UBT zone is not reachable.

mvrp_timers

object

Specifies the different timers and their corresponding intervals in centiseconds. The MVRP standard defines all timer intervals in centiseconds(cs). 100 cs is 1 second.

pim_trig_hello_interval

object

Maximum time (in seconds) before this port transmits the initial PIM hello message on bootup or a triggered Hello message to a rebooting neighbor.

threshold_profile

string

Reference Resource: Threshold_Profile
Specifies the threshold-profile name for this port. If it is unspecified, the name (if present) of the threshold_profile_default column in System table will be used.

qos_config

object

port_access_auth_configurations

object

Reference Resource: Port_Access_Auth_Configuration
Authentication method specific port-access configurations on this interface.

ipv6_source_lockdown_enable

boolean

Enables IP Lockdown feature on the port. When set, IPv6 packets received from the clients on this port are forwarded only if there is an associated IP binding entry.

dhcpv6_snooping_guard_policy

string

Reference Resource: DHCPv6_Snooping_Guard_Policy
DHCPv6 Guard Policy for Port.

udld_enable

boolean

UDLD protocol is enabled or not on this interface.

ipv6_nd_mtu

integer

1280 to 65535

The MTU option is used in router advertisement messages to ensure that all nodes on a link use the same MTU value.

aaa_port_access_radius_override_enable

boolean

Enables RADIUS override support. With this enabled, RADIUS attributes received from server will override corresponding client role attributes.

lldp_med_loc_civic_ca_info

object

Set of civic address elements.

vrf

string

Reference Resource: VRF
Indicates the VRF to which the port belongs if the port is routing. If not configured and if the port is routing, the port belongs to 'default' vrf.

interface_diag_tests

string

ipv6_nd_ra_dnssl

object

Key-value pairs that maps DNS prefixes to their lifetime in seconds.

port_security

object

loop_protect_action

string

enum

This determines action for the Loop-protect feature.The value is set to "tx- port-disable" for disabling the sending port on detecting a loop, "tx-rx- disable" disables both sending and receiving ports when loop is detected and "do-not-disable" will not disable any port. Default value is tx-port-disable.

Allowed:

client_ip_track_configuration

object

Specifies client IP tracking configuration for this port

ipv6_neighbor_timeout

integer

10 to 28800

Determines the time interval in seconds till when an IPv6 neighbor entry is valid.

aclv6_in_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the 'aclv6_in_cfg' column. This value is changed to a random value each time any management interface modifies the 'aclv6_in_cfg' value. An empty value means no ingress IPv6 ACL has been configured for the port.

ptp_vlan

string

Reference Resource: VLAN
Specifies the VLAN to be used for PTP packet exchange on this port. This configuration is specific to PTP Ethernet mode and L3 multicast over L2 port mode.

ipv6_address_linklocal_enable

boolean

Enables IPV6 link-local address when global unicast address is not configured.

rdisc_irdp_enable

boolean

When set to true, IRDP is enabled on the port. The default value is false.

ptp_dot1as_profile_timers

object

Configurable time intervals specific to dot1as Profile.

mgmd_querier_wait_time

object

The interval in seconds a device will wait to hear from a Querier before assuming Querier role. The default is 260 seconds.

mdns_sd_enable

boolean

Enable mDNS service discovery gateway on this port. This is only applicable for VLAN interfaces (SVIs).

rdisc_irdp_timers

object

ip6_addresses

object

Reference Resource: IP6_Address
References IPv6 addresses and prefixes of the port.

mgmd_querier_max_response_time

object

The time interval to wait for a response to a IGMP/MLD query. The default value is 10 seconds.

ospf_auth_keychain

string

Reference Resource: Keychain
The "Keychain" used for cryptographic authentication. Supports MD5, SHA-1, SHA-256, SHA-384 and SHA-512 algorithms. If not set, keychain authentication is not operational on that port.

vsx_virtual_gw_mac_v4

string

length between 17 and 17

VSX virtual gateway MAC address for the corresponding virtual gateway IPv4 addresses. If virtual gateway MAC is not configured, then device system MAC will be used as the gateway MAC.

ospfv3_if_priority

integer

0 to 255

The router with the highest priority will be more eligible to become Designated Router. Setting the value to 0, makes the router ineligible to become Designated Router.

aclv4_routed_out_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the currently configured routed egress IPv4 ACL that corresponds to this configuration version value. This value is changed to a random value each time any management interface modifies the configured routed egress IPv4 ACL value. An empty value means no routed egress IPv4 ACL has been configured for the VLAN interface.

ospfv3_ipsec_esp

object

IPsec Encapsulating Security Payload (ESP) configuration. Specifies Security Parameters Index (SPI), encryption/authentication type and key to use. IPsec Authentication Header (AH) is preferred over IPsec ESP if ospfv3_ipsec_ah and ospfv3_ipsec_esp both are configured.

ptp_lag_role

string

enum

Specifies whether the LAG member interface will act as primary or secondary for PTP. PTP operation requires one LAG member to be primary and another to be secondary. Other LAG members are passive and will respond to any PTP request packets. This is only applicable when this interface is a member of a LAG.

Allowed:

loop_protect_stagger_count

int64

≥ 0

This determines the number of loop protect PDUs to be received before taking a receiver action.

aaa_auth_priority

object

Priority order for Port Access Authentication: dot1x: IEEE 802.1X Authentication Protocol mac-auth: MAC Authentication Protocol. If not set, priority will follow the 'aaa_auth_precedence' order.

mgmd_querier_interval

object

Interval between successive IGMP/MLD All Host Queries that will be sent. The default value is 125 sec.

aclv4_out_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the 'aclv4_out_cfg' column. This value is changed to a random value each time any management interface modifies the 'aclv4_out_cfg' value. An empty value means no egress IPv4 ACL has been configured for the port.

ipv6_nd_ra_max_interval

integer

4 to 1800

The maximum interval (in seconds) between sending router advertisements.

mgmd_mld_static_groups

array of strings

length ≤ 9223372036854776000

List of MLD static group and source IP addresses. The entries are stored in the Source_Group format. Source is the Source IP Address and Group is the Group IP Address.

mgmd_mld_static_groups

ospfv3_if_shutdown

boolean

Shutdown OSPFv3 on this interface.

aclv4_out_cfg

string

Reference Resource: ACL
Egress IPv4 ACL, potentially in flight, desired to be applied to this port, as identified in the ACL.

virtual_gw_l3_src_mac_enable

boolean

Enables the interface to use the virtual gateway MAC address as the source MAC for routed traffic. This is only applicable for SVI interfaces.

ospf_if_type

string

enum

The type of the OSPFv2 network interface. The default value is the type of the interface from the Interface table. If not set, OSPFv2 interface is not up or not configured on that interface.

Allowed:

aclmac_out_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the 'aclmac_out_cfg' column. This value is changed to a random value each time any management interface modifies the 'aclmac_out_cfg' value. An empty value means no egress MAC ACL has been configured for the port.

ospfv3_hello_interval

integer

1 to 65535

The Hello packet will be sent every hello interval timer value seconds. This value must be the same for all routers attached to a common network.

ptp_smpte_profile_timers

object

Configurable time intervals specific to SMPTE Profile.

macsec_selftest_run_requested

int64

0 to 4294967295

The number of times a request was made by the user to run MACsec selftest for this interface. When MACsec selftest is enabled globally, incrementing this column will initiate a new selftest that will cause a loss of link for several seconds.

policy_in_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of 'policy_in_cfg'. This value is changed to a random value each time any management interface modifies the 'policy_in_cfg' value. An empty value means no ingress policy has been configured for the port.

bfd_min_tx_interval

integer

50 to 20000

The shortest interval, in milliseconds, at which BFD sessions can transmit BFD control messages. Messages will actually be transmitted at a slower rate if the remote endpoints cannot receive them as quickly as specified. If not present, the system value is used.

loop_protect_enable

boolean

When set to true, Loop-protect is enabled on this port. Default value is false.

udld_retries

integer

3 to 10

Number of retries before changing the UDLD interface status to block.

vlan_tag

string

Reference Resource: VLAN
Specifies the Access or Native VLAN for this port. When vlan_tag is not set, it indicates that VLAN-1 is the Access or Native VLAN. For a non-SVI, 'routing' interface, the value must be kept empty. For SVI, the value must reference the VLAN of the SVI.

mgmd_mld_version

integer

1 to 2

The MLD protocol version to use. When MLD is disabled, this field would be empty. If there is a version mismatch between L2 and L3 VLAN, it will pick the lowest version.

pim_source_address

object

IP address used as the source address for the PIM protocol packets outbound on this port. If the value is not specified or empty then the primary IP of the port will be used as the source IP.

diagnostic_config

object

Key-value pairs used to perform interface diagnostics. Normally, this map is empty. When an interface diagnostic is to be run, this column is used to configure the interface in the correct mode and override any user-configured settings that would affect the test.

process_grat_arp

boolean

Disable processing gratituous ARP packets received on this port. This is only applicable to Layer-3 interfaces (SVIs, Routed ports or L3 LAG).

port_access_critical_auth_role

string

Reference Resource: Port_Access_Role
The role to be applied for clients, that failed authentication due to unreachable authentication servers. When not set, no role is applied for clients that could not complete authentication due to RADIUS server being unreachable.

port_access_allow_flood_traffic

boolean

Enables transmission of flood-traffic (broadcast, multicast and unknown unicast) out ports that are security blocked. A port is security blocked when authentication is enabled for that port and no client has yet been authenticated on this port.

bfd_detect_multiplier

integer

1 to 5

The number of negotiated min_rx_intervals that can occur before the BFD session is considered to be down. If not set, BFD detect-multiplier value configured at the system level will be used.

port_access_disable_lldp_auth

boolean

Disable BPDU triggered authentication for LLDP. This is only applicable when port access authentication is enabled for this port.

ospf_auth_text_key

string

length ≥ 1

The authentication key for OSPFv2 authentication type "text". If not set, OSPFv2 authentication is not operational on that port.

ipv6_nd_ra_rdnss

object

Key-value pairs that maps RDNS server addresses to their lifetime in seconds.

bond_active_slave

string

When configured, this represents the MAC address of the active member of LAG.

ip_neighbor_flood

boolean

When set to 'true' and layer-2 port goes down, traffic to an IP neighbor will be broadcast on the VLAN until neighbor's port information is re-learnt. Without this setting, such traffic will be dropped. This is only applicable for IPv4 neighbors.

device_fingerprint_configuration

object

Specifies device fingerprint configuration for this port.

mdns_sd_tx_profile

string

Reference Resource: MDNS_SD_Profile
Profile associated with this port. This used to filter and prune mDNS packets egressing the port. When not set, no egress filtering is done.

rdisc_irdp_broadcast

boolean

Specifies whether router advertisements should be sent using broadcast, 255.255.255.255 address. If the value is false (which is a default) the packets would be sent to multicast 224.0.0.1 address.

tunnel_endpoints

string

ospf_intervals

object

port_access_disable_cdp_auth

boolean

Disable BPDU triggered authentication for CDP. This is only applicable when port access authentication is enabled for this port.

ipv6_nd_ra_min_interval

integer

3 to 1350

The minimum interval (in seconds) between sending router advertisements.

options

object

l3_counters_enable

object

Indicates which L3 counters are enabled for this Port

nd_snooping_configuration

object

aclv6_routed_in_cfg

string

Reference Resource: ACL
IPv6 ACL for routed ingress traffic, potentially in flight desired to be applied to this VLAN interface, as identified in the ACL. This configuration is applicable only when the port is a VLAN interface.

dhcp_config

object

Supported on VLAN1 interface only. Ignored for all other interfaces. For VLAN1 the default is 'ipv4'.

port_access_fallback_role

string

Reference Resource: Port_Access_Role
The role that will be applied to clients that have not been assigned a role via any of the onboarding methods. When not set, no role is applied for the client.

ipv4_source_lockdown_enable

boolean

Enables IP Lockdown feature on the port. When set, IPv4 packets received from the clients on this port are forwarded only if there is an associated IP binding entry.

vlans_per_protocol

object

Reference Resource: VLAN
The list of protocol VLANs configured on the port.

ipv6_nd_ra_hoplimit

integer

0 to 255

The default value that will be used in RA message. If this value is not set, then global ipv6 hoplimit value will be used in RA message.

cdp_disable

boolean

Disables reception and transmission of CDP packets on the interface, regardless of the system level configuration.

port_access_critical_voice_role

string

Reference Resource: Port_Access_Role
The role to be applied to 'voice' client that have failed re-authentication due to servers being unreachable. When not set, no role will be applied for voice clients when they fail re-authentication due to server being unreachable.

vsx_virtual_ip4

array of strings

length ≤ 9223372036854776000

List of active gateway IPv4 addresses.

vsx_virtual_ip4

port_access_allow_bpdu

array of strings

length ≤ 2

Enables LLDP and/or CDP BPDU to be accepted before authentication.

port_access_allow_bpdu

ipv6_nd_icmpv6_redirects

boolean

Enable sending ICMPv6 redirect messages.

mgmd_igmp_version

integer

2 to 3

The IGMP protocol version to use. When IGMP is disabled, this field would be empty. If there is a version mismatch between L2 and L3 VLAN, it will pick the lowest version.

rate_limits

object

qos

string

length between 1 and 64

References schedule profile for this port. If this is unspecified, then the schedule profile referenced in System) table qos will be used.

cdp_pre_standard_mode

string

enum

Sets CDP pre standard mode in the interface : 'rx_only':If CDP voice VLAN query packet is received on this interface, the switch responds with the voice VLAN TLV included in its advertisements. 'tx_rx' :The switch includes voice VLAN TLV in its advertisements on this interface regardless of whether it has received a query packet from the peer. 'disable':If CDP voice VLAN query packet is received on this interface, switch updates CDP neighbor information received from the peer, but doesn't send any CDP advertisements to it.

Allowed:

ipv6_nd_suppress_ra

object

dot1x_supplicant_enable

boolean

Enable 802.1X supplicant on the port.

ra_guard_policy

string

Reference Resource: RA_Guard_Policy
RA Guard policy associated with this Port. RR/RA packets received on this port will be inspected and permitted per the policy specification if the port is untrusted.

port_access_concurrent_onboarding

boolean

Enable authentication methods to start concurrently for faster onboarding. If not set, clients are onboarded based on the order specified by port_access_onboarding_precedence.

pim_override_interval

object

Override Interval (in milliseconds) on this port.

udld_compatibility

string

enum

UDLD compatibility mode.

Allowed:

igmp_router_alert_check_enable

boolean

Enable IGMP router-alert checking on this interface. This is only applicable to L3 interfaces.

policy_out_cfg

string

Reference Resource: Policy
Egress Classifier Policy, potentially in flight, desired to be applied to this port, as identified in the policy.

mac_notify_type

array of strings

length ≤ 4

Define the four events that the SNMP Trap will monitor 1 - learned (On this port a MAC learn occured) 2 - removed (On the enabled port a MAC was removed) 3 - aged (On the enabled port a MAC has aged out) 4 - moved (On the enabled port a MAC has moved) empty - Empty value will be treated as invalid

mac_notify_type

fault_monitor_profile

string

Reference Resource: Fault_Monitor_Profile
Fault monitoring profile to be applied on this port.

aclv6_in_cfg

string

Reference Resource: ACL
Ingress IPv6 ACL, potentially in flight, desired to be applied to this port, as identified in the ACL.

aclv4_routed_in_cfg_version

int64

-9007199254740991 to 9007199254740991

The version of the 'aclv4_routed_in_cfg' column. This value is changed to a random value each time any management interface modifies the 'aclv4_routed_in_cfg' value. An empty value means no routed ingress IPv4 ACL has been configured for the VLAN interface.

pim_hello_interval

object

Interval (in seconds) at which PIM Hello messages are transmitted on this port.

Responses

204

No Content

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

415

Unsupported Media Type

500

Internal Server Error

501

Not Implemented

503

Service Unavailable

Language

Loading…

Response

Click Try It! to start a request and see the response here!