Configuration Command Reference Guide
configure authority
Authority configuration is the top-most level in the SSR configuration hierarchy.
Subcommands
command | description |
---|---|
access-management | Role Based Access Control (RBAC) configuration. |
alarm-shelving | Configuration to control alarm shelving behavior. |
anti-virus-profile | User defined Anti-Virus profiles. |
asset-connection-resiliency | Configure Asset Connection Resiliency |
backwards-compatible-vrf-bgp-tenants | When generating tenant names for VRF BGP over SVR, do not use leading or trailing underscores. This enables backwards compatibility with router versions smaller than 5.1.3 |
bgp-service-generation | Configure Bgp Service Generation |
cli-messages | Configure Cli Messages |
client-certificate | The client-certificate configuration contains client certificate content. |
clone | Clone a list item |
conductor-address | IP address or FQDN of the conductor |
currency | Local monetary unit. |
delete | Delete configuration data |
district | Districts in the authority. |
dscp-map | Configure Dscp Map |
dynamic-hostname | Hostname format for interfaces with dynamic addresses. It is a template with subsitution variables used to generate a unique hostname corresponding to Network Interfaces that have dynamically learned IP addresses. Uses the following substitution variables: {interface-id} for Network Interface Global Identifier, {router-name} for Router Name, {authority-name} for Authority Name. For example, interface-\{interface-id\}.\{router-name\}.\{authority-name\} . |
fib-service-match | When creating FIB entries by matching route updates to service addresses, consider the specified service addresses. |
forward-error-correction-profile | A profile for Forward Error Correection parameters, describing how often to send parity packets. |
icmp-control | Settings for ICMP packet handling |
idp-profile | User defined IDP profiles. |
ipfix-collector | Configuration for IPFIX record export. |
ipv4-option-filter | Configure Ipv 4 Option Filter |
ldap-server | LDAP Servers against which to authenticate user credentials. |
management-service-generation | Configure Management Service Generation |
metrics-profile | A collection of metrics |
name | The identifier for the Authority. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
password-policy | Password policy for user's passwords. |
pcli | Configure the PCLI. |
performance-monitoring-profile | A performance monitoring profile used to determine how often packets should be marked. |
radius-server | Radius Servers against which to authenticate user credentials. |
rekey-interval | Hours between security key regeneration. Recommended value 24 hours. |
remote-login | Configure Remote Login |
resource-group | Collect objects into a management group. |
router | The router configuration element serves as a container for holding the nodes of a single deployed router, along with their policies. |
routing | authority level routing configuration |
security | The security elements represent security policies for governing how and when the SSR encrypts and/or authenticates packets. |
service | The service configuration is where you define the services that reside within the authority's tenants as well as the policies to apply to those services. |
service-class | Defines the association between DSCP value and a priority queue. |
service-policy | A service policy, which defines parameters applied to services that reference the policy |
session-record-profile | A profile to describe how to collect session records. |
session-records | Configure Session Records |
session-recovery-detection | Configure Session Recovery Detection |
session-type | Type of session classification based on protocol and port, and associates it with a default class of service. |
show | Show configuration data for 'authority' |
software-access | Configuration for SSR software access for the authority. Supported on managed assets only. |
software-update | Configure Software Update |
step | Configure Step |
step-repo | List of Service and Topology Exchange Protocol repositories. |
tenant | A customer or user group within the Authority. |
traffic-profile | A set of minimum guaranteed bandwidths, one for each traffic priority |
trusted-ca-certificate | The trusted-ca-certificate configuration contains CA certificate content. |
web-messages | Configure Web Messages |
web-theme | Configure Web Theme |
configure authority access-management
Role Based Access Control (RBAC) configuration.
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
role | Configure Role |
show | Show configuration data for 'access-management' |
token | Configuration for HTTP authentication token generation. |
configure authority access-management role
Configure Role
Usage
configure authority access-management role <name>
Positional Arguments
name | description |
---|---|
name | A unique name that identifies this role. |
Subcommands
command | description |
---|---|
capability | The capabilities that this user will be granted. |
clone | Clone a list item |
delete | Delete configuration data |
description | A description about the role. |
exclude-resource | Exclude a resource from being associated with this role. |
name | A unique name that identifies this role. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
resource | Associate this role with a resource. |
resource-group | Associate this role with a top-level resource-group. |
show | Show configuration data for 'role' |
configure authority access-management role capability
The capabilities that this user will be granted.
Usage
configure authority access-management role capability [<identityref>]
Positional Arguments
name | description |
---|---|
identityref | Value to add to this list |
Description
identityref
A value from a set of predefined names.
Options:
- config-read: Configuration Read Capability
- config-write: Configuration Write Capability
- provisioning: Asset Provisioning Capability
configure authority access-management role description
A description about the role.
Usage
configure authority access-management role description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority access-management role exclude-resource
Exclude a resource from being associated with this role.
Usage
configure authority access-management role exclude-resource <id>
Positional Arguments
name | description |
---|---|
id | Configure Id |
Subcommands
command | description |
---|---|
id | Configure Id |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'exclude-resource' |
configure authority access-management role exclude-resource id
Configure ID
Usage
configure authority access-management role exclude-resource id [<resource-id>]
Positional Arguments
name | description |
---|---|
resource-id | The value to set for this field |
Description
resource-id (string)
The identifier of the resource.
Must be either just a *
asterisk or an identifier
followed by a colon which is then followed by either
an asterisk, or a path that contains only valid yang
names and list-keys separated by forward-slashes and
optionally followed by a forward-slash and an asterisk.
Example: SSR:/authority/router/MyRouter/*
configure authority access-management role name
A unique name that identifies this role.
Usage
configure authority access-management role name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority access-management role resource
Associate this role with a resource.
Usage
configure authority access-management role resource <id>
Positional Arguments
name | description |
---|---|
id | Configure Id |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
generated | Indicates whether or not the resource was automatically generated |
id | Configure Id |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'resource' |
configure authority access-management role resource generated
Indicates whether or not the resource was automatically generated
Usage
configure authority access-management role resource generated [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
boolean
A true or false value.
Options: true or false
configure authority access-management role resource id
Configure ID
Usage
configure authority access-management role resource id [<resource-id>]
Positional Arguments
name | description |
---|---|
resource-id | The value to set for this field |
Description
resource-id (string)
The identifier of the resource.
Must be either just a *
asterisk or an identifier
followed by a colon which is then followed by either
an asterisk, or a path that contains only valid yang
names and list-keys separated by forward-slashes and
optionally followed by a forward-slash and an asterisk.
Example: SSR:/authority/router/MyRouter/*
configure authority access-management role resource-group
Associate this role with a top-level resource-group.
Usage
configure authority access-management role resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority access-management token
Configuration for HTTP authentication token generation.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
expiration | Minutes after initial authentication that the authentication token is valid. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'token' |
configure authority access-management token expiration
Minutes after initial authentication that the authentication token is valid.
Usage
configure authority access-management token expiration [<union>]
Positional Arguments
name | description |
---|---|
union | The value to set for this field |
Description
Units: minutes
Default: never
union
A value that corresponds to one of its member types.
Must be one of the following types:
(0) uint64
An unsigned 64-bit integer.
Range: 1-18446744073709551615
(1) enumeration
A value from a set of predefined names.
Options: never Never expire
configure authority alarm-shelving
Configuration to control alarm shelving behavior.
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
shelf | Shelf configuration and criteria for classifying alarms as shelved. |
show | Show configuration data for 'alarm-shelving' |
configure authority alarm-shelving shelf
Shelf configuration and criteria for classifying alarms as shelved.
Usage
configure authority alarm-shelving shelf <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary name for the alarm shelf. |
Subcommands
command | description |
---|---|
applies-to | Logical group to which a configuration element applies |
category | Shelve alarms for this category. |
clone | Clone a list item |
delete | Delete configuration data |
generated | Indicates whether or not the Shelf was automatically generated as a result of Alarm Shelf generation. |
match-type | How the individual items in the shelf should be matched in order to trigger the shelving |
message-regex | Shelve alarms with messages that match this regex. |
name | An arbitrary name for the alarm shelf. |
node-name | Shelve alarms from this node. |
node-name-regex | Shelve alarms from nodes that match this regex. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
router-name | Shelve alarms from this router. |
router-name-regex | Shelve alarms from routers that match this regex. |
severity | Shelve alarms for this severity. |
show | Show configuration data for 'shelf' |
configure authority alarm-shelving shelf applies-to
Logical group to which a configuration element applies
Usage
configure authority alarm-shelving shelf applies-to <type>
Positional Arguments
name | description |
---|---|
type | Type of group to which the configuration applies. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
group-name | Name of the router-group to which this configuration applies. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
resource-group | Name of the resource-group to which this configuration applies. |
router-name | Name of the router to which this configuration applies. |
show | Show configuration data for 'applies-to' |
type | Type of group to which the configuration applies. |
configure authority alarm-shelving shelf applies-to group-name
Name of the router-group to which this configuration applies.
Usage
configure authority alarm-shelving shelf applies-to group-name [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | Value to add to this list |
Description
leafref
A reference to an existing value in the instance data.
configure authority alarm-shelving shelf applies-to resource-group
Name of the resource-group to which this configuration applies.
Usage
configure authority alarm-shelving shelf applies-to resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority alarm-shelving shelf applies-to router-name
Name of the router to which this configuration applies.
Usage
configure authority alarm-shelving shelf applies-to router-name [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | Value to add to this list |
Description
leafref
A reference to an existing value in the instance data.
configure authority alarm-shelving shelf applies-to type
Type of group to which the configuration applies.
Usage
configure authority alarm-shelving shelf applies-to type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
enumeration
A value from a set of predefined names.
Options:
- authority: Applies to all routers in the authority.
- router: Router(s) to which the configuration applies.
- router-group: Logical group of router(s) to which the configuration applies.
- resource-group: An RBAC management group to which the configuration applies
configure authority alarm-shelving shelf category
Shelve alarms for this category.
Usage
configure authority alarm-shelving shelf category [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: none
enumeration
A value from a set of predefined names.
Options:
- none: A Category of "none" indicates that Category will not be considered when evaluating alarms against this shelf
- extensible-alarm: Shelve alarms with a category of "extensible-alarm"
- system: Shelve alarms with a category of "system"
- process: Shelve alarms with a category of "process"
- interface: Shelve alarms with a category of "interface"
- platform: Shelve alarms with a category of "platform"
- peer: Shelve alarms with a category of "peer"
- base: Shelve alarms with a category of "base"
- node-base: Shelve alarms with a category of "node-base"
- global-base: Shelve alarms with a category of "global-base"
- network-interface: Shelve alarms with a category of "network-interface"
- platform-stat: Shelve alarms with a category of "platform-stat"
- redundancy: Shelve alarms with a category of "redundancy"
- giid: Shelve alarms with a category of "giid"
- asset: Shelve alarms with a category of "asset"
- prefix-delegation: Shelve alarms with a category of "prefix-delegation"
- service: Shelve alarms with a category of "service"
- bgp-neighbor: Shelve alarms with a category of "bgp-neighbor"
- msdp-neighbor: Shelve alarms with a category of "msdp-neighbor"
configure authority alarm-shelving shelf generated
Indicates whether or not the Shelf was automatically generated as a result of Alarm Shelf generation.
Usage
configure authority alarm-shelving shelf generated [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
boolean
A true or false value.
Options: true or false
configure authority alarm-shelving shelf match-type
How the individual items in the shelf should be matched in order to trigger the shelving
Usage
configure authority alarm-shelving shelf match-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: all
enumeration
A value from a set of predefined names.
Options:
- all: All items in the shelf must match an alarm in order to trigger the shelving.
- any: At least one item in the shelf must match an alarm in order to trigger the shelving
configure authority alarm-shelving shelf message-regex
Shelve alarms with messages that match this regex.
Usage
configure authority alarm-shelving shelf message-regex [<regex>]
Positional Arguments
name | description |
---|---|
regex | The value to set for this field |
Description
regex (string)
A regular expression (regex) type.
configure authority alarm-shelving shelf name
An arbitrary name for the alarm shelf.
Usage
configure authority alarm-shelving shelf name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority alarm-shelving shelf node-name
Shelve alarms from this node.
Usage
configure authority alarm-shelving shelf node-name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority alarm-shelving shelf node-name-regex
Shelve alarms from nodes that match this regex.
Usage
configure authority alarm-shelving shelf node-name-regex [<regex>]
Positional Arguments
name | description |
---|---|
regex | The value to set for this field |
Description
regex (string)
A regular expression (regex) type.
configure authority alarm-shelving shelf router-name
Shelve alarms from this router.
Usage
configure authority alarm-shelving shelf router-name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority alarm-shelving shelf router-name-regex
Shelve alarms from routers that match this regex.
Usage
configure authority alarm-shelving shelf router-name-regex [<regex>]
Positional Arguments
name | description |
---|---|
regex | The value to set for this field |
Description
regex (string)
A regular expression (regex) type.
configure authority alarm-shelving shelf severity
Shelve alarms for this severity.
Usage
configure authority alarm-shelving shelf severity [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: none
enumeration
A value from a set of predefined names.
Options:
- info: Shelve alarms with a severity level of "info"
- minor: Shelve alarms with a severity level of "minor"
- major: Shelve alarms with a severity level of "major"
- critical: Shelve alarms with a severity level of "critical"
- none: A Severity of "none" indicates that Severity will not be considered when evaluating alarms against this shelf
configure authority anti-virus-profile
User defined Anti-Virus profiles.
Usage
configure authority anti-virus-profile <name>
Positional Arguments
name | description |
---|---|
name | Name of the profile. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
fallback-option | Defines what action the system should take for the match. |
max-filesize | Configure Max Filesize |
mime-allowlist | MIME patterns for allowing |
name | Name of the profile. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
protocol | Defines protocols to allow. |
show | Show configuration data for 'anti-virus-profile' |
url-allowlist | URL patterns for allowing |
configure authority anti-virus-profile fallback-option
Defines what action the system should take for the match.
Usage
configure authority anti-virus-profile fallback-option [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: log-and-permit
enumeration
A value from a set of predefined names.
Options:
- permit: Permit content size.
- log-and-permit: Log and Permit content size.
- block: Block content size.
configure authority anti-virus-profile max-filesize
Configure Max Filesize
Usage
configure authority anti-virus-profile max-filesize [<uint64>]
Positional Arguments
name | description |
---|---|
uint64 | The value to set for this field |
Description
Default: 10000
uint64
An unsigned 64-bit integer.
configure authority anti-virus-profile mime-allowlist
MIME patterns for allowing
Usage
configure authority anti-virus-profile mime-allowlist [<string>]
Positional Arguments
name | description |
---|---|
string | Value to add to this list |
Description
string
A text value.
configure authority anti-virus-profile name
Name of the profile.
Usage
configure authority anti-virus-profile name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Anti-Virus profile name (default-policy|no-ftp|http-only|none) is reserved. Length: 0-20
configure authority anti-virus-profile protocol
Defines protocols to allow.
Usage
configure authority anti-virus-profile protocol [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | Value to add to this list |
Description
enumeration
A value from a set of predefined names.
Options:
- http: Allow HTTP protocol.
- smtp: Allow SMTP protocol.
- pop3: Allow POP3 protocol.
- imap: Allow IMAP protocol.
- ftp: Allow FTP protocol.
configure authority anti-virus-profile url-allowlist
URL patterns for allowing
Usage
configure authority anti-virus-profile url-allowlist [<string>]
Positional Arguments
name | description |
---|---|
string | Value to add to this list |
Description
string
A text value.
configure authority asset-connection-resiliency
Configure Asset Connection Resiliency
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Enable asset connection resiliency by creating SSH tunnels for asset connections from managed Router to Conductor. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'asset-connection-resiliency' |
ssh-only | Only allow the asset connections from managed Router to Conductor to connect via the SSH tunnels. |
configure authority asset-connection-resiliency enabled
Enable asset connection resiliency by creating SSH tunnels for asset connections from managed Router to Conductor.
Usage
configure authority asset-connection-resiliency enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority asset-connection-resiliency ssh-only
Only allow the asset connections from managed Router to Conductor to connect via the SSH tunnels.
Usage
configure authority asset-connection-resiliency ssh-only [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority backwards-compatible-vrf-bgp-tenants
When generating tenant names for VRF BGP over SVR, do not use leading or trailing underscores. This enables backwards compatibility with router versions smaller than 5.1.3
Usage
configure authority backwards-compatible-vrf-bgp-tenants [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority bgp-service-generation
Configure Bgp Service Generation
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
route-reflector-client-mesh | Generate service-route mesh for route reflector clients. |
security-policy | Security policy to be used instead of 'internal'. |
service-policy | Service policy to be used for generated BGP services. |
show | Show configuration data for 'bgp-service-generation' |
configure authority bgp-service-generation route-reflector-client-mesh
Generate service-route mesh for route reflector clients.
Usage
configure authority bgp-service-generation route-reflector-client-mesh [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority bgp-service-generation security-policy
Security policy to be used instead of 'internal'.
Usage
configure authority bgp-service-generation security-policy [<security-ref>]
Positional Arguments
name | description |
---|---|
security-ref | The value to set for this field |
Description
security-ref (leafref)
This type is used by other entities that need to reference configured security policies.
configure authority bgp-service-generation service-policy
Service policy to be used for generated BGP services.
Usage
configure authority bgp-service-generation service-policy [<service-policy-ref>]
Positional Arguments
name | description |
---|---|
service-policy-ref | The value to set for this field |
Description
service-policy-ref (leafref)
This type is used by other entities that need to reference configured service policies.
configure authority cli-messages
Configure Cli Messages
Subcommands
command | description |
---|---|
delete | Delete configuration data |
login-message | The message displayed before login through console. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'cli-messages' |
welcome-message | The message displayed after a successful login through console. |
configure authority cli-messages login-message
The message displayed before login through console.
Usage
configure authority cli-messages login-message [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority cli-messages welcome-message
The message displayed after a successful login through console.
Usage
configure authority cli-messages welcome-message [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority client-certificate
The client-certificate configuration contains client certificate content.
Usage
configure authority client-certificate <name>
Positional Arguments
name | description |
---|---|
name | An identifier for the client certificate. |
Subcommands
command | description |
---|---|
content | Client certificate content. |
delete | Delete configuration data |
name | An identifier for the client certificate. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'client-certificate' |
validation-mode | Client certificate validation mode. |
configure authority client-certificate content
Client certificate content.
Usage
configure authority client-certificate content [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string (required)
A text value.
configure authority client-certificate name
An identifier for the client certificate.
Usage
configure authority client-certificate name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority client-certificate validation-mode
Client certificate validation mode.
Usage
configure authority client-certificate validation-mode [<certificate-validation-mode>]
Positional Arguments
name | description |
---|---|
certificate-validation-mode | The value to set for this field |
Description
certificate-validation-mode (enumeration)
Sets the mode of certificate validation
Options:
- strict: Reject insecure certificates during import.
- warn: Warn when importing insecure certificates
configure authority conductor-address
IP address or FQDN of the conductor
Usage
configure authority conductor-address [<hostv4>]
Positional Arguments
name | description |
---|---|
hostv4 | Value to add to this list |
Description
hostv4 (union)
The host type represents either an IPv4 address or a DNS domain name.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority currency
Local monetary unit.
Usage
configure authority currency [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
Default: USD
string
A text value.
configure authority district
Districts in the authority.
Usage
configure authority district <name>
Positional Arguments
name | description |
---|---|
name | Name of the district. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
name | Name of the district. |
neighborhood | Neighborhoods which belong to this district. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
resource-group | Associate this district with a top-level resource-group. |
show | Show configuration data for 'district' |
configure authority district name
Name of the district.
Usage
configure authority district name [<non-default-district-name>]
Positional Arguments
name | description |
---|---|
non-default-district-name | The value to set for this field |
Description
non-default-district-name (string)
A text value.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority district neighborhood
Neighborhoods which belong to this district.
Usage
configure authority district neighborhood [<neighborhood-id>]
Positional Arguments
name | description |
---|---|
neighborhood-id | Value to add to this list |
Description
neighborhood-id (string)
A string identifier for network neighborhood.
Must contain only alphanumeric characters or any of the following: . _ - Length: 0-63
configure authority district resource-group
Associate this district with a top-level resource-group.
Usage
configure authority district resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority dscp-map
Configure Dscp Map
Usage
configure authority dscp-map <name>
Positional Arguments
name | description |
---|---|
name | The name of the DSCP map |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
dscp-prioritization | Mapping from incoming DSCP value to a priority. These values are used when in DSCP trust mode. |
dscp-traffic-class | Mapping from incoming DSCP value to a traffic-class. These values are used when in DSCP trust mode. |
name | The name of the DSCP map |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
resource-group | Associate this DSCP map with a top-level resource-group. |
show | Show configuration data for 'dscp-map' |
configure authority dscp-map dscp-prioritization
Mapping from incoming DSCP value to a priority. These values are used when in DSCP trust mode.
Usage
configure authority dscp-map dscp-prioritization <priority>
Positional Arguments
name | description |
---|---|
priority | The priority assigned to the incoming DSCP value. |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
dscp-range | Configure Dscp Range |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
priority | The priority assigned to the incoming DSCP value. |
show | Show configuration data for 'dscp-prioritization' |
configure authority dscp-map dscp-prioritization dscp-range
Configure Dscp Range
Usage
configure authority dscp-map dscp-prioritization dscp-range <start-value>
Positional Arguments
name | description |
---|---|
start-value | Lower DSCP number. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
end-value | Upper DSCP number. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'dscp-range' |
start-value | Lower DSCP number. |
configure authority dscp-map dscp-prioritization dscp-range end-value
Upper DSCP number.
Usage
configure authority dscp-map dscp-prioritization dscp-range end-value [<dscp-end-value>]
Positional Arguments
name | description |
---|---|
dscp-end-value | The value to set for this field |
Description
dscp-end-value (uint8)
Upper dscp range value. Default value is the start dscp value
Range: 0-63
configure authority dscp-map dscp-prioritization dscp-range start-value
Lower DSCP number.
Usage
configure authority dscp-map dscp-prioritization dscp-range start-value [<dscp>]
Positional Arguments
name | description |
---|---|
dscp | The value to set for this field |
Description
dscp (uint8) (required)
A DSCP value (0-63)
Range: 0-63
configure authority dscp-map dscp-prioritization priority
The priority assigned to the incoming DSCP value.
Usage
configure authority dscp-map dscp-prioritization priority [<priority-id>]
Positional Arguments
name | description |
---|---|
priority-id | The value to set for this field |
Description
priority-id (uint8)
An unsigned 8-bit integer.
Range: 0-3
configure authority dscp-map dscp-traffic-class
Mapping from incoming DSCP value to a traffic-class. These values are used when in DSCP trust mode.
Usage
configure authority dscp-map dscp-traffic-class <traffic-class>
Positional Arguments
name | description |
---|---|
traffic-class | The traffic-class assigned to the incoming DSCP value. |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
dscp-range | Configure Dscp Range |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'dscp-traffic-class' |
traffic-class | The traffic-class assigned to the incoming DSCP value. |
configure authority dscp-map dscp-traffic-class dscp-range
Configure Dscp Range
Usage
configure authority dscp-map dscp-traffic-class dscp-range <start-value>
Positional Arguments
name | description |
---|---|
start-value | Lower DSCP number. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
end-value | Upper DSCP number. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'dscp-range' |
start-value | Lower DSCP number. |
configure authority dscp-map dscp-traffic-class dscp-range end-value
Upper DSCP number.
Usage
configure authority dscp-map dscp-traffic-class dscp-range end-value [<dscp-end-value>]
Positional Arguments
name | description |
---|---|
dscp-end-value | The value to set for this field |
Description
dscp-end-value (uint8)
Upper dscp range value. Default value is the start dscp value
Range: 0-63
configure authority dscp-map dscp-traffic-class dscp-range start-value
Lower DSCP number.
Usage
configure authority dscp-map dscp-traffic-class dscp-range start-value [<dscp>]
Positional Arguments
name | description |
---|---|
dscp | The value to set for this field |
Description
dscp (uint8) (required)
A DSCP value (0-63)
Range: 0-63
configure authority dscp-map dscp-traffic-class traffic-class
The traffic-class assigned to the incoming DSCP value.
Usage
configure authority dscp-map dscp-traffic-class traffic-class [<traffic-class-id>]
Positional Arguments
name | description |
---|---|
traffic-class-id | The value to set for this field |
Description
traffic-class-id (enumeration)
Relative priority of traffic.
Options:
- high: High priority traffic class.
- medium: Medium priority traffic class.
- low: Low priority traffic class.
- best-effort: Best-effort priority traffic class.
configure authority dscp-map name
The name of the DSCP map
Usage
configure authority dscp-map name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority dscp-map resource-group
Associate this DSCP map with a top-level resource-group.
Usage
configure authority dscp-map resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority dynamic-hostname
Hostname format for interfaces with dynamic addresses. It is a template with subsitution variables used to generate a unique hostname corresponding to Network Interfaces that have dynamically learned IP addresses. Uses the following substitution variables: {interface-id}
for Network Interface Global Identifier, {router-name}
for Router Name, {authority-name}
for Authority Name. For example, interface-{interface-id}.{router-name}.{authority-name}
.
Usage
configure authority dynamic-hostname [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
Default: interface-{interface-id}.{router-name}.{authority-name}
string
A text value.
Must contain substitution variables:
{interface-id}
for Network Interface Global Identifier
{router-name}
for Router Name
{authority-name}
for Authority Name
For example, interface-{interface-id}.{router-name}.{authority-name}
.
Any other characters must be alphanumeric or any of the
following: - _ .
configure authority fib-service-match
When creating FIB entries by matching route updates to service addresses, consider the specified service addresses.
Usage
configure authority fib-service-match [ best-match-only | any-match ]
Positional Arguments
name | description |
---|---|
best-match-only | This is the default value, and legacy behavior. When comparing prefixes from a route update to addresses configured in services, only addresses with the longest prefix match for a particular route are considered. In cases of transport overlap, services are visited in alphabetical order. |
any-match | All service addresses that match the route update are considered when creating the FIB entries, including those with prefixes shorter than the update or those that do not have the best match service address. The transports from the service with the longest prefix are considered first. This minimizes missed entries, but may result in a higher FIB usage. |
Description
Default: best-match-only
enumeration
A value from a set of predefined names.
Options:
- best-match-only: Longest matching service prefix only.
- any-match: All service prefixes are considered.
configure authority forward-error-correction-profile
A profile for Forward Error Correection parameters, describing how often to send parity packets.
Usage
configure authority forward-error-correction-profile <name>
Positional Arguments
name | description |
---|---|
name | The name of the Forward Error Correction profile |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
mode | Whether to dynamically adjust forward error correction to account for observed loss. |
name | The name of the Forward Error Correction profile |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
ratio | The ratio (expressed as x:1) which will dictate the number of data packets to transmit before a parity packet will be transmitted. |
show | Show configuration data for 'forward-error-correction-profile' |
configure authority forward-error-correction-profile mode
Whether to dynamically adjust forward error correction to account for observed loss.
Usage
configure authority forward-error-correction-profile mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: dynamic
enumeration
A value from a set of predefined names.
Options:
- dynamic: Alter ratio of packets to parity based on loss observed.
- static: Use a consistent ratio of packets to parity regardless of loss.
configure authority forward-error-correction-profile name
The name of the Forward Error Correction profile
Usage
configure authority forward-error-correction-profile name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority forward-error-correction-profile ratio
The ratio (expressed as x:1) which will dictate the number of data packets to transmit before a parity packet will be transmitted.
Usage
configure authority forward-error-correction-profile ratio [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 10
uint8
An unsigned 8-bit integer.
Range: 2-50
configure authority icmp-control
Settings for ICMP packet handling
Subcommands
command | description |
---|---|
delete | Delete configuration data |
icmp-async-reply | Whether to allow ICMP replies to be forwarded without corresponding requests. |
icmp-session-match | How to differentiate ICMP sessions. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'icmp-control' |
configure authority icmp-control icmp-async-reply
Whether to allow ICMP replies to be forwarded without corresponding requests.
Usage
configure authority icmp-control icmp-async-reply [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: allow
enumeration
A value from a set of predefined names.
Options:
- drop: ICMP replies without matching requests are dropped.
- allow: ICMP replies without matching requests are forwarded.
configure authority icmp-control icmp-session-match
How to differentiate ICMP sessions.
Usage
configure authority icmp-control icmp-session-match [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: identifier-only
enumeration
A value from a set of predefined names.
Options:
- identifier-only: ICMP sessions are based on identifier.
- identifier-and-type: ICMP sessions are based on identifier and type.
configure authority idp-profile
User defined IDP profiles.
Usage
configure authority idp-profile <name>
Positional Arguments
name | description |
---|---|
name | Name of the profile. |
Subcommands
command | description |
---|---|
base-policy | Base policy used when building rules. |
clone | Clone a list item |
delete | Delete configuration data |
name | Name of the profile. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
rule | Configure Rule |
show | Show configuration data for 'idp-profile' |
configure authority idp-profile base-policy
Base policy used when building rules.
Usage
configure authority idp-profile base-policy [<idp-policy>]
Positional Arguments
name | description |
---|---|
idp-policy | The value to set for this field |
Description
idp-policy (enumeration) (required)
Predefined policies for intrusion detection actions.
Options:
- alert: A policy that only alerts.
- standard: The standard blocking and alerting policy.
- strict: A strict blocking and alerting policy.
- critical: A strict blocking and alerting policy with dynamic group critical.
configure authority idp-profile name
Name of the profile.
Usage
configure authority idp-profile name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - IDP profile name (alert|strict|standard|none) is reserved. Length: 0-63
configure authority idp-profile rule
Configure Rule
Usage
configure authority idp-profile rule <name>
Positional Arguments
name | description |
---|---|
name | Name of the rule. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
description | Description of the rule. |
match | The options to use for matching. |
name | Name of the rule. |
outcome | The outcome applied to the match |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'rule' |
configure authority idp-profile rule description
Description of the rule.
Usage
configure authority idp-profile rule description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority idp-profile rule match
The options to use for matching.
Subcommands
command | description |
---|---|
client-address | Client address prefix to match in the rule. |
delete | Delete configuration data |
destination-address | Destination address prefix to match in the rule. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
severities | List of severity to match in the rule. |
severity | Match vulnerabilities only with severity mentioned or above. |
show | Show configuration data for 'match' |
vulnerability | List of custom vulnerabilities to match in the rule. |
configure authority idp-profile rule match client-address
Client address prefix to match in the rule.
Usage
configure authority idp-profile rule match client-address [<ip-prefix>]
Positional Arguments
name | description |
---|---|
ip-prefix | Value to add to this list |
Description
ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority idp-profile rule match destination-address
Destination address prefix to match in the rule.
Usage
configure authority idp-profile rule match destination-address [<ip-prefix>]
Positional Arguments
name | description |
---|---|
ip-prefix | Value to add to this list |
Description
ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority idp-profile rule match severities
List of severity to match in the rule.
Usage
configure authority idp-profile rule match severities [<idp-severity>]
Positional Arguments
name | description |
---|---|
idp-severity | Value to add to this list |
Description
idp-severity (enumeration)
Severity levels for IDP rules.
Options:
- minor: Filter minor or higher vulnerabilities.
- major: Filter major or higher vulnerabilities.
- critical: Filter only critical vulnerabilities.
configure authority idp-profile rule match severity
Match vulnerabilities only with severity mentioned or above.
Usage
configure authority idp-profile rule match severity [<idp-severity>]
Positional Arguments
name | description |
---|---|
idp-severity | The value to set for this field |
Description
idp-severity (enumeration)
Severity levels for IDP rules.
Options:
- minor: Filter minor or higher vulnerabilities.
- major: Filter major or higher vulnerabilities.
- critical: Filter only critical vulnerabilities.
configure authority idp-profile rule match vulnerability
List of custom vulnerabilities to match in the rule.
Usage
configure authority idp-profile rule match vulnerability [<string>]
Positional Arguments
name | description |
---|---|
string | Value to add to this list |
Description
string
A text value.
configure authority idp-profile rule name
Name of the rule.
Usage
configure authority idp-profile rule name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority idp-profile rule outcome
The outcome applied to the match
Subcommands
command | description |
---|---|
action | Defines what action the system should take for the match. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
severity | Modify a vulnerability severity level of the match. |
show | Show configuration data for 'outcome' |
configure authority idp-profile rule outcome action
Defines what action the system should take for the match.
Usage
configure authority idp-profile rule outcome action [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
enumeration (required)
A value from a set of predefined names.
Options:
- alert: Alert only.
- drop: Drop session.
- close-tcp-connection: Close TCP Connection.
configure authority idp-profile rule outcome severity
Modify a vulnerability severity level of the match.
Usage
configure authority idp-profile rule outcome severity [<idp-severity>]
Positional Arguments
name | description |
---|---|
idp-severity | The value to set for this field |
Description
idp-severity (enumeration)
Severity levels for IDP rules.
Options:
- minor: Filter minor or higher vulnerabilities.
- major: Filter major or higher vulnerabilities.
- critical: Filter only critical vulnerabilities.
configure authority ipfix-collector
Configuration for IPFIX record export.
Usage
configure authority ipfix-collector <name>
Positional Arguments
name | description |
---|---|
name | A unique name for the collector. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
interim-record-interval | The time after which a new interim record will be generated if a flow still exists. |
ip-address | The IP address or hostname of the collector. |
name | A unique name for the collector. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
port | The port of the collector. |
protocol | The transport protocol to be used when communicating with the collector. |
resource-group | Associate this IPFIX collector with a top-level resource-group. |
sampling-percentage | The percentage of flows to be selected for export OR 'dynamic'. When set to 'dynamic', the system will select a percentage based on the current data volume as follows: || < 100 Mb/s : 1 in 256 || < 1 Gb/s : 1 in 512 || < 10 Gb/s : 1 in 1024 || < 25 Gb/s : 1 in 2048 || > 25 Gb/s : 1 in 8192 || |
show | Show configuration data for 'ipfix-collector' |
template-refresh-interval | The time between template retransmissions when using the UDP protocol. |
tenant | The tenants whose records this collector should receive. An empty list indicates all tenants. |
configure authority ipfix-collector interim-record-interval
The time after which a new interim record will be generated if a flow still exists.
Usage
configure authority ipfix-collector interim-record-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 120
uint32
An unsigned 32-bit integer.
Range: 60-1800
configure authority ipfix-collector ip-address
The IP address or hostname of the collector.
Usage
configure authority ipfix-collector ip-address [<host>]
Positional Arguments
name | description |
---|---|
host | The value to set for this field |
Description
host (union) (required)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ip-address (union) (required)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string) (required):
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string) (required):
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(1) domain-name (string) (required)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority ipfix-collector name
A unique name for the collector.
Usage
configure authority ipfix-collector name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority ipfix-collector port
The port of the collector.
Usage
configure authority ipfix-collector port [<l4-port>]
Positional Arguments
name | description |
---|---|
l4-port | The value to set for this field |
Description
Default: 4739
l4-port (uint16)
Transport (layer 4) port number.
Range: 0-65535
configure authority ipfix-collector protocol
The transport protocol to be used when communicating with the collector.
Usage
configure authority ipfix-collector protocol [<ipfix-protocol>]
Positional Arguments
name | description |
---|---|
ipfix-protocol | The value to set for this field |
Description
Default: tcp
ipfix-protocol (enumeration)
Transport (Layer 4) protocol.
Options:
- tcp: Transmission Control Protocol.
- udp: User Datagram Protocol.
configure authority ipfix-collector resource-group
Associate this IPFIX collector with a top-level resource-group.
Usage
configure authority ipfix-collector resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority ipfix-collector sampling-percentage
The percentage of flows to be selected for export OR 'dynamic'. When set to 'dynamic', the system will select a percentage based on the current data volume as follows: || < 100 Mb/s : 1 in 256 || < 1 Gb/s : 1 in 512 || < 10 Gb/s : 1 in 1024 || < 25 Gb/s : 1 in 2048 || > 25 Gb/s : 1 in 8192 ||
Usage
configure authority ipfix-collector sampling-percentage [<union>]
Positional Arguments
name | description |
---|---|
union | The value to set for this field |
Description
Default: dynamic
union
A value that corresponds to one of its member types.
Must be one of the following types:
(0) decimal64
A 64-bit decimal value.
Range: 0-100 Fraction digits: 16
(1) enumeration
A value from a set of predefined names.
Options:
- dynamic: Dynamically determine sampling based on data volume.
configure authority ipfix-collector template-refresh-interval
The time between template retransmissions when using the UDP protocol.
Usage
configure authority ipfix-collector template-refresh-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 60
uint32
An unsigned 32-bit integer.
Range: 60-1800
configure authority ipfix-collector tenant
The tenants whose records this collector should receive. An empty list indicates all tenants.
Usage
configure authority ipfix-collector tenant [<tenant-ref>]
Positional Arguments
name | description |
---|---|
tenant-ref | Value to add to this list |
Description
tenant-ref (leafref)
This type is used by other entities that need to reference configured tenants.
configure authority ipv4-option-filter
Configure Ipv 4 Option Filter
Subcommands
command | description |
---|---|
action | How packets containing option headers are treated when being processed. |
delete | Delete configuration data |
drop-exclusion | Option headers that will not cause the packet to be dropped when present. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'ipv4-option-filter' |
configure authority ipv4-option-filter action
How packets containing option headers are treated when being processed.
Usage
configure authority ipv4-option-filter action [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: allow-all
enumeration
A value from a set of predefined names.
Options:
- allow-all: Allow all packets that contain options headers.
- drop-all: Drop all packets that contain options headers except for those defined in the exclusion list.
configure authority ipv4-option-filter drop-exclusion
Option headers that will not cause the packet to be dropped when present.
Usage
configure authority ipv4-option-filter drop-exclusion [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | Value to add to this list |
Description
uint8
An unsigned 8-bit integer.
Range: 0-255
configure authority ldap-server
LDAP Servers against which to authenticate user credentials.
Usage
configure authority ldap-server <name>
Positional Arguments
name | description |
---|---|
name | The name of the LDAP server. |
Subcommands
command | description |
---|---|
address | The IP address or FQDN of the LDAP server. |
auto-generate-filter | When enabled, the SSR will generate user-search-base and group-search-base LDAP filters. |
bind-type | The type of binding to the LDAP server. |
certificate-assurance | LDAP assurance level to apply on server certificates in a TLS session. |
delete | Delete configuration data |
distinguished-name | The distinguished name to use for binding to the server. |
group-search-base | An optional group search LDAP filter to restrict searches for this attribute type. |
name | The name of the LDAP server. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
password | The password to use for binding to the server. |
port | Port to connect to LDAP server. |
resource-group | Associate this LDAP server with a top-level resource-group. |
search-base | The LDAP search base string. |
server-type | The type of LDAP server. |
show | Show configuration data for 'ldap-server' |
user-search-base | An optional user search LDAP filter to restrict searches for this attribute type. |
configure authority ldap-server address
The IP address or FQDN of the LDAP server.
Usage
configure authority ldap-server address [<host>]
Positional Arguments
name | description |
---|---|
host | The value to set for this field |
Description
host (union) (required)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ip-address (union) (required)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string) (required):
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string) (required)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(2) domain-name (string) (required)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority ldap-server auto-generate-filter
When enabled, the SSR will generate user-search-base and group-search-base LDAP filters.
Usage
configure authority ldap-server auto-generate-filter [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority ldap-server bind-type
The type of binding to the LDAP server.
Usage
configure authority ldap-server bind-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: anonymous
enumeration
A value from a set of predefined names.
Options:
- anonymous: Bind to this server anonymously.
- unauthenticated: Bind to this server with a distinguished name only.
- password: Bind to this server with a distinguished name and password.
configure authority ldap-server certificate-assurance
LDAP assurance level to apply on server certificates in a TLS session.
Usage
configure authority ldap-server certificate-assurance [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: strong
enumeration
A value from a set of predefined names.
Options:
- weak: Do not request or check any server certificates.
- mild: Ignore invalid or missing certificates but check for hostname
- moderate: Terminate on invalid certificate but ignore missing certificates.
- strong: Terminate on invalid and missing certificates.
configure authority ldap-server distinguished-name
The distinguished name to use for binding to the server.
Usage
configure authority ldap-server distinguished-name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
Length: 1-18446744073709551615
configure authority ldap-server group-search-base
An optional group search LDAP filter to restrict searches for this attribute type.
Usage
configure authority ldap-server group-search-base [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
Length: 1-18446744073709551615
configure authority ldap-server name
The name of the LDAP server.
Usage
configure authority ldap-server name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority ldap-server password
The password to use for binding to the server.
Usage
configure authority ldap-server password [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
Length: 1-18446744073709551615
configure authority ldap-server port
Port to connect to LDAP server.
Usage
configure authority ldap-server port [<union>]
Positional Arguments
name | description |
---|---|
union | The value to set for this field |
Description
Default: server-type-default
union
A value that corresponds to one of its member types.
Must be one of the following types:
(0) l4-port (uint16)
Transport (layer 4) port number.
Range: 0-65535
(1) enumeration
A value from a set of predefined names.
Options:
- server-type-default: Use the default based on server-type.
configure authority ldap-server resource-group
Associate this LDAP server with a top-level resource-group.
Usage
configure authority ldap-server resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority ldap-server search-base
The LDAP search base string.
Usage
configure authority ldap-server search-base [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string (required)
A text value.
Length: 1-18446744073709551615
configure authority ldap-server server-type
The type of LDAP server.
Usage
configure authority ldap-server server-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: ldaps
enumeration
A value from a set of predefined names.
Options:
- starttls: Connect to this server using STARTTLS. Default port is 389.
- ldaps: Connect to this server via LDAPS. Default port is 636.
- global-catalog: Connect to this server as an Active Directory Global Catalog. Default port is 3269.
configure authority ldap-server user-search-base
An optional user search LDAP filter to restrict searches for this attribute type.
Usage
configure authority ldap-server user-search-base [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
Length: 1-18446744073709551615
configure authority management-service-generation
Configure Management Service Generation
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
service-policy | Service policy to be used instead of auto-generated service policy. |
service-route-type | Strategy to generate service-routes for management services. |
show | Show configuration data for 'management-service-generation' |
configure authority management-service-generation service-policy
Service policy to be used instead of auto-generated service policy.
Usage
configure authority management-service-generation service-policy [<service-policy-ref>]
Positional Arguments
name | description |
---|---|
service-policy-ref | The value to set for this field |
Description
service-policy-ref (leafref)
This type is used by other entities that need to reference configured service policies.
configure authority management-service-generation service-route-type
Strategy to generate service-routes for management services.
Usage
configure authority management-service-generation service-route-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: paths-as-next-hop
enumeration
A value from a set of predefined names.
Options:
- paths-as-next-hop: Generate paths on a node as next-hops
- paths-as-service-route: Generate paths on a node as service-route
configure authority metrics-profile
A collection of metrics
Usage
configure authority metrics-profile <name>
Positional Arguments
name | description |
---|---|
name | The name of the profile |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
filter | A list of parameter values that should be included in the output. |
metric | The ID of the metric as it exists in the REST API |
name | The name of the profile |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'metrics-profile' |
configure authority metrics-profile filter
A list of parameter values that should be included in the output.
Usage
configure authority metrics-profile filter <parameter>
Positional Arguments
name | description |
---|---|
parameter | The name of the parameter being referenced |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
parameter | The name of the parameter being referenced |
show | Show configuration data for 'filter' |
value | The values that should be included if matched |
configure authority metrics-profile filter parameter
The name of the parameter being referenced
Usage
configure authority metrics-profile filter parameter [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority metrics-profile filter value
The values that should be included if matched
Usage
configure authority metrics-profile filter value [<string>]
Positional Arguments
name | description |
---|---|
string | Value to add to this list |
Description
string
A text value.
configure authority metrics-profile metric
The ID of the metric as it exists in the REST API
Usage
configure authority metrics-profile metric <id>
Positional Arguments
name | description |
---|---|
id | The ID of the metric as it exists in the REST API |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
description | A customizable description of this metric's purpose |
id | The ID of the metric as it exists in the REST API |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'metric' |
configure authority metrics-profile metric description
A customizable description of this metric's purpose
Usage
configure authority metrics-profile metric description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority metrics-profile metric id
The ID of the metric as it exists in the REST API
Usage
configure authority metrics-profile metric id [<metric-id>]
Positional Arguments
name | description |
---|---|
metric-id | The value to set for this field |
Description
metric-id (string)
A string metric identifier based on the stats YANG path which only uses alphanumerics, dashes, and forward slashes.
Must contain only alphanumeric characters or any of the following: - /
configure authority metrics-profile name
The name of the profile
Usage
configure authority metrics-profile name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority name
The identifier for the Authority.
Usage
configure authority name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string) (required)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority password-policy
Password policy for user's passwords.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
deny | The number of failed login attempts before locking a user |
lifetime | The lifetime of a user's password in days |
minimum-length | The minimum length of user's password. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'password-policy' |
unlock-time | The time a user account will remained locked after failing login attempts |
configure authority password-policy deny
The number of failed login attempts before locking a user
Usage
configure authority password-policy deny [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 6
uint32
An unsigned 32-bit integer.
Range: 1-65535
configure authority password-policy lifetime
The lifetime of a user's password in days
Usage
configure authority password-policy lifetime [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: days
Default: 99999
uint32
An unsigned 32-bit integer.
Range: 1-99999
configure authority password-policy minimum-length
The minimum length of user's password.
Usage
configure authority password-policy minimum-length [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 9
uint32
An unsigned 32-bit integer.
Range: 8-65535
configure authority password-policy unlock-time
The time a user account will remained locked after failing login attempts
Usage
configure authority password-policy unlock-time [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 1800
uint32
An unsigned 32-bit integer.
configure authority pcli
Configure the PCLI.
Subcommands
command | description |
---|---|
alias | An alias is a custom PCLI command that executes another PCLI command and optionally filters the output. |
clone | Clone a list item |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'pcli' |
configure authority pcli alias
An alias is a custom PCLI command that executes another PCLI command and optionally filters the output.
Usage
configure authority pcli alias <path>
Positional Arguments
name | description |
---|---|
path | The space-delimited path to the alias. This will be the text that a user must enter to run the alias. |
Subcommands
command | description |
---|---|
clone | Clone a list item |
command | The PCLI command that the alias will run. |
delete | Delete configuration data |
description | A short, one line, description of the alias. This will be displayed in the PCLI as part of the command's help text. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
path | The space-delimited path to the alias. This will be the text that a user must enter to run the alias. |
resource-group | Associate this PCLI alias with a top-level resource-group. |
show | Show configuration data for 'alias' |
configure authority pcli alias command
The PCLI command that the alias will run.
Usage
configure authority pcli alias command <path>
Positional Arguments
name | description |
---|---|
path | The PCLI command that the alias will run. This must be an existing PCLI command but may contain a pipe (|), output redirection (> or >>), input redirection (< or <<), or the question mark to get help (?). |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
path | The PCLI command that the alias will run. This must be an existing PCLI command but may contain a pipe (|), output redirection (> or >>), input redirection (< or <<), or the question mark to get help (?). |
show | Show configuration data for 'command' |
table-filter | Filter the output table to only include the specified columns. This is a case-insensitive match (and also excludes special characters such as dashes.) |
configure authority pcli alias command path
The PCLI command that the alias will run. This must be an existing PCLI command but may contain a pipe (|), output redirection (> or >>), input redirection (< or <<), or the question mark to get help (?).
Usage
configure authority pcli alias command path [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
Length: 1-18446744073709551615
configure authority pcli alias command table-filter
Filter the output table to only include the specified columns. This is a case-insensitive match (and also excludes special characters such as dashes.)
Usage
configure authority pcli alias command table-filter [<string>]
Positional Arguments
name | description |
---|---|
string | Value to add to this list |
Description
string
A text value.
Length: 1-18446744073709551615
configure authority pcli alias description
A short, one line, description of the alias. This will be displayed in the PCLI as part of the command's help text.
Usage
configure authority pcli alias description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
Length: 1-18446744073709551615
configure authority pcli alias path
The space-delimited path to the alias. This will be the text that a user must enter to run the alias.
Usage
configure authority pcli alias path [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
Length: 1-18446744073709551615
configure authority pcli alias resource-group
Associate this PCLI alias with a top-level resource-group.
Usage
configure authority pcli alias resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority performance-monitoring-profile
A performance monitoring profile used to determine how often packets should be marked.
Usage
configure authority performance-monitoring-profile <name>
Positional Arguments
name | description |
---|---|
name | The name of the performance monitoring profile. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
interval-duration | Represents the duration of a packet marking interval in milliseconds. |
marking-count | The number of packets to mark within a given interval. |
monitor-only | Collect statistics without influencing packet processing features. |
name | The name of the performance monitoring profile. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
resource-group | Associate this performance monitoring profile with a top-level resource-group. |
show | Show configuration data for 'performance-monitoring-profile' |
configure authority performance-monitoring-profile interval-duration
Represents the duration of a packet marking interval in milliseconds.
Usage
configure authority performance-monitoring-profile interval-duration [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 10000
uint32
An unsigned 32-bit integer.
Range: 100-3600000
configure authority performance-monitoring-profile marking-count
The number of packets to mark within a given interval.
Usage
configure authority performance-monitoring-profile marking-count [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: packets
Default: 100
uint16
An unsigned 16-bit integer.
Range: 1-32767
configure authority performance-monitoring-profile monitor-only
Collect statistics without influencing packet processing features.
Usage
configure authority performance-monitoring-profile monitor-only [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority performance-monitoring-profile name
The name of the performance monitoring profile.
Usage
configure authority performance-monitoring-profile name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority performance-monitoring-profile resource-group
Associate this performance monitoring profile with a top-level resource-group.
Usage
configure authority performance-monitoring-profile resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority radius-server
Radius Servers against which to authenticate user credentials.
Usage
configure authority radius-server <name>
Positional Arguments
name | description |
---|---|
name | The name of the Radius server. |
Subcommands
command | description |
---|---|
account-creation | Control account creation behavior. |
address | The IP address or FQDN of the Radius server. |
delete | Delete configuration data |
name | The name of the Radius server. |
ocsp | Whether to check the revocation status of the Radius server's certificate. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
port | The port number Radius server listens on. |
protocol | Use TLS or UDP protocol to communicate with Radius server. |
secret | The secret key to bind to the Radius server. |
server-name | Hostname of the Radius server. |
show | Show configuration data for 'radius-server' |
timeout | Radius Request Timeout. |
configure authority radius-server account-creation
Control account creation behavior.
Usage
configure authority radius-server account-creation [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: manual
enumeration
A value from a set of predefined names.
Options:
- manual: Accounts must be created locally on the Router or Conductor before a user can log in.
- automatic: Create accounts automatically on first time login. The Radius server must contain the Vendor Specific Attribute (VSA) 'Juniper-Local-User-Name' set to the role that the user will be assigned. The role must be prefixed with 'SSR-', so to assign the user the admin role the VSA key would be set to 'SSR-admin'.
configure authority radius-server address
The IP address or FQDN of the Radius server.
Usage
configure authority radius-server address [<host>]
Positional Arguments
name | description |
---|---|
host | The value to set for this field |
Description
host (union) (required)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ip-address (union) (required)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string) (required):
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string) (required)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(2) domain-name (string) (required)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority radius-server name
The name of the Radius server.
Usage
configure authority radius-server name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority radius-server ocsp
Whether to check the revocation status of the Radius server's certificate.
Usage
configure authority radius-server ocsp [<ocsp>]
Positional Arguments
name | description |
---|---|
ocsp | The value to set for this field |
Description
ocsp (enumeration)
Whether to check the revocation status of a server's certificate.
Options:
- strict: Require a successful OCSP check in order to establish a connection.
- off: Do not check revocation status of the server certificate.
configure authority radius-server port
The port number Radius server listens on.
Usage
configure authority radius-server port [<port-number>]
Positional Arguments
name | description |
---|---|
port-number | The value to set for this field |
Description
Default: 1812
port-number (uint16)
The port-number type represents a 16-bit port number of an Internet transport layer protocol such as UDP, TCP, DCCP, or SCTP. Port numbers are assigned by IANA. A current list of all assignments is available from <http://www.iana.org/>.
Note that the port number value zero is reserved by IANA. In situations where the value zero does not make sense, it can be excluded by subtyping the port-number type.
In the value set and its semantics, this type is equivalent to the InetPortNumber textual convention of the SMIv2.
Range: 0-65535
configure authority radius-server protocol
Use TLS or UDP protocol to communicate with Radius server.
Usage
configure authority radius-server protocol [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: udp
enumeration
A value from a set of predefined names.
Options:
- udp: Use UDP protocol to communicate with Radius server.
- tls: Use TLS over TCP protocol to communicate with Radius server.
configure authority radius-server secret
The secret key to bind to the Radius server.
Usage
configure authority radius-server secret [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string (required)
A text value.
Length: 1-16
configure authority radius-server server-name
Hostname of the Radius server.
Usage
configure authority radius-server server-name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority radius-server timeout
Radius Request Timeout.
Usage
configure authority radius-server timeout [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 3
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority rekey-interval
Hours between security key regeneration. Recommended value 24 hours.
Usage
configure authority rekey-interval [<union>]
Positional Arguments
name | description |
---|---|
union | The value to set for this field |
Description
Units: hours
Default: never
union
A value that corresponds to one of its member types.
Must be one of the following types:
(0) uint32
An unsigned 32-bit integer.
Range: 1-720
(1) enumeration
A value from a set of predefined names.
Options:
- never: Never regenerate security keys
configure authority remote-login
Configure Remote Login
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Enable remote login from a Conductor to managed assets. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'remote-login' |
configure authority remote-login enabled
Enable remote login from a Conductor to managed assets.
Usage
configure authority remote-login enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority resource-group
Collect objects into a management group.
Usage
configure authority resource-group <name>
Positional Arguments
name | description |
---|---|
name | The name of the resource group. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
description | A description about the resource-group. |
name | The name of the resource group. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'resource-group' |
configure authority resource-group description
A description about the resource-group.
Usage
configure authority resource-group description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority resource-group name
The name of the resource group.
Usage
configure authority resource-group name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
Must be the single character '*' OR Must contain only alphanumeric characters or any of the following: _ - Length: 1-63
configure authority router
The router configuration element serves as a container for holding the nodes of a single deployed router, along with their policies.
Usage
configure authority router <name>
Positional Arguments
name | description |
---|---|
name | An identifier for the router. |
Subcommands
command | description |
---|---|
administrative-group | An identifier that associates this router with an administrative group. |
application-identification | Configure Application Identification |
bfd | BFD parameters for sessions between nodes within the router. |
clone | Clone a list item |
conductor-address | IP address or FQDN of the conductor |
delete | Delete configuration data |
description | A human-readable string that allows administrators to describe this configuration. |
dhcp-server-generated-address-pool | The address pool for KNI network-interfaces generated for dhcp-servers. |
district-settings | Per-district settings for the router. |
dns-config | Configure Dns Config |
entitlement | Project configuration for entitlement reporting. |
half-open-connection-limit | A limit on half-open TCP sessions. |
icmp-probe-profile | Profile for active ICMP probes for reachability-detection enforcement |
idp | Advanced IDP configuration. |
inter-node-security | The name of the security policy used for inter node communication between router interfaces |
location | A descriptive location for this SSR. |
location-coordinates | The geolocation of this router in ISO 6709 format. Some examples: (1) Degrees only: +50.20361-074.00417/ (2) Degrees and minutes: +5012.22-07400.25/ or (3) Degrees, minutes, and seconds: +501213.1-0740015.1/ |
maintenance-mode | When enabled, the router will be in maintenance mode and alarms related to this router will be shelved. |
management-service-generation | Configure Management Service Generation |
max-inter-node-way-points | Maximum number of way points to be allocated on inter-node path. |
name | An identifier for the router. |
nat-pool | A pool of shared NAT ports. |
node | List of one or two SSR software instances, comprising an SSR. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
path-mtu-discovery | Automatic path MTU discovery between nodes within the router. |
peer | Defines the properties associated with peer SSRs. The peer may be another router in the same authority or a router in a different authority |
rate-limit-policy | Configuration for rate limiting policy for all associated service traffic across all interfaces on a given node, when configured within a service-class. |
reachability-profile | Defines a traffic profile for reachability-detection enforcement |
redundancy-group | A group of redundant interfaces which will fail over together if one goes down for any reason. |
resource-group | Associate this router with a top-level resource-group. |
reverse-flow-enforcement | When to enforce biflow reverse fib entry check |
reverse-packet-session-resiliency | Parameters for setting session failover behavior without presence of forward traffic. |
router-group | Logical group of routers for filtering services. |
routing | A router-level container for all of the routing policies associated with a given SSR deployment. Each routing element may have one and only one routing-instance. |
service-route | Defines a route for a service or an instance of a service (server or service agent). |
service-route-policy | Used to define the properties of service routes. These capabilities influence route selection when determining the optimal path for establishing new sessions. |
session-records | Configure Session Records |
show | Show configuration data for 'router' |
static-hostname-mapping | Map hostnames to ip-address resolutions. These entries will be put in /etc/hosts. This will prevent DNS requests from being sent for these hostnames. |
system | System group configuration. Lets administrators configure system-wide properties for their SSR deployment. |
udp-transform | UDP transform settings for interoperating with stateful TCP firewalls for nodes within the router. |
configure authority router administrative-group
An identifier that associates this router with an administrative group.
Usage
configure authority router administrative-group [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | Value to add to this list |
Description
administrative-group
is deprecated and will be removed in a future software version
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router application-identification
Configure Application Identification
Subcommands
command | description |
---|---|
application-director-cache-max-capacity | The maximum capacity for caching application-director requests |
auto-update | Automatic updating of application data |
delete | Delete configuration data |
max-capacity | The maximum capacity for resolved next-hops under a client |
mode | Application learning modes. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
per-app-metrics | Enable per app classification metrics |
show | Show configuration data for 'application-identification' |
summary-retention | Configure Summary Retention |
summary-tracking | Enable session stats tracking by applications |
use-application-director-in-memory-db | Use in-memory db |
web-filtering | Enhanced application identification with URL based filtering |
write-interval | Interval to define how often analytics are calculated |
configure authority router application-identification application-director-cache-max-capacity
The maximum capacity for caching application-director requests
Usage
configure authority router application-identification application-director-cache-max-capacity [<uint64>]
Positional Arguments
name | description |
---|---|
uint64 | The value to set for this field |
Description
Default: 10000
uint64
An unsigned 64-bit integer.
configure authority router application-identification auto-update
Automatic updating of application data
Subcommands
command | description |
---|---|
day-of-week | The day of the week to perform updates |
delete | Delete configuration data |
enabled | Enable updates |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'auto-update' |
update-frequency | How often to attempt to update |
update-jitter | The max random jitter applied to the update time |
update-time | The hour of the day on the local system to fetch |
configure authority router application-identification auto-update day-of-week
The day of the week to perform updates
Usage
configure authority router application-identification auto-update day-of-week [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
enumeration
A value from a set of predefined names.
Options:
- sun: Download each Sunday
- mon: Download each Monday
- tue: Download each Tuesday
- wed: Download each Wednesday
- thu: Download each Thursday
- fri: Download each Friday
- sat: Download each Saturday
configure authority router application-identification auto-update enabled
Enable updates
Usage
configure authority router application-identification auto-update enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router application-identification auto-update update-frequency
How often to attempt to update
Usage
configure authority router application-identification auto-update update-frequency [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: weekly
enumeration
A value from a set of predefined names.
Options:
- daily: Download each day
- weekly: Download each week
- monthly: Download each month
configure authority router application-identification auto-update update-jitter
The max random jitter applied to the update time
Usage
configure authority router application-identification auto-update update-jitter [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 15
uint8
An unsigned 8-bit integer.
Range: 0-30
configure authority router application-identification auto-update update-time
The hour of the day on the local system to fetch
Usage
configure authority router application-identification auto-update update-time [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 2
uint8
An unsigned 8-bit integer.
Range: 0-23
configure authority router application-identification max-capacity
The maximum capacity for resolved next-hops under a client
Usage
configure authority router application-identification max-capacity [<uint64>]
Positional Arguments
name | description |
---|---|
uint64 | The value to set for this field |
Description
Default: 10000
uint64
An unsigned 64-bit integer.
configure authority router application-identification mode
Application learning modes.
Usage
configure authority router application-identification mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | Value to add to this list |
Description
enumeration
A value from a set of predefined names.
Options:
- module: Learn application via modules.
- tls: Learn application via TLS server name parsing.
- http: Learn application via HTTP host name parsing.
- all: Learn application via any available techniques.
configure authority router application-identification per-app-metrics
Enable per app classification metrics
Usage
configure authority router application-identification per-app-metrics [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router application-identification summary-retention
Configure Summary Retention
Subcommands
command | description |
---|---|
delete | Delete configuration data |
duration | How long the AppID documents should be stored |
enabled | Enable persistence of app summary to the DB for UI and other uses |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'summary-retention' |
configure authority router application-identification summary-retention duration
How long the AppID documents should be stored
Usage
configure authority router application-identification summary-retention duration [<duration>]
Positional Arguments
name | description |
---|---|
duration | The value to set for this field |
Description
Default: 24h
duration (string)
A simple time duration. Valid units are s - seconds, m - minutes, h - hours, and d - days: 5s, 10m, 24h, 15d
Must be a duration with units of seconds, minutes, hours, or days. e.g. 5s, 10m, 23h, 5d
configure authority router application-identification summary-retention enabled
Enable persistence of app summary to the DB for UI and other uses
Usage
configure authority router application-identification summary-retention enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router application-identification summary-tracking
Enable session stats tracking by applications
Usage
configure authority router application-identification summary-tracking [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router application-identification use-application-director-in-memory-db
Use in-memory db
Usage
configure authority router application-identification use-application-director-in-memory-db [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router application-identification web-filtering
Enhanced application identification with URL based filtering
Subcommands
command | description |
---|---|
classify-session | Configure Classify Session |
delete | Delete configuration data |
enabled | Whether web filtering should be enabled |
max-retransmission-attempts-before-allow | Maximum number of retransmission packet attempts having a category cache miss before allowing session to continue |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'web-filtering' |
configure authority router application-identification web-filtering classify-session
Configure Classify Session
Subcommands
command | description |
---|---|
delete | Delete configuration data |
max-cache-size | The maximum size for the in-memory cache that stores url data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
retries | The maximum retries for client to request for classifying the session |
show | Show configuration data for 'classify-session' |
timeout | Maximum time in seconds that can be taken for classifying the session |
configure authority router application-identification web-filtering classify-session max-cache-size
The maximum size for the in-memory cache that stores url data
Usage
configure authority router application-identification web-filtering classify-session max-cache-size [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 1000
uint32
An unsigned 32-bit integer.
Range: 1-500000
configure authority router application-identification web-filtering classify-session retries
The maximum retries for client to request for classifying the session
Usage
configure authority router application-identification web-filtering classify-session retries [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 3
uint32
An unsigned 32-bit integer.
Range: 1-50
configure authority router application-identification web-filtering classify-session timeout
Maximum time in seconds that can be taken for classifying the session
Usage
configure authority router application-identification web-filtering classify-session timeout [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 5
uint32
An unsigned 32-bit integer.
Range: 1-1000
configure authority router application-identification web-filtering enabled
Whether web filtering should be enabled
Usage
configure authority router application-identification web-filtering enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router application-identification web-filtering max-retransmission-attempts-before-allow
Maximum number of retransmission packet attempts having a category cache miss before allowing session to continue
Usage
configure authority router application-identification web-filtering max-retransmission-attempts-before-allow [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Units: packets
Default: 4
uint8
An unsigned 8-bit integer.
Range: 1-100
configure authority router application-identification write-interval
Interval to define how often analytics are calculated
Usage
configure authority router application-identification write-interval [<duration>]
Positional Arguments
name | description |
---|---|
duration | The value to set for this field |
Description
Default: 1m
duration (string)
A simple time duration. Valid units are s - seconds, m - minutes, h - hours, and d - days: 5s, 10m, 24h, 15d
Must be a duration with units of seconds, minutes, hours, or days. e.g. 5s, 10m, 23h, 5d
configure authority router bfd
BFD parameters for sessions between nodes within the router.
Subcommands
command | description |
---|---|
authentication-type | Describes the authentication type used in BFD packets |
delete | Delete configuration data |
desired-tx-interval | Represents the frequency with which BFD asynchronous control packets are sent to peer nodes/routers. |
dscp | The DSCP value to use with BFD packets. |
dynamic-damping | When enabled, extend the hold-down time if additional link flaps occur during the hold-down period. |
hold-down-time | Represents the hold-down time. If dynamic-damping is enabled, this is the initial hold-down time. |
link-test-interval | This represents the interval between BFD echo tests sent to the peer node/router. |
link-test-length | This is the number of packets sent during one test cycle. A value of 0 disables BFD echo tests. |
maximum-hold-down-time | Represents the maximum hold-down time of dynamic-damping exponential backoff. If the hold-down-time hits the maximum three times in a row, it will reset back to the original value. |
multiplier | Number of consecutive missed messages from a peer before deciding that the link between them is unusable. Valid range is (3,20). |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
required-min-rx-interval | Represents the minimum interval between BFD asynchronous control packets that this router is capable of supporting. |
show | Show configuration data for 'bfd' |
state | When enabled, run BFD between all nodes within the router. |
configure authority router bfd authentication-type
Describes the authentication type used in BFD packets
Usage
configure authority router bfd authentication-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: sha256
enumeration
A value from a set of predefined names.
Options:
- simple: Simple Password.
- sha256: SHA256
configure authority router bfd desired-tx-interval
Represents the frequency with which BFD asynchronous control packets are sent to peer nodes/routers.
Usage
configure authority router bfd desired-tx-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
uint32
An unsigned 32-bit integer.
Range: 50-600000
configure authority router bfd dscp
The DSCP value to use with BFD packets.
Usage
configure authority router bfd dscp [<dscp>]
Positional Arguments
name | description |
---|---|
dscp | The value to set for this field |
Description
Default: 0
dscp (uint8)
A DSCP value (0-63)
Range: 0-63
configure authority router bfd dynamic-damping
When enabled, extend the hold-down time if additional link flaps occur during the hold-down period.
Usage
configure authority router bfd dynamic-damping [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: disabled
enumeration
A value from a set of predefined names.
Options:
- enabled: Extend hold-down time exponentially if link flaps occur during hold-down time.
- disabled: Use simple hold-down timer for every link up event.
configure authority router bfd hold-down-time
Represents the hold-down time. If dynamic-damping is enabled, this is the initial hold-down time.
Usage
configure authority router bfd hold-down-time [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 5
uint32
An unsigned 32-bit integer.
Range: 1-300
configure authority router bfd link-test-interval
This represents the interval between BFD echo tests sent to the peer node/router.
Usage
configure authority router bfd link-test-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 10
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router bfd link-test-length
This is the number of packets sent during one test cycle. A value of 0 disables BFD echo tests.
Usage
configure authority router bfd link-test-length [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Units: packets
Default: 10
uint8
An unsigned 8-bit integer.
Range: 0-255
configure authority router bfd maximum-hold-down-time
Represents the maximum hold-down time of dynamic-damping exponential backoff. If the hold-down-time hits the maximum three times in a row, it will reset back to the original value.
Usage
configure authority router bfd maximum-hold-down-time [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 3600
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router bfd multiplier
Number of consecutive missed messages from a peer before deciding that the link between them is unusable. Valid range is (3,20).
Usage
configure authority router bfd multiplier [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 3
uint8
An unsigned 8-bit integer.
Range: 3-20
configure authority router bfd required-min-rx-interval
Represents the minimum interval between BFD asynchronous control packets that this router is capable of supporting.
Usage
configure authority router bfd required-min-rx-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
uint32
An unsigned 32-bit integer.
configure authority router bfd state
When enabled, run BFD between all nodes within the router.
Usage
configure authority router bfd state [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: enabled
enumeration
A value from a set of predefined names.
Options:
- enabled: BFD is enabled on all nodes of this router.
- disabled: BFD is disabled on all nodes of this router.
configure authority router conductor-address
IP address or FQDN of the conductor
Usage
configure authority router conductor-address [<hostv4>]
Positional Arguments
name | description |
---|---|
hostv4 | Value to add to this list |
Description
hostv4 (union)
The host type represents either an IPv4 address or a DNS domain name.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router description
A human-readable string that allows administrators to describe this configuration.
Usage
configure authority router description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router dhcp-server-generated-address-pool
The address pool for KNI network-interfaces generated for dhcp-servers.
Usage
configure authority router dhcp-server-generated-address-pool [<ipv4-prefix>]
Positional Arguments
name | description |
---|---|
ipv4-prefix | The value to set for this field |
Description
Default: 169.254.130.0/24
ipv4-prefix (string)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
configure authority router district-settings
Per-district settings for the router.
Usage
configure authority router district-settings <district-name>
Positional Arguments
name | description |
---|---|
district-name | Name of the district. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
district-name | Name of the district. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'district-settings' |
step-peer-path-sla-metrics-advertisement | STEP advertisement settings for peer path SLA metrics. |
configure authority router district-settings district-name
Name of the district.
Usage
configure authority router district-settings district-name [<district-name>]
Positional Arguments
name | description |
---|---|
district-name | The value to set for this field |
Description
district-name (string)
A text value.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router district-settings step-peer-path-sla-metrics-advertisement
STEP advertisement settings for peer path SLA metrics.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
minimum-update-interval | Minimum (burst) interval in between updating peer path SLA metric values advertised in STEP |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'step-peer-path-sla-metrics-advertisement' |
update-burst-size | Limit on the number of peer path SLA metric value updates advertised in STEP at the minimum (burst) update interval. |
update-rate-limit | Rate limit interval in between updating peer path SLA metric values advertised in STEP |
configure authority router district-settings step-peer-path-sla-metrics-advertisement minimum-update-interval
Minimum (burst) interval in between updating peer path SLA metric values advertised in STEP
Usage
configure authority router district-settings step-peer-path-sla-metrics-advertisement minimum-update-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 30
uint32
An unsigned 32-bit integer.
Range: 0-86400
configure authority router district-settings step-peer-path-sla-metrics-advertisement update-burst-size
Limit on the number of peer path SLA metric value updates advertised in STEP at the minimum (burst) update interval.
Usage
configure authority router district-settings step-peer-path-sla-metrics-advertisement update-burst-size [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 2
uint8
An unsigned 8-bit integer.
Range: 1-100
configure authority router district-settings step-peer-path-sla-metrics-advertisement update-rate-limit
Rate limit interval in between updating peer path SLA metric values advertised in STEP
Usage
configure authority router district-settings step-peer-path-sla-metrics-advertisement update-rate-limit [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 180
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router dns-config
Configure Dns Config
Usage
configure authority router dns-config <mode>
Positional Arguments
name | description |
---|---|
mode | Mode of DNS server configuration. |
Subcommands
command | description |
---|---|
address | Address of servers to use for DNS queries. |
delete | Delete configuration data |
mode | Mode of DNS server configuration. |
move | Move list items |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'dns-config' |
configure authority router dns-config address
Address of servers to use for DNS queries.
Usage
configure authority router dns-config address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
The order of elements matters.
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router dns-config mode
Mode of DNS server configuration.
Usage
configure authority router dns-config mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
enumeration
A value from a set of predefined names.
Options:
- static: Static list of DNS nameservers
- automatic: Populate DNS nameservers from learned sources
configure authority router entitlement
Project configuration for entitlement reporting.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
description | A description of the project. |
id | Project identifier. |
max-bandwidth | Purchased bandwidth for the project. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'entitlement' |
configure authority router entitlement description
A description of the project.
Usage
configure authority router entitlement description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router entitlement id
Project identifier.
Usage
configure authority router entitlement id [<entitlement-project-id>]
Positional Arguments
name | description |
---|---|
entitlement-project-id | The value to set for this field |
Description
Default: trial
entitlement-project-id (string)
Indicates that an enclosing leaf represents the project ID for entitlement.
configure authority router entitlement max-bandwidth
Purchased bandwidth for the project.
Usage
configure authority router entitlement max-bandwidth [<uint64>]
Positional Arguments
name | description |
---|---|
uint64 | The value to set for this field |
Description
Units: bits/second
Default: 0
uint64
An unsigned 64-bit integer.
configure authority router half-open-connection-limit
A limit on half-open TCP sessions.
Usage
configure authority router half-open-connection-limit [<union>]
Positional Arguments
name | description |
---|---|
union | The value to set for this field |
Description
Default: unlimited
union
A value that corresponds to one of its member types.
Must be one of the following types:
(0) uint32
An unsigned 32-bit integer.
Range: 100-4294967295
(1) enumeration
A value from a set of predefined names.
Options:
- unlimited: No limit on this value
configure authority router icmp-probe-profile
Profile for active ICMP probes for reachability-detection enforcement
Usage
configure authority router icmp-probe-profile <name>
Positional Arguments
name | description |
---|---|
name | Name of the ICMP probe profile |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
name | Name of the ICMP probe profile |
number-of-attempts | Number of consecutive ICMP ping requests to be sent within the probe-duration before deciding that destination is unreachable |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
probe-address | Address to send ICMP ping requests to |
probe-duration | Duration within which to reach the destination. Each attempt will be made in (probe-duration / number-of-attempts) interval |
probe-failure-trigger | Control how failure to ping probe-addresses impacts state. |
probe-interval | Duration of how often to perform a link test to the destination |
show | Show configuration data for 'icmp-probe-profile' |
sla-metrics | SLA-metrics requirements for ICMP ping |
configure authority router icmp-probe-profile name
Name of the ICMP probe profile
Usage
configure authority router icmp-probe-profile name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router icmp-probe-profile number-of-attempts
Number of consecutive ICMP ping requests to be sent within the probe-duration before deciding that destination is unreachable
Usage
configure authority router icmp-probe-profile number-of-attempts [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 4
uint8
An unsigned 8-bit integer.
Range: 1-20
configure authority router icmp-probe-profile probe-address
Address to send ICMP ping requests to
Usage
configure authority router icmp-probe-profile probe-address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
ip-address (union) (required)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string) (required)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string) (required)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router icmp-probe-profile probe-duration
Duration within which to reach the destination. Each attempt will be made in (probe-duration / number-of-attempts) interval
Usage
configure authority router icmp-probe-profile probe-duration [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Units: seconds
Default: 1
uint8
An unsigned 8-bit integer.
Range: 1-10
configure authority router icmp-probe-profile probe-failure-trigger
Control how failure to ping probe-addresses impacts state.
Usage
configure authority router icmp-probe-profile probe-failure-trigger [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: any
enumeration
A value from a set of predefined names.
Options:
- any: Failure to ping any probe-address brings state down.
- all: Failure to ping all probe-addresses brings state down.
configure authority router icmp-probe-profile probe-interval
Duration of how often to perform a link test to the destination
Usage
configure authority router icmp-probe-profile probe-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 10
uint32
An unsigned 32-bit integer.
Range: 1-3600
configure authority router icmp-probe-profile sla-metrics
SLA-metrics requirements for ICMP ping
Subcommands
command | description |
---|---|
delete | Delete configuration data |
latency | Configure Latency |
max-loss | The amount of acceptable loss on the link. Determined by sending number-of-attempts ICMP requests and waiting probe-duration for response |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'sla-metrics' |
configure authority router icmp-probe-profile sla-metrics latency
Configure Latency
Subcommands
command | description |
---|---|
delete | Delete configuration data |
max | Maximum acceptable latency based on the ping test |
mean | The maximum acceptable mean latency based on the ping test |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'latency' |
configure authority router icmp-probe-profile sla-metrics latency max
Maximum acceptable latency based on the ping test
Usage
configure authority router icmp-probe-profile sla-metrics latency max [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 250
uint32
An unsigned 32-bit integer.
configure authority router icmp-probe-profile sla-metrics latency mean
The maximum acceptable mean latency based on the ping test
Usage
configure authority router icmp-probe-profile sla-metrics latency mean [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 100
uint32
An unsigned 32-bit integer.
configure authority router icmp-probe-profile sla-metrics max-loss
The amount of acceptable loss on the link. Determined by sending number-of-attempts ICMP requests and waiting probe-duration for response
Usage
configure authority router icmp-probe-profile sla-metrics max-loss [<percentage>]
Positional Arguments
name | description |
---|---|
percentage | The value to set for this field |
Description
Units: percent
Default: 10
percentage (uint8)
Integer indicating a percentage value
Range: 0-100
configure authority router idp
Advanced IDP configuration.
Subcommands
command | description |
---|---|
bypass-enabled | IDP config to enable/disable bypass |
delete | Delete configuration data |
mode | IDP config management mode |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'idp' |
configure authority router idp bypass-enabled
IDP config to enable/disable bypass
Usage
configure authority router idp bypass-enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router idp mode
IDP config management mode
Usage
configure authority router idp mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: auto
enumeration
A value from a set of predefined names.
Options:
- auto: Automatically toggle IDP based on idp-policies
- disabled: Disable IDP
- spoke: Enable spoke mode for IDP
- hub: Enable hub mode for IDP
configure authority router inter-node-security
The name of the security policy used for inter node communication between router interfaces
Usage
configure authority router inter-node-security [<security-ref>]
Positional Arguments
name | description |
---|---|
security-ref | The value to set for this field |
Description
security-ref (leafref) (required)
This type is used by other entities that need to reference configured security policies.
configure authority router location
A descriptive location for this SSR.
Usage
configure authority router location [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router location-coordinates
The geolocation of this router in ISO 6709 format. Some examples: (1) Degrees only: +50.20361-074.00417/ (2) Degrees and minutes: +5012.22-07400.25/ or (3) Degrees, minutes, and seconds: +501213.1-0740015.1/
Usage
configure authority router location-coordinates [<geolocation>]
Positional Arguments
name | description |
---|---|
geolocation | The value to set for this field |
Description
geolocation (string)
Geolocation in ISO 6709 format.
Must be a geographic coordinate in ISO-6709 format. Example: +50.1-074.1/
configure authority router maintenance-mode
When enabled, the router will be in maintenance mode and alarms related to this router will be shelved.
Usage
configure authority router maintenance-mode [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
boolean
A true or false value.
Options: true or false
configure authority router management-service-generation
Configure Management Service Generation
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
proxy | Enable/disable proxy of public to private conductor addresses |
service-policy | Service policy to be used instead of auto-generated service policy. |
service-route-type | Strategy to generate service-routes for management services. |
show | Show configuration data for 'management-service-generation' |
configure authority router management-service-generation proxy
Enable/disable proxy of public to private conductor addresses
Usage
configure authority router management-service-generation proxy [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router management-service-generation service-policy
Service policy to be used instead of auto-generated service policy.
Usage
configure authority router management-service-generation service-policy [<service-policy-ref>]
Positional Arguments
name | description |
---|---|
service-policy-ref | The value to set for this field |
Description
service-policy-ref (leafref)
This type is used by other entities that need to reference configured service policies.
configure authority router management-service-generation service-route-type
Strategy to generate service-routes for management services.
Usage
configure authority router management-service-generation service-route-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: paths-as-next-hop
enumeration
A value from a set of predefined names.
Options:
- paths-as-next-hop: Generate paths on a node as next-hops
- paths-as-service-route: Generate paths on a node as service-route
configure authority router max-inter-node-way-points
Maximum number of way points to be allocated on inter-node path.
Usage
configure authority router max-inter-node-way-points [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 50000
A restart is required if max-inter-node-way-points is created, modified, or deleted
uint32
An unsigned 32-bit integer.
Range: 50000-1000000
configure authority router name
An identifier for the router.
Usage
configure authority router name [<reserved-name-id>]
Positional Arguments
name | description |
---|---|
reserved-name-id | The value to set for this field |
Description
A restart is required if name is created or deleted
reserved-name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters, and cannot be the words 'all', 'any', or 'unknown'.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router nat-pool
A pool of shared NAT ports.
Usage
configure authority router nat-pool <name>
Positional Arguments
name | description |
---|---|
name | An identifier for the NAT Pool. |
Subcommands
command | description |
---|---|
address-pool | Defines the NAT prefix and ports in the pool. |
clone | Clone a list item |
delete | Delete configuration data |
move | Move list items |
name | An identifier for the NAT Pool. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'nat-pool' |
configure authority router nat-pool address-pool
Defines the NAT prefix and ports in the pool.
Usage
configure authority router nat-pool address-pool <address>
Positional Arguments
name | description |
---|---|
address | IP Prefix for the pool of NAT ports. |
Subcommands
command | description |
---|---|
address | IP Prefix for the pool of NAT ports. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
pool-type | Type of NAT pool |
show | Show configuration data for 'address-pool' |
tenant-name | Tenant for which this nat pool is applied |
Description
The order of elements matters.
configure authority router nat-pool address-pool address
IP Prefix for the pool of NAT ports.
Usage
configure authority router nat-pool address-pool address [<ip-prefix>]
Positional Arguments
name | description |
---|---|
ip-prefix | The value to set for this field |
Description
ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority router nat-pool address-pool pool-type
Type of NAT pool
Usage
configure authority router nat-pool address-pool pool-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: static
enumeration
A value from a set of predefined names.
Options:
- static: Static IP assignment per endpoint
- dynamic: Dynamic IP port assignment per session
configure authority router nat-pool address-pool tenant-name
Tenant for which this nat pool is applied
Usage
configure authority router nat-pool address-pool tenant-name [<tenant-ref>]
Positional Arguments
name | description |
---|---|
tenant-ref | Value to add to this list |
Description
tenant-ref (leafref)
This type is used by other entities that need to reference configured tenants.
configure authority router nat-pool name
An identifier for the NAT Pool.
Usage
configure authority router nat-pool name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router node
List of one or two SSR software instances, comprising an SSR.
Usage
configure authority router node <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary, unique name for the node, used to reference it in other configuration sections. This MUST match the name in the local initialization file. |
Subcommands
command | description |
---|---|
anti-virus | Configure Anti Virus |
asset-id | A unique identifier of an SSR node used for automated provisioning |
asset-validation-enabled | Validate that the asset is suitable to run SSR. |
clone | Clone a list item |
delete | Delete configuration data |
description | A description about the node. |
device-interface | List of physical or virtual interfaces in the node. |
enabled | Enable/disable the whole node. |
forwarding-core-count | The number of CPU cores to dedicate to traffic forwarding when using 'manual' forwarding core mode. |
forwarding-core-mode | The method by which the number of CPU cores dedicated to traffic forwarding should be determined. |
idp | Configure IDP |
ipfix | Node specific IPFIX configuration |
location | A text description of the node's physical location. |
loopback-address | The loopback IP address to use for management traffic originating on this node when routed via SVR. |
name | An arbitrary, unique name for the node, used to reference it in other configuration sections. This MUST match the name in the local initialization file. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
port-forwarding | Configuration for establishing local port-forwarding to remote server. |
power-saver | Allow the traffic forwarding cores to sleep when there is no traffic to process |
radius | Radius authentication parameters for this node. |
reachability-detection | Layer 2 reachability detection |
role | The node's role in the SSR system. |
serial-console-enabled | Enable serial console. |
session-processor-count | The number of threads to use for session processing when using 'manual' session-processor mode. |
session-processor-mode | The method by which the number of threads used for session processing should be determined. |
session-setup-scaling | Whether or not to enable session setup scaling. |
show | Show configuration data for 'node' |
ssh-keepalive | Configure SSH Keepalive |
ssh-settings | Configure SSH Settings |
top-sessions | Views of top sessions by an ordering criteria. |
usb-mass-storage-enabled | Allow mounting of USB mass-storage devices. |
configure authority router node anti-virus
Configure Anti Virus
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
server-domain | Server domain for anti-virus |
show | Show configuration data for 'anti-virus' |
configure authority router node anti-virus server-domain
Server domain for anti-virus
Usage
configure authority router node anti-virus server-domain [<domain-name>]
Positional Arguments
name | description |
---|---|
domain-name | The value to set for this field |
Description
domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router node asset-id
A unique identifier of an SSR node used for automated provisioning
Usage
configure authority router node asset-id [<asset-id>]
Positional Arguments
name | description |
---|---|
asset-id | The value to set for this field |
Description
asset-id (string)
A unique identifier of an SSR node.
Must not contain repeating, leading, or ending '_' character
configure authority router node asset-validation-enabled
Validate that the asset is suitable to run SSR.
Usage
configure authority router node asset-validation-enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router node description
A description about the node.
Usage
configure authority router node description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface
List of physical or virtual interfaces in the node.
Usage
configure authority router node device-interface <name>
Positional Arguments
name | description |
---|---|
name | A unique name identifier for the physical or virtual interface, used to reference it in other configuration sections and show commands. |
Subcommands
command | description |
---|---|
bond-settings | Configure Bond Settings |
bridge-name | An optional bridge name to be used for the bridging the kni and target interfaces. If no name is specified, one will be auto-generated |
capture-filter | Filter to be used when matching packets on this device interface. Uses Berkeley Packet Filter (BPF) syntax. |
clone | Clone a list item |
delete | Delete configuration data |
description | A description of the device-interface. |
enabled | Whether this interface is administratively enabled. |
forwarding | Whether this interface is used for forwarding traffic. |
interface-name | The interface name associated with the OS network device. |
link-settings | Ethernet link settings on the interface |
lldp | Link Layer Description Protocol settings |
load-balancing | Configure Load Balancing |
lte | Configure Lte |
name | A unique name identifier for the physical or virtual interface, used to reference it in other configuration sections and show commands. |
network-interface | List of network interfaces for the device-interface. |
network-namespace | The network namespace in which this network interface will be located |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
parent-bond | The bond type interface that this interface is grouped with. |
pci-address | The PCI address of the device. Only relevant if type is ethernet. |
pppoe | Configure Pppoe |
promiscuous-mode | Enables promiscuous mode on the interface. |
q-in-q | Enables Q-in-Q encapsulation |
reinsert-vlan | Enables reinsertion of NIC-stripped VLAN on ingress packets, on supported devices. |
session-optimization | Configure Session Optimization |
shared-phys-address | Virtual MAC address for interface redundancy. |
show | Show configuration data for 'device-interface' |
sriov-vlan-filter | Enables VLAN filtering on supported SR-IOV devices. |
strip-vlan | Enables VLAN stripping on ingress packets on supported devices. |
target-interface | Specifies the name of an external interface to be automatically bridged to a logical interface. |
traffic-engineering | Configure Traffic Engineering |
type | Type of interface. |
vmbus-uuid | The VMBus UUID of the network device. Hyper-V Environment only. Only relevant if type is ethernet. |
vrrp | Parameters for Interface Redundancy using Virtual Router Redundancy Protocol (VRRP). |
configure authority router node device-interface bond-settings
Configure Bond Settings
Subcommands
command | description |
---|---|
delete | Delete configuration data |
force-up | Force up when not receiving partner LACP PDUs. |
force-up-timeout | Number of seconds before switching to force-up LACP mode. |
lacp-enable | Use 802.3ad LACP protocol for the Bond. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'bond-settings' |
configure authority router node device-interface bond-settings force-up
Force up when not receiving partner LACP PDUs.
Usage
configure authority router node device-interface bond-settings force-up [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface bond-settings force-up-timeout
Number of seconds before switching to force-up LACP mode.
Usage
configure authority router node device-interface bond-settings force-up-timeout [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Units: seconds
Default: 90
uint8
An unsigned 8-bit integer.
Range: 1-100
configure authority router node device-interface bond-settings lacp-enable
Use 802.3ad LACP protocol for the Bond.
Usage
configure authority router node device-interface bond-settings lacp-enable [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router node device-interface bridge-name
An optional bridge name to be used for the bridging the kni and target interfaces. If no name is specified, one will be auto-generated
Usage
configure authority router node device-interface bridge-name [<bridge-name>]
Positional Arguments
name | description |
---|---|
bridge-name | The value to set for this field |
Description
bridge-name (string)
A string identifier for bridge-name which only uses alphanumerics, underscores, or dashes, and cannot exceed 15 characters.
Must contain only alphanumeric characters, start with a alphabet and can contain any of the following: _ - Length: 0-15
configure authority router node device-interface capture-filter
Filter to be used when matching packets on this device interface. Uses Berkeley Packet Filter (BPF) syntax.
Usage
configure authority router node device-interface capture-filter [<string>]
Positional Arguments
name | description |
---|---|
string | Value to add to this list |
Description
string
A text value.
configure authority router node device-interface description
A description of the device-interface.
Usage
configure authority router node device-interface description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface enabled
Whether this interface is administratively enabled.
Usage
configure authority router node device-interface enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router node device-interface forwarding
Whether this interface is used for forwarding traffic.
Usage
configure authority router node device-interface forwarding [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router node device-interface interface-name
The interface name associated with the OS network device.
Usage
configure authority router node device-interface interface-name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface link-settings
Ethernet link settings on the interface
Usage
configure authority router node device-interface link-settings [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: auto
enumeration
A value from a set of predefined names.
Options:
- auto: Use auto-negotation for the Ethernet link
- 10Mbps-half: Force the Ethernet link to 10 Mbps half duplex
- 10Mbps-full: Force the Ethernet link to 10 Mbps full duplex
- 100Mbps-half: Force the Ethernet link to 100 Mbps half duplex
- 100Mbps-full: Force the Ethernet link to 100 Mbps full duplex
configure authority router node device-interface lldp
Link Layer Description Protocol settings
Subcommands
command | description |
---|---|
advertisement-interval | The frequency of sending LLDP advertisements. |
delete | Delete configuration data |
enabled | Whether or not LLDP sending and receiving is enabled on this device. |
hold-multiplier | The multiplier to apply to the advertisement-interval when setting the LLDP TTL. |
mode | The mode in which LLDP operates on the interface |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'lldp' |
configure authority router node device-interface lldp advertisement-interval
The frequency of sending LLDP advertisements.
Usage
configure authority router node device-interface lldp advertisement-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 120
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router node device-interface lldp enabled
Whether or not LLDP sending and receiving is enabled on this device.
Usage
configure authority router node device-interface lldp enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router node device-interface lldp hold-multiplier
The multiplier to apply to the advertisement-interval when setting the LLDP TTL.
Usage
configure authority router node device-interface lldp hold-multiplier [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 4
uint8
An unsigned 8-bit integer.
Range: 2-10
configure authority router node device-interface lldp mode
The mode in which LLDP operates on the interface
Usage
configure authority router node device-interface lldp mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: disabled
mode
is deprecated and will be removed in a future software version
enumeration
A value from a set of predefined names.
Options:
- disabled: Disable LLDP
- receive-only: Receive and process incoming LLDP packets
- enabled: Enable sending and receiving LLDP packets
configure authority router node device-interface load-balancing
Configure Load Balancing
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'load-balancing' |
utilization-high-water-mark | Percentage of allowed bandwidth utilization above which this interface will no longer be considered for load balancing. |
utilization-low-water-mark | Percentage of allowed bandwidth utilization below which this interface will be reconsidered for load balancing. |
configure authority router node device-interface load-balancing utilization-high-water-mark
Percentage of allowed bandwidth utilization above which this interface will no longer be considered for load balancing.
Usage
configure authority router node device-interface load-balancing utilization-high-water-mark [<percentage>]
Positional Arguments
name | description |
---|---|
percentage | The value to set for this field |
Description
Units: percent
Default: 100
percentage (uint8)
Integer indicating a percentage value
Range: 0-100
configure authority router node device-interface load-balancing utilization-low-water-mark
Percentage of allowed bandwidth utilization below which this interface will be reconsidered for load balancing.
Usage
configure authority router node device-interface load-balancing utilization-low-water-mark [<percentage>]
Positional Arguments
name | description |
---|---|
percentage | The value to set for this field |
Description
Units: percent
Default: 80
percentage (uint8)
Integer indicating a percentage value
Range: 0-100
configure authority router node device-interface lte
Configure Lte
Subcommands
command | description |
---|---|
apn-name | Name of the access point to connect to the LTE network. |
authentication | Configure Authentication |
carrier-image | Name of the carrier-image to load the SIM card with. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'lte' |
configure authority router node device-interface lte apn-name
Name of the access point to connect to the LTE network.
Usage
configure authority router node device-interface lte apn-name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string (required)
A text value.
configure authority router node device-interface lte authentication
Configure Authentication
Subcommands
command | description |
---|---|
authentication-protocol | Authentication protocol used to authenticate the user. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
password | Password required to connect to the LTE network. |
show | Show configuration data for 'authentication' |
user-name | Username required to connect to the LTE network. |
configure authority router node device-interface lte authentication authentication-protocol
Authentication protocol used to authenticate the user.
Usage
configure authority router node device-interface lte authentication authentication-protocol [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
enumeration (required)
A value from a set of predefined names.
Options:
- chap: Challenge-Handshake Authentication Protocol.
- pap: Password Authentication Protocol.
configure authority router node device-interface lte authentication password
Password required to connect to the LTE network.
Usage
configure authority router node device-interface lte authentication password [<password>]
Positional Arguments
name | description |
---|---|
password | The value to set for this field |
Description
password (string) (required)
A password type that is hidden from the UI. The internal storage format is dependent on the individual field.
configure authority router node device-interface lte authentication user-name
Username required to connect to the LTE network.
Usage
configure authority router node device-interface lte authentication user-name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string (required)
A text value.
configure authority router node device-interface lte carrier-image
Name of the carrier-image to load the SIM card with.
Usage
configure authority router node device-interface lte carrier-image [<union>]
Positional Arguments
name | description |
---|---|
union | The value to set for this field |
Description
Default: none
union
A value that corresponds to one of its member types.
Must be one of the following types:
(0) enumeration
A value from a set of predefined names.
Options:
- none: Leave the current image alone.
- auto: Automatically set the image to match the carrier network.
(1) string
A text value.
configure authority router node device-interface name
A unique name identifier for the physical or virtual interface, used to reference it in other configuration sections and show commands.
Usage
configure authority router node device-interface name [<device-name>]
Positional Arguments
name | description |
---|---|
device-name | The value to set for this field |
Description
device-name (string)
A string identifier for device-interface which only uses alphanumerics, underscores, dashes, or slashes, and cannot exceed 12 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-12
configure authority router node device-interface network-interface
List of network interfaces for the device-interface.
Usage
configure authority router node device-interface network-interface <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary, unique name for the interface, used to reference it in other configuration sections. |
Subcommands
command | description |
---|---|
address | The list of IP addresses (along with subnet prefix length) on the interface. |
adjacency | A list of adjacent routers. |
bidirectional-nat | Defines the prefixes that need to be static natted in both directions. |
billing-rate | Numeric rate of currency associated with the interface. When the billing-rate is flat the field indicated rate per day. When the billing-rate is metered the field indicates rate per byte. |
billing-type | Billing type associated with the interface. |
carrier | Carrier associated with the interface. |
clone | Clone a list item |
conductor | Whether the interface is used for communicating with the conductor. |
default-route | Whether the interface is used as default-route for non-forwarding interfaces. |
delete | Delete configuration data |
description | A description about the interface. |
dhcp | Whether this interface acquires IP address and other parameter via DHCP |
dhcp-delayed-auth-key | The key used to generate the HMAC-MD5 value. |
dhcp-delayed-auth-key-id | The key identifier that identifies the key used to generate the HMAC-MD5 value. |
dhcp-delayed-auth-realm | The DHCP realm that identifies the key used to generate the HMAC-MD5 value. |
dhcp-reconfig-auth-algorithm | The algorithm used by the Reconfigure Key authentication protocol to authenticate prefix-delegation messages. |
dscp-map | Mapping of DSCP values to priorities. |
dscp-steering | Configure Dscp Steering |
dynamic-source-nat | Defines the prefixes that need to be dynamically source natted for packets ingressing this interface. |
egress-source-nat-pool | Indicates whether source address and port translation (NAPT) is performed for flows egressing the interface to the final destination. |
enforced-mss | Maximum allowed value for maximum segment size (MSS) on this interface. |
ethernet-over-svr | L2 Bridge this network interface is assigned to. |
filter-rule | A rule for dropping packets. |
global-id | Global Interface Id (GIID) used in next-hop egress interface for routing data. All instances of a redundant interface will have the same GIID. |
host-service | The host-service configuration is a service hosted by a router node. |
hostname | Hostname for the interface. This is an optional fully-qualified domain name (FQDN). |
icmp | Enable/disable ICMP Blackhole |
ifcfg-option | Interface config options for non-forwarding interfaces |
ingress-source-nat-pool | Indicates whether source address (and optional port) translation is performed for flows targetted towards an inter-router peer. In this case, the nat will be applied on the ingress router as opposed to the final egress router. |
inter-router-security | The name of the security policy used for inbound inter-router traffic. |
management | Allow management traffic to be sent over this interface |
management-vector | Vector configuration for non-forwarding interfaces |
move | Move list items |
mtu | The maximum transmission unit (MTU) for packets sent on the interface. |
multicast-listeners | Enables the sending of IGMP and MLD queries on this interface. |
multicast-report-proxy | Enables the forwarding of IGMP and MLD joins/leaves/reports to valid multicast services to this network interface. These must come from other network interfaces which allow multicast listeners. |
name | An arbitrary, unique name for the interface, used to reference it in other configuration sections. |
neighbor | A list of mappings from IP addresses to physical addresses. Entries in this list are used as static entries in the ARP cache. |
neighborhood | The neighborhoods to which this interface belongs. |
off-subnet-arp-prefix | Address(es) for which the router will respond to ARP requests. |
off-subnet-reverse-arp-mac-learning | When enabled, the source MAC address of the packet will be used for reverse traffic for off-subnet source ip address. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
prefix-delegation | Enable/disable IPv6 Prefix Delegation Client. |
prefix-delegation-authentication | Whether prefix-delegation messages are authenticated. |
prefix-delegation-group | The name to identify a prefix-delegation group within which the pd-client interface will request a prefix and all the internal interfaces will be assigned a global address from this prefix based on their subnet-ids. |
prefix-delegation-subnet-id | The identifier of a subnet within a prefix-delegation group which is used to construct a global IPv6 address for an internal interface. |
preserve-dscp | Controls if DSCP bits are preserved on this interface. |
prioritization-mode | Controls how packets received on this interface are prioritized. |
qp-value | Quality points value that represents the 'quality' of the network the interface is connected to. It used for selecting egress interface based on the service class required minimum quality points. |
reverse-arp-mac-learning | Controls whether the source MAC address of the packet can be used for reverse traffic when ARP is unresolved. |
rewrite-dscp | Controls if DSCP bits are rewritten on this interface. |
router-advertisement | Enable/disable IPv6 router advertisement to advertise the prefix learned via DHCPv6-PD. |
show | Show configuration data for 'network-interface' |
source-nat | Indicates whether source address and port translation (NAPT) is performed for flows egressing the interface to the final destination. |
tenant | Tenant to which this interface belongs. |
tenant-prefixes | Tenant to source prefix mapping. |
traffic-engineering | Configure Traffic Engineering |
tunnel | Configure Tunnel |
type | Type of network that the interface is connected to. Type is fabric for inter-node traffic, external for regular traffic, and shared for both fabric and external. |
vlan | The VLAN id for the interface (0 for no VLAN, otherwise 1-4094). |
vrrp | Configure VRRP |
configure authority router node device-interface network-interface address
The list of IP addresses (along with subnet prefix length) on the interface.
Usage
configure authority router node device-interface network-interface address <ip-address>
Positional Arguments
name | description |
---|---|
ip-address | The IP address on the interface. |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
gateway | Optional gateway for destinations outside the subnet of the interface. |
host-service | The host-service configuration is a service hosted by a router node. |
in-subnet-arp-prefix | Address(es) for which the router will respond to ARP requests. |
ip-address | The IP address on the interface. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
ppp-peer-ip | PPP Peer IP address for interfaces like T1. |
prefix-length | The length of the subnet prefix. |
show | Show configuration data for 'address' |
utility-ip-address | Utility IP address used for purposes other than forwarding traffic. |
configure authority router node device-interface network-interface address gateway
Optional gateway for destinations outside the subnet of the interface.
Usage
configure authority router node device-interface network-interface address gateway [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service
The host-service configuration is a service hosted by a router node.
Usage
configure authority router node device-interface network-interface address host-service <service-type>
Positional Arguments
name | description |
---|---|
service-type | The type of hosted service |
Subcommands
command | description |
---|---|
access-policy | List of access policies by address prefix, QSN or tenant and prefix. |
address-pool | Address pool for allocation by the DHCP server |
authoritative | Whether this is the authoritative DHCP server in the network. If true, server will respond to requests with NAK where appropriate according to RFC 2131 |
clone | Clone a list item |
delete | Delete configuration data |
description | A description about the hosted service. |
echo-client-id | Whether the client id should be echoed in DHCP server responses as specified in RFC 6842 or not as specified in the original RFC 2131. |
enabled | Enable/disable for host services |
max-lease-time | Maximum lease time for leases allocated to clients. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
server-name | Server name that identifies the DHCP server to clients. |
service-type | The type of hosted service |
show | Show configuration data for 'host-service' |
static-assignment | Static assignment(s) for DHCP configuration for a specific client |
transport | The transport protocol(s) and port(s) for the service. |
configure authority router node device-interface network-interface address host-service access-policy
List of access policies by address prefix, QSN or tenant and prefix.
Usage
configure authority router node device-interface network-interface address host-service access-policy <source>
Positional Arguments
name | description |
---|---|
source | The source QSN or address(es) to which the policy applies. For a QSN, this may be a tenant, service-group, or service, or a combination there of. The following forms are valid: tenant tenant/service-group/ tenant/service-group/service tenant/service /service-group/ /service-group/service /service |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
permission | Whether or not to allow access to the service. |
show | Show configuration data for 'access-policy' |
source | The source QSN or address(es) to which the policy applies. For a QSN, this may be a tenant, service-group, or service, or a combination there of. The following forms are valid: tenant tenant/service-group/ tenant/service-group/service tenant/service /service-group/ /service-group/service /service |
configure authority router node device-interface network-interface address host-service access-policy permission
Whether or not to allow access to the service.
Usage
configure authority router node device-interface network-interface address host-service access-policy permission [<access-mode>]
Positional Arguments
name | description |
---|---|
access-mode | The value to set for this field |
Description
Default: allow
access-mode (enumeration)
Enumeration defining whether access is allowed or denied.
Options:
- allow: Allow access.
- deny: Deny access.
configure authority router node device-interface network-interface address host-service access-policy source
The source QSN or address(es) to which the policy applies. For a QSN, this may be a tenant, service-group, or service, or a combination there of. The following forms are valid: tenant tenant/service-group/ tenant/service-group/service tenant/service /service-group/ /service-group/service /service
Usage
configure authority router node device-interface network-interface address host-service access-policy source [<source-spec>]
Positional Arguments
name | description |
---|---|
source-spec | The value to set for this field |
Description
source-spec (union)
A source address prefix, QSN, service-group or combination of tenant-name and prefix.
Must be one of the following types:
(0) ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string):
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
(2) qsn (string)
Qualified Service Name in the form: tenant[.authority][/[service-group/]service]
Must contain only alphanumeric characters or any of the following: / . _ - Required format: 'Tenant[.Authority[/ServiceGroup[/Service]]]'. No forward slash-delimited segment can exceed 62 characters.(e.g., Engineering.Authority128/Video/private_conferencing). Length: 1-1024
(3) service-spec (string)
Service group and service name portion of a Qualified Service Name.
Must contain only alphanumeric characters or any of the following: - _ / . Required format: '/groupLabel1[/groupLabel2[/groupLabel3...]]'. No forward slash-delimited segment can exceed 62 characters. Length: 0-127
(4) tenant-prefix (string)
A string identifier for a tenant prefix. Consists of a valid tenant name, followed by @ and a valid IP Address.
Must contain a valid tenant name, followed by @ and a valid IP Address. Length: 0-280
configure authority router node device-interface network-interface address host-service address-pool
Address pool for allocation by the DHCP server
Usage
configure authority router node device-interface network-interface address host-service address-pool <start-address>
Positional Arguments
name | description |
---|---|
start-address | Start of address pool. |
Subcommands
command | description |
---|---|
clone | Clone a list item |
custom | Custom DHCP options to be provided to clients. |
delete | Delete configuration data |
domain-name | Domain name provided to clients. |
domain-server | Domain name server address(es) provided to clients in priority order. |
end-address | End of address pool. |
interface-mtu | Interface MTU provided to clients. |
move | Move list items |
ntp-server | NTP server address(es) provided to clients in priority order. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
pop-server | POP server address(es) provided to clients in priority order. |
router | Gateway router address(es) provided to clients in priority order. |
show | Show configuration data for 'address-pool' |
smtp-server | SMTP server address(es) provided to clients in priority order. |
start-address | Start of address pool. |
static-assignment | Static assignment(s) for DHCP configuration for a specific client |
static-route | Static route(s) provided to clients. Note that for default routes the router option should be used. |
tenant | Tenant to which clients will be assigned. |
vendor-identifying-vendor-specific-information | Vendor-Identifying Vendor-Specific Information Options (Option 125) to be provided to clients [RFC3925]. |
vendor-specific-information | Vendor-Specific Information Options (Option 43) to be provided to clients [RFC2132]. |
configure authority router node device-interface network-interface address host-service address-pool custom
Custom DHCP options to be provided to clients.
Usage
configure authority router node device-interface network-interface address host-service address-pool custom <code>
Positional Arguments
name | description |
---|---|
code | The code of the custom DHCP option. |
Subcommands
command | description |
---|---|
code | The code of the custom DHCP option. |
delete | Delete configuration data |
description | A description of the custom DHCP option. |
encoded-type | The encoded type of the custom option. |
move | Move list items |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
quantity | The allowed quantity of the custom option values. |
show | Show configuration data for 'custom' |
value | The value(s) of custom option to be provided to clients. |
configure authority router node device-interface network-interface address host-service address-pool custom code
The code of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service address-pool custom code [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
uint16
An unsigned 16-bit integer.
Range: 0-65535
configure authority router node device-interface network-interface address host-service address-pool custom description
A description of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service address-pool custom description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service address-pool custom encoded-type
The encoded type of the custom option.
Usage
configure authority router node device-interface network-interface address host-service address-pool custom encoded-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: string
enumeration
A value from a set of predefined names.
Options:
- string:
- uint8:
- uint16:
- uint32:
- boolean:
- ipv4-address:
- int32:
- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'.
configure authority router node device-interface network-interface address host-service address-pool custom quantity
The allowed quantity of the custom option values.
Usage
configure authority router node device-interface network-interface address host-service address-pool custom quantity [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: singular
enumeration
A value from a set of predefined names.
Options:
- singular:
- array:
configure authority router node device-interface network-interface address host-service address-pool custom value
The value(s) of custom option to be provided to clients.
Usage
configure authority router node device-interface network-interface address host-service address-pool custom value [<string>]
Positional Arguments
name | description |
---|---|
string | Value to add to this list |
Description
The order of elements matters.
string (required)
A text value.
configure authority router node device-interface network-interface address host-service address-pool domain-name
Domain name provided to clients.
Usage
configure authority router node device-interface network-interface address host-service address-pool domain-name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service address-pool domain-server
Domain name server address(es) provided to clients in priority order.
Usage
configure authority router node device-interface network-interface address host-service address-pool domain-server [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
The order of elements matters.
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service address-pool end-address
End of address pool.
Usage
configure authority router node device-interface network-interface address host-service address-pool end-address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service address-pool interface-mtu
Interface MTU provided to clients.
Usage
configure authority router node device-interface network-interface address host-service address-pool interface-mtu [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
uint16
An unsigned 16-bit integer.
Range: 68-9198
configure authority router node device-interface network-interface address host-service address-pool ntp-server
NTP server address(es) provided to clients in priority order.
Usage
configure authority router node device-interface network-interface address host-service address-pool ntp-server [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
The order of elements matters.
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service address-pool pop-server
POP server address(es) provided to clients in priority order.
Usage
configure authority router node device-interface network-interface address host-service address-pool pop-server [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
The order of elements matters.
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service address-pool router
Gateway router address(es) provided to clients in priority order.
Usage
configure authority router node device-interface network-interface address host-service address-pool router [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
The order of elements matters.
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service address-pool smtp-server
SMTP server address(es) provided to clients in priority order.
Usage
configure authority router node device-interface network-interface address host-service address-pool smtp-server [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
The order of elements matters.
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service address-pool start-address
Start of address pool.
Usage
configure authority router node device-interface network-interface address host-service address-pool start-address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service address-pool static-assignment
Static assignment(s) for DHCP configuration for a specific client
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment <address>
Positional Arguments
name | description |
---|---|
address | Address for static assignment of this client. |
Subcommands
command | description |
---|---|
address | Address for static assignment of this client. |
circuit-identifier | DHCP circuit identifier option (RFC3046) identifying this client. |
client-identifier | DHCP client identifier option identifying this client. |
clone | Clone a list item |
custom | Custom DHCP options to be provided to clients. |
delete | Delete configuration data |
description | A description of the static DHCP assignment. |
domain-name | Domain name provided to clients. |
domain-server | Domain name server address(es) provided to clients in priority order. |
interface-mtu | Interface MTU provided to clients. |
link-layer-address | MAC address identifying this client. |
move | Move list items |
ntp-server | NTP server address(es) provided to clients in priority order. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
pop-server | POP server address(es) provided to clients in priority order. |
router | Gateway router address(es) provided to clients in priority order. |
show | Show configuration data for 'static-assignment' |
smtp-server | SMTP server address(es) provided to clients in priority order. |
static-route | Static route(s) provided to clients. Note that for default routes the router option should be used. |
tenant | Tenant to which clients will be assigned. |
vendor-identifying-vendor-specific-information | Vendor-Identifying Vendor-Specific Information Options (Option 125) to be provided to clients [RFC3925]. |
vendor-specific-information | Vendor-Specific Information Options (Option 43) to be provided to clients [RFC2132]. |
configure authority router node device-interface network-interface address host-service address-pool static-assignment address
Address for static assignment of this client.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service address-pool static-assignment circuit-identifier
DHCP circuit identifier option (RFC3046) identifying this client.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment circuit-identifier [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service address-pool static-assignment client-identifier
DHCP client identifier option identifying this client.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment client-identifier [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service address-pool static-assignment custom
Custom DHCP options to be provided to clients.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment custom <code>
Positional Arguments
name | description |
---|---|
code | The code of the custom DHCP option. |
Subcommands
command | description |
---|---|
code | The code of the custom DHCP option. |
delete | Delete configuration data |
description | A description of the custom DHCP option. |
encoded-type | The encoded type of the custom option. |
move | Move list items |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
quantity | The allowed quantity of the custom option values. |
show | Show configuration data for 'custom' |
value | The value(s) of custom option to be provided to clients. |
configure authority router node device-interface network-interface address host-service address-pool static-assignment custom code
The code of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment custom code [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
uint16
An unsigned 16-bit integer.
Range: 0-65535
configure authority router node device-interface network-interface address host-service address-pool static-assignment custom description
A description of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment custom description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service address-pool static-assignment custom encoded-type
The encoded type of the custom option.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment custom encoded-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: string
enumeration
A value from a set of predefined names.
Options:
- string:
- uint8:
- uint16:
- uint32:
- boolean:
- ipv4-address:
- int32:
- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'.
configure authority router node device-interface network-interface address host-service address-pool static-assignment custom quantity
The allowed quantity of the custom option values.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment custom quantity [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: singular
enumeration
A value from a set of predefined names.
Options:
- singular:
- array:
configure authority router node device-interface network-interface address host-service address-pool static-assignment custom value
The value(s) of custom option to be provided to clients.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment custom value [<string>]
Positional Arguments
name | description |
---|---|
string | Value to add to this list |
Description
The order of elements matters.
string (required)
A text value.
configure authority router node device-interface network-interface address host-service address-pool static-assignment description
A description of the static DHCP assignment.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service address-pool static-assignment domain-name
Domain name provided to clients.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment domain-name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service address-pool static-assignment domain-server
Domain name server address(es) provided to clients in priority order.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment domain-server [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
The order of elements matters.
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service address-pool static-assignment interface-mtu
Interface MTU provided to clients.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment interface-mtu [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
uint16
An unsigned 16-bit integer.
Range: 68-9198
configure authority router node device-interface network-interface address host-service address-pool static-assignment link-layer-address
MAC address identifying this client.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment link-layer-address [<mac-address>]
Positional Arguments
name | description |
---|---|
mac-address | The value to set for this field |
Description
mac-address (string)
The mac-address type represents an IEEE 802 MAC address. The canonical representation uses lowercase characters.
In the value set and its semantics, this type is equivalent to the MacAddress textual convention of the SMIv2.
configure authority router node device-interface network-interface address host-service address-pool static-assignment ntp-server
NTP server address(es) provided to clients in priority order.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment ntp-server [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
The order of elements matters.
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service address-pool static-assignment pop-server
POP server address(es) provided to clients in priority order.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment pop-server [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
The order of elements matters.
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service address-pool static-assignment router
Gateway router address(es) provided to clients in priority order.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment router [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
The order of elements matters.
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service address-pool static-assignment smtp-server
SMTP server address(es) provided to clients in priority order.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment smtp-server [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
The order of elements matters.
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service address-pool static-assignment static-route
Static route(s) provided to clients. Note that for default routes the router option should be used.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment static-route <destination-address>
Positional Arguments
name | description |
---|---|
destination-address | Destination address of static route. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
destination-address | Destination address of static route. |
gateway | Gateway address of static route. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'static-route' |
configure authority router node device-interface network-interface address host-service address-pool static-assignment static-route destination-address
Destination address of static route.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment static-route destination-address [<non-default-ip-address>]
Positional Arguments
name | description |
---|---|
non-default-ip-address | The value to set for this field |
Description
non-default-ip-address (union)
A non-default IPv4 or IPv6 address
Must be one of the following types:
(0) non-default-ipv4-address (string)
A non-default IPv4 address
Must be a valid IPv4 address.
(1) non-default-ipv6-address (string)
A non-default IPv6 address
Must be a valid IPv4 address.
configure authority router node device-interface network-interface address host-service address-pool static-assignment static-route gateway
Gateway address of static route.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment static-route gateway [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union) (required)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string) (required)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string) (required)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service address-pool static-assignment tenant
Tenant to which clients will be assigned.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment tenant [<tenant-ref>]
Positional Arguments
name | description |
---|---|
tenant-ref | The value to set for this field |
Description
tenant-ref (leafref)
This type is used by other entities that need to reference configured tenants.
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-identifying-vendor-specific-information
Vendor-Identifying Vendor-Specific Information Options (Option 125) to be provided to clients [RFC3925].
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-identifying-vendor-specific-information <enterprise-number> <code>
Positional Arguments
name | description |
---|---|
enterprise-number | The vendor's registered 32-bit Enterprise Number as registered with IANA. |
code | The code of the custom DHCP option. |
Subcommands
command | description |
---|---|
code | The code of the custom DHCP option. |
delete | Delete configuration data |
description | A description of the custom DHCP option. |
encoded-type | The encoded type of the custom option. |
enterprise-number | The vendor's registered 32-bit Enterprise Number as registered with IANA. |
move | Move list items |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
quantity | The allowed quantity of the custom option values. |
show | Show configuration data for 'vendor-identifying-vendor-specific-information' |
value | The value(s) of custom option to be provided to clients. |
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-identifying-vendor-specific-information code
The code of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-identifying-vendor-specific-information code [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
uint16
An unsigned 16-bit integer.
Range: 0-65535
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-identifying-vendor-specific-information description
A description of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-identifying-vendor-specific-information description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-identifying-vendor-specific-information encoded-type
The encoded type of the custom option.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-identifying-vendor-specific-information encoded-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: string
enumeration
A value from a set of predefined names.
Options:
- string:
- uint8:
- uint16:
- uint32:
- boolean:
- ipv4-address:
- int32:
- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'.
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-identifying-vendor-specific-information enterprise-number
The vendor's registered 32-bit Enterprise Number as registered with IANA.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-identifying-vendor-specific-information enterprise-number [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32 (required)
An unsigned 32-bit integer.
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-identifying-vendor-specific-information quantity
The allowed quantity of the custom option values.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-identifying-vendor-specific-information quantity [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: singular
enumeration
A value from a set of predefined names.
Options:
- singular:
- array:
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-identifying-vendor-specific-information value
The value(s) of custom option to be provided to clients.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-identifying-vendor-specific-information value [<string>]
Positional Arguments
name | description |
---|---|
string | Value to add to this list |
Description
The order of elements matters.
string (required)
A text value.
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-specific-information
Vendor-Specific Information Options (Option 43) to be provided to clients [RFC2132].
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-specific-information <code>
Positional Arguments
name | description |
---|---|
code | The code of the custom DHCP option. |
Subcommands
command | description |
---|---|
code | The code of the custom DHCP option. |
delete | Delete configuration data |
description | A description of the custom DHCP option. |
encoded-type | The encoded type of the custom option. |
move | Move list items |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
quantity | The allowed quantity of the custom option values. |
show | Show configuration data for 'vendor-specific-information' |
value | The value(s) of custom option to be provided to clients. |
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-specific-information code
The code of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-specific-information code [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
uint16
An unsigned 16-bit integer.
Range: 0-65535
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-specific-information description
A description of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-specific-information description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-specific-information encoded-type
The encoded type of the custom option.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-specific-information encoded-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: string
enumeration
A value from a set of predefined names.
Options:
- string:
- uint8:
- uint16:
- uint32:
- boolean:
- ipv4-address:
- int32:
- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'.
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-specific-information quantity
The allowed quantity of the custom option values.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-specific-information quantity [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: singular
enumeration
A value from a set of predefined names.
Options:
- singular
- array
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-specific-information value
The value(s) of custom option to be provided to clients.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-assignment vendor-specific-information value [<string>]
Positional Arguments
name | description |
---|---|
string | Value to add to this list |
Description
The order of elements matters.
string (required)
A text value.
configure authority router node device-interface network-interface address host-service address-pool static-route
Static route(s) provided to clients. Note that for default routes the router option should be used.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-route <destination-address>
Positional Arguments
name | description |
---|---|
destination-address | Destination address of static route. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
destination-address | Destination address of static route. |
gateway | Gateway address of static route. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'static-route' |
configure authority router node device-interface network-interface address host-service address-pool static-route destination-address
Destination address of static route.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-route destination-address [<non-default-ip-address>]
Positional Arguments
name | description |
---|---|
non-default-ip-address | The value to set for this field |
Description
non-default-ip-address (union)
A non-default IPv4 or IPv6 address
Must be one of the following types:
(0) non-default-ipv4-address (string)
A non-default IPv4 address
Must be a valid IPv4 address.
(1) non-default-ipv6-address (string)
A non-default IPv6 address
Must be a valid IPv4 address.
configure authority router node device-interface network-interface address host-service address-pool static-route gateway
Gateway address of static route.
Usage
configure authority router node device-interface network-interface address host-service address-pool static-route gateway [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union) (required)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string) (required)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string) (required)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service address-pool tenant
Tenant to which clients will be assigned.
Usage
configure authority router node device-interface network-interface address host-service address-pool tenant [<tenant-ref>]
Positional Arguments
name | description |
---|---|
tenant-ref | The value to set for this field |
Description
tenant-ref (leafref)
This type is used by other entities that need to reference configured tenants.
configure authority router node device-interface network-interface address host-service address-pool vendor-identifying-vendor-specific-information
Vendor-Identifying Vendor-Specific Information Options (Option 125) to be provided to clients [RFC3925].
Usage
configure authority router node device-interface network-interface address host-service address-pool vendor-identifying-vendor-specific-information <enterprise-number> <code>
Positional Arguments
name | description |
---|---|
enterprise-number | The vendor's registered 32-bit Enterprise Number as registered with IANA. |
code | The code of the custom DHCP option. |
Subcommands
command | description |
---|---|
code | The code of the custom DHCP option. |
delete | Delete configuration data |
description | A description of the custom DHCP option. |
encoded-type | The encoded type of the custom option. |
enterprise-number | The vendor's registered 32-bit Enterprise Number as registered with IANA. |
move | Move list items |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
quantity | The allowed quantity of the custom option values. |
show | Show configuration data for 'vendor-identifying-vendor-specific-information' |
value | The value(s) of custom option to be provided to clients. |
configure authority router node device-interface network-interface address host-service address-pool vendor-identifying-vendor-specific-information code
The code of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service address-pool vendor-identifying-vendor-specific-information code [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
uint16
An unsigned 16-bit integer.
Range: 0-65535
configure authority router node device-interface network-interface address host-service address-pool vendor-identifying-vendor-specific-information description
A description of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service address-pool vendor-identifying-vendor-specific-information description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service address-pool vendor-identifying-vendor-specific-information encoded-type
The encoded type of the custom option.
Usage
configure authority router node device-interface network-interface address host-service address-pool vendor-identifying-vendor-specific-information encoded-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: string
enumeration
A value from a set of predefined names.
Options:
- string
- uint8
- uint16
- uint32
- boolean
- ipv4-address
- int32
- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'.
configure authority router node device-interface network-interface address host-service address-pool vendor-identifying-vendor-specific-information enterprise-number
The vendor's registered 32-bit Enterprise Number as registered with IANA.
Usage
configure authority router node device-interface network-interface address host-service address-pool vendor-identifying-vendor-specific-information enterprise-number [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32 (required)
An unsigned 32-bit integer.
configure authority router node device-interface network-interface address host-service address-pool vendor-identifying-vendor-specific-information quantity
The allowed quantity of the custom option values.
Usage
configure authority router node device-interface network-interface address host-service address-pool vendor-identifying-vendor-specific-information quantity [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: singular
enumeration
A value from a set of predefined names.
Options:
- singular:
- array:
configure authority router node device-interface network-interface address host-service address-pool vendor-identifying-vendor-specific-information value
The value(s) of custom option to be provided to clients.
Usage
configure authority router node device-interface network-interface address host-service address-pool vendor-identifying-vendor-specific-information value [<string>]
Positional Arguments
name | description |
---|---|
string | Value to add to this list |
Description
The order of elements matters.
string (required)
A text value.
configure authority router node device-interface network-interface address host-service address-pool vendor-specific-information
Vendor-Specific Information Options (Option 43) to be provided to clients [RFC2132].
Usage
configure authority router node device-interface network-interface address host-service address-pool vendor-specific-information <code>
Positional Arguments
name | description |
---|---|
code | The code of the custom DHCP option. |
Subcommands
command | description |
---|---|
code | The code of the custom DHCP option. |
delete | Delete configuration data |
description | A description of the custom DHCP option. |
encoded-type | The encoded type of the custom option. |
move | Move list items |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
quantity | The allowed quantity of the custom option values. |
show | Show configuration data for 'vendor-specific-information' |
value | The value(s) of custom option to be provided to clients. |
configure authority router node device-interface network-interface address host-service address-pool vendor-specific-information code
The code of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service address-pool vendor-specific-information code [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
uint16
An unsigned 16-bit integer.
Range: 0-65535
configure authority router node device-interface network-interface address host-service address-pool vendor-specific-information description
A description of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service address-pool vendor-specific-information description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service address-pool vendor-specific-information encoded-type
The encoded type of the custom option.
Usage
configure authority router node device-interface network-interface address host-service address-pool vendor-specific-information encoded-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: string
enumeration
A value from a set of predefined names.
Options:
- string:
- uint8:
- uint16:
- uint32:
- boolean:
- ipv4-address:
- int32:
- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'.
configure authority router node device-interface network-interface address host-service address-pool vendor-specific-information quantity
The allowed quantity of the custom option values.
Usage
configure authority router node device-interface network-interface address host-service address-pool vendor-specific-information quantity [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: singular
enumeration
A value from a set of predefined names.
Options:
- singular:
- array:
configure authority router node device-interface network-interface address host-service address-pool vendor-specific-information value
The value(s) of custom option to be provided to clients.
Usage
configure authority router node device-interface network-interface address host-service address-pool vendor-specific-information value [<string>]
Positional Arguments
name | description |
---|---|
string | Value to add to this list |
Description
The order of elements matters.
string (required)
A text value.
configure authority router node device-interface network-interface address host-service authoritative
Whether this is the authoritative DHCP server in the network. If true, server will respond to requests with NAK where appropriate according to RFC 2131
Usage
configure authority router node device-interface network-interface address host-service authoritative [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface address host-service description
A description about the hosted service.
Usage
configure authority router node device-interface network-interface address host-service description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service echo-client-id
Whether the client id should be echoed in DHCP server responses as specified in RFC 6842 or not as specified in the original RFC 2131.
Usage
configure authority router node device-interface network-interface address host-service echo-client-id [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface address host-service enabled
Enable/disable for host services
Usage
configure authority router node device-interface network-interface address host-service enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface address host-service max-lease-time
Maximum lease time for leases allocated to clients.
Usage
configure authority router node device-interface network-interface address host-service max-lease-time [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 86400
uint32
An unsigned 32-bit integer.
configure authority router node device-interface network-interface address host-service server-name
Server name that identifies the DHCP server to clients.
Usage
configure authority router node device-interface network-interface address host-service server-name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service service-type
The type of hosted service
Usage
configure authority router node device-interface network-interface address host-service service-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
enumeration
A value from a set of predefined names.
Options:
- ssh: SSH Hosted service.
- netconf: Netconf service.
- web: Web service.
- dhcp-server: DHCP server service.
- snmp-server: Access SNMP server through this interface
- custom: Custom service.
configure authority router node device-interface network-interface address host-service static-assignment
Static assignment(s) for DHCP configuration for a specific client
Usage
configure authority router node device-interface network-interface address host-service static-assignment <address>
Positional Arguments
name | description |
---|---|
address | Address for static assignment of this client. |
Subcommands
command | description |
---|---|
address | Address for static assignment of this client. |
circuit-identifier | DHCP circuit identifier option (RFC3046) identifying this client. |
client-identifier | DHCP client identifier option identifying this client. |
clone | Clone a list item |
custom | Custom DHCP options to be provided to clients. |
delete | Delete configuration data |
description | A description of the static DHCP assignment. |
domain-name | Domain name provided to clients. |
domain-server | Domain name server address(es) provided to clients in priority order. |
interface-mtu | Interface MTU provided to clients. |
link-layer-address | MAC address identifying this client. |
move | Move list items |
ntp-server | NTP server address(es) provided to clients in priority order. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
pop-server | POP server address(es) provided to clients in priority order. |
router | Gateway router address(es) provided to clients in priority order. |
show | Show configuration data for 'static-assignment' |
smtp-server | SMTP server address(es) provided to clients in priority order. |
static-route | Static route(s) provided to clients. Note that for default routes the router option should be used. |
tenant | Tenant to which clients will be assigned. |
vendor-identifying-vendor-specific-information | Vendor-Identifying Vendor-Specific Information Options (Option 125) to be provided to clients [RFC3925]. |
vendor-specific-information | Vendor-Specific Information Options (Option 43) to be provided to clients [RFC2132]. |
configure authority router node device-interface network-interface address host-service static-assignment address
Address for static assignment of this client.
Usage
configure authority router node device-interface network-interface address host-service static-assignment address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service static-assignment circuit-identifier
DHCP circuit identifier option (RFC3046) identifying this client.
Usage
configure authority router node device-interface network-interface address host-service static-assignment circuit-identifier [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service static-assignment client-identifier
DHCP client identifier option identifying this client.
Usage
configure authority router node device-interface network-interface address host-service static-assignment client-identifier [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service static-assignment custom
Custom DHCP options to be provided to clients.
Usage
configure authority router node device-interface network-interface address host-service static-assignment custom <code>
Positional Arguments
name | description |
---|---|
code | The code of the custom DHCP option. |
Subcommands
command | description |
---|---|
code | The code of the custom DHCP option. |
delete | Delete configuration data |
description | A description of the custom DHCP option. |
encoded-type | The encoded type of the custom option. |
move | Move list items |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
quantity | The allowed quantity of the custom option values. |
show | Show configuration data for 'custom' |
value | The value(s) of custom option to be provided to clients. |
configure authority router node device-interface network-interface address host-service static-assignment custom code
The code of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service static-assignment custom code [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
uint16
An unsigned 16-bit integer.
Range: 0-65535
configure authority router node device-interface network-interface address host-service static-assignment custom description
A description of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service static-assignment custom description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service static-assignment custom encoded-type
The encoded type of the custom option.
Usage
configure authority router node device-interface network-interface address host-service static-assignment custom encoded-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: string
enumeration
A value from a set of predefined names.
Options:
- string:
- uint8:
- uint16:
- uint32:
- boolean:
- ipv4-address:
- int32:
- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'.
configure authority router node device-interface network-interface address host-service static-assignment custom quantity
The allowed quantity of the custom option values.
Usage
configure authority router node device-interface network-interface address host-service static-assignment custom quantity [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: singular
enumeration
A value from a set of predefined names.
Options:
- singular:
- array:
configure authority router node device-interface network-interface address host-service static-assignment custom value
The value(s) of custom option to be provided to clients.
Usage
configure authority router node device-interface network-interface address host-service static-assignment custom value [<string>]
Positional Arguments
name | description |
---|---|
string | Value to add to this list |
Description
The order of elements matters.
string (required)
A text value.
configure authority router node device-interface network-interface address host-service static-assignment description
A description of the static DHCP assignment.
Usage
configure authority router node device-interface network-interface address host-service static-assignment description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service static-assignment domain-name
Domain name provided to clients.
Usage
configure authority router node device-interface network-interface address host-service static-assignment domain-name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service static-assignment domain-server
Domain name server address(es) provided to clients in priority order.
Usage
configure authority router node device-interface network-interface address host-service static-assignment domain-server [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
The order of elements matters.
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service static-assignment interface-mtu
Interface MTU provided to clients.
Usage
configure authority router node device-interface network-interface address host-service static-assignment interface-mtu [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
uint16
An unsigned 16-bit integer.
Range: 68-9198
configure authority router node device-interface network-interface address host-service static-assignment link-layer-address
MAC address identifying this client.
Usage
configure authority router node device-interface network-interface address host-service static-assignment link-layer-address [<mac-address>]
Positional Arguments
name | description |
---|---|
mac-address | The value to set for this field |
Description
mac-address (string)
The mac-address type represents an IEEE 802 MAC address. The canonical representation uses lowercase characters.
In the value set and its semantics, this type is equivalent to the MacAddress textual convention of the SMIv2.
configure authority router node device-interface network-interface address host-service static-assignment ntp-server
NTP server address(es) provided to clients in priority order.
Usage
configure authority router node device-interface network-interface address host-service static-assignment ntp-server [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
The order of elements matters.
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service static-assignment pop-server
POP server address(es) provided to clients in priority order.
Usage
configure authority router node device-interface network-interface address host-service static-assignment pop-server [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
The order of elements matters.
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service static-assignment router
Gateway router address(es) provided to clients in priority order.
Usage
configure authority router node device-interface network-interface address host-service static-assignment router [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
The order of elements matters.
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service static-assignment smtp-server
SMTP server address(es) provided to clients in priority order.
Usage
configure authority router node device-interface network-interface address host-service static-assignment smtp-server [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
The order of elements matters.
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service static-assignment static-route
Static route(s) provided to clients. Note that for default routes the router option should be used.
Usage
configure authority router node device-interface network-interface address host-service static-assignment static-route <destination-address>
Positional Arguments
name | description |
---|---|
destination-address | Destination address of static route. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
destination-address | Destination address of static route. |
gateway | Gateway address of static route. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'static-route' |
configure authority router node device-interface network-interface address host-service static-assignment static-route destination-address
Destination address of static route.
Usage
configure authority router node device-interface network-interface address host-service static-assignment static-route destination-address [<non-default-ip-address>]
Positional Arguments
name | description |
---|---|
non-default-ip-address | The value to set for this field |
Description
non-default-ip-address (union)
A non-default IPv4 or IPv6 address
Must be one of the following types:
(0) non-default-ipv4-address (string)
A non-default IPv4 address
Must be a valid IPv4 address.
(1) non-default-ipv6-address (string)
A non-default IPv6 address
Must be a valid IPv4 address.
configure authority router node device-interface network-interface address host-service static-assignment static-route gateway
Gateway address of static route.
Usage
configure authority router node device-interface network-interface address host-service static-assignment static-route gateway [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union) (required)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string) (required)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string) (required)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address host-service static-assignment tenant
Tenant to which clients will be assigned.
Usage
configure authority router node device-interface network-interface address host-service static-assignment tenant [<tenant-ref>]
Positional Arguments
name | description |
---|---|
tenant-ref | The value to set for this field |
Description
tenant-ref (leafref)
This type is used by other entities that need to reference configured tenants.
configure authority router node device-interface network-interface address host-service static-assignment vendor-identifying-vendor-specific-information
Vendor-Identifying Vendor-Specific Information Options (Option 125) to be provided to clients [RFC3925].
Usage
configure authority router node device-interface network-interface address host-service static-assignment vendor-identifying-vendor-specific-information <enterprise-number> <code>
Positional Arguments
name | description |
---|---|
enterprise-number | The vendor's registered 32-bit Enterprise Number as registered with IANA. |
code | The code of the custom DHCP option. |
Subcommands
command | description |
---|---|
code | The code of the custom DHCP option. |
delete | Delete configuration data |
description | A description of the custom DHCP option. |
encoded-type | The encoded type of the custom option. |
enterprise-number | The vendor's registered 32-bit Enterprise Number as registered with IANA. |
move | Move list items |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
quantity | The allowed quantity of the custom option values. |
show | Show configuration data for 'vendor-identifying-vendor-specific-information' |
value | The value(s) of custom option to be provided to clients. |
configure authority router node device-interface network-interface address host-service static-assignment vendor-identifying-vendor-specific-information code
The code of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service static-assignment vendor-identifying-vendor-specific-information code [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
uint16
An unsigned 16-bit integer.
Range: 0-65535
configure authority router node device-interface network-interface address host-service static-assignment vendor-identifying-vendor-specific-information description
A description of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service static-assignment vendor-identifying-vendor-specific-information description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service static-assignment vendor-identifying-vendor-specific-information encoded-type
The encoded type of the custom option.
Usage
configure authority router node device-interface network-interface address host-service static-assignment vendor-identifying-vendor-specific-information encoded-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: string
enumeration
A value from a set of predefined names.
Options:
- string:
- uint8:
- uint16:
- uint32:
- boolean:
- ipv4-address:
- int32:
- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'.
configure authority router node device-interface network-interface address host-service static-assignment vendor-identifying-vendor-specific-information enterprise-number
The vendor's registered 32-bit Enterprise Number as registered with IANA.
Usage
configure authority router node device-interface network-interface address host-service static-assignment vendor-identifying-vendor-specific-information enterprise-number [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32 (required)
An unsigned 32-bit integer.
configure authority router node device-interface network-interface address host-service static-assignment vendor-identifying-vendor-specific-information quantity
The allowed quantity of the custom option values.
Usage
configure authority router node device-interface network-interface address host-service static-assignment vendor-identifying-vendor-specific-information quantity [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: singular
enumeration
A value from a set of predefined names.
Options:
- singular:
- array:
configure authority router node device-interface network-interface address host-service static-assignment vendor-identifying-vendor-specific-information value
The value(s) of custom option to be provided to clients.
Usage
configure authority router node device-interface network-interface address host-service static-assignment vendor-identifying-vendor-specific-information value [<string>]
Positional Arguments
name | description |
---|---|
string | Value to add to this list |
Description
The order of elements matters.
string (required)
A text value.
configure authority router node device-interface network-interface address host-service static-assignment vendor-specific-information
Vendor-Specific Information Options (Option 43) to be provided to clients [RFC2132].
Usage
configure authority router node device-interface network-interface address host-service static-assignment vendor-specific-information <code>
Positional Arguments
name | description |
---|---|
code | The code of the custom DHCP option. |
Subcommands
command | description |
---|---|
code | The code of the custom DHCP option. |
delete | Delete configuration data |
description | A description of the custom DHCP option. |
encoded-type | The encoded type of the custom option. |
move | Move list items |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
quantity | The allowed quantity of the custom option values. |
show | Show configuration data for 'vendor-specific-information' |
value | The value(s) of custom option to be provided to clients. |
configure authority router node device-interface network-interface address host-service static-assignment vendor-specific-information code
The code of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service static-assignment vendor-specific-information code [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
uint16
An unsigned 16-bit integer.
Range: 0-65535
configure authority router node device-interface network-interface address host-service static-assignment vendor-specific-information description
A description of the custom DHCP option.
Usage
configure authority router node device-interface network-interface address host-service static-assignment vendor-specific-information description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface address host-service static-assignment vendor-specific-information encoded-type
The encoded type of the custom option.
Usage
configure authority router node device-interface network-interface address host-service static-assignment vendor-specific-information encoded-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: string
enumeration
A value from a set of predefined names.
Options:
- string:
- uint8:
- uint16:
- uint32:
- boolean:
- ipv4-address:
- int32:
- binary: A continuous string of hexadecimal digits with a '0x' prefix. Valid examples are '0xabcdef' and '0x123456'.
configure authority router node device-interface network-interface address host-service static-assignment vendor-specific-information quantity
The allowed quantity of the custom option values.
Usage
configure authority router node device-interface network-interface address host-service static-assignment vendor-specific-information quantity [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: singular
enumeration
A value from a set of predefined names.
Options:
- singular:
- array:
configure authority router node device-interface network-interface address host-service static-assignment vendor-specific-information value
The value(s) of custom option to be provided to clients.
Usage
configure authority router node device-interface network-interface address host-service static-assignment vendor-specific-information value [<string>]
Positional Arguments
name | description |
---|---|
string | Value to add to this list |
Description
The order of elements matters.
string (required)
A text value.
configure authority router node device-interface network-interface address host-service transport
The transport protocol(s) and port(s) for the service.
Usage
configure authority router node device-interface network-interface address host-service transport <protocol>
Positional Arguments
name | description |
---|---|
protocol | Layer 4 transport protocol. |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
port-range | Configure Port Range |
protocol | Layer 4 transport protocol. |
show | Show configuration data for 'transport' |
configure authority router node device-interface network-interface address host-service transport port-range
Configure Port Range
Usage
configure authority router node device-interface network-interface address host-service transport port-range <start-port>
Positional Arguments
name | description |
---|---|
start-port | Lower transport (layer 4) port number. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
end-port | Upper transport (layer 4) port number. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'port-range' |
start-port | Lower transport (layer 4) port number. |
configure authority router node device-interface network-interface address host-service transport port-range end-port
Upper transport (layer 4) port number.
Usage
configure authority router node device-interface network-interface address host-service transport port-range end-port [<end-port>]
Positional Arguments
name | description |
---|---|
end-port | The value to set for this field |
Description
end-port (uint16)
Upper transport (layer 4) port number. Default value is the start-port
Range: 0-65535
configure authority router node device-interface network-interface address host-service transport port-range start-port
Lower transport (layer 4) port number.
Usage
configure authority router node device-interface network-interface address host-service transport port-range start-port [<l4-port>]
Positional Arguments
name | description |
---|---|
l4-port | The value to set for this field |
Description
l4-port (uint16) (required)
Transport (layer 4) port number.
Range: 0-65535
configure authority router node device-interface network-interface address host-service transport protocol
Layer 4 transport protocol.
Usage
configure authority router node device-interface network-interface address host-service transport protocol [<protocol>]
Positional Arguments
name | description |
---|---|
protocol | The value to set for this field |
Description
protocol (enumeration)
Transport (Layer 4) protocol.
Options:
- tcp: Transmission Control Protocol.
- udp: User Datagram Protocol.
- icmp: Internet Control Management Protocol.
- gre: Generic Routing Encapsulation Protocol.
- esp: IPSec Encapsulating Security Payload Protocol.
- pim: Protocol Independent Multicast.
configure authority router node device-interface network-interface address in-subnet-arp-prefix
Address(es) for which the router will respond to ARP requests.
Usage
configure authority router node device-interface network-interface address in-subnet-arp-prefix [<unicast-ipv4-prefix>]
Positional Arguments
name | description |
---|---|
unicast-ipv4-prefix | Value to add to this list |
Description
unicast-ipv4-prefix (string)
A unicast IPv4 prefix
configure authority router node device-interface network-interface address ip-address
The IP address on the interface.
Usage
configure authority router node device-interface network-interface address ip-address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address ppp-peer-ip
PPP Peer IP address for interfaces like T1.
Usage
configure authority router node device-interface network-interface address ppp-peer-ip [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface address prefix-length
The length of the subnet prefix.
Usage
configure authority router node device-interface network-interface address prefix-length [<prefix-length>]
Positional Arguments
name | description |
---|---|
prefix-length | The value to set for this field |
Description
prefix-length (uint8) (required)
Prefix-length for IP address
Range: 0-128
configure authority router node device-interface network-interface address utility-ip-address
Utility IP address used for purposes other than forwarding traffic.
Usage
configure authority router node device-interface network-interface address utility-ip-address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface adjacency
A list of adjacent routers.
Usage
configure authority router node device-interface network-interface adjacency <ip-address> <peer>
Positional Arguments
name | description |
---|---|
ip-address | The IP address or hostname of adjacent router or waypoint-address of the peer router. |
peer | Peer router to which this waypoint address belongs. |
Subcommands
command | description |
---|---|
bfd | BFD parameters for the adjacency. |
clone | Clone a list item |
cost | Cost of the link. |
delete | Delete configuration data |
encapsulate-icmp-error-messages | Encapsulate ICMP errors in UDP across SVR for this adjacency |
external-nat-address | This is the address or hostname that is seen by the adjacent router when it receives a packet from this router. |
generated | Indicates whether or not the Adjacency was automatically generated as a result of STEP topology builder. |
inter-router-security | The name of the security policy used for inter-router traffic to the peer via this adjacency. |
ip-address | The IP address or hostname of adjacent router or waypoint-address of the peer router. |
max-way-points | Maximum number of way points to be allocated on the peer path. |
nat-keep-alive | NAT keep-alive settings for interoperating with external NATs for this adjacency. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
packet-resiliency | Enable/disable packet-resiliency per path. |
path-metrics-rolling-avg-interval | This defines the rolling average interval used for computing various path metrics such as latency and loss. |
path-mtu-discovery | Automatic path MTU discovery for this adjacency. |
payload-encryption-override | Transport based encryption override for payload setting for the adjacency. |
peer | Peer router to which this waypoint address belongs. |
peer-connectivity | Whether the peer router is publicly reachable, or behind a firewall/NAT. |
performance-monitoring | Performance Monitoring settings for this adjacency. |
port-range | Range of destination ports that peer router is reachable at |
post-encryption-padding | Whether to add a padding byte with value of 0x0 at the end of the packet payload when encryption is enabled for this adjacency. |
qp-value | Quality points value that represents the 'quality' of the the link to the adjacent router. Used for selecting egress interface based on the service class required minimum quality points. |
session-optimization | Configure Session Optimization |
show | Show configuration data for 'adjacency' |
source-nat-address | The source nat IP address or prefixes for packets received on the interface. |
step-peer-path-advertisement | Update frequency and timeliness of the STEP peer path advertisement for this adjacency. |
traffic-engineering | Configure Traffic Engineering |
ttl-padding | Whether to perform TTL Padding on routers for this adjacency |
udp-transform | UDP transform settings for interoperating with stateful TCP firewalls for the adjacency. |
vector | Vector names for path selection. |
configure authority router node device-interface network-interface adjacency bfd
BFD parameters for the adjacency.
Subcommands
command | description |
---|---|
authentication-type | Describes the authentication type used in BFD packets |
delete | Delete configuration data |
desired-tx-interval | Represents the frequency with which BFD asynchronous control packets are sent to peer nodes/routers. |
dscp | The DSCP value to use with BFD packets. |
dynamic-damping | When enabled, extend the hold-down time if additional link flaps occur during the hold-down period. |
hold-down-time | Represents the hold-down time. If dynamic-damping is enabled, this is the initial hold-down time. |
link-test-interval | This represents the interval between BFD echo tests sent to the peer node/router. |
link-test-length | This is the number of packets sent during one test cycle. A value of 0 disables BFD echo tests. |
maximum-hold-down-time | Represents the maximum hold-down time of dynamic-damping exponential backoff. If the hold-down-time hits the maximum three times in a row, it will reset back to the original value. |
multiplier | Number of consecutive missed messages from a peer before deciding that the link between them is unusable. Valid range is (3,20). |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
required-min-rx-interval | Represents the minimum interval between BFD asynchronous control packets that this router is capable of supporting. |
show | Show configuration data for 'bfd' |
state | When enabled, run BFD between all nodes within the router. |
configure authority router node device-interface network-interface adjacency bfd authentication-type
Describes the authentication type used in BFD packets
Usage
configure authority router node device-interface network-interface adjacency bfd authentication-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: sha256
enumeration
A value from a set of predefined names.
Options:
- simple: Simple Password.
- sha256: SHA256
configure authority router node device-interface network-interface adjacency bfd desired-tx-interval
Represents the frequency with which BFD asynchronous control packets are sent to peer nodes/routers.
Usage
configure authority router node device-interface network-interface adjacency bfd desired-tx-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
uint32
An unsigned 32-bit integer.
Range: 50-600000
configure authority router node device-interface network-interface adjacency bfd dscp
The DSCP value to use with BFD packets.
Usage
configure authority router node device-interface network-interface adjacency bfd dscp [<dscp>]
Positional Arguments
name | description |
---|---|
dscp | The value to set for this field |
Description
Default: 0
dscp (uint8)
A DSCP value (0-63)
Range: 0-63
configure authority router node device-interface network-interface adjacency bfd dynamic-damping
When enabled, extend the hold-down time if additional link flaps occur during the hold-down period.
Usage
configure authority router node device-interface network-interface adjacency bfd dynamic-damping [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: disabled
enumeration
A value from a set of predefined names.
Options:
- enabled: Extend hold-down time exponentially if link flaps occur during hold-down time.
- disabled: Use simple hold-down timer for every link up event.
configure authority router node device-interface network-interface adjacency bfd hold-down-time
Represents the hold-down time. If dynamic-damping is enabled, this is the initial hold-down time.
Usage
configure authority router node device-interface network-interface adjacency bfd hold-down-time [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 5
uint32
An unsigned 32-bit integer.
Range: 1-300
configure authority router node device-interface network-interface adjacency bfd link-test-interval
This represents the interval between BFD echo tests sent to the peer node/router.
Usage
configure authority router node device-interface network-interface adjacency bfd link-test-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 10
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router node device-interface network-interface adjacency bfd link-test-length
This is the number of packets sent during one test cycle. A value of 0 disables BFD echo tests.
Usage
configure authority router node device-interface network-interface adjacency bfd link-test-length [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Units: packets
Default: 10
uint8
An unsigned 8-bit integer.
Range: 0-255
configure authority router node device-interface network-interface adjacency bfd maximum-hold-down-time
Represents the maximum hold-down time of dynamic-damping exponential backoff. If the hold-down-time hits the maximum three times in a row, it will reset back to the original value.
Usage
configure authority router node device-interface network-interface adjacency bfd maximum-hold-down-time [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 3600
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router node device-interface network-interface adjacency bfd multiplier
Number of consecutive missed messages from a peer before deciding that the link between them is unusable. Valid range is (3,20).
Usage
configure authority router node device-interface network-interface adjacency bfd multiplier [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 3
uint8
An unsigned 8-bit integer.
Range: 3-20
configure authority router node device-interface network-interface adjacency bfd required-min-rx-interval
Represents the minimum interval between BFD asynchronous control packets that this router is capable of supporting.
Usage
configure authority router node device-interface network-interface adjacency bfd required-min-rx-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
uint32
An unsigned 32-bit integer.
configure authority router node device-interface network-interface adjacency bfd state
When enabled, run BFD between all nodes within the router.
Usage
configure authority router node device-interface network-interface adjacency bfd state [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: enabled
enumeration
A value from a set of predefined names.
Options:
- enabled: BFD is enabled on all nodes of this router.
- disabled: BFD is disabled on all nodes of this router.
configure authority router node device-interface network-interface adjacency cost
Cost of the link.
Usage
configure authority router node device-interface network-interface adjacency cost [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 0
uint32
An unsigned 32-bit integer.
configure authority router node device-interface network-interface adjacency encapsulate-icmp-error-messages
Encapsulate ICMP errors in UDP across SVR for this adjacency
Usage
configure authority router node device-interface network-interface adjacency encapsulate-icmp-error-messages [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface adjacency external-nat-address
This is the address or hostname that is seen by the adjacent router when it receives a packet from this router.
Usage
configure authority router node device-interface network-interface adjacency external-nat-address [<host>]
Positional Arguments
name | description |
---|---|
host | The value to set for this field |
Description
host (union)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string):
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(2) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router node device-interface network-interface adjacency generated
Indicates whether or not the Adjacency was automatically generated as a result of STEP topology builder.
Usage
configure authority router node device-interface network-interface adjacency generated [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface adjacency inter-router-security
The name of the security policy used for inter-router traffic to the peer via this adjacency.
Usage
configure authority router node device-interface network-interface adjacency inter-router-security [<security-ref>]
Positional Arguments
name | description |
---|---|
security-ref | The value to set for this field |
Description
security-ref (leafref)
This type is used by other entities that need to reference configured security policies.
configure authority router node device-interface network-interface adjacency ip-address
The IP address or hostname of adjacent router or waypoint-address of the peer router.
Usage
configure authority router node device-interface network-interface adjacency ip-address [<host>]
Positional Arguments
name | description |
---|---|
host | The value to set for this field |
Description
host (union)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(2) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router node device-interface network-interface adjacency max-way-points
Maximum number of way points to be allocated on the peer path.
Usage
configure authority router node device-interface network-interface adjacency max-way-points [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 50000
A restart is required if max-way-points is created, modified, or deleted
uint32
An unsigned 32-bit integer.
Range: 50000-1000000
configure authority router node device-interface network-interface adjacency nat-keep-alive
NAT keep-alive settings for interoperating with external NATs for this adjacency.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
mode | Configure Mode |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'nat-keep-alive' |
tcp-inactivity-timeout | Represents the frequency with which TCP keep-alive packets are generated and should be shorter than the external NAT's TCP timeout settings. |
udp-inactivity-timeout | Represents the frequency with which UDP keep-alive packets are generated and should be shorter than the external NAT's UDP timeout settings. |
configure authority router node device-interface network-interface adjacency nat-keep-alive mode
Configure Mode
Usage
configure authority router node device-interface network-interface adjacency nat-keep-alive mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: auto
enumeration
A value from a set of predefined names.
Options:
- auto: Inject keep-alive packets in order to keep the pinhole open on external NAT device for sessions that match a session type with keep-alives enabled.
- disabled: Do not send keep-alive packets to keep pinhole open on an external NAT device.
configure authority router node device-interface network-interface adjacency nat-keep-alive tcp-inactivity-timeout
Represents the frequency with which TCP keep-alive packets are generated and should be shorter than the external NAT's TCP timeout settings.
Usage
configure authority router node device-interface network-interface adjacency nat-keep-alive tcp-inactivity-timeout [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 1800
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router node device-interface network-interface adjacency nat-keep-alive udp-inactivity-timeout
Represents the frequency with which UDP keep-alive packets are generated and should be shorter than the external NAT's UDP timeout settings.
Usage
configure authority router node device-interface network-interface adjacency nat-keep-alive udp-inactivity-timeout [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 30
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router node device-interface network-interface adjacency packet-resiliency
Enable/disable packet-resiliency per path.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Whether packet resiliency is enabled on this path. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'packet-resiliency' |
configure authority router node device-interface network-interface adjacency packet-resiliency enabled
Whether packet resiliency is enabled on this path.
Usage
configure authority router node device-interface network-interface adjacency packet-resiliency enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface adjacency path-metrics-rolling-avg-interval
This defines the rolling average interval used for computing various path metrics such as latency and loss.
Usage
configure authority router node device-interface network-interface adjacency path-metrics-rolling-avg-interval [<duration>]
Positional Arguments
name | description |
---|---|
duration | The value to set for this field |
Description
Default: 60s
duration (string)
A simple time duration. Valid units are s - seconds, m - minutes, h - hours, and d - days: 5s, 10m, 24h, 15d
Must be a duration with units of seconds, minutes, hours, or days. e.g. 5s, 10m, 23h, 5d
configure authority router node device-interface network-interface adjacency path-mtu-discovery
Automatic path MTU discovery for this adjacency.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Controls whether or not peer-path MTU discovery is performed |
interval | Represents the frequency with which the peer-path MTU discovery is performed. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'path-mtu-discovery' |
configure authority router node device-interface network-interface adjacency path-mtu-discovery enabled
Controls whether or not peer-path MTU discovery is performed
Usage
configure authority router node device-interface network-interface adjacency path-mtu-discovery enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface adjacency path-mtu-discovery interval
Represents the frequency with which the peer-path MTU discovery is performed.
Usage
configure authority router node device-interface network-interface adjacency path-mtu-discovery interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 600
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router node device-interface network-interface adjacency payload-encryption-override
Transport based encryption override for payload setting for the adjacency.
Usage
configure authority router node device-interface network-interface adjacency payload-encryption-override [<payload-encryption-override>]
Positional Arguments
name | description |
---|---|
payload-encryption-override | The value to set for this field |
Description
Default: disable-override
payload-encryption-override (enumeration)
Payload encryption override setting.
Options:
- enable-encryption: Enable encryption of payload even when the security-policy associated with the service has encrypt=false. If the payload is already encrypted by another SSR, send it out as is.
- disable-override: Disable override of the security policy and use the security policy settings associated with the service.
configure authority router node device-interface network-interface adjacency peer
Peer router to which this waypoint address belongs.
Usage
configure authority router node device-interface network-interface adjacency peer [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router node device-interface network-interface adjacency peer-connectivity
Whether the peer router is publicly reachable, or behind a firewall/NAT.
Usage
configure authority router node device-interface network-interface adjacency peer-connectivity [<peer-connectivity>]
Positional Arguments
name | description |
---|---|
peer-connectivity | The value to set for this field |
Description
Default: bidirectional
peer-connectivity (enumeration)
The IP-layer connectivity behavior.
Options:
- bidirectional: Publicly reachable (i.e., not behind a firewall/NAT).
- outbound-only: Not publicly reachable (i.e., behind a firewall/NAT).
configure authority router node device-interface network-interface adjacency performance-monitoring
Performance Monitoring settings for this adjacency.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Whether performance monitoring is enabled. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
profile | The name of the performance monitoring profile used for marking traffic. |
show | Show configuration data for 'performance-monitoring' |
configure authority router node device-interface network-interface adjacency performance-monitoring enabled
Whether performance monitoring is enabled.
Usage
configure authority router node device-interface network-interface adjacency performance-monitoring enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface adjacency performance-monitoring profile
The name of the performance monitoring profile used for marking traffic.
Usage
configure authority router node device-interface network-interface adjacency performance-monitoring profile [<performance-monitoring-profile-ref>]
Positional Arguments
name | description |
---|---|
performance-monitoring-profile-ref | The value to set for this field |
Description
performance-monitoring-profile-ref (leafref)
This type is used by other entities that need to reference configured performance monitoring profiles.
configure authority router node device-interface network-interface adjacency port-range
Range of destination ports that peer router is reachable at
Usage
configure authority router node device-interface network-interface adjacency port-range <start-port>
Positional Arguments
name | description |
---|---|
start-port | Lower transport (layer 4) port number. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
end-port | Upper transport (layer 4) port number. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'port-range' |
start-port | Lower transport (layer 4) port number. |
configure authority router node device-interface network-interface adjacency port-range end-port
Upper transport (layer 4) port number.
Usage
configure authority router node device-interface network-interface adjacency port-range end-port [<end-port>]
Positional Arguments
name | description |
---|---|
end-port | The value to set for this field |
Description
end-port (uint16)
Upper transport (layer 4) port number. Default value is the start-port
Range: 1025-65535
configure authority router node device-interface network-interface adjacency port-range start-port
Lower transport (layer 4) port number.
Usage
configure authority router node device-interface network-interface adjacency port-range start-port [<l4-port>]
Positional Arguments
name | description |
---|---|
l4-port | The value to set for this field |
Description
l4-port (uint16)
Transport (layer 4) port number.
Range: 1025-65535
configure authority router node device-interface network-interface adjacency post-encryption-padding
Whether to add a padding byte with value of 0x0 at the end of the packet payload when encryption is enabled for this adjacency.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
mode | Configure Mode |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'post-encryption-padding' |
configure authority router node device-interface network-interface adjacency post-encryption-padding mode
Configure Mode
Usage
configure authority router node device-interface network-interface adjacency post-encryption-padding mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: disabled
enumeration
A value from a set of predefined names.
Options:
- disabled: Do not add additional padding.
- enabled: Add one byte of padding to the end of the packet.
configure authority router node device-interface network-interface adjacency qp-value
Quality points value that represents the 'quality' of the the link to the adjacent router. Used for selecting egress interface based on the service class required minimum quality points.
Usage
configure authority router node device-interface network-interface adjacency qp-value [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 0
uint32
An unsigned 32-bit integer.
configure authority router node device-interface network-interface adjacency session-optimization
Configure Session Optimization
Subcommands
command | description |
---|---|
delete | Delete configuration data |
mode | Configure Mode |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'session-optimization' |
configure authority router node device-interface network-interface adjacency session-optimization mode
Configure Mode
Usage
configure authority router node device-interface network-interface adjacency session-optimization mode [<session-optimization-mode>]
Positional Arguments
name | description |
---|---|
session-optimization-mode | The value to set for this field |
Description
session-optimization-mode (enumeration)
When to apply session optimization. Auto is recommended.
Options:
- never-on: Never optimize TCP traffic.
- auto: Automatically determine if TCP optimization is required.
configure authority router node device-interface network-interface adjacency source-nat-address
The source nat IP address or prefixes for packets received on the interface.
Usage
configure authority router node device-interface network-interface adjacency source-nat-address [<ip-prefix>]
Positional Arguments
name | description |
---|---|
ip-prefix | Value to add to this list |
Description
source-nat-address
is deprecated and will be removed in a future software version
ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement
Update frequency and timeliness of the STEP peer path advertisement for this adjacency.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'step-peer-path-advertisement' |
sla-metrics | Configure Sla Metrics |
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics
Configure Sla Metrics
Subcommands
command | description |
---|---|
clone | Clone a list item |
decrease-report-delay | Specifies mappings of peer path SLA metrics decrease to STEP reporting delay. In combination, these mappings define a piecewise linear mapping function. |
delete | Delete configuration data |
increase-report-delay | Specifies mappings of peer path SLA metrics increase to STEP reporting delay. In combination, these mappings define a piecewise linear mapping function. |
moving-average-sample-size | Sample size for calculating the weighted moving average of peer path SLA metrics to be advertised into STEP. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'sla-metrics' |
significance-threshold | Thresholds for peer path SLA metrics. Values above the threshold are considered significant enough to be advertised into STEP. |
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics decrease-report-delay
Specifies mappings of peer path SLA metrics decrease to STEP reporting delay. In combination, these mappings define a piecewise linear mapping function.
Usage
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics decrease-report-delay <percentage>
Positional Arguments
name | description |
---|---|
percentage | Largest percentage decrease seen among all of the metric values. |
Subcommands
command | description |
---|---|
delay | Reporting delay for the given percentage decrease. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
percentage | Largest percentage decrease seen among all of the metric values. |
show | Show configuration data for 'decrease-report-delay' |
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics decrease-report-delay delay
Reporting delay for the given percentage decrease.
Usage
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics decrease-report-delay delay [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
uint32 (required)
An unsigned 32-bit integer.
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics decrease-report-delay percentage
Largest percentage decrease seen among all of the metric values.
Usage
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics decrease-report-delay percentage [<percentage>]
Positional Arguments
name | description |
---|---|
percentage | The value to set for this field |
Description
Units: percent
percentage (uint8)
Integer indicating a percentage value
Range: 0-100
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics increase-report-delay
Specifies mappings of peer path SLA metrics increase to STEP reporting delay. In combination, these mappings define a piecewise linear mapping function.
Usage
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics increase-report-delay <percentage>
Positional Arguments
name | description |
---|---|
percentage | Largest percentage increase seen among all of the metric values. |
Subcommands
command | description |
---|---|
delay | Reporting delay for the given percentage increase. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
percentage | Largest percentage increase seen among all of the metric values. |
show | Show configuration data for 'increase-report-delay' |
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics increase-report-delay delay
Reporting delay for the given percentage increase.
Usage
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics increase-report-delay delay [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
uint32 (required)
An unsigned 32-bit integer.
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics increase-report-delay percentage
Largest percentage increase seen among all of the metric values.
Usage
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics increase-report-delay percentage [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: percent
uint16
An unsigned 16-bit integer.
Range: 0-65535
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics moving-average-sample-size
Sample size for calculating the weighted moving average of peer path SLA metrics to be advertised into STEP.
Usage
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics moving-average-sample-size [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Default: 3
uint16
An unsigned 16-bit integer.
Range: 1-10000
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics significance-threshold
Thresholds for peer path SLA metrics. Values above the threshold are considered significant enough to be advertised into STEP.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
min-jitter | The threshold jitter value considered significant enough for advertising into STEP. |
min-latency | The threshold latency value considered significant enough for advertising into STEP. |
min-loss | The threshold of packet loss considered significant enough for advertising into STEP. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'significance-threshold' |
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics significance-threshold min-jitter
The threshold jitter value considered significant enough for advertising into STEP.
Usage
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics significance-threshold min-jitter [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 2
uint32
An unsigned 32-bit integer.
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics significance-threshold min-latency
The threshold latency value considered significant enough for advertising into STEP.
Usage
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics significance-threshold min-latency [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 5
uint32
An unsigned 32-bit integer.
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics significance-threshold min-loss
The threshold of packet loss considered significant enough for advertising into STEP.
Usage
configure authority router node device-interface network-interface adjacency step-peer-path-advertisement sla-metrics significance-threshold min-loss [<decimal64>]
Positional Arguments
name | description |
---|---|
decimal64 | The value to set for this field |
Description
Units: percent
Default: 0.1
decimal64
A 64-bit decimal value.
Range: 0-100 Fraction digits: 16
configure authority router node device-interface network-interface adjacency traffic-engineering
Configure Traffic Engineering
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Whether traffic engineering is enabled on the adjacency. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'traffic-engineering' |
traffic-profile | The name of the traffic profile used for traffic engineering on this adjacency |
transmit-cap | The transmit capacity of the this adjacency. |
configure authority router node device-interface network-interface adjacency traffic-engineering enabled
Whether traffic engineering is enabled on the adjacency.
Usage
configure authority router node device-interface network-interface adjacency traffic-engineering enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface adjacency traffic-engineering traffic-profile
The name of the traffic profile used for traffic engineering on this adjacency
Usage
configure authority router node device-interface network-interface adjacency traffic-engineering traffic-profile [<traffic-profile-ref>]
Positional Arguments
name | description |
---|---|
traffic-profile-ref | The value to set for this field |
Description
traffic-profile-ref (leafref)
This type is used by other entities that need to reference configured traffic profiles.
configure authority router node device-interface network-interface adjacency traffic-engineering transmit-cap
The transmit capacity of the this adjacency.
Usage
configure authority router node device-interface network-interface adjacency traffic-engineering transmit-cap [<uint64>]
Positional Arguments
name | description |
---|---|
uint64 | The value to set for this field |
Description
Units: bits/second
uint64
An unsigned 64-bit integer.
Range: 0-999999999999
configure authority router node device-interface network-interface adjacency ttl-padding
Whether to perform TTL Padding on routers for this adjacency
Usage
configure authority router node device-interface network-interface adjacency ttl-padding [<ttl-padding-type>]
Positional Arguments
name | description |
---|---|
ttl-padding-type | The value to set for this field |
Description
Default: disabled
ttl-padding-type (union)
A value that corresponds to one of its member types.
Must be one of the following types:
(0) uint8
An unsigned 8-bit integer.
Range: 0-255
(1) enumeration
A value from a set of predefined names.
Options:
- auto: Automatically determine TTL padding.
- disabled: Do not pad TTL.
configure authority router node device-interface network-interface adjacency udp-transform
UDP transform settings for interoperating with stateful TCP firewalls for the adjacency.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
detect-interval | Represents the frequency with which the stateful TCP firewall discovery is performed. |
mode | Configure Mode |
nat-keep-alive-mode | Configure Nat Keep Alive Mode |
nat-keep-alive-timeout | Represents the frequency with which keep-alive packets are generated. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'udp-transform' |
configure authority router node device-interface network-interface adjacency udp-transform detect-interval
Represents the frequency with which the stateful TCP firewall discovery is performed.
Usage
configure authority router node device-interface network-interface adjacency udp-transform detect-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 300
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router node device-interface network-interface adjacency udp-transform mode
Configure Mode
Usage
configure authority router node device-interface network-interface adjacency udp-transform mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: auto-detect
enumeration
A value from a set of predefined names.
Options:
- auto-detect: Detect if TCP to UDP transform is required. Special TCP packets are sent to the peer at the specified interval. If these packets are not returned, transformation is required.
- always-transform: Force UDP transform for all TCP traffic to the peer. TCP detection packets are never sent in this mode.
configure authority router node device-interface network-interface adjacency udp-transform nat-keep-alive-mode
Configure Nat Keep Alive Mode
Usage
configure authority router node device-interface network-interface adjacency udp-transform nat-keep-alive-mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: disabled
enumeration
A value from a set of predefined names.
Options:
- disabled: Do not send keep-alive packets to keep UDP sessions active during UDP transform.
- enabled: Inject keep-alive packets to keep UDP sessions active during UDP transform.
configure authority router node device-interface network-interface adjacency udp-transform nat-keep-alive-timeout
Represents the frequency with which keep-alive packets are generated.
Usage
configure authority router node device-interface network-interface adjacency udp-transform nat-keep-alive-timeout [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 30
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router node device-interface network-interface adjacency vector
Vector names for path selection.
Usage
configure authority router node device-interface network-interface adjacency vector [<vector-name>]
Positional Arguments
name | description |
---|---|
vector-name | Value to add to this list |
Description
vector-name (string)
A text value.
Must contain only alphanumeric characters or any of the following: . _ - Length: 0-63
configure authority router node device-interface network-interface bidirectional-nat
Defines the prefixes that need to be static natted in both directions.
Usage
configure authority router node device-interface network-interface bidirectional-nat <local-ip>
Positional Arguments
name | description |
---|---|
local-ip | For packets ingressing this interface, local IP will be source natted to remote IP. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
local-ip | For packets ingressing this interface, local IP will be source natted to remote IP. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
remote-ip | For packets egressing this interface, the remote IP will be destination natted to local IP. |
show | Show configuration data for 'bidirectional-nat' |
configure authority router node device-interface network-interface bidirectional-nat local-ip
For packets ingressing this interface, local IP will be source natted to remote IP.
Usage
configure authority router node device-interface network-interface bidirectional-nat local-ip [<ip-prefix>]
Positional Arguments
name | description |
---|---|
ip-prefix | The value to set for this field |
Description
ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority router node device-interface network-interface bidirectional-nat remote-ip
For packets egressing this interface, the remote IP will be destination natted to local IP.
Usage
configure authority router node device-interface network-interface bidirectional-nat remote-ip [<ip-prefix>]
Positional Arguments
name | description |
---|---|
ip-prefix | The value to set for this field |
Description
ip-prefix (union) (required)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string) (required)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string) (required)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority router node device-interface network-interface billing-rate
Numeric rate of currency associated with the interface. When the billing-rate is flat the field indicated rate per day. When the billing-rate is metered the field indicates rate per byte.
Usage
configure authority router node device-interface network-interface billing-rate [<decimal64>]
Positional Arguments
name | description |
---|---|
decimal64 | The value to set for this field |
Description
decimal64
A 64-bit decimal value.
Fraction digits: 2
configure authority router node device-interface network-interface billing-type
Billing type associated with the interface.
Usage
configure authority router node device-interface network-interface billing-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: none
enumeration
A value from a set of predefined names.
Options:
- none: No billing is associated with this interface.
- flat: Flat billing. Is charged flat amount of currency per period of time.
- metered: Metered billing. Is charged based on the data usage.
configure authority router node device-interface network-interface carrier
Carrier associated with the interface.
Usage
configure authority router node device-interface network-interface carrier [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface conductor
Whether the interface is used for communicating with the conductor.
Usage
configure authority router node device-interface network-interface conductor [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface default-route
Whether the interface is used as default-route for non-forwarding interfaces.
Usage
configure authority router node device-interface network-interface default-route [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface description
A description about the interface.
Usage
configure authority router node device-interface network-interface description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface dhcp
Whether this interface acquires IP address and other parameter via DHCP
Usage
configure authority router node device-interface network-interface dhcp [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: disabled
enumeration
A value from a set of predefined names.
Options:
- disabled: DHCP is disabled.
- v4: Only DHCPv4 is enabled.
- v6: Only DHCPv6 is enabled.
- v6-pd: Only DHCPv6 Prefix Delegation is enabled and the address is derived from the subnet-id and the prefix associated with the prefix-delegation-group.
configure authority router node device-interface network-interface dhcp-delayed-auth-key
The key used to generate the HMAC-MD5 value.
Usage
configure authority router node device-interface network-interface dhcp-delayed-auth-key [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface dhcp-delayed-auth-key-id
The key identifier that identifies the key used to generate the HMAC-MD5 value.
Usage
configure authority router node device-interface network-interface dhcp-delayed-auth-key-id [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32
An unsigned 32-bit integer.
configure authority router node device-interface network-interface dhcp-delayed-auth-realm
The DHCP realm that identifies the key used to generate the HMAC-MD5 value.
Usage
configure authority router node device-interface network-interface dhcp-delayed-auth-realm [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface dhcp-reconfig-auth-algorithm
The algorithm used by the Reconfigure Key authentication protocol to authenticate prefix-delegation messages.
Usage
configure authority router node device-interface network-interface dhcp-reconfig-auth-algorithm [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: hmac-md5
enumeration
A value from a set of predefined names.
Options:
- hmac-md5: HMAC-MD5 is used to authenticate prefix-delegation messages.
- hmac-sha1: HMAC-SHA1 is used to authenticate prefix-delegation messages.
- hmac-sha256: HMAC-SHA256 is used to authenticate prefix-delegation messages.
configure authority router node device-interface network-interface dscp-map
Mapping of DSCP values to priorities.
Usage
configure authority router node device-interface network-interface dscp-map [<dscp-map-ref>]
Positional Arguments
name | description |
---|---|
dscp-map-ref | The value to set for this field |
Description
dscp-map-ref (leafref)
This type is used by other entities that need to reference configured DSCP maps.
configure authority router node device-interface network-interface dscp-steering
Configure Dscp Steering
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Whether or not traffic on this interface should use DSCP values for flow and service lookups. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'dscp-steering' |
transport | Protocol and port(s) on which to enable dscp-steering. |
configure authority router node device-interface network-interface dscp-steering enabled
Whether or not traffic on this interface should use DSCP values for flow and service lookups.
Usage
configure authority router node device-interface network-interface dscp-steering enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface dscp-steering transport
Protocol and port(s) on which to enable dscp-steering.
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
port-range | Configure Port Range |
protocol | Layer 4 transport protocol. |
show | Show configuration data for 'transport' |
configure authority router node device-interface network-interface dscp-steering transport port-range
Configure Port Range
Usage
configure authority router node device-interface network-interface dscp-steering transport port-range <start-port>
Positional Arguments
name | description |
---|---|
start-port | Lower transport (layer 4) port number. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
end-port | Upper transport (layer 4) port number. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'port-range' |
start-port | Lower transport (layer 4) port number. |
configure authority router node device-interface network-interface dscp-steering transport port-range end-port
Upper transport (layer 4) port number.
Usage
configure authority router node device-interface network-interface dscp-steering transport port-range end-port [<end-port>]
Positional Arguments
name | description |
---|---|
end-port | The value to set for this field |
Description
end-port (uint16)
Upper transport (layer 4) port number. Default value is the start-port
Range: 0-65535
configure authority router node device-interface network-interface dscp-steering transport port-range start-port
Lower transport (layer 4) port number.
Usage
configure authority router node device-interface network-interface dscp-steering transport port-range start-port [<l4-port>]
Positional Arguments
name | description |
---|---|
l4-port | The value to set for this field |
Description
l4-port (uint16) (required)
Transport (layer 4) port number.
Range: 0-65535
configure authority router node device-interface network-interface dscp-steering transport protocol
Layer 4 transport protocol.
Usage
configure authority router node device-interface network-interface dscp-steering transport protocol [<protocol>]
Positional Arguments
name | description |
---|---|
protocol | The value to set for this field |
Description
protocol (enumeration)
Transport (Layer 4) protocol.
Options:
- tcp: Transmission Control Protocol.
- udp: User Datagram Protocol.
- icmp: Internet Control Management Protocol.
- gre: Generic Routing Encapsulation Protocol.
- esp: IPSec Encapsulating Security Payload Protocol.
- pim: Protocol Independent Multicast.
configure authority router node device-interface network-interface dynamic-source-nat
Defines the prefixes that need to be dynamically source natted for packets ingressing this interface.
Usage
configure authority router node device-interface network-interface dynamic-source-nat <local-ip>
Positional Arguments
name | description |
---|---|
local-ip | For packets ingressing this interface, the IP which will be source natted to remote-ip IP. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
local-ip | For packets ingressing this interface, the IP which will be source natted to remote-ip IP. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
remote-ip | For packets ingressing this interface, the IP to which the local-ip IP will be source natted. |
show | Show configuration data for 'dynamic-source-nat' |
configure authority router node device-interface network-interface dynamic-source-nat local-ip
For packets ingressing this interface, the IP which will be source natted to remote-ip IP.
Usage
configure authority router node device-interface network-interface dynamic-source-nat local-ip [<ip-prefix>]
Positional Arguments
name | description |
---|---|
ip-prefix | The value to set for this field |
Description
ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority router node device-interface network-interface dynamic-source-nat remote-ip
For packets ingressing this interface, the IP to which the local-ip IP will be source natted.
Usage
configure authority router node device-interface network-interface dynamic-source-nat remote-ip [<ip-prefix>]
Positional Arguments
name | description |
---|---|
ip-prefix | The value to set for this field |
Description
ip-prefix (union) (required)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string) (required)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string) (required)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority router node device-interface network-interface egress-source-nat-pool
Indicates whether source address and port translation (NAPT) is performed for flows egressing the interface to the final destination.
Usage
configure authority router node device-interface network-interface egress-source-nat-pool [<nat-pool-ref>]
Positional Arguments
name | description |
---|---|
nat-pool-ref | The value to set for this field |
Description
nat-pool-ref (leafref)
This type is used by other entities that need to reference configured NAT pools.
configure authority router node device-interface network-interface enforced-mss
Maximum allowed value for maximum segment size (MSS) on this interface.
Usage
configure authority router node device-interface network-interface enforced-mss [<union>]
Positional Arguments
name | description |
---|---|
union | The value to set for this field |
Description
Units: bytes
Default: disabled
union
A value that corresponds to one of its member types.
Must be one of the following types:
(0) uint16
An unsigned 16-bit integer.
Range: 64-8960
(1) enumeration
A value from a set of predefined names.
Options:
- automatic: Automatically adjust MSS according to egress path
- disabled: Do not force MSS
configure authority router node device-interface network-interface ethernet-over-svr
L2 Bridge this network interface is assigned to.
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
enabled | Whether the interface is used as ethernet over SVR bridge. |
encapsulate-all-traffic | Whether all traffic arriving on the bridge should be encapsulated. |
name | Name of the L2 over SVR bridge. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
peer | A list of peer IPs representing the L2 adjacencies. |
show | Show configuration data for 'ethernet-over-svr' |
configure authority router node device-interface network-interface ethernet-over-svr enabled
Whether the interface is used as ethernet over SVR bridge.
Usage
configure authority router node device-interface network-interface ethernet-over-svr enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface ethernet-over-svr encapsulate-all-traffic
Whether all traffic arriving on the bridge should be encapsulated.
Usage
configure authority router node device-interface network-interface ethernet-over-svr encapsulate-all-traffic [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface ethernet-over-svr name
Name of the L2 over SVR bridge.
Usage
configure authority router node device-interface network-interface ethernet-over-svr name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface ethernet-over-svr peer
A list of peer IPs representing the L2 adjacencies.
Usage
configure authority router node device-interface network-interface ethernet-over-svr peer <ip-address> <peer>
Positional Arguments
name | description |
---|---|
ip-address | The IP address or hostname of the LAN segment of peer router which is associated with the same eosvr-bridge name. |
peer | Peer router on which this L2 adjacency exists. |
Subcommands
command | description |
---|---|
ip-address | The IP address or hostname of the LAN segment of peer router which is associated with the same eosvr-bridge name. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
peer | Peer router on which this L2 adjacency exists. |
show | Show configuration data for 'peer' |
configure authority router node device-interface network-interface ethernet-over-svr peer ip-address
The IP address or hostname of the LAN segment of peer router which is associated with the same eosvr-bridge name.
Usage
configure authority router node device-interface network-interface ethernet-over-svr peer ip-address [<host>]
Positional Arguments
name | description |
---|---|
host | The value to set for this field |
Description
host (union)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(2) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router node device-interface network-interface ethernet-over-svr peer peer
Peer router on which this L2 adjacency exists.
Usage
configure authority router node device-interface network-interface ethernet-over-svr peer peer [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router node device-interface network-interface filter-rule
A rule for dropping packets.
Usage
configure authority router node device-interface network-interface filter-rule <name>
Positional Arguments
name | description |
---|---|
name | A unique name to identify this rule. |
Subcommands
command | description |
---|---|
action | Action to be taken when a packet matches the filter rule. |
bpf | Berkeley Packet Filter to be applied as a rule |
delete | Delete configuration data |
name | A unique name to identify this rule. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'filter-rule' |
Description
The order of elements matters.
configure authority router node device-interface network-interface filter-rule action
Action to be taken when a packet matches the filter rule.
Usage
configure authority router node device-interface network-interface filter-rule action [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: deny
enumeration
A value from a set of predefined names.
Options:
- deny: Deny packets matching the filter rule.
- permit: Permit packets matching the filter rule. No further rules will run.
configure authority router node device-interface network-interface filter-rule bpf
Berkeley Packet Filter to be applied as a rule
Usage
configure authority router node device-interface network-interface filter-rule bpf [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface filter-rule name
A unique name to identify this rule.
Usage
configure authority router node device-interface network-interface filter-rule name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router node device-interface network-interface global-id
Global Interface Id (GIID) used in next-hop egress interface for routing data. All instances of a redundant interface will have the same GIID.
Usage
configure authority router node device-interface network-interface global-id [<global-interface-id>]
Positional Arguments
name | description |
---|---|
global-interface-id | The value to set for this field |
Description
global-interface-id (uint32)
A global interface identifier which is a virtual interface across an entire SSR. This can be a single network interface or a set of network interfaces in interface redundancy.
Range: 1-4294967295
configure authority router node device-interface network-interface host-service
The host-service configuration is a service hosted by a router node.
Usage
configure authority router node device-interface network-interface host-service <service-type>
Positional Arguments
name | description |
---|---|
service-type | The type of hosted service |
Subcommands
command | description |
---|---|
access-policy | List of access policies by address prefix, QSN or tenant and prefix. |
clone | Clone a list item |
delete | Delete configuration data |
description | A description about the hosted service. |
enabled | Enable/disable for host services |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
service-type | The type of hosted service |
show | Show configuration data for 'host-service' |
transport | The transport protocol(s) and port(s) for the service. |
configure authority router node device-interface network-interface host-service access-policy
List of access policies by address prefix, QSN or tenant and prefix.
Usage
configure authority router node device-interface network-interface host-service access-policy <source>
Positional Arguments
name | description |
---|---|
source | The source QSN or address(es) to which the policy applies. For a QSN, this may be a tenant, service-group, or service, or a combination there of. The following forms are valid: tenant tenant/service-group/ tenant/service-group/service tenant/service /service-group/ /service-group/service /service |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
permission | Whether or not to allow access to the service. |
show | Show configuration data for 'access-policy' |
source | The source QSN or address(es) to which the policy applies. For a QSN, this may be a tenant, service-group, or service, or a combination there of. The following forms are valid: tenant tenant/service-group/ tenant/service-group/service tenant/service /service-group/ /service-group/service /service |
configure authority router node device-interface network-interface host-service access-policy permission
Whether or not to allow access to the service.
Usage
configure authority router node device-interface network-interface host-service access-policy permission [<access-mode>]
Positional Arguments
name | description |
---|---|
access-mode | The value to set for this field |
Description
Default: allow
access-mode (enumeration)
Enumeration defining whether access is allowed or denied.
Options:
- allow: Allow access.
- deny: Deny access.
configure authority router node device-interface network-interface host-service access-policy source
The source QSN or address(es) to which the policy applies. For a QSN, this may be a tenant, service-group, or service, or a combination there of. The following forms are valid: tenant tenant/service-group/ tenant/service-group/service tenant/service /service-group/ /service-group/service /service
Usage
configure authority router node device-interface network-interface host-service access-policy source [<source-spec>]
Positional Arguments
name | description |
---|---|
source-spec | The value to set for this field |
Description
source-spec (union)
A source address prefix, QSN, service-group or combination of tenant-name and prefix.
Must be one of the following types:
(0) ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
(2) qsn (string)
Qualified Service Name in the form: tenant[.authority][/[service-group/]service]
Must contain only alphanumeric characters or any of the following: / . _ - Required format: 'Tenant[.Authority[/ServiceGroup[/Service]]]'. No forward slash-delimited segment can exceed 62 characters.(e.g., Engineering.Authority128/Video/private_conferencing). Length: 1-1024
(3) service-spec (string)
Service group and service name portion of a Qualified Service Name.
Must contain only alphanumeric characters or any of the following: - _ / . Required format: '/groupLabel1[/groupLabel2[/groupLabel3...]]'. No forward slash-delimited segment can exceed 62 characters. Length: 0-127
(4) tenant-prefix (string)
A string identifier for a tenant prefix. Consists of a valid tenant name, followed by @ and a valid IP Address.
Must contain a valid tenant name, followed by @ and a valid IP Address. Length: 0-280
configure authority router node device-interface network-interface host-service description
A description about the hosted service.
Usage
configure authority router node device-interface network-interface host-service description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface host-service enabled
Enable/disable for host services
Usage
configure authority router node device-interface network-interface host-service enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface host-service service-type
The type of hosted service
Usage
configure authority router node device-interface network-interface host-service service-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
enumeration
A value from a set of predefined names.
Options:
- ssh: SSH Hosted service.
- netconf: Netconf service.
- web: Web service.
- dhcp-server: DHCP server service.
- snmp-server: Access SNMP server through this interface
- custom: Custom service.
configure authority router node device-interface network-interface host-service transport
The transport protocol(s) and port(s) for the service.
Usage
configure authority router node device-interface network-interface host-service transport <protocol>
Positional Arguments
name | description |
---|---|
protocol | Layer 4 transport protocol. |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
port-range | Configure Port Range |
protocol | Layer 4 transport protocol. |
show | Show configuration data for 'transport' |
configure authority router node device-interface network-interface host-service transport port-range
Configure Port Range
Usage
configure authority router node device-interface network-interface host-service transport port-range <start-port>
Positional Arguments
name | description |
---|---|
start-port | Lower transport (layer 4) port number. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
end-port | Upper transport (layer 4) port number. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'port-range' |
start-port | Lower transport (layer 4) port number. |
configure authority router node device-interface network-interface host-service transport port-range end-port
Upper transport (layer 4) port number.
Usage
configure authority router node device-interface network-interface host-service transport port-range end-port [<end-port>]
Positional Arguments
name | description |
---|---|
end-port | The value to set for this field |
Description
end-port (uint16)
Upper transport (layer 4) port number. Default value is the start-port
Range: 0-65535
configure authority router node device-interface network-interface host-service transport port-range start-port
Lower transport (layer 4) port number.
Usage
configure authority router node device-interface network-interface host-service transport port-range start-port [<l4-port>]
Positional Arguments
name | description |
---|---|
l4-port | The value to set for this field |
Description
l4-port (uint16) (required)
Transport (layer 4) port number.
Range: 0-65535
configure authority router node device-interface network-interface host-service transport protocol
Layer 4 transport protocol.
Usage
configure authority router node device-interface network-interface host-service transport protocol [<protocol>]
Positional Arguments
name | description |
---|---|
protocol | The value to set for this field |
Description
protocol (enumeration)
Transport (Layer 4) protocol.
Options:
- tcp: Transmission Control Protocol.
- udp: User Datagram Protocol.
- icmp: Internet Control Management Protocol.
- gre: Generic Routing Encapsulation Protocol.
- esp: IPSec Encapsulating Security Payload Protocol.
- pim: Protocol Independent Multicast.
configure authority router node device-interface network-interface hostname
Hostname for the interface. This is an optional fully-qualified domain name (FQDN).
Usage
configure authority router node device-interface network-interface hostname [<domain-name>]
Positional Arguments
name | description |
---|---|
domain-name | The value to set for this field |
Description
domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router node device-interface network-interface icmp
Enable/disable ICMP Blackhole
Usage
configure authority router node device-interface network-interface icmp [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: allow
enumeration
A value from a set of predefined names.
Options:
- drop: Neither respond to ICMP requests nor generate ICMP errors to/from IPs on this interface
- allow: Respond to ICMP requests and generate ICMP errors to/from IPs on this interface
configure authority router node device-interface network-interface ifcfg-option
Interface config options for non-forwarding interfaces
Usage
configure authority router node device-interface network-interface ifcfg-option <name>
Positional Arguments
name | description |
---|---|
name | Name of the ifcfg option |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
name | Name of the ifcfg option |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'ifcfg-option' |
value | Value of the ifcfg options |
configure authority router node device-interface network-interface ifcfg-option name
Name of the ifcfg option
Usage
configure authority router node device-interface network-interface ifcfg-option name [<ifcfg-key>]
Positional Arguments
name | description |
---|---|
ifcfg-key | The value to set for this field |
Description
ifcfg-key (string)
A string representing an allowable ifcfg script option key
Must contain only capital alphanumeric characters or any of the following: _
configure authority router node device-interface network-interface ifcfg-option value
Value of the ifcfg options
Usage
configure authority router node device-interface network-interface ifcfg-option value [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string (required)
A text value.
configure authority router node device-interface network-interface ingress-source-nat-pool
Indicates whether source address (and optional port) translation is performed for flows targetted towards an inter-router peer. In this case, the nat will be applied on the ingress router as opposed to the final egress router.
Usage
configure authority router node device-interface network-interface ingress-source-nat-pool [<nat-pool-ref>]
Positional Arguments
name | description |
---|---|
nat-pool-ref | The value to set for this field |
Description
nat-pool-ref (leafref)
This type is used by other entities that need to reference configured NAT pools.
configure authority router node device-interface network-interface inter-router-security
The name of the security policy used for inbound inter-router traffic.
Usage
configure authority router node device-interface network-interface inter-router-security [<security-ref>]
Positional Arguments
name | description |
---|---|
security-ref | The value to set for this field |
Description
security-ref (leafref)
This type is used by other entities that need to reference configured security policies.
configure authority router node device-interface network-interface management
Allow management traffic to be sent over this interface
Usage
configure authority router node device-interface network-interface management [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface management-vector
Vector configuration for non-forwarding interfaces
Subcommands
command | description |
---|---|
delete | Delete configuration data |
name | Name of the vector. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
priority | Priority value for the paths with the vector. |
show | Show configuration data for 'management-vector' |
configure authority router node device-interface network-interface management-vector name
Name of the vector.
Usage
configure authority router node device-interface network-interface management-vector name [<vector-name>]
Positional Arguments
name | description |
---|---|
vector-name | The value to set for this field |
Description
vector-name (string)
A text value.
Must contain only alphanumeric characters or any of the following: . _ - Length: 0-63
configure authority router node device-interface network-interface management-vector priority
Priority value for the paths with the vector.
Usage
configure authority router node device-interface network-interface management-vector priority [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32
An unsigned 32-bit integer.
Range: 1-999999
configure authority router node device-interface network-interface mtu
The maximum transmission unit (MTU) for packets sent on the interface.
Usage
configure authority router node device-interface network-interface mtu [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 1500
uint32
An unsigned 32-bit integer.
Range: 68-9198
configure authority router node device-interface network-interface multicast-listeners
Enables the sending of IGMP and MLD queries on this interface.
Usage
configure authority router node device-interface network-interface multicast-listeners [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: automatic
enumeration
A value from a set of predefined names.
Options:
- disabled: Multicast listeners are disabled.
- automatic: Multicast listeners are enabled or disabled based on the presence of multicast services with tenant based access policies which match this interface's tenant.
- enabled: Multicast listeners are enabled.
configure authority router node device-interface network-interface multicast-report-proxy
Enables the forwarding of IGMP and MLD joins/leaves/reports to valid multicast services to this network interface. These must come from other network interfaces which allow multicast listeners.
Usage
configure authority router node device-interface network-interface multicast-report-proxy [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface name
An arbitrary, unique name for the interface, used to reference it in other configuration sections.
Usage
configure authority router node device-interface network-interface name [<interface-name>]
Positional Arguments
name | description |
---|---|
interface-name | The value to set for this field |
Description
interface-name (string)
A string identifier for network-interface which only uses alphanumerics, underscores, dashes, dots, or slashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - . Length: 0-63
configure authority router node device-interface network-interface neighbor
A list of mappings from IP addresses to physical addresses. Entries in this list are used as static entries in the ARP cache.
Usage
configure authority router node device-interface network-interface neighbor <ip-address>
Positional Arguments
name | description |
---|---|
ip-address | The IP address of a neighbor node. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
ip-address | The IP address of a neighbor node. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
phys-address | The physical level address (MAC address) of the neighbor node. |
show | Show configuration data for 'neighbor' |
configure authority router node device-interface network-interface neighbor ip-address
The IP address of a neighbor node.
Usage
configure authority router node device-interface network-interface neighbor ip-address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface neighbor phys-address
The physical level address (MAC address) of the neighbor node.
Usage
configure authority router node device-interface network-interface neighbor phys-address [<phys-address>]
Positional Arguments
name | description |
---|---|
phys-address | The value to set for this field |
Description
phys-address (string) (required)
Represents media- or physical-level addresses represented as a sequence octets, each octet represented by two hexadecimal numbers. Octets are separated by colons. The canonical representation uses lowercase characters.
In the value set and its semantics, this type is equivalent to the PhysAddress textual convention of the SMIv2.
Required format: 'XX:XX:XX:XX:XX:XX', where 'X' is a hexidecimal digit (e.g., 00:0a:95:9d:68:16). Length may vary from the example shown.
configure authority router node device-interface network-interface neighborhood
The neighborhoods to which this interface belongs.
Usage
configure authority router node device-interface network-interface neighborhood <name>
Positional Arguments
name | description |
---|---|
name | The neighborhood to which this interface belongs. |
Subcommands
command | description |
---|---|
bfd | BFD parameters for peers in the neighborhood. |
clone | Clone a list item |
delete | Delete configuration data |
encapsulate-icmp-error-messages | Encapsulate ICMP errors in UDP across SVR on routers within this neighborhood |
external-nat-address | This is the address or hostname that is seen by the adjacent router when it receives a packet from this router. |
max-way-points | Maximum number of way points to be allocated on each peer paths within the neighborhood. |
name | The neighborhood to which this interface belongs. |
nat-keep-alive | NAT keep-alive settings for interoperating with external NATs for peers in the neighborhood. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
packet-resiliency | Enable/disable packet-resiliency per path. |
path-metrics-rolling-avg-interval | This defines the rolling average interval used for computing various path metrics such as latency and loss. |
path-mtu-discovery | Automatic path MTU discovery for peers in the neighborhood. |
payload-encryption-override | Transport based encryption override for payload setting within the neighborhood. |
peer-connectivity | Whether the peer router is publicly reachable, or behind a firewall/NAT. |
peer-path-overlay | Overlay type for the neighborhood. |
performance-monitoring | Performance Monitoring settings in the neighborhood. |
port-range | Range of destination ports that local router is reachable by peer routers in the neighborhood. |
post-encryption-padding | Whether to add a padding byte with value of 0x0 at the end of the packet payload when encryption is enabled for peers in the neighborhood. |
qp-value | Quality points value that represents the 'quality' of the the links to adjacent routers in the neighborhood. Used for selecting egress interface based on the service class required minimum quality points. |
session-optimization | Configure Session Optimization |
show | Show configuration data for 'neighborhood' |
step-peer-path-advertisement | Update frequency and timeliness of the STEP peer path advertisements for this neighborhood. |
topology | Type of topology for this router in the network for the neighborhood. This determines the other routers in the neighborhood with which this router has an adjacency. |
traffic-engineering | Configure Traffic Engineering |
ttl-padding | Whether to perform TTL Padding on routers within this neighborhood |
udp-transform | UDP transform settings for interoperating with stateful TCP firewalls for peers in the neighborhood. |
vector | Vector name to associate with adjacencies in the neighborhood. |
Description
The order of elements matters.
configure authority router node device-interface network-interface neighborhood bfd
BFD parameters for peers in the neighborhood.
Subcommands
command | description |
---|---|
authentication-type | Describes the authentication type used in BFD packets |
delete | Delete configuration data |
desired-tx-interval | Represents the frequency with which BFD asynchronous control packets are sent to peer nodes/routers. |
dscp | The DSCP value to use with BFD packets. |
dynamic-damping | When enabled, extend the hold-down time if additional link flaps occur during the hold-down period. |
hold-down-time | Represents the hold-down time. If dynamic-damping is enabled, this is the initial hold-down time. |
link-test-interval | This represents the interval between BFD echo tests sent to the peer node/router. |
link-test-length | This is the number of packets sent during one test cycle. A value of 0 disables BFD echo tests. |
maximum-hold-down-time | Represents the maximum hold-down time of dynamic-damping exponential backoff. If the hold-down-time hits the maximum three times in a row, it will reset back to the original value. |
multiplier | Number of consecutive missed messages from a peer before deciding that the link between them is unusable. Valid range is (3,20). |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
required-min-rx-interval | Represents the minimum interval between BFD asynchronous control packets that this router is capable of supporting. |
show | Show configuration data for 'bfd' |
state | When enabled, run BFD between all nodes within the router. |
configure authority router node device-interface network-interface neighborhood bfd authentication-type
Describes the authentication type used in BFD packets
Usage
configure authority router node device-interface network-interface neighborhood bfd authentication-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: sha256
enumeration
A value from a set of predefined names.
Options:
- simple: Simple Password.
- sha256: SHA256
configure authority router node device-interface network-interface neighborhood bfd desired-tx-interval
Represents the frequency with which BFD asynchronous control packets are sent to peer nodes/routers.
Usage
configure authority router node device-interface network-interface neighborhood bfd desired-tx-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
uint32
An unsigned 32-bit integer.
Range: 50-600000
configure authority router node device-interface network-interface neighborhood bfd dscp
The DSCP value to use with BFD packets.
Usage
configure authority router node device-interface network-interface neighborhood bfd dscp [<dscp>]
Positional Arguments
name | description |
---|---|
dscp | The value to set for this field |
Description
Default: 0
dscp (uint8)
A DSCP value (0-63)
Range: 0-63
configure authority router node device-interface network-interface neighborhood bfd dynamic-damping
When enabled, extend the hold-down time if additional link flaps occur during the hold-down period.
Usage
configure authority router node device-interface network-interface neighborhood bfd dynamic-damping [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: disabled
enumeration
A value from a set of predefined names.
Options:
- enabled: Extend hold-down time exponentially if link flaps occur during hold-down time.
- disabled: Use simple hold-down timer for every link up event.
configure authority router node device-interface network-interface neighborhood bfd hold-down-time
Represents the hold-down time. If dynamic-damping is enabled, this is the initial hold-down time.
Usage
configure authority router node device-interface network-interface neighborhood bfd hold-down-time [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 5
uint32
An unsigned 32-bit integer.
Range: 1-300
configure authority router node device-interface network-interface neighborhood bfd link-test-interval
This represents the interval between BFD echo tests sent to the peer node/router.
Usage
configure authority router node device-interface network-interface neighborhood bfd link-test-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 10
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router node device-interface network-interface neighborhood bfd link-test-length
This is the number of packets sent during one test cycle. A value of 0 disables BFD echo tests.
Usage
configure authority router node device-interface network-interface neighborhood bfd link-test-length [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Units: packets
Default: 10
uint8
An unsigned 8-bit integer.
Range: 0-255
configure authority router node device-interface network-interface neighborhood bfd maximum-hold-down-time
Represents the maximum hold-down time of dynamic-damping exponential backoff. If the hold-down-time hits the maximum three times in a row, it will reset back to the original value.
Usage
configure authority router node device-interface network-interface neighborhood bfd maximum-hold-down-time [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 3600
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router node device-interface network-interface neighborhood bfd multiplier
Number of consecutive missed messages from a peer before deciding that the link between them is unusable. Valid range is (3,20).
Usage
configure authority router node device-interface network-interface neighborhood bfd multiplier [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 3
uint8
An unsigned 8-bit integer.
Range: 3-20
configure authority router node device-interface network-interface neighborhood bfd required-min-rx-interval
Represents the minimum interval between BFD asynchronous control packets that this router is capable of supporting.
Usage
configure authority router node device-interface network-interface neighborhood bfd required-min-rx-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
uint32
An unsigned 32-bit integer.
configure authority router node device-interface network-interface neighborhood bfd state
When enabled, run BFD between all nodes within the router.
Usage
configure authority router node device-interface network-interface neighborhood bfd state [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: enabled
enumeration
A value from a set of predefined names.
Options:
- enabled: BFD is enabled on all nodes of this router.
- disabled: BFD is disabled on all nodes of this router.
configure authority router node device-interface network-interface neighborhood encapsulate-icmp-error-messages
Encapsulate ICMP errors in UDP across SVR on routers within this neighborhood
Usage
configure authority router node device-interface network-interface neighborhood encapsulate-icmp-error-messages [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface neighborhood external-nat-address
This is the address or hostname that is seen by the adjacent router when it receives a packet from this router.
Usage
configure authority router node device-interface network-interface neighborhood external-nat-address [<host>]
Positional Arguments
name | description |
---|---|
host | The value to set for this field |
Description
host (union)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(2) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router node device-interface network-interface neighborhood max-way-points
Maximum number of way points to be allocated on each peer paths within the neighborhood.
Usage
configure authority router node device-interface network-interface neighborhood max-way-points [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 50000
A restart is required if max-way-points is created, modified, or deleted
uint32
An unsigned 32-bit integer.
Range: 50000-1000000
configure authority router node device-interface network-interface neighborhood name
The neighborhood to which this interface belongs.
Usage
configure authority router node device-interface network-interface neighborhood name [<neighborhood-id>]
Positional Arguments
name | description |
---|---|
neighborhood-id | The value to set for this field |
Description
neighborhood-id (string)
A string identifier for network neighborhood.
Must contain only alphanumeric characters or any of the following: . _ - Length: 0-63
configure authority router node device-interface network-interface neighborhood nat-keep-alive
NAT keep-alive settings for interoperating with external NATs for peers in the neighborhood.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
mode | Configure Mode |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'nat-keep-alive' |
tcp-inactivity-timeout | Represents the frequency with which TCP keep-alive packets are generated and should be shorter than the external NAT's TCP timeout settings. |
udp-inactivity-timeout | Represents the frequency with which UDP keep-alive packets are generated and should be shorter than the external NAT's UDP timeout settings. |
configure authority router node device-interface network-interface neighborhood nat-keep-alive mode
Configure Mode
Usage
configure authority router node device-interface network-interface neighborhood nat-keep-alive mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: auto
enumeration
A value from a set of predefined names.
Options:
- auto: Inject keep-alive packets in order to keep the pinhole open on external NAT device for sessions that match a session type with keep-alives enabled.
- disabled: Do not send keep-alive packets to keep pinhole open on an external NAT device.
configure authority router node device-interface network-interface neighborhood nat-keep-alive tcp-inactivity-timeout
Represents the frequency with which TCP keep-alive packets are generated and should be shorter than the external NAT's TCP timeout settings.
Usage
configure authority router node device-interface network-interface neighborhood nat-keep-alive tcp-inactivity-timeout [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 1800
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router node device-interface network-interface neighborhood nat-keep-alive udp-inactivity-timeout
Represents the frequency with which UDP keep-alive packets are generated and should be shorter than the external NAT's UDP timeout settings.
Usage
configure authority router node device-interface network-interface neighborhood nat-keep-alive udp-inactivity-timeout [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 30
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router node device-interface network-interface neighborhood packet-resiliency
Enable/disable packet-resiliency per path.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Whether packet resiliency is enabled on this path. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'packet-resiliency' |
configure authority router node device-interface network-interface neighborhood packet-resiliency enabled
Whether packet resiliency is enabled on this path.
Usage
configure authority router node device-interface network-interface neighborhood packet-resiliency enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface neighborhood path-metrics-rolling-avg-interval
This defines the rolling average interval used for computing various path metrics such as latency and loss.
Usage
configure authority router node device-interface network-interface neighborhood path-metrics-rolling-avg-interval [<duration>]
Positional Arguments
name | description |
---|---|
duration | The value to set for this field |
Description
Default: 60s
duration (string)
A simple time duration. Valid units are s - seconds, m - minutes, h - hours, and d - days: 5s, 10m, 24h, 15d
Must be a duration with units of seconds, minutes, hours, or days. e.g. 5s, 10m, 23h, 5d
configure authority router node device-interface network-interface neighborhood path-mtu-discovery
Automatic path MTU discovery for peers in the neighborhood.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Controls whether or not peer-path MTU discovery is performed |
interval | Represents the frequency with which the peer-path MTU discovery is performed. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'path-mtu-discovery' |
configure authority router node device-interface network-interface neighborhood path-mtu-discovery enabled
Controls whether or not peer-path MTU discovery is performed
Usage
configure authority router node device-interface network-interface neighborhood path-mtu-discovery enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface neighborhood path-mtu-discovery interval
Represents the frequency with which the peer-path MTU discovery is performed.
Usage
configure authority router node device-interface network-interface neighborhood path-mtu-discovery interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 600
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router node device-interface network-interface neighborhood payload-encryption-override
Transport based encryption override for payload setting within the neighborhood.
Usage
configure authority router node device-interface network-interface neighborhood payload-encryption-override [<payload-encryption-override>]
Positional Arguments
name | description |
---|---|
payload-encryption-override | The value to set for this field |
Description
Default: disable-override
payload-encryption-override (enumeration)
Payload encryption override setting.
Options:
- enable-encryption: Enable encryption of payload even when the security-policy associated with the service has encrypt=false. If the payload is already encrypted by another SSR, send it out as is.
- disable-override: Disable override of the security policy and use the security policy settings associated with the service.
configure authority router node device-interface network-interface neighborhood peer-connectivity
Whether the peer router is publicly reachable, or behind a firewall/NAT.
Usage
configure authority router node device-interface network-interface neighborhood peer-connectivity [<peer-connectivity>]
Positional Arguments
name | description |
---|---|
peer-connectivity | The value to set for this field |
Description
Default: bidirectional
peer-connectivity (enumeration)
The IP-layer connectivity behavior.
Options:
- bidirectional: Publicly reachable (i.e., not behind a firewall/NAT).
- outbound-only: Not publicly reachable (i.e., behind a firewall/NAT).
configure authority router node device-interface network-interface neighborhood peer-path-overlay
Overlay type for the neighborhood.
Usage
configure authority router node device-interface network-interface neighborhood peer-path-overlay [<peer-path-overlay>]
Positional Arguments
name | description |
---|---|
peer-path-overlay | The value to set for this field |
Description
Default: svr
peer-path-overlay (enumeration)
The overlay mechanism used for the peer path.
Options:
- svr: SVR (Secure Vector Routing) overlay.
- bfd-tunnel: Tunnel over BFD overlay.
configure authority router node device-interface network-interface neighborhood performance-monitoring
Performance Monitoring settings in the neighborhood.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Whether performance monitoring is enabled. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
profile | The name of the performance monitoring profile used for marking traffic. |
show | Show configuration data for 'performance-monitoring' |
configure authority router node device-interface network-interface neighborhood performance-monitoring enabled
Whether performance monitoring is enabled.
Usage
configure authority router node device-interface network-interface neighborhood performance-monitoring enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface neighborhood performance-monitoring profile
The name of the performance monitoring profile used for marking traffic.
Usage
configure authority router node device-interface network-interface neighborhood performance-monitoring profile [<performance-monitoring-profile-ref>]
Positional Arguments
name | description |
---|---|
performance-monitoring-profile-ref | The value to set for this field |
Description
performance-monitoring-profile-ref (leafref)
This type is used by other entities that need to reference configured performance monitoring profiles.
configure authority router node device-interface network-interface neighborhood port-range
Range of destination ports that local router is reachable by peer routers in the neighborhood.
Usage
configure authority router node device-interface network-interface neighborhood port-range <start-port>
Positional Arguments
name | description |
---|---|
start-port | Lower transport (layer 4) port number. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
end-port | Upper transport (layer 4) port number. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'port-range' |
start-port | Lower transport (layer 4) port number. |
configure authority router node device-interface network-interface neighborhood port-range end-port
Upper transport (layer 4) port number.
Usage
configure authority router node device-interface network-interface neighborhood port-range end-port [<end-port>]
Positional Arguments
name | description |
---|---|
end-port | The value to set for this field |
Description
end-port (uint16)
Upper transport (layer 4) port number. Default value is the start-port
Range: 1025-65535
configure authority router node device-interface network-interface neighborhood port-range start-port
Lower transport (layer 4) port number.
Usage
configure authority router node device-interface network-interface neighborhood port-range start-port [<l4-port>]
Positional Arguments
name | description |
---|---|
l4-port | The value to set for this field |
Description
l4-port (uint16)
Transport (layer 4) port number.
Range: 1025-65535
configure authority router node device-interface network-interface neighborhood post-encryption-padding
Whether to add a padding byte with value of 0x0 at the end of the packet payload when encryption is enabled for peers in the neighborhood.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
mode | Configure Mode |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'post-encryption-padding' |
configure authority router node device-interface network-interface neighborhood post-encryption-padding mode
Configure Mode
Usage
configure authority router node device-interface network-interface neighborhood post-encryption-padding mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: disabled
enumeration
A value from a set of predefined names.
Options:
- disabled: Do not add additional padding.
- enabled: Add one byte of padding to the end of the packet.
configure authority router node device-interface network-interface neighborhood qp-value
Quality points value that represents the 'quality' of the the links to adjacent routers in the neighborhood. Used for selecting egress interface based on the service class required minimum quality points.
Usage
configure authority router node device-interface network-interface neighborhood qp-value [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 0
qp-value
is deprecated and will be removed in a future software version
uint32
An unsigned 32-bit integer.
configure authority router node device-interface network-interface neighborhood session-optimization
Configure Session Optimization
Subcommands
command | description |
---|---|
delete | Delete configuration data |
mode | Configure Mode |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'session-optimization' |
configure authority router node device-interface network-interface neighborhood session-optimization mode
Configure Mode
Usage
configure authority router node device-interface network-interface neighborhood session-optimization mode [<session-optimization-mode>]
Positional Arguments
name | description |
---|---|
session-optimization-mode | The value to set for this field |
Description
session-optimization-mode (enumeration)
When to apply session optimization. Auto is recommended.
Options:
- never-on: Never optimize TCP traffic.
- auto: Automatically determine if TCP optimization is required.
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement
Update frequency and timeliness of the STEP peer path advertisements for this neighborhood.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'step-peer-path-advertisement' |
sla-metrics | Configure Sla Metrics |
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics
Configure SLA Metrics
Subcommands
command | description |
---|---|
clone | Clone a list item |
decrease-report-delay | Specifies mappings of peer path SLA metrics decrease to STEP reporting delay. In combination, these mappings define a piecewise linear mapping function. |
delete | Delete configuration data |
increase-report-delay | Specifies mappings of peer path SLA metrics increase to STEP reporting delay. In combination, these mappings define a piecewise linear mapping function. |
moving-average-sample-size | Sample size for calculating the weighted moving average of peer path SLA metrics to be advertised into STEP. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'sla-metrics' |
significance-threshold | Thresholds for peer path SLA metrics. Values above the threshold are considered significant enough to be advertised into STEP. |
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics decrease-report-delay
Specifies mappings of peer path SLA metrics decrease to STEP reporting delay. In combination, these mappings define a piecewise linear mapping function.
Usage
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics decrease-report-delay <percentage>
Positional Arguments
name | description |
---|---|
percentage | Largest percentage decrease seen among all of the metric values. |
Subcommands
command | description |
---|---|
delay | Reporting delay for the given percentage decrease. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
percentage | Largest percentage decrease seen among all of the metric values. |
show | Show configuration data for 'decrease-report-delay' |
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics decrease-report-delay delay
Reporting delay for the given percentage decrease.
Usage
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics decrease-report-delay delay [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
uint32 (required)
An unsigned 32-bit integer.
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics decrease-report-delay percentage
Largest percentage decrease seen among all of the metric values.
Usage
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics decrease-report-delay percentage [<percentage>]
Positional Arguments
name | description |
---|---|
percentage | The value to set for this field |
Description
Units: percent
percentage (uint8)
Integer indicating a percentage value
Range: 0-100
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics increase-report-delay
Specifies mappings of peer path SLA metrics increase to STEP reporting delay. In combination, these mappings define a piecewise linear mapping function.
Usage
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics increase-report-delay <percentage>
Positional Arguments
name | description |
---|---|
percentage | Largest percentage increase seen among all of the metric values. |
Subcommands
command | description |
---|---|
delay | Reporting delay for the given percentage increase. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
percentage | Largest percentage increase seen among all of the metric values. |
show | Show configuration data for 'increase-report-delay' |
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics increase-report-delay delay
Reporting delay for the given percentage increase.
Usage
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics increase-report-delay delay [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
uint32 (required)
An unsigned 32-bit integer.
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics increase-report-delay percentage
Largest percentage increase seen among all of the metric values.
Usage
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics increase-report-delay percentage [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: percent
uint16
An unsigned 16-bit integer.
Range: 0-65535
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics moving-average-sample-size
Sample size for calculating the weighted moving average of peer path SLA metrics to be advertised into STEP.
Usage
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics moving-average-sample-size [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Default: 3
uint16
An unsigned 16-bit integer.
Range: 1-10000
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics significance-threshold
Thresholds for peer path SLA metrics. Values above the threshold are considered significant enough to be advertised into STEP.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
min-jitter | The threshold jitter value considered significant enough for advertising into STEP. |
min-latency | The threshold latency value considered significant enough for advertising into STEP. |
min-loss | The threshold of packet loss considered significant enough for advertising into STEP. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'significance-threshold' |
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics significance-threshold min-jitter
The threshold jitter value considered significant enough for advertising into STEP.
Usage
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics significance-threshold min-jitter [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 2
uint32
An unsigned 32-bit integer.
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics significance-threshold min-latency
The threshold latency value considered significant enough for advertising into STEP.
Usage
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics significance-threshold min-latency [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 5
uint32
An unsigned 32-bit integer.
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics significance-threshold min-loss
The threshold of packet loss considered significant enough for advertising into STEP.
Usage
configure authority router node device-interface network-interface neighborhood step-peer-path-advertisement sla-metrics significance-threshold min-loss [<decimal64>]
Positional Arguments
name | description |
---|---|
decimal64 | The value to set for this field |
Description
Units: percent
Default: 0.1
decimal64
A 64-bit decimal value.
Range: 0-100 Fraction digits: 16
configure authority router node device-interface network-interface neighborhood topology
Type of topology for this router in the network for the neighborhood. This determines the other routers in the neighborhood with which this router has an adjacency.
Usage
configure authority router node device-interface network-interface neighborhood topology [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: spoke
enumeration
A value from a set of predefined names.
Options:
- mesh: Full mesh. This router will have adjacencies to all other routers in the neighborhood.
- hub: The router is a hub in a hub-and-spoke topology. The router will have adjacencies with other routers in the neighborhood that are labeled 'spoke' or 'mesh'.
- spoke: The router is a spoke in a hub-and-spoke topology. The router will have adjacencies with other routers in the neighborhood that are labeled 'hub' or 'mesh'.
configure authority router node device-interface network-interface neighborhood traffic-engineering
Configure Traffic Engineering
Subcommands
command | description |
---|---|
delete | Delete configuration data |
download | Configure Download |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'traffic-engineering' |
upload | Configure Upload |
configure authority router node device-interface network-interface neighborhood traffic-engineering download
Configure Download
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Whether traffic engineering should be enabled by our peer to limit its transmit capacity on this peer path. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
receive-cap | Value that is used as the limit of our peer's transmit capacity on this peer path as to not overwhelm our interface. |
show | Show configuration data for 'download' |
traffic-profile | The name of the traffic profile our peer should use when limiting its transmit-capacity on this peer path |
configure authority router node device-interface network-interface neighborhood traffic-engineering download enabled
Whether traffic engineering should be enabled by our peer to limit its transmit capacity on this peer path.
Usage
configure authority router node device-interface network-interface neighborhood traffic-engineering download enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface neighborhood traffic-engineering download receive-cap
Value that is used as the limit of our peer's transmit capacity on this peer path as to not overwhelm our interface.
Usage
configure authority router node device-interface network-interface neighborhood traffic-engineering download receive-cap [<uint64>]
Positional Arguments
name | description |
---|---|
uint64 | The value to set for this field |
Description
Units: bits/second
uint64
An unsigned 64-bit integer.
Range: 0-999999999999
configure authority router node device-interface network-interface neighborhood traffic-engineering download traffic-profile
The name of the traffic profile our peer should use when limiting its transmit-capacity on this peer path
Usage
configure authority router node device-interface network-interface neighborhood traffic-engineering download traffic-profile [<traffic-profile-ref>]
Positional Arguments
name | description |
---|---|
traffic-profile-ref | The value to set for this field |
Description
traffic-profile-ref (leafref)
This type is used by other entities that need to reference configured traffic profiles.
configure authority router node device-interface network-interface neighborhood traffic-engineering upload
Configure Upload
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Whether traffic engineering is enabled on this peer path. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'upload' |
traffic-profile | The name of the traffic profile used for traffic engineering on this peer path |
transmit-cap | The transmit capacity of this peer path. |
configure authority router node device-interface network-interface neighborhood traffic-engineering upload enabled
Whether traffic engineering is enabled on this peer path.
Usage
configure authority router node device-interface network-interface neighborhood traffic-engineering upload enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface neighborhood traffic-engineering upload traffic-profile
The name of the traffic profile used for traffic engineering on this peer path
Usage
configure authority router node device-interface network-interface neighborhood traffic-engineering upload traffic-profile [<traffic-profile-ref>]
Positional Arguments
name | description |
---|---|
traffic-profile-ref | The value to set for this field |
Description
traffic-profile-ref (leafref)
This type is used by other entities that need to reference configured traffic profiles.
configure authority router node device-interface network-interface neighborhood traffic-engineering upload transmit-cap
The transmit capacity of this peer path.
Usage
configure authority router node device-interface network-interface neighborhood traffic-engineering upload transmit-cap [<uint64>]
Positional Arguments
name | description |
---|---|
uint64 | The value to set for this field |
Description
Units: bits/second
uint64
An unsigned 64-bit integer.
Range: 0-999999999999
configure authority router node device-interface network-interface neighborhood ttl-padding
Whether to perform TTL Padding on routers within this neighborhood
Usage
configure authority router node device-interface network-interface neighborhood ttl-padding [<ttl-padding-type>]
Positional Arguments
name | description |
---|---|
ttl-padding-type | The value to set for this field |
Description
Default: disabled
ttl-padding-type (union)
A value that corresponds to one of its member types.
Must be one of the following types:
(0) uint8
An unsigned 8-bit integer.
Range: 0-255
(1) enumeration
A value from a set of predefined names.
Options:
- auto: Automatically determine TTL padding.
- disabled: Do not pad TTL.
configure authority router node device-interface network-interface neighborhood udp-transform
UDP transform settings for interoperating with stateful TCP firewalls for peers in the neighborhood.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
detect-interval | Represents the frequency with which the stateful TCP firewall discovery is performed. |
mode | Configure Mode |
nat-keep-alive-mode | Configure Nat Keep Alive Mode |
nat-keep-alive-timeout | Represents the frequency with which keep-alive packets are generated. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'udp-transform' |
configure authority router node device-interface network-interface neighborhood udp-transform detect-interval
Represents the frequency with which the stateful TCP firewall discovery is performed.
Usage
configure authority router node device-interface network-interface neighborhood udp-transform detect-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 300
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router node device-interface network-interface neighborhood udp-transform mode
Configure Mode
Usage
configure authority router node device-interface network-interface neighborhood udp-transform mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: auto-detect
enumeration
A value from a set of predefined names.
Options:
- auto-detect: Detect if TCP to UDP transform is required. Special TCP packets are sent to the peer at the specified interval. If these packets are not returned, transformation is required.
- always-transform: Force UDP transform for all TCP traffic to the peer. TCP detection packets are never sent in this mode.
configure authority router node device-interface network-interface neighborhood udp-transform nat-keep-alive-mode
Configure Nat Keep Alive Mode
Usage
configure authority router node device-interface network-interface neighborhood udp-transform nat-keep-alive-mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: disabled
enumeration
A value from a set of predefined names.
Options:
- disabled: Do not send keep-alive packets to keep UDP sessions active during UDP transform.
- enabled: Inject keep-alive packets to keep UDP sessions active during UDP transform.
configure authority router node device-interface network-interface neighborhood udp-transform nat-keep-alive-timeout
Represents the frequency with which keep-alive packets are generated.
Usage
configure authority router node device-interface network-interface neighborhood udp-transform nat-keep-alive-timeout [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 30
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router node device-interface network-interface neighborhood vector
Vector name to associate with adjacencies in the neighborhood.
Usage
configure authority router node device-interface network-interface neighborhood vector [<vector-name>]
Positional Arguments
name | description |
---|---|
vector-name | The value to set for this field |
Description
vector-name (string)
A text value.
Must contain only alphanumeric characters or any of the following: . _ - Length: 0-63
configure authority router node device-interface network-interface off-subnet-arp-prefix
Address(es) for which the router will respond to ARP requests.
Usage
configure authority router node device-interface network-interface off-subnet-arp-prefix [<unicast-ipv4-prefix>]
Positional Arguments
name | description |
---|---|
unicast-ipv4-prefix | Value to add to this list |
Description
unicast-ipv4-prefix (string)
A unicast IPv4 prefix
configure authority router node device-interface network-interface off-subnet-reverse-arp-mac-learning
When enabled, the source MAC address of the packet will be used for reverse traffic for off-subnet source ip address.
Usage
configure authority router node device-interface network-interface off-subnet-reverse-arp-mac-learning [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface prefix-delegation
Enable/disable IPv6 Prefix Delegation Client.
Usage
configure authority router node device-interface network-interface prefix-delegation [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface prefix-delegation-authentication
Whether prefix-delegation messages are authenticated.
Usage
configure authority router node device-interface network-interface prefix-delegation-authentication [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: disabled
enumeration
A value from a set of predefined names.
Options:
- disabled: Authentication of prefix-delegation messages is disabled.
- delayed: Delayed authentication protocol is used to authenticate prefix-delegation messages.
- reconfig-key: Reconfigure-key authentication protocol is used to authenticate prefix-delegation messages.
configure authority router node device-interface network-interface prefix-delegation-group
The name to identify a prefix-delegation group within which the pd-client interface will request a prefix and all the internal interfaces will be assigned a global address from this prefix based on their subnet-ids.
Usage
configure authority router node device-interface network-interface prefix-delegation-group [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface network-interface prefix-delegation-subnet-id
The identifier of a subnet within a prefix-delegation group which is used to construct a global IPv6 address for an internal interface.
Usage
configure authority router node device-interface network-interface prefix-delegation-subnet-id [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
uint8
An unsigned 8-bit integer.
Range: 0-255
configure authority router node device-interface network-interface preserve-dscp
Controls if DSCP bits are preserved on this interface.
Usage
configure authority router node device-interface network-interface preserve-dscp [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface prioritization-mode
Controls how packets received on this interface are prioritized.
Usage
configure authority router node device-interface network-interface prioritization-mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: local
enumeration
A value from a set of predefined names.
Options:
- local: Trust the internal classification for prioritization.
- dscp: Trust incoming DSCP values for prioritization.
configure authority router node device-interface network-interface qp-value
Quality points value that represents the 'quality' of the network the interface is connected to. It used for selecting egress interface based on the service class required minimum quality points.
Usage
configure authority router node device-interface network-interface qp-value [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 0
qp-value
is deprecated and will be removed in a future software version
uint32
An unsigned 32-bit integer.
configure authority router node device-interface network-interface reverse-arp-mac-learning
Controls whether the source MAC address of the packet can be used for reverse traffic when ARP is unresolved.
Usage
configure authority router node device-interface network-interface reverse-arp-mac-learning [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface rewrite-dscp
Controls if DSCP bits are rewritten on this interface.
Usage
configure authority router node device-interface network-interface rewrite-dscp [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface router-advertisement
Enable/disable IPv6 router advertisement to advertise the prefix learned via DHCPv6-PD.
Usage
configure authority router node device-interface network-interface router-advertisement [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface source-nat
Indicates whether source address and port translation (NAPT) is performed for flows egressing the interface to the final destination.
Usage
configure authority router node device-interface network-interface source-nat [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface tenant
Tenant to which this interface belongs.
Usage
configure authority router node device-interface network-interface tenant [<tenant-ref>]
Positional Arguments
name | description |
---|---|
tenant-ref | The value to set for this field |
Description
tenant-ref (leafref)
This type is used by other entities that need to reference configured tenants.
configure authority router node device-interface network-interface tenant-prefixes
Tenant to source prefix mapping.
Usage
configure authority router node device-interface network-interface tenant-prefixes <tenant>
Positional Arguments
name | description |
---|---|
tenant | Tenant name. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'tenant-prefixes' |
source-address | The source address(es) that define the tenant. |
tenant | Tenant name. |
configure authority router node device-interface network-interface tenant-prefixes source-address
The source address(es) that define the tenant.
Usage
configure authority router node device-interface network-interface tenant-prefixes source-address [<ip-prefix>]
Positional Arguments
name | description |
---|---|
ip-prefix | Value to add to this list |
Description
ip-prefix (union) (required)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string) (required)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string) (required)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority router node device-interface network-interface tenant-prefixes tenant
Tenant name.
Usage
configure authority router node device-interface network-interface tenant-prefixes tenant [<tenant-ref>]
Positional Arguments
name | description |
---|---|
tenant-ref | The value to set for this field |
Description
tenant-ref (leafref)
This type is used by other entities that need to reference configured tenants.
configure authority router node device-interface network-interface traffic-engineering
Configure Traffic Engineering
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Whether traffic engineering is enabled on the network interface. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'traffic-engineering' |
traffic-profile | The name of the traffic profile used for traffic engineering on this network interface |
transmit-cap | The transmit capacity of the this network interface. |
configure authority router node device-interface network-interface traffic-engineering enabled
Whether traffic engineering is enabled on the network interface.
Usage
configure authority router node device-interface network-interface traffic-engineering enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface traffic-engineering traffic-profile
The name of the traffic profile used for traffic engineering on this network interface
Usage
configure authority router node device-interface network-interface traffic-engineering traffic-profile [<traffic-profile-ref>]
Positional Arguments
name | description |
---|---|
traffic-profile-ref | The value to set for this field |
Description
traffic-profile-ref (leafref)
This type is used by other entities that need to reference configured traffic profiles.
configure authority router node device-interface network-interface traffic-engineering transmit-cap
The transmit capacity of the this network interface.
Usage
configure authority router node device-interface network-interface traffic-engineering transmit-cap [<uint64>]
Positional Arguments
name | description |
---|---|
uint64 | The value to set for this field |
Description
Units: bits/second
uint64
An unsigned 64-bit integer.
Range: 0-999999999999
configure authority router node device-interface network-interface tunnel
Configure Tunnel
Subcommands
command | description |
---|---|
delete | Delete configuration data |
destination | The destination of this tunnel. |
internal-address | The source address to use when sending packets over the tunnel. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'tunnel' |
source | How the tunnel source address will be obtained. |
configure authority router node device-interface network-interface tunnel destination
The destination of this tunnel.
Usage
configure authority router node device-interface network-interface tunnel destination [<host>]
Positional Arguments
name | description |
---|---|
host | The value to set for this field |
Description
host (union) (required)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ip-address (union) (required)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string) (required)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string) (required)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(2) domain-name (string) (required)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router node device-interface network-interface tunnel internal-address
The source address to use when sending packets over the tunnel.
Usage
configure authority router node device-interface network-interface tunnel internal-address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface tunnel source
How the tunnel source address will be obtained.
Subcommands
command | description |
---|---|
address | The source address of this tunnel. |
delete | Delete configuration data |
network-interface | Use the address of the interface with the same vlan. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'source' |
configure authority router node device-interface network-interface tunnel source address
The source address of this tunnel.
Usage
configure authority router node device-interface network-interface tunnel source address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node device-interface network-interface tunnel source network-interface
Use the address of the interface with the same vlan.
Usage
configure authority router node device-interface network-interface tunnel source network-interface
Description
empty
Has no value.
configure authority router node device-interface network-interface type
Type of network that the interface is connected to. Type is fabric for inter-node traffic, external for regular traffic, and shared for both fabric and external.
Usage
configure authority router node device-interface network-interface type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: external
enumeration
A value from a set of predefined names.
Options:
- fabric: Fabric network for inter-node traffic.
- external: External network for regular traffic.
- shared: Network is both 'fabric' and 'external'.
- gre-tunnel: A GRE tunnel.
configure authority router node device-interface network-interface vlan
The VLAN id for the interface (0 for no VLAN, otherwise 1-4094).
Usage
configure authority router node device-interface network-interface vlan [<vlan>]
Positional Arguments
name | description |
---|---|
vlan | The value to set for this field |
Description
Default: 0
vlan (uint16)
A VLAN identifier (0 for no VLAN, otherwise 1-4094).
Range: 0-4094
configure authority router node device-interface network-interface vrrp
Configure VRRP
Subcommands
command | description |
---|---|
advertisement-interval | How frequently (in milliseconds) advertisements should be sent. |
delete | Delete configuration data |
enabled | Whether or not this interface should participate in VRRP. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
priority | The priority of this interface within the virtual router pair. |
show | Show configuration data for 'vrrp' |
use-physical-address | Use the physical mac address of the device instead of the VRRP virtual mac. |
vrid | The Virtual Router ID. This value must be mirrored by the redundant interface. |
configure authority router node device-interface network-interface vrrp advertisement-interval
How frequently (in milliseconds) advertisements should be sent.
Usage
configure authority router node device-interface network-interface vrrp advertisement-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
uint16
An unsigned 16-bit integer.
Range: 100-40950
configure authority router node device-interface network-interface vrrp enabled
Whether or not this interface should participate in VRRP.
Usage
configure authority router node device-interface network-interface vrrp enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface vrrp priority
The priority of this interface within the virtual router pair.
Usage
configure authority router node device-interface network-interface vrrp priority [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 100
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router node device-interface network-interface vrrp use-physical-address
Use the physical mac address of the device instead of the VRRP virtual mac.
Usage
configure authority router node device-interface network-interface vrrp use-physical-address [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface network-interface vrrp vrid
The Virtual Router ID. This value must be mirrored by the redundant interface.
Usage
configure authority router node device-interface network-interface vrrp vrid [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router node device-interface network-namespace
The network namespace in which this network interface will be located
Usage
configure authority router node device-interface network-namespace [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
Must contain only alphanumeric characters, start with a alphabet and can contain any of the following: _ - Length: 0-50
configure authority router node device-interface parent-bond
The bond type interface that this interface is grouped with.
Usage
configure authority router node device-interface parent-bond [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router node device-interface pci-address
The PCI address of the device. Only relevant if type is ethernet.
Usage
configure authority router node device-interface pci-address [<pci-address>]
Positional Arguments
name | description |
---|---|
pci-address | The value to set for this field |
Description
pci-address (string)
A PCI address specifying domain, bus, device, and function
Must contain only hex digits or any of the following: . : Required format: 'aaaa:bb:cc.d' (e.g. 0000:00:1d.0). Length: 0-13
configure authority router node device-interface pppoe
Configure Pppoe
Subcommands
command | description |
---|---|
authentication-protocol | Authentication protocol used to authenticate the user. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
password | Password required to setup PPPoE connection. |
show | Show configuration data for 'pppoe' |
user-name | Username required to setup PPPoE connection. |
configure authority router node device-interface pppoe authentication-protocol
Authentication protocol used to authenticate the user.
Usage
configure authority router node device-interface pppoe authentication-protocol [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
enumeration
A value from a set of predefined names.
Options:
- chap: Challenge-Handshake Authentication Protocol.
- pap: Password Authentication Protocol.
configure authority router node device-interface pppoe password
Password required to setup PPPoE connection.
Usage
configure authority router node device-interface pppoe password [<password>]
Positional Arguments
name | description |
---|---|
password | The value to set for this field |
Description
password (string)
A password type that is hidden from the UI. The internal storage format is dependent on the individual field.
configure authority router node device-interface pppoe user-name
Username required to setup PPPoE connection.
Usage
configure authority router node device-interface pppoe user-name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node device-interface promiscuous-mode
Enables promiscuous mode on the interface.
Usage
configure authority router node device-interface promiscuous-mode [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface q-in-q
Enables Q-in-Q encapsulation
Subcommands
command | description |
---|---|
delete | Delete configuration data |
outer-ethertype | The ethertype for the outer VLAN tag |
outer-vlan | Add an outer VLAN tag to all non-zero VLAN interfaces |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'q-in-q' |
configure authority router node device-interface q-in-q outer-ethertype
The ethertype for the outer VLAN tag
Usage
configure authority router node device-interface q-in-q outer-ethertype [<hex-string>]
Positional Arguments
name | description |
---|---|
hex-string | The value to set for this field |
Description
hex-string (string) (required)
A hexadecimal string with octets represented as hex digits.
Length: 4
configure authority router node device-interface q-in-q outer-vlan
Add an outer VLAN tag to all non-zero VLAN interfaces
Usage
configure authority router node device-interface q-in-q outer-vlan [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
uint16 (required)
An unsigned 16-bit integer.
Range: 1-4094
configure authority router node device-interface reinsert-vlan
Enables reinsertion of NIC-stripped VLAN on ingress packets, on supported devices.
Usage
configure authority router node device-interface reinsert-vlan [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface session-optimization
Configure Session Optimization
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enable-detection | Whether session optimization detection is enabled on this device interface. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'session-optimization' |
configure authority router node device-interface session-optimization enable-detection
Whether session optimization detection is enabled on this device interface.
Usage
configure authority router node device-interface session-optimization enable-detection [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router node device-interface shared-phys-address
Virtual MAC address for interface redundancy.
Usage
configure authority router node device-interface shared-phys-address [<unicast-phys-address>]
Positional Arguments
name | description |
---|---|
unicast-phys-address | The value to set for this field |
Description
unicast-phys-address (string)
A text value.
Required format: 'XX:XX:XX:XX:XX:XX', where 'X' is a hexidecimal digit (e.g., 00:0a:95:9d:68:16). Length may vary from the example shown. Shared physical address must not be a multicast address nor 00:00:00:00:00:00
configure authority router node device-interface sriov-vlan-filter
Enables VLAN filtering on supported SR-IOV devices.
Usage
configure authority router node device-interface sriov-vlan-filter [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface strip-vlan
Enables VLAN stripping on ingress packets on supported devices.
Usage
configure authority router node device-interface strip-vlan [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface target-interface
Specifies the name of an external interface to be automatically bridged to a logical interface.
Usage
configure authority router node device-interface target-interface [<target-name>]
Positional Arguments
name | description |
---|---|
target-name | The value to set for this field |
Description
target-name (string)
A string identifier for target-interface which cannot be slash or colon and cannot exceed 15 characters.
Must not contain slash, colon, or whitespace in target-interface name. Length: 1-15
configure authority router node device-interface traffic-engineering
Configure Traffic Engineering
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Whether traffic engineering is enabled on the interface. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'traffic-engineering' |
traffic-profile | The name of the traffic profile used for traffic engineering on this device interface |
transmit-cap | Value that is used in conjunction with the negotiated link speed to determine the transmit capacity of the interface. |
configure authority router node device-interface traffic-engineering enabled
Whether traffic engineering is enabled on the interface.
Usage
configure authority router node device-interface traffic-engineering enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface traffic-engineering traffic-profile
The name of the traffic profile used for traffic engineering on this device interface
Usage
configure authority router node device-interface traffic-engineering traffic-profile [<traffic-profile-ref>]
Positional Arguments
name | description |
---|---|
traffic-profile-ref | The value to set for this field |
Description
traffic-profile-ref (leafref)
This type is used by other entities that need to reference configured traffic profiles.
configure authority router node device-interface traffic-engineering transmit-cap
Value that is used in conjunction with the negotiated link speed to determine the transmit capacity of the interface.
Usage
configure authority router node device-interface traffic-engineering transmit-cap [<limit>]
Positional Arguments
name | description |
---|---|
limit | The value to set for this field |
Description
Units: bits/second
limit (union)
A type for defining values such as rates and capacities for which the default value is unlimited.
Must be one of the following types:
(0) uint64
An unsigned 64-bit integer.
Range: 0-999999999999
(1) enumeration
A value from a set of predefined names.
Options:
- unlimited: No limit on this value.
configure authority router node device-interface type
Type of interface.
Usage
configure authority router node device-interface type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: ethernet
enumeration
A value from a set of predefined names.
Options:
- ethernet: A physical ethernet interface.
- pppoe: An interface using the Point-to-Point Protocol over Ethernet (PPPoE).
- host: A logical interface to the host system.
- bridged: A logical interface bridged to a target interface.
- lte: An interface using LTE.
- t1: An interface using a T1 card.
- bond: An aggregated group of ethernet interfaces.
configure authority router node device-interface vmbus-uuid
The VMBus UUID of the network device. Hyper-V Environment only. Only relevant if type is ethernet.
Usage
configure authority router node device-interface vmbus-uuid [<vmbus-uuid>]
Positional Arguments
name | description |
---|---|
vmbus-uuid | The value to set for this field |
Description
vmbus-uuid (string)
A VMBUS UUID which specifies a network device
Must contain only hex digits. Required format: 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
configure authority router node device-interface vrrp
Parameters for Interface Redundancy using Virtual Router Redundancy Protocol (VRRP).
Subcommands
command | description |
---|---|
advertisement-interval | How frequently (in milliseconds) advertisements should be sent. |
delete | Delete configuration data |
enabled | Whether or not this interface should participate in VRRP. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
priority | The priority of this interface within the virtual router pair. |
show | Show configuration data for 'vrrp' |
use-physical-address | Use the physical mac address of the device instead of the VRRP virtual mac. |
vlan | Vlan of the network-interface that will represent this device |
vrid | The Virtual Router ID. This value must be mirrored by the redundant interface. |
configure authority router node device-interface vrrp advertisement-interval
How frequently (in milliseconds) advertisements should be sent.
Usage
configure authority router node device-interface vrrp advertisement-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
uint16
An unsigned 16-bit integer.
Range: 100-40950
configure authority router node device-interface vrrp enabled
Whether or not this interface should participate in VRRP.
Usage
configure authority router node device-interface vrrp enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface vrrp priority
The priority of this interface within the virtual router pair.
Usage
configure authority router node device-interface vrrp priority [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 100
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router node device-interface vrrp use-physical-address
Use the physical mac address of the device instead of the VRRP virtual mac.
Usage
configure authority router node device-interface vrrp use-physical-address [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router node device-interface vrrp vlan
Vlan of the network-interface that will represent this device
Usage
configure authority router node device-interface vrrp vlan [<vlan>]
Positional Arguments
name | description |
---|---|
vlan | The value to set for this field |
Description
Default: 0
vlan (uint16)
A VLAN identifier (0 for no VLAN, otherwise 1-4094).
Range: 0-4094
configure authority router node device-interface vrrp vrid
The Virtual Router ID. This value must be mirrored by the redundant interface.
Usage
configure authority router node device-interface vrrp vrid [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router node enabled
Enable/disable the whole node.
Usage
configure authority router node enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router node forwarding-core-count
The number of CPU cores to dedicate to traffic forwarding when using 'manual' forwarding core mode.
Usage
configure authority router node forwarding-core-count [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
A restart is required if forwarding-core-count is created, modified, or deleted
uint8
An unsigned 8-bit integer.
Range: 0-255
configure authority router node forwarding-core-mode
The method by which the number of CPU cores dedicated to traffic forwarding should be determined.
Usage
configure authority router node forwarding-core-mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: automatic
A restart is required if forwarding-core-mode is created, modified, or deleted
enumeration
A value from a set of predefined names.
Options:
- automatic: The number of cores dedicated to traffic forwarding will be automatically determined based on system properties.
- manual: The number of cores dedicated to traffic forwarding will be set to the value of forwarding-core-count.
configure authority router node idp
Configure Idp
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
platform-size | Size of the IDP platform |
show | Show configuration data for 'idp' |
configure authority router node idp platform-size
Size of the IDP platform
Usage
configure authority router node idp platform-size [<idp-size>]
Positional Arguments
name | description |
---|---|
idp-size | The value to set for this field |
Description
Default: auto
a restart is required if platform-size is created, modified, or deleted
idp-size (enumeration)
Size of the idp platform
Options:
- auto: Automatically size the platform
- legacy: Set legacy mode override
- 4CPU-4G: Set 4CPU-4G as platform size
- 4CPU-8G: Set 4CPU-8G as platform size
- 6CPU-8G: Set 6CPU-8G as platform size
- 6CPU-12G: Set 6CPU-12G as platform size
- 6CPU-16G: Set 6CPU-16G as platform size
- 8CPU-16G: Set 8CPU-16G as platform size
- 8CPU-20G: Set 8CPU-20G as platform size
- 12CPU-16G: Set 12CPU-16G as platform size
- 12CPU-24G: Set 12CPU-24G as platform size
- 12CPU-32G: Set 12CPU-32G as platform size
- 16CPU-32G: Set 16CPU-32G as platform size
- 16CPU-40G: Set 16CPU-40G as platform size
- 20CPU-32G: Set 20CPU-32G as platform size
- 20CPU-48G: Set 20CPU-40G as platform size
- 20CPU-64G: Set 20CPU-64G as platform size
- 32CPU-64G: Set 32CPU-64G as platform size
configure authority router node ipfix
Node specific IPFIX configuration
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Enable or disable IPFIX export on this node |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'ipfix' |
configure authority router node ipfix enabled
Enable or disable IPFIX export on this node
Usage
configure authority router node ipfix enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router node location
A text description of the node's physical location.
Usage
configure authority router node location [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router node loopback-address
The loopback IP address to use for management traffic originating on this node when routed via SVR.
Usage
configure authority router node loopback-address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node name
An arbitrary, unique name for the node, used to reference it in other configuration sections. This MUST match the name in the local initialization file.
Usage
configure authority router node name [<reserved-name-id>]
Positional Arguments
name | description |
---|---|
reserved-name-id | The value to set for this field |
Description
A restart is required if name is created or deleted
reserved-name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters, and cannot be the words 'all', 'any', or 'unknown'.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router node port-forwarding
Configuration for establishing local port-forwarding to remote server.
Usage
configure authority router node port-forwarding <local-address> <local-port> <local-interface>
Positional Arguments
name | description |
---|---|
local-address | The local address to forward from |
local-port | The local port to forward from |
local-interface | The local interface to forward from |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
local-address | The local address to forward from |
local-interface | The local interface to forward from |
local-port | The local port to forward from |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
remote-host | The remote host to connect to from server |
remote-interface | The remote interface to connect via on server |
remote-port | The remote port to connect to from server |
server-address | The server at the host address |
server-destination | The server at known destination |
server-port | The port to connect to on the server |
show | Show configuration data for 'port-forwarding' |
configure authority router node port-forwarding local-address
The local address to forward from
Usage
configure authority router node port-forwarding local-address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node port-forwarding local-interface
The local interface to forward from
Usage
configure authority router node port-forwarding local-interface [<device-name>]
Positional Arguments
name | description |
---|---|
device-name | The value to set for this field |
Description
device-name (string)
A string identifier for device-interface which only uses alphanumerics, underscores, dashes, or slashes, and cannot exceed 12 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-12
configure authority router node port-forwarding local-port
The local port to forward from
Usage
configure authority router node port-forwarding local-port [<l4-port>]
Positional Arguments
name | description |
---|---|
l4-port | The value to set for this field |
Description
l4-port (uint16)
Transport (layer 4) port number.
Range: 0-65535
configure authority router node port-forwarding remote-host
The remote host to connect to from server
Usage
configure authority router node port-forwarding remote-host [<host>]
Positional Arguments
name | description |
---|---|
host | The value to set for this field |
Description
host (union)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(2) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router node port-forwarding remote-interface
The remote interface to connect via on server
Usage
configure authority router node port-forwarding remote-interface [<device-name>]
Positional Arguments
name | description |
---|---|
device-name | The value to set for this field |
Description
device-name (string)
A string identifier for device-interface which only uses alphanumerics, underscores, dashes, or slashes, and cannot exceed 12 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-12
configure authority router node port-forwarding remote-port
The remote port to connect to from server
Usage
configure authority router node port-forwarding remote-port [<l4-port>]
Positional Arguments
name | description |
---|---|
l4-port | The value to set for this field |
Description
l4-port (uint16)
Transport (layer 4) port number.
Range: 0-65535
configure authority router node port-forwarding server-address
The server at the host address
Usage
configure authority router node port-forwarding server-address [<host>]
Positional Arguments
name | description |
---|---|
host | The value to set for this field |
Description
host (union)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(2) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router node port-forwarding server-destination
The server at known destination
Usage
configure authority router node port-forwarding server-destination [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
enumeration
A value from a set of predefined names.
Options:
- ha-node: The server on the HA node
configure authority router node port-forwarding server-port
The port to connect to on the server
Usage
configure authority router node port-forwarding server-port [<l4-port>]
Positional Arguments
name | description |
---|---|
l4-port | The value to set for this field |
Description
l4-port (uint16)
Transport (layer 4) port number.
Range: 0-65535
configure authority router node power-saver
Allow the traffic forwarding cores to sleep when there is no traffic to process
Usage
configure authority router node power-saver [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
A restart is required if power-saver is created, modified, or deleted
boolean
A true or false value.
Options: true or false
configure authority router node radius
Radius authentication parameters for this node.
Subcommands
command | description |
---|---|
client-certificate-name | A client certificate to be used to communicate with Radius server. |
delete | Delete configuration data |
enable-message-authenticator | Enable enforcement of Message-Authenticator for all requests and responses. WARNING: It is considered unsafe to disable this enforcement and can expose the system to authentication attacks. |
nas-identifier | The NAS Identifier to be used in outgoing Radius authentication requests. |
nas-ip-address | The NAS IP Address to be used in outgoing Radius authentication requests. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
router-client-certificate-name | A client certificate to be used to communicate with Radius server. |
show | Show configuration data for 'radius' |
configure authority router node radius client-certificate-name
A client certificate to be used to communicate with Radius server.
Usage
configure authority router node radius client-certificate-name [<client-certificate-ref>]
Positional Arguments
name | description |
---|---|
client-certificate-ref | The value to set for this field |
Description
client-certificate-ref (leafref)
This type is used by other entities that need to reference configured client certificate.
configure authority router node radius enable-message-authenticator
Enable enforcement of Message-Authenticator for all requests and responses. WARNING: It is considered unsafe to disable this enforcement and can expose the system to authentication attacks.
Usage
configure authority router node radius enable-message-authenticator [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router node radius nas-identifier
The NAS Identifier to be used in outgoing Radius authentication requests.
Usage
configure authority router node radius nas-identifier [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
Length: 1-253
configure authority router node radius nas-ip-address
The NAS IP Address to be used in outgoing Radius authentication requests.
Usage
configure authority router node radius nas-ip-address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node radius router-client-certificate-name
A client certificate to be used to communicate with Radius server.
Usage
configure authority router node radius router-client-certificate-name [<router-client-certificate-ref>]
Positional Arguments
name | description |
---|---|
router-client-certificate-ref | The value to set for this field |
Description
router-client-certificate-ref (leafref)
This type is used by other entities that need to reference configured client certificate for a specific router.
configure authority router node reachability-detection
Layer 2 reachability detection
Subcommands
command | description |
---|---|
arp-cache-timeout | Duration that an arp entry will be preserved in the system after it is no longer in use. |
arp-refresh-interval | Represents the frequency in seconds that an arp entry is refreshed. |
delete | Delete configuration data |
expired-refresh-count | Represents the number of attempts to resolve an arp before declaring expired. |
expired-refresh-interval | Represents the retry frequency in milliseconds of arp in expired state. |
gateway-refresh-interval | Represents the frequency in seconds that a gateway arp entry is refreshed. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'reachability-detection' |
configure authority router node reachability-detection arp-cache-timeout
Duration that an arp entry will be preserved in the system after it is no longer in use.
Usage
configure authority router node reachability-detection arp-cache-timeout [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 0
uint32
An unsigned 32-bit integer.
Range: 0-86400
configure authority router node reachability-detection arp-refresh-interval
Represents the frequency in seconds that an arp entry is refreshed.
Usage
configure authority router node reachability-detection arp-refresh-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 1200
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router node reachability-detection expired-refresh-count
Represents the number of attempts to resolve an arp before declaring expired.
Usage
configure authority router node reachability-detection expired-refresh-count [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Units: packets
Default: 10
uint8
An unsigned 8-bit integer.
Range: 3-20
configure authority router node reachability-detection expired-refresh-interval
Represents the retry frequency in milliseconds of arp in expired state.
Usage
configure authority router node reachability-detection expired-refresh-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 500
uint32
An unsigned 32-bit integer.
Range: 500-60000
configure authority router node reachability-detection gateway-refresh-interval
Represents the frequency in seconds that a gateway arp entry is refreshed.
Usage
configure authority router node reachability-detection gateway-refresh-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 5
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router node role
The node's role in the SSR system.
Usage
configure authority router node role [<node-role>]
Positional Arguments
name | description |
---|---|
node-role | The value to set for this field |
Description
A restart is required if role is created, modified, or deleted
node-role (enumeration) (required)
The node's role in the SSR system.
Options:
- control: A Control and Operations Resource node.
- slice: A Software Line-Card Engine node.
- combo: A combined Control and Slice.
- conductor: A remote management system.
configure authority router node serial-console-enabled
Enable serial console.
Usage
configure authority router node serial-console-enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
a restart is required if serial-console-enabled is created, modified, or deleted
boolean
A true or false value.
Options: true or false
configure authority router node session-processor-count
The number of threads to use for session processing when using 'manual' session-processor mode.
Usage
configure authority router node session-processor-count [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
A restart is required if session-processor-count is created, modified, or deleted
uint8
An unsigned 8-bit integer.
Range: 0-255
configure authority router node session-processor-mode
The method by which the number of threads used for session processing should be determined.
Usage
configure authority router node session-processor-mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: automatic
A restart is required if session-processor-mode is created, modified, or deleted
enumeration
A value from a set of predefined names.
Options:
- automatic: The number of threads dedicated to session processing will be automatically determined based on system properties.
- manual: The number of threads dedicated to session processing will be set to the value of session-processor-count.
configure authority router node session-setup-scaling
Whether or not to enable session setup scaling.
Usage
configure authority router node session-setup-scaling [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
A restart is required if session-setup-scaling is created, modified, or deleted
boolean
A true or false value.
Options: true or false
configure authority router node ssh-keepalive
Configure SSH Keepalive
Subcommands
command | description |
---|---|
asset-inter-conductor-router-server | Configure Asset Inter Conductor Router Server |
delete | Delete configuration data |
inter-conductor-router-server | Configure Inter Conductor Router Server |
inter-node | Configure Inter Node |
inter-node-server | Configure Inter Node Server |
inter-router | Configure Inter Router |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'ssh-keepalive' |
configure authority router node ssh-keepalive asset-inter-conductor-router-server
Configure Asset Inter Conductor Router Server
Subcommands
command | description |
---|---|
delete | Delete configuration data |
interval | Timeout interval in seconds to send keepalive from SSHD server when an SSH connection is idle between the conductor and a managed router's asset connections. |
max-attempts | Number of keepalive messages sent from SSHD server before disconnecting an SSH connection between the conductor and a managed router's asset connections. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'asset-inter-conductor-router-server' |
configure authority router node ssh-keepalive asset-inter-conductor-router-server interval
Timeout interval in seconds to send keepalive from SSHD server when an SSH connection is idle between the conductor and a managed router's asset connections.
Usage
configure authority router node ssh-keepalive asset-inter-conductor-router-server interval [<ssh-keepalive-interval>]
Positional Arguments
name | description |
---|---|
ssh-keepalive-interval | The value to set for this field |
Description
Default: 5
ssh-keepalive-interval (uint8)
Timeout interval in seconds to send keepalive when an SSH connection is idle.
Range: 1-10
configure authority router node ssh-keepalive asset-inter-conductor-router-server max-attempts
Number of keepalive messages sent from SSHD server before disconnecting an SSH connection between the conductor and a managed router's asset connections.
Usage
configure authority router node ssh-keepalive asset-inter-conductor-router-server max-attempts [<ssh-keepalive-max-attempts>]
Positional Arguments
name | description |
---|---|
ssh-keepalive-max-attempts | The value to set for this field |
Description
Default: 4
ssh-keepalive-max-attempts (uint8)
Number of keepalive messages sent before disconnecting an SSH connection.
Range: 1-20
configure authority router node ssh-keepalive inter-conductor-router-server
Configure Inter Conductor Router Server
Subcommands
command | description |
---|---|
delete | Delete configuration data |
interval | Timeout interval in seconds to send keepalive from SSHD server when an SSH connection is idle between the conductor and a managed router. |
max-attempts | Number of keepalive messages sent from SSHD server before disconnecting an SSH connection between the conductor and a managed router. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'inter-conductor-router-server' |
configure authority router node ssh-keepalive inter-conductor-router-server interval
Timeout interval in seconds to send keepalive from SSHD server when an SSH connection is idle between the conductor and a managed router.
Usage
configure authority router node ssh-keepalive inter-conductor-router-server interval [<ssh-keepalive-interval>]
Positional Arguments
name | description |
---|---|
ssh-keepalive-interval | The value to set for this field |
Description
Default: 5
A restart is required if interval is created, modified, or deleted
ssh-keepalive-interval (uint8)
Timeout interval in seconds to send keepalive when an SSH connection is idle.
Range: 1-10
configure authority router node ssh-keepalive inter-conductor-router-server max-attempts
Number of keepalive messages sent from SSHD server before disconnecting an SSH connection between the conductor and a managed router.
Usage
configure authority router node ssh-keepalive inter-conductor-router-server max-attempts [<ssh-keepalive-max-attempts>]
Positional Arguments
name | description |
---|---|
ssh-keepalive-max-attempts | The value to set for this field |
Description
Default: 4
A restart is required if max-attempts is created, modified, or deleted
ssh-keepalive-max-attempts (uint8)
Number of keepalive messages sent before disconnecting an SSH connection.
Range: 1-20
configure authority router node ssh-keepalive inter-node
Configure Inter Node
Subcommands
command | description |
---|---|
delete | Delete configuration data |
interval | Timeout interval in seconds to send keepalive from SSH client when an SSH connection is idle between nodes within a router. |
max-attempts | Number of keepalive messages sent from SSH client before disconnecting an SSH connection between nodes within a router. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'inter-node' |
configure authority router node ssh-keepalive inter-node interval
Timeout interval in seconds to send keepalive from SSH client when an SSH connection is idle between nodes within a router.
Usage
configure authority router node ssh-keepalive inter-node interval [<ssh-keepalive-interval>]
Positional Arguments
name | description |
---|---|
ssh-keepalive-interval | The value to set for this field |
Description
Default: 1
A restart is required if interval is created, modified, or deleted
ssh-keepalive-interval (uint8)
Timeout interval in seconds to send keepalive when an SSH connection is idle.
Range: 1-10
configure authority router node ssh-keepalive inter-node max-attempts
Number of keepalive messages sent from SSH client before disconnecting an SSH connection between nodes within a router.
Usage
configure authority router node ssh-keepalive inter-node max-attempts [<ssh-keepalive-max-attempts>]
Positional Arguments
name | description |
---|---|
ssh-keepalive-max-attempts | The value to set for this field |
Description
Default: 9
A restart is required if max-attempts is created, modified, or deleted
ssh-keepalive-max-attempts (uint8)
Number of keepalive messages sent before disconnecting an SSH connection.
Range: 1-20
configure authority router node ssh-keepalive inter-node-server
Configure Inter Node Server
Subcommands
command | description |
---|---|
delete | Delete configuration data |
interval | Timeout interval in seconds to send keepalive from SSHD server when an SSH connection is idle between nodes within a router. |
max-attempts | Number of keepalive messages sent from SSHD server before disconnecting an SSH connection between nodes within a router. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'inter-node-server' |
configure authority router node ssh-keepalive inter-node-server interval
Timeout interval in seconds to send keepalive from SSHD server when an SSH connection is idle between nodes within a router.
Usage
configure authority router node ssh-keepalive inter-node-server interval [<ssh-keepalive-interval>]
Positional Arguments
name | description |
---|---|
ssh-keepalive-interval | The value to set for this field |
Description
Default: 1
A restart is required if interval is created, modified, or deleted
ssh-keepalive-interval (uint8)
Timeout interval in seconds to send keepalive when an SSH connection is idle.
Range: 1-10
configure authority router node ssh-keepalive inter-node-server max-attempts
Number of keepalive messages sent from SSHD server before disconnecting an SSH connection between nodes within a router.
Usage
configure authority router node ssh-keepalive inter-node-server max-attempts [<ssh-keepalive-max-attempts>]
Positional Arguments
name | description |
---|---|
ssh-keepalive-max-attempts | The value to set for this field |
Description
Default: 9
A restart is required if max-attempts is created, modified, or deleted
ssh-keepalive-max-attempts (uint8)
Number of keepalive messages sent before disconnecting an SSH connection.
Range: 1-20
configure authority router node ssh-keepalive inter-router
Configure Inter Router
Subcommands
command | description |
---|---|
delete | Delete configuration data |
interval | Timeout interval in seconds to send keepalive from SSH client when an SSH connection is idle between the conductor and a managed router. |
max-attempts | Number of keepalive messages sent from SSH client before disconnecting an SSH connection between the conductor and a managed router. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'inter-router' |
configure authority router node ssh-keepalive inter-router interval
Timeout interval in seconds to send keepalive from SSH client when an SSH connection is idle between the conductor and a managed router.
Usage
configure authority router node ssh-keepalive inter-router interval [<ssh-keepalive-interval>]
Positional Arguments
name | description |
---|---|
ssh-keepalive-interval | The value to set for this field |
Description
Default: 5
A restart is required if interval is created, modified, or deleted
ssh-keepalive-interval (uint8)
Timeout interval in seconds to send keepalive when an SSH connection is idle.
Range: 1-10
configure authority router node ssh-keepalive inter-router max-attempts
Number of keepalive messages sent from SSH client before disconnecting an SSH connection between the conductor and a managed router.
Usage
configure authority router node ssh-keepalive inter-router max-attempts [<ssh-keepalive-max-attempts>]
Positional Arguments
name | description |
---|---|
ssh-keepalive-max-attempts | The value to set for this field |
Description
Default: 4
A restart is required if max-attempts is created, modified, or deleted
ssh-keepalive-max-attempts (uint8)
Number of keepalive messages sent before disconnecting an SSH connection.
Range: 1-20
configure authority router node ssh-settings
Configure SSH Settings
Subcommands
command | description |
---|---|
delete | Delete configuration data |
inter-node | Configure Inter Node |
inter-router | Configure Inter Router |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'ssh-settings' |
configure authority router node ssh-settings inter-node
Configure Inter Node
Subcommands
command | description |
---|---|
delete | Delete configuration data |
host-key-checking | Whether or not to check the host key of the remote node when establishing an SSH connection between nodes within a router. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'inter-node' |
configure authority router node ssh-settings inter-node host-key-checking
Whether or not to check the host key of the remote node when establishing an SSH connection between nodes within a router.
Usage
configure authority router node ssh-settings inter-node host-key-checking [<ssh-host-key-checking>]
Positional Arguments
name | description |
---|---|
ssh-host-key-checking | The value to set for this field |
Description
Default: no
A restart is required if host-key-checking is created, modified, or deleted
ssh-host-key-checking (enumeration)
Whether to check host keys when connecting to a remote host.
Options:
- no: Do not check host keys.
- yes: Check host keys.
- accept-new: Accept new host keys.
configure authority router node ssh-settings inter-router
Configure Inter Router
Subcommands
command | description |
---|---|
delete | Delete configuration data |
host-key-checking | Whether or not to check the host key of the remote node when establishing an SSH connection between the conductor and a managed router. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'inter-router' |
configure authority router node ssh-settings inter-router host-key-checking
Whether or not to check the host key of the remote node when establishing an SSH connection between the conductor and a managed router.
Usage
configure authority router node ssh-settings inter-router host-key-checking [<ssh-host-key-checking>]
Positional Arguments
name | description |
---|---|
ssh-host-key-checking | The value to set for this field |
Description
Default: no
A restart is required if host-key-checking is created, modified, or deleted
ssh-host-key-checking (enumeration)
Whether to check host keys when connecting to a remote host.
Options:
- no: Do not check host keys.
- yes: Check host keys.
- accept-new: Accept new host keys.
configure authority router node top-sessions
Views of top sessions by an ordering criteria.
Subcommands
command | description |
---|---|
bandwidth | Top sessions by bandwidth usage. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'top-sessions' |
configure authority router node top-sessions bandwidth
Top sessions by bandwidth usage.
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
session | Configure Session |
show | Show configuration data for 'bandwidth' |
tstamp | Configure Tstamp |
configure authority router node top-sessions bandwidth session
Configure Session
Usage
configure authority router node top-sessions bandwidth session <session-id>
Positional Arguments
name | description |
---|---|
session-id | The globally-unique session identification number |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
destination-ip | The destination IP of the session |
destination-port | The destination port of the session |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
protocol | The transport protocol |
service-name | The name of the service that created session |
session-id | The globally-unique session identification number |
show | Show configuration data for 'session' |
source-ip | The source IP of the session |
source-port | The source port of the session |
tenant | The tenant in which the session originated |
value | Session's value |
configure authority router node top-sessions bandwidth session destination-ip
The destination IP of the session
Usage
configure authority router node top-sessions bandwidth session destination-ip [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node top-sessions bandwidth session destination-port
The destination port of the session
Usage
configure authority router node top-sessions bandwidth session destination-port [<port-number>]
Positional Arguments
name | description |
---|---|
port-number | The value to set for this field |
Description
port-number (uint16)
The port-number type represents a 16-bit port number of an Internet transport layer protocol such as UDP, TCP, DCCP, or SCTP. Port numbers are assigned by IANA. A current list of all assignments is available from <http://www.iana.org/>.
Note that the port number value zero is reserved by IANA. In situations where the value zero does not make sense, it can be excluded by subtyping the port-number type.
In the value set and its semantics, this type is equivalent to the InetPortNumber textual convention of the SMIv2.
Range: 0-65535
configure authority router node top-sessions bandwidth session protocol
The transport protocol
Usage
configure authority router node top-sessions bandwidth session protocol [<protocol>]
Positional Arguments
name | description |
---|---|
protocol | The value to set for this field |
Description
protocol (enumeration)
Transport (Layer 4) protocol.
Options:
- tcp: Transmission Control Protocol.
- udp: User Datagram Protocol.
- icmp: Internet Control Management Protocol.
- gre: Generic Routing Encapsulation Protocol.
- esp: IPSec Encapsulating Security Payload Protocol.
- pim: Protocol Independent Multicast.
configure authority router node top-sessions bandwidth session service-name
The name of the service that created session
Usage
configure authority router node top-sessions bandwidth session service-name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router node top-sessions bandwidth session session-id
The globally-unique session identification number
Usage
configure authority router node top-sessions bandwidth session session-id [<session-id>]
Positional Arguments
name | description |
---|---|
session-id | The value to set for this field |
Description
session-id (string)
A globally-unique session identifier.
configure authority router node top-sessions bandwidth session source-ip
The source IP of the session
Usage
configure authority router node top-sessions bandwidth session source-ip [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router node top-sessions bandwidth session source-port
The source port of the session
Usage
configure authority router node top-sessions bandwidth session source-port [<port-number>]
Positional Arguments
name | description |
---|---|
port-number | The value to set for this field |
Description
port-number (uint16)
The port-number type represents a 16-bit port number of an Internet transport layer protocol such as UDP, TCP, DCCP, or SCTP. Port numbers are assigned by IANA. A current list of all assignments is available from <http://www.iana.org/>.
Note that the port number value zero is reserved by IANA. In situations where the value zero does not make sense, it can be excluded by subtyping the port-number type.
In the value set and its semantics, this type is equivalent to the InetPortNumber textual convention of the SMIv2.
Range: 0-65535
configure authority router node top-sessions bandwidth session tenant
The tenant in which the session originated
Usage
configure authority router node top-sessions bandwidth session tenant [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router node top-sessions bandwidth session value
Session's value
Usage
configure authority router node top-sessions bandwidth session value [<decimal64>]
Positional Arguments
name | description |
---|---|
decimal64 | The value to set for this field |
Description
decimal64
A 64-bit decimal value.
Fraction digits: 4
configure authority router node top-sessions bandwidth tstamp
Configure Tstamp
Usage
configure authority router node top-sessions bandwidth tstamp [<timestamp>]
Positional Arguments
name | description |
---|---|
timestamp | The value to set for this field |
Description
timestamp (uint32)
Number of seconds since UNIX epoch.
configure authority router node usb-mass-storage-enabled
Allow mounting of USB mass-storage devices.
Usage
configure authority router node usb-mass-storage-enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
a restart is required if usb-mass-storage-enabled is created, modified, or deleted
boolean
A true or false value.
Options: true or false
configure authority router path-mtu-discovery
Automatic path MTU discovery between nodes within the router.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Controls whether or not peer-path MTU discovery is performed |
interval | Represents the frequency with which the peer-path MTU discovery is performed. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'path-mtu-discovery' |
configure authority router path-mtu-discovery enabled
Controls whether or not peer-path MTU discovery is performed
Usage
configure authority router path-mtu-discovery enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router path-mtu-discovery interval
Represents the frequency with which the peer-path MTU discovery is performed.
Usage
configure authority router path-mtu-discovery interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 600
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router peer
Defines the properties associated with peer SSRs. The peer may be another router in the same authority or a router in a different authority
Usage
configure authority router peer <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary name that represents the properties associated with the peer router. Typically this will be the name of the authority or the value of the name field in the peer's router configuration. |
Subcommands
command | description |
---|---|
authority-name | Name of the authority of the peer router. |
bfd | BFD parameters for the peer router (deprecated). This is being replaced by BFD parameters in the neighborhood and adjacency in network-interfaces. |
delete | Delete configuration data |
description | A description of the peer router. |
generated | Indicates whether or not the Peer was automatically generated as a result of routers existing in the same neighborhood. |
name | An arbitrary name that represents the properties associated with the peer router. Typically this will be the name of the authority or the value of the name field in the peer's router configuration. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
router-name | Name of the peer router. |
show | Show configuration data for 'peer' |
configure authority router peer authority-name
Name of the authority of the peer router.
Usage
configure authority router peer authority-name [<authority-name>]
Positional Arguments
name | description |
---|---|
authority-name | The value to set for this field |
Description
authority-name (string) (required)
A text value.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router peer bfd
BFD parameters for the peer router (deprecated). This is being replaced by BFD parameters in the neighborhood and adjacency in network-interfaces.
Subcommands
command | description |
---|---|
authentication-type | Describes the authentication type used in BFD packets |
delete | Delete configuration data |
desired-tx-interval | Represents the frequency with which BFD asynchronous control packets are sent to peer nodes/routers. |
dscp | The DSCP value to use with BFD packets. |
dynamic-damping | When enabled, extend the hold-down time if additional link flaps occur during the hold-down period. |
hold-down-time | Represents the hold-down time. If dynamic-damping is enabled, this is the initial hold-down time. |
link-test-interval | This represents the interval between BFD echo tests sent to the peer node/router. |
link-test-length | This is the number of packets sent during one test cycle. A value of 0 disables BFD echo tests. |
maximum-hold-down-time | Represents the maximum hold-down time of dynamic-damping exponential backoff. If the hold-down-time hits the maximum three times in a row, it will reset back to the original value. |
multiplier | Number of consecutive missed messages from a peer before deciding that the link between them is unusable. Valid range is (3,20). |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
required-min-rx-interval | Represents the minimum interval between BFD asynchronous control packets that this router is capable of supporting. |
show | Show configuration data for 'bfd' |
state | When enabled, run BFD between all nodes within the router. |
Description
bfd
is deprecated and will be removed in a future software version
configure authority router peer bfd authentication-type
Describes the authentication type used in BFD packets
Usage
configure authority router peer bfd authentication-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: sha256
authentication-type
is deprecated and will be removed in a future software version
enumeration
A value from a set of predefined names.
Options:
- simple: Simple Password.
- sha256: SHA256
configure authority router peer bfd desired-tx-interval
Represents the frequency with which BFD asynchronous control packets are sent to peer nodes/routers.
Usage
configure authority router peer bfd desired-tx-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
desired-tx-interval
is deprecated and will be removed in a future software version
uint32
An unsigned 32-bit integer.
Range: 50-600000
configure authority router peer bfd dscp
The DSCP value to use with BFD packets.
Usage
configure authority router peer bfd dscp [<dscp>]
Positional Arguments
name | description |
---|---|
dscp | The value to set for this field |
Description
Default: 0
dscp
is deprecated and will be removed in a future software version
dscp (uint8)
A DSCP value (0-63)
Range: 0-63
configure authority router peer bfd dynamic-damping
When enabled, extend the hold-down time if additional link flaps occur during the hold-down period.
Usage
configure authority router peer bfd dynamic-damping [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: disabled
dynamic-damping
is deprecated and will be removed in a future software version
enumeration
A value from a set of predefined names.
Options:
- enabled: Extend hold-down time exponentially if link flaps occur during hold-down time.
- disabled: Use simple hold-down timer for every link up event.
configure authority router peer bfd hold-down-time
Represents the hold-down time. If dynamic-damping is enabled, this is the initial hold-down time.
Usage
configure authority router peer bfd hold-down-time [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 5
hold-down-time
is deprecated and will be removed in a future software version
uint32
An unsigned 32-bit integer.
Range: 1-300
configure authority router peer bfd link-test-interval
This represents the interval between BFD echo tests sent to the peer node/router.
Usage
configure authority router peer bfd link-test-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 10
link-test-interval
is deprecated and will be removed in a future software version
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router peer bfd link-test-length
This is the number of packets sent during one test cycle. A value of 0 disables BFD echo tests.
Usage
configure authority router peer bfd link-test-length [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Units: packets
Default: 10
link-test-length
is deprecated and will be removed in a future software version
uint8
An unsigned 8-bit integer.
Range: 0-255
configure authority router peer bfd maximum-hold-down-time
Represents the maximum hold-down time of dynamic-damping exponential backoff. If the hold-down-time hits the maximum three times in a row, it will reset back to the original value.
Usage
configure authority router peer bfd maximum-hold-down-time [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 3600
maximum-hold-down-time
is deprecated and will be removed in a future software version
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router peer bfd multiplier
Number of consecutive missed messages from a peer before deciding that the link between them is unusable. Valid range is (3,20).
Usage
configure authority router peer bfd multiplier [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 3
multiplier
is deprecated and will be removed in a future software version
uint8
An unsigned 8-bit integer.
Range: 3-20
configure authority router peer bfd required-min-rx-interval
Represents the minimum interval between BFD asynchronous control packets that this router is capable of supporting.
Usage
configure authority router peer bfd required-min-rx-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
required-min-rx-interval
is deprecated and will be removed in a future software version
uint32
An unsigned 32-bit integer.
configure authority router peer bfd state
When enabled, run BFD between all nodes within the router.
Usage
configure authority router peer bfd state [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: enabled
state
is deprecated and will be removed in a future software version
enumeration
A value from a set of predefined names.
Options:
- enabled: BFD is enabled on all nodes of this router.
- disabled: BFD is disabled on all nodes of this router.
configure authority router peer description
A description of the peer router.
Usage
configure authority router peer description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router peer generated
Indicates whether or not the Peer was automatically generated as a result of routers existing in the same neighborhood.
Usage
configure authority router peer generated [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
boolean
A true or false value.
Options: true or false
configure authority router peer name
An arbitrary name that represents the properties associated with the peer router. Typically this will be the name of the authority or the value of the name field in the peer's router configuration.
Usage
configure authority router peer name [<peer-name>]
Positional Arguments
name | description |
---|---|
peer-name | The value to set for this field |
Description
peer-name (string)
A string identifier for a peer, which uses alphanumerics, underscores, dots, or dashes, and cannot exceed 253 characters.
Must contain only alphanumeric characters or any of the following: - _ . (e.g., MyFirst-SSR-Router). Length: 0-253
configure authority router peer router-name
Name of the peer router.
Usage
configure authority router peer router-name [<router-name>]
Positional Arguments
name | description |
---|---|
router-name | The value to set for this field |
Description
router-name (string) (required)
A text value.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router rate-limit-policy
Configuration for rate limiting policy for all associated service traffic across all interfaces on a given node, when configured within a service-class.
Usage
configure authority router rate-limit-policy <name>
Positional Arguments
name | description |
---|---|
name | The name for the rate limit policy. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
download-settings | max rate and burst values for rate-limiting applied for download of traffic. |
mode | Configure Mode |
name | The name for the rate limit policy. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'rate-limit-policy' |
upload-settings | max rate and burst values for rate-limiting applied for upload of traffic. |
configure authority router rate-limit-policy download-settings
max rate and burst values for rate-limiting applied for download of traffic.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
max-burst | Limit the maximum burst size to this value. |
max-rate | Limit the maximum rate to this value. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'download-settings' |
configure authority router rate-limit-policy download-settings max-burst
Limit the maximum burst size to this value.
Usage
configure authority router rate-limit-policy download-settings max-burst [<uint64>]
Positional Arguments
name | description |
---|---|
uint64 | The value to set for this field |
Description
Units: bits
uint64 (required)
An unsigned 64-bit integer.
Range: 0-107374182400
configure authority router rate-limit-policy download-settings max-rate
Limit the maximum rate to this value.
Usage
configure authority router rate-limit-policy download-settings max-rate [<uint64>]
Positional Arguments
name | description |
---|---|
uint64 | The value to set for this field |
Description
Units: bits/second
uint64 (required)
An unsigned 64-bit integer.
Range: 0-107374182400
configure authority router rate-limit-policy mode
Configure Mode
Usage
configure authority router rate-limit-policy mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: per-service
enumeration
A value from a set of predefined names.
Options:
- per-service: Apply this rate limit policy at a per-service granularity.
- shared: This rate limit policy may be shared across different services.
configure authority router rate-limit-policy name
The name for the rate limit policy.
Usage
configure authority router rate-limit-policy name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router rate-limit-policy upload-settings
max rate and burst values for rate-limiting applied for upload of traffic.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
max-burst | Limit the maximum burst size to this value. |
max-rate | Limit the maximum rate to this value. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'upload-settings' |
configure authority router rate-limit-policy upload-settings max-burst
Limit the maximum burst size to this value.
Usage
configure authority router rate-limit-policy upload-settings max-burst [<uint64>]
Positional Arguments
name | description |
---|---|
uint64 | The value to set for this field |
Description
Units: bits
uint64 (required)
An unsigned 64-bit integer.
Range: 0-107374182400
configure authority router rate-limit-policy upload-settings max-rate
Limit the maximum rate to this value.
Usage
configure authority router rate-limit-policy upload-settings max-rate [<uint64>]
Positional Arguments
name | description |
---|---|
uint64 | The value to set for this field |
Description
Units: bits/second
uint64 (required)
An unsigned 64-bit integer.
Range: 0-107374182400
configure authority router reachability-profile
Defines a traffic profile for reachability-detection enforcement
Usage
configure authority router reachability-profile <name>
Positional Arguments
name | description |
---|---|
name | Name of the reachability-profile |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
name | Name of the reachability-profile |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
protocol | Reachability-detection enforcement for a protocol |
show | Show configuration data for 'reachability-profile' |
configure authority router reachability-profile name
Name of the reachability-profile
Usage
configure authority router reachability-profile name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router reachability-profile protocol
Reachability-detection enforcement for a protocol
Usage
configure authority router reachability-profile protocol <protocol-type>
Positional Arguments
name | description |
---|---|
protocol-type | The protocol to enforce reachability for |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
protocol-type | The protocol to enforce reachability for |
show | Show configuration data for 'protocol' |
traffic-class | Reachability-detection enforcement for a traffic-class |
configure authority router reachability-profile protocol protocol-type
The protocol to enforce reachability for
Usage
configure authority router reachability-profile protocol protocol-type [<reachability-profile-protocol>]
Positional Arguments
name | description |
---|---|
reachability-profile-protocol | The value to set for this field |
Description
reachability-profile-protocol (enumeration)
A value from a set of predefined names.
Options:
- tcp: Traffic profile settings for TCP
- tls: Traffic profile settings for TLS
- udp: Traffic profile settings for UDP
configure authority router reachability-profile protocol traffic-class
Reachability-detection enforcement for a traffic-class
Usage
configure authority router reachability-profile protocol traffic-class <traffic-class-id>
Positional Arguments
name | description |
---|---|
traffic-class-id | Type of traffic-class to enforce |
Subcommands
command | description |
---|---|
acceptable-error-threshold | Percentage of errors acceptable on the path before taking it offline. For TCP, this will include session closed before establishment, and any ICMP error that constitutes and session timeout before establishment. For UDP, this will include the destination unreachable class of ICMP errors |
delete | Delete configuration data |
enabled | Enable reachability-detection enforcment for this protocol and traffic class |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'traffic-class' |
time-to-establishment | Reachability-detection time-to-establishment metrics |
traffic-class-id | Type of traffic-class to enforce |
configure authority router reachability-profile protocol traffic-class acceptable-error-threshold
Percentage of errors acceptable on the path before taking it offline. For TCP, this will include session closed before establishment, and any ICMP error that constitutes and session timeout before establishment. For UDP, this will include the destination unreachable class of ICMP errors
Usage
configure authority router reachability-profile protocol traffic-class acceptable-error-threshold [<percentage>]
Positional Arguments
name | description |
---|---|
percentage | The value to set for this field |
Description
Units: percent
Default: 25
percentage (uint8)
Integer indicating a percentage value
Range: 0-100
configure authority router reachability-profile protocol traffic-class enabled
Enable reachability-detection enforcment for this protocol and traffic class
Usage
configure authority router reachability-profile protocol traffic-class enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router reachability-profile protocol traffic-class time-to-establishment
Reachability-detection time-to-establishment metrics
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Include time-to-establishment metrics in reachability-detection |
max | Maximum acceptable session time-to-establishment in the detection window |
mean | Maximum mean session time-to-establishment over the detection window |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'time-to-establishment' |
configure authority router reachability-profile protocol traffic-class time-to-establishment enabled
Include time-to-establishment metrics in reachability-detection
Usage
configure authority router reachability-profile protocol traffic-class time-to-establishment enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router reachability-profile protocol traffic-class time-to-establishment max
Maximum acceptable session time-to-establishment in the detection window
Usage
configure authority router reachability-profile protocol traffic-class time-to-establishment max [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 500
uint32
An unsigned 32-bit integer.
configure authority router reachability-profile protocol traffic-class time-to-establishment mean
Maximum mean session time-to-establishment over the detection window
Usage
configure authority router reachability-profile protocol traffic-class time-to-establishment mean [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 250
uint32
An unsigned 32-bit integer.
configure authority router reachability-profile protocol traffic-class traffic-class-id
Type of traffic-class to enforce
Usage
configure authority router reachability-profile protocol traffic-class traffic-class-id [<net-traffic-class>]
Positional Arguments
name | description |
---|---|
net-traffic-class | The value to set for this field |
Description
net-traffic-class (enumeration)
Relative priority of traffic.
Options:
- high: High priority traffic class.
- medium: Medium priority traffic class.
- low: Low priority traffic class.
- best-effort: Best-effort priority traffic class.
configure authority router redundancy-group
A group of redundant interfaces which will fail over together if one goes down for any reason.
Usage
configure authority router redundancy-group <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary, unique name for this group. |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
description | A description of the redundancy-group. |
member | Configure Member |
name | An arbitrary, unique name for this group. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
priority | Priority of member interfaces relative to their redundant interfaces. Higher priority interfaces take precedence. |
show | Show configuration data for 'redundancy-group' |
configure authority router redundancy-group description
A description of the redundancy-group.
Usage
configure authority router redundancy-group description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router redundancy-group member
Configure Member
Usage
configure authority router redundancy-group member <node> <device-id>
Positional Arguments
name | description |
---|---|
node | Name of the node the interface is on. |
device-id | Device interface name. |
Subcommands
command | description |
---|---|
device-id | Device interface name. |
node | Name of the node the interface is on. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'member' |
configure authority router redundancy-group member device-id
Device interface name.
Usage
configure authority router redundancy-group member device-id [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router redundancy-group member node
Name of the node the interface is on.
Usage
configure authority router redundancy-group member node [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router redundancy-group name
An arbitrary, unique name for this group.
Usage
configure authority router redundancy-group name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router redundancy-group priority
Priority of member interfaces relative to their redundant interfaces. Higher priority interfaces take precedence.
Usage
configure authority router redundancy-group priority [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
uint8 (required)
An unsigned 8-bit integer.
Range: 0-100
configure authority router resource-group
Associate this router with a top-level resource-group.
Usage
configure authority router resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority router reverse-flow-enforcement
When to enforce biflow reverse fib entry check
Usage
configure authority router reverse-flow-enforcement [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: none
enumeration
A value from a set of predefined names.
Options:
- none: Do not perform reverse fib entry lookup to set up reverse flow
- strict: Perform strict uRPF check on reverse fib entry next hop to set up reverse flow
configure authority router reverse-packet-session-resiliency
Parameters for setting session failover behavior without presence of forward traffic.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
detection-interval | Frequency at which each session will be checked for failover trigger in the absence of forward traffic. |
enabled | Whether reverse packet triggered failover is enabled on this router when session resiliency is set. |
minimum-packet-count | Minimum number of packets received on the flow to activate the feature |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'reverse-packet-session-resiliency' |
configure authority router reverse-packet-session-resiliency detection-interval
Frequency at which each session will be checked for failover trigger in the absence of forward traffic.
Usage
configure authority router reverse-packet-session-resiliency detection-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 5
uint32
An unsigned 32-bit integer.
Range: 1-30
configure authority router reverse-packet-session-resiliency enabled
Whether reverse packet triggered failover is enabled on this router when session resiliency is set.
Usage
configure authority router reverse-packet-session-resiliency enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router reverse-packet-session-resiliency minimum-packet-count
Minimum number of packets received on the flow to activate the feature
Usage
configure authority router reverse-packet-session-resiliency minimum-packet-count [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: packets
Default: 3
uint32
An unsigned 32-bit integer.
Range: 1-999999
configure authority router router-group
Logical group of routers for filtering services.
Usage
configure authority router router-group [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | Value to add to this list |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router routing
A router-level container for all of the routing policies associated with a given SSR deployment. Each routing element may have one and only one routing-instance.
Usage
configure authority router routing <type>
Positional Arguments
name | description |
---|---|
type | The type of the routing instance. |
Subcommands
command | description |
---|---|
clone | Clone a list item |
debug | Routing engine debug commands. |
delete | Delete configuration data |
description | Textual description of the routing instance. |
igmp | IGMP configuration |
interface | Internal loopback interface used for routing protocols |
mist-events | MIST Event Configuration. |
msdp | MSDP configuration |
ospf | OSPF instance configuration |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
pim | PIM configuration |
rib-policy | List of protocol specific RIB policies |
routing-protocol | Each entry contains configuration of a routing protocol instance. |
service-admin-distance | Administrative distance for routes generated from services. |
show | Show configuration data for 'routing' |
static-route | A list of static routes. The sub-element that allows administrators to configure static routes, that will be entered into the SSR's Routing Information Base (RIB). |
type | The type of the routing instance. |
vrf | A list of virtual router and forward instances (VRF's). |
configure authority router routing debug
Routing engine debug commands.
Subcommands
command | description |
---|---|
bfd | Debug BFD commands. |
bgp | Debug BGP commands. |
delete | Delete configuration data |
ospf | Debug OSPF commands. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
rib | Debug RIB Manager commands. |
show | Show configuration data for 'debug' |
static-route | Debug static route commands. |
configure authority router routing debug bfd
Debug BFD commands.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
network | Debug BFD network layer. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
peer | Debug BFD peer events. |
rib | Debug BFD RIB. |
show | Show configuration data for 'bfd' |
configure authority router routing debug bfd network
Debug BFD network layer.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'network' |
configure authority router routing debug bfd peer
Debug BFD peer events.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'peer' |
configure authority router routing debug bfd rib
Debug BFD RIB.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'rib' |
configure authority router routing debug bgp
Debug BGP commands.
Subcommands
command | description |
---|---|
bestpath | Debug BGP bestpath. |
bfd | Debug BGP BFD. |
delete | Delete configuration data |
graceful-restart | Debug BGP graceful restart. |
keepalives | Debug BGP keepalives. |
neighbor-events | Debug BGP neighbor events. |
nht | Debug BGP next hop tracker (NHT). |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
rib | Debug BGP RIB. |
show | Show configuration data for 'bgp' |
update-groups | Debug BGP update groups. |
updates | Debug BGP update. |
vpn | Debug BGP VPN. |
configure authority router routing debug bgp bestpath
Debug BGP bestpath.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
prefix | Debug BGP bestpath prefix. |
show | Show configuration data for 'bestpath' |
configure authority router routing debug bgp bestpath prefix
Debug BGP bestpath prefix.
Usage
configure authority router routing debug bgp bestpath prefix [<ip-prefix>]
Positional Arguments
name | description |
---|---|
ip-prefix | Value to add to this list |
Description
ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority router routing debug bgp bfd
Debug BGP BFD.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'bfd' |
configure authority router routing debug bgp graceful-restart
Debug BGP graceful restart.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'graceful-restart' |
configure authority router routing debug bgp keepalives
Debug BGP keepalives.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'keepalives' |
configure authority router routing debug bgp neighbor-events
Debug BGP neighbor events.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'neighbor-events' |
configure authority router routing debug bgp nht
Debug BGP next hop tracker (NHT).
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'nht' |
configure authority router routing debug bgp rib
Debug BGP RIB.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'rib' |
configure authority router routing debug bgp update-groups
Debug BGP update groups.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'update-groups' |
configure authority router routing debug bgp updates
Debug BGP update.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
in | Debug BGP updates in. |
out | Debug BGP updates out. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
prefix | Debug BGP update prefix. |
show | Show configuration data for 'updates' |
configure authority router routing debug bgp updates in
Debug BGP updates in.
Usage
configure authority router routing debug bgp updates in [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router routing debug bgp updates out
Debug BGP updates out.
Usage
configure authority router routing debug bgp updates out [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router routing debug bgp updates prefix
Debug BGP update prefix.
Usage
configure authority router routing debug bgp updates prefix [<ip-prefix>]
Positional Arguments
name | description |
---|---|
ip-prefix | Value to add to this list |
Description
ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority router routing debug bgp vpn
Debug BGP VPN.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
leak-from-vrf | Debug BGP leak from VRF events. |
leak-to-vrf | Debug BGP leak to VRF events. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'vpn' |
configure authority router routing debug bgp vpn leak-from-vrf
Debug BGP leak from VRF events.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'leak-from-vrf' |
configure authority router routing debug bgp vpn leak-to-vrf
Debug BGP leak to VRF events.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'leak-to-vrf' |
configure authority router routing debug ospf
Debug OSPF commands.
Subcommands
command | description |
---|---|
bfd | Debug OSPF BFD. |
default-information | Debug OSPF default information. |
delete | Delete configuration data |
events | Debug OSPF events. |
graceful-restart | Debug OSPF graceful restart. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'ospf' |
configure authority router routing debug ospf bfd
Debug OSPF BFD.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'bfd' |
configure authority router routing debug ospf default-information
Debug OSPF default information.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'default-information' |
configure authority router routing debug ospf events
Debug OSPF events.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'events' |
configure authority router routing debug ospf graceful-restart
Debug OSPF graceful restart.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'graceful-restart' |
configure authority router routing debug rib
Debug RIB Manager commands.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
events | Debug RIB events. |
fpm | Debug RIB FIB push module (FPM). |
kernel | Debug RIB kernel. |
nexthop | Debug RIB next hop. |
nht | Debug RIB next hop tracker (NHT). |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
packet | Debug RIB packets). |
show | Show configuration data for 'rib' |
table | Debug RIB table. |
configure authority router routing debug rib events
Debug RIB events.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'events' |
configure authority router routing debug rib fpm
Debug RIB FIB push module (FPM).
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'fpm' |
configure authority router routing debug rib kernel
Debug RIB kernel.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'kernel' |
configure authority router routing debug rib nexthop
Debug RIB next hop.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'nexthop' |
configure authority router routing debug rib nht
Debug RIB next hop tracker (NHT).
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'nht' |
configure authority router routing debug rib packet
Debug RIB packets).
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'packet' |
configure authority router routing debug rib table
Debug RIB table.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'table' |
configure authority router routing debug static-route
Debug static route commands.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
events | Debug static route events. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
routes | Debug static route routes. |
show | Show configuration data for 'static-route' |
configure authority router routing debug static-route events
Debug static route events.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'events' |
configure authority router routing debug static-route routes
Debug static route routes.
Subcommands
command | description |
---|---|
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'routes' |
configure authority router routing description
Textual description of the routing instance.
Usage
configure authority router routing description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router routing igmp
IGMP configuration
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
interface | List of IGMP interfaces |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'igmp' |
configure authority router routing igmp interface
List of IGMP interfaces
Usage
configure authority router routing igmp interface <node> <interface>
Positional Arguments
name | description |
---|---|
node | Interface node name |
interface | Network interface name |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
interface | Network interface name |
join | List of Groups to join |
node | Interface node name |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'interface' |
version | IGMP Version |
configure authority router routing igmp interface interface
Network interface name
Usage
configure authority router routing igmp interface interface [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing igmp interface join
List of Groups to join
Usage
configure authority router routing igmp interface join <group>
Positional Arguments
name | description |
---|---|
group | IPv4 address of the Group to Join |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
group | IPv4 address of the Group to Join |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'join' |
source | IPv4 address of the Source to Join |
configure authority router routing igmp interface join group
IPv4 address of the Group to Join
Usage
configure authority router routing igmp interface join group [<multicast-ipv4-address>]
Positional Arguments
name | description |
---|---|
multicast-ipv4-address | The value to set for this field |
Description
multicast-ipv4-address (string)
A multicast IPv4 address
Must be a valid IPv4 address.
configure authority router routing igmp interface join source
IPv4 address of the Source to Join
Usage
configure authority router routing igmp interface join source [<unicast-ipv4-address>]
Positional Arguments
name | description |
---|---|
unicast-ipv4-address | The value to set for this field |
Description
unicast-ipv4-address (string)
A unicast IPv4 address
Must be a valid IPv4 address.
configure authority router routing igmp interface node
Interface node name
Usage
configure authority router routing igmp interface node [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing igmp interface version
IGMP Version
Usage
configure authority router routing igmp interface version [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 3
uint8
An unsigned 8-bit integer.
Range: 2-3
configure authority router routing interface
Internal loopback interface used for routing protocols
Usage
configure authority router routing interface <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary, unique name for the routing interface, used to reference it in other routing configuration sections. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Administratively enable/disable the interface. |
ip-address | The IP address of the interface. |
name | An arbitrary, unique name for the routing interface, used to reference it in other routing configuration sections. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'interface' |
configure authority router routing interface enabled
Administratively enable/disable the interface.
Usage
configure authority router routing interface enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router routing interface ip-address
The IP address of the interface.
Usage
configure authority router routing interface ip-address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union) (required)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string) (required)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string) (required)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router routing interface name
An arbitrary, unique name for the routing interface, used to reference it in other routing configuration sections.
Usage
configure authority router routing interface name [<bridge-name>]
Positional Arguments
name | description |
---|---|
bridge-name | The value to set for this field |
Description
bridge-name (string)
A string identifier for bridge-name which only uses alphanumerics, underscores, or dashes, and cannot exceed 15 characters.
Must contain only alphanumeric characters, start with a alphabet and can contain any of the following: _ - The name 'lo' is reserved. Length: 0-15
configure authority router routing mist-events
MIST Event Configuration.
Subcommands
command | description |
---|---|
bgp | MIST BGP Event Configuration. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'mist-events' |
configure authority router routing mist-events bgp
MIST BGP Event Configuration.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enable | Enable/Disable MIST BGP Event Generation. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'bgp' |
configure authority router routing mist-events bgp enable
Enable/Disable MIST BGP Event Generation.
Usage
configure authority router routing mist-events bgp enable [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing msdp
MSDP configuration
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
mesh-group | MSDP Mesh-Group Configuration |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
peer | MSDP Peer Configuration |
show | Show configuration data for 'msdp' |
configure authority router routing msdp mesh-group
MSDP Mesh-Group Configuration
Usage
configure authority router routing msdp mesh-group <name>
Positional Arguments
name | description |
---|---|
name | Name of the Mesh-Group |
Subcommands
command | description |
---|---|
auth-password | Configures an MD5 authentication password for use with MSDP peers and Mesh-Groups. |
delete | Delete configuration data |
member | IPv4 address of the Mesh-group member |
name | Name of the Mesh-Group |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'mesh-group' |
source | Source Address for the mesh-group |
configure authority router routing msdp mesh-group auth-password
Configures an MD5 authentication password for use with MSDP peers and Mesh-Groups.
Usage
configure authority router routing msdp mesh-group auth-password [<password>]
Positional Arguments
name | description |
---|---|
password | The value to set for this field |
Description
password (string)
A password type that is hidden from the UI. The internal storage format is dependent on the individual field.
configure authority router routing msdp mesh-group member
IPv4 address of the Mesh-group member
Usage
configure authority router routing msdp mesh-group member [<unicast-ipv4-address>]
Positional Arguments
name | description |
---|---|
unicast-ipv4-address | Value to add to this list |
Description
unicast-ipv4-address (string)
A unicast IPv4 address
Must be a valid IPv4 address.
configure authority router routing msdp mesh-group name
Name of the Mesh-Group
Usage
configure authority router routing msdp mesh-group name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router routing msdp mesh-group source
Source Address for the mesh-group
Usage
configure authority router routing msdp mesh-group source [<unicast-ipv4-address>]
Positional Arguments
name | description |
---|---|
unicast-ipv4-address | The value to set for this field |
Description
unicast-ipv4-address (string) (required)
A unicast IPv4 address
Must be a valid IPv4 address.
configure authority router routing msdp peer
MSDP Peer Configuration
Usage
configure authority router routing msdp peer <address>
Positional Arguments
name | description |
---|---|
address | IPv4 address of the Peer |
Subcommands
command | description |
---|---|
address | IPv4 address of the Peer |
auth-password | Configures an MD5 authentication password for use with MSDP peers and Mesh-Groups. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'peer' |
source | Source Address for the peer adjacency |
configure authority router routing msdp peer address
IPv4 address of the Peer
Usage
configure authority router routing msdp peer address [<unicast-ipv4-address>]
Positional Arguments
name | description |
---|---|
unicast-ipv4-address | The value to set for this field |
Description
unicast-ipv4-address (string)
A unicast IPv4 address
Must be a valid IPv4 address.
configure authority router routing msdp peer auth-password
Configures an MD5 authentication password for use with MSDP peers and Mesh-Groups.
Usage
configure authority router routing msdp peer auth-password [<password>]
Positional Arguments
name | description |
---|---|
password | The value to set for this field |
Description
password (string)
A password type that is hidden from the UI. The internal storage format is dependent on the individual field.
configure authority router routing msdp peer source
Source Address for the peer adjacency
Usage
configure authority router routing msdp peer source [<unicast-ipv4-address>]
Positional Arguments
name | description |
---|---|
unicast-ipv4-address | The value to set for this field |
Description
unicast-ipv4-address (string) (required)
A unicast IPv4 address
Must be a valid IPv4 address.
configure authority router routing ospf
OSPF instance configuration
Usage
configure authority router routing ospf <instance>
Positional Arguments
name | description |
---|---|
instance | Number of OSPF instance |
Subcommands
command | description |
---|---|
advertise-default | Advertise default route into OSPF |
area | List of OSPF areas |
clone | Clone a list item |
delete | Delete configuration data |
distance | OSPF route administrative distance |
graceful-restart | Enable OSPF graceful restart |
instance | Number of OSPF instance |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
redistribute | List of routing protocols to redistribute into OSPF |
router-id | Defined in RFC 2328. A 32-bit number that uniquely identifies the router |
show | Show configuration data for 'ospf' |
timers | OSPF Timers |
version | OSPF version |
configure authority router routing ospf advertise-default
Advertise default route into OSPF
Subcommands
command | description |
---|---|
always | Advertise default route into OSPF even when there is no default route in the routing table |
delete | Delete configuration data |
metric | Advertised metric of the default route |
metric-type | Advertised metric type of default route |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
policy | A policy to apply to the default route |
show | Show configuration data for 'advertise-default' |
configure authority router routing ospf advertise-default always
Advertise default route into OSPF even when there is no default route in the routing table
Usage
configure authority router routing ospf advertise-default always [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing ospf advertise-default metric
Advertised metric of the default route
Usage
configure authority router routing ospf advertise-default metric [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32
An unsigned 32-bit integer.
Range: 0-16777214
configure authority router routing ospf advertise-default metric-type
Advertised metric type of default route
Usage
configure authority router routing ospf advertise-default metric-type [<ospf-external-metric-type>]
Positional Arguments
name | description |
---|---|
ospf-external-metric-type | The value to set for this field |
Description
Default: type-2
ospf-external-metric-type (enumeration)
OSPF external metric type
Options:
- type-1: External metric type 1, comparable to link state metric
- type-2: External metric type 2, larger than link state metric
configure authority router routing ospf advertise-default policy
A policy to apply to the default route
Usage
configure authority router routing ospf advertise-default policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing ospf area
List of OSPF areas
Usage
configure authority router routing ospf area <id>
Positional Arguments
name | description |
---|---|
id | Area ID |
Subcommands
command | description |
---|---|
authentication-type | Area authentication type |
clone | Clone a list item |
default-cost | Set the summary default route cost for a stub or NSSA area. |
delete | Delete configuration data |
id | Area ID |
interface | List of interfaces in area |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
routing-interface | List of routing interfaces in area |
show | Show configuration data for 'area' |
summary-advertisement | Enable/Disable summary advertisement into the stub or NSSA area. |
summary-range | Summarize routes matching address/mask - Applicable to Area Border Routers (ABRs) only |
type | Area type |
configure authority router routing ospf area authentication-type
Area authentication type
Usage
configure authority router routing ospf area authentication-type [<area-authentication-type>]
Positional Arguments
name | description |
---|---|
area-authentication-type | The value to set for this field |
Description
Default: none
area-authentication-type (enumeration)
OSPF area authentication. Can be overriden by interface authentication.
Options:
- none: No authentication
- simple: Simple (plain text) password authentication
- md5: MD5 HMAC authentication
configure authority router routing ospf area default-cost
Set the summary default route cost for a stub or NSSA area.
Usage
configure authority router routing ospf area default-cost [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 1
uint32
An unsigned 32-bit integer.
Range: 1-16777215
configure authority router routing ospf area id
Area ID
Usage
configure authority router routing ospf area id [<area-id-type>]
Positional Arguments
name | description |
---|---|
area-id-type | The value to set for this field |
Description
area-id-type (string)
Area ID type.
configure authority router routing ospf area interface
List of interfaces in area
Usage
configure authority router routing ospf area interface <node> <interface>
Positional Arguments
name | description |
---|---|
node | Interface node name |
interface | Network interface name |
Subcommands
command | description |
---|---|
authentication-type | OSPF interface authentication type. |
bfd | BFD Client Configuration. |
clone | Clone a list item |
cost | Interface cost |
dead-interval | Interval after which a neighbor is declared down (seconds) if hello packets are not received. |
delete | Delete configuration data |
hello-interval | Interval between hello packets (seconds). |
interface | Network interface name |
message-digest-key | MD5 HMAC authentication message digest keys |
network-type | Interface network type |
node | Interface node name |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
passive | Enable/Disable passive interface - a passive interface's prefix will be advertised but no neighbor adjacencies will be formed on the interface. |
password | OSPF simple authentication password |
priority | Router priority |
show | Show configuration data for 'interface' |
configure authority router routing ospf area interface authentication-type
OSPF interface authentication type.
Usage
configure authority router routing ospf area interface authentication-type [<interface-authentication-type>]
Positional Arguments
name | description |
---|---|
interface-authentication-type | The value to set for this field |
Description
Default: area
interface-authentication-type (enumeration)
OSPF interface authentication type
Options:
- area: Use area authentication type
- none: No interface authentication
- simple: Simple (plain text) password authentication
- md5: MD5 HMAC authentication
configure authority router routing ospf area interface bfd
BFD Client Configuration.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
desired-tx-interval | The minimum transmission interval in milliseconds used to send BFD control packets. |
enable | Enable/Disable BFD protocol |
multiplier | The number of BFD packets that can be lost without the BFD session declared as down. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
required-min-rx-interval | Represents the minimum interval between BFD asynchronous control packets that this router is capable of supporting. |
show | Show configuration data for 'bfd' |
configure authority router routing ospf area interface bfd desired-tx-interval
The minimum transmission interval in milliseconds used to send BFD control packets.
Usage
configure authority router routing ospf area interface bfd desired-tx-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
uint16
An unsigned 16-bit integer.
Range: 50-60000
configure authority router routing ospf area interface bfd enable
Enable/Disable BFD protocol
Usage
configure authority router routing ospf area interface bfd enable [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing ospf area interface bfd multiplier
The number of BFD packets that can be lost without the BFD session declared as down.
Usage
configure authority router routing ospf area interface bfd multiplier [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 3
uint8
An unsigned 8-bit integer.
Range: 2-255
configure authority router routing ospf area interface bfd required-min-rx-interval
Represents the minimum interval between BFD asynchronous control packets that this router is capable of supporting.
Usage
configure authority router routing ospf area interface bfd required-min-rx-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
uint16
An unsigned 16-bit integer.
Range: 50-60000
configure authority router routing ospf area interface cost
Interface cost
Usage
configure authority router routing ospf area interface cost [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Default: 10
uint16
An unsigned 16-bit integer.
Range: 1-65535
configure authority router routing ospf area interface dead-interval
Interval after which a neighbor is declared down (seconds) if hello packets are not received.
Usage
configure authority router routing ospf area interface dead-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 40
uint32
An unsigned 32-bit integer.
Range: 1-2147483647
configure authority router routing ospf area interface hello-interval
Interval between hello packets (seconds).
Usage
configure authority router routing ospf area interface hello-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 10
uint16
An unsigned 16-bit integer.
Range: 1-65535
configure authority router routing ospf area interface interface
Network interface name
Usage
configure authority router routing ospf area interface interface [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing ospf area interface message-digest-key
MD5 HMAC authentication message digest keys
Usage
configure authority router routing ospf area interface message-digest-key <id>
Positional Arguments
name | description |
---|---|
id | Message digest key identifier |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
id | Message digest key identifier |
key | Message digest secret key |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'message-digest-key' |
configure authority router routing ospf area interface message-digest-key id
Message digest key identifier
Usage
configure authority router routing ospf area interface message-digest-key id [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing ospf area interface message-digest-key key
Message digest secret key
Usage
configure authority router routing ospf area interface message-digest-key key [<routing-password-type>]
Positional Arguments
name | description |
---|---|
routing-password-type | The value to set for this field |
Description
routing-password-type (string)
A routing engine password that is hidden from the UI.
Invalid whitespace or other unrecognized character.
configure authority router routing ospf area interface network-type
Interface network type
Usage
configure authority router routing ospf area interface network-type [<interface-network-type>]
Positional Arguments
name | description |
---|---|
interface-network-type | The value to set for this field |
Description
Default: unspecified
interface-network-type (enumeration)
OSPF interface network type
Options:
- unspecified: Unspecified network type
- broadcast: Broadcast network
- point-to-point: Point-to-point network
configure authority router routing ospf area interface node
Interface node name
Usage
configure authority router routing ospf area interface node [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing ospf area interface passive
Enable/Disable passive interface - a passive interface's prefix will be advertised but no neighbor adjacencies will be formed on the interface.
Usage
configure authority router routing ospf area interface passive [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing ospf area interface password
OSPF simple authentication password
Usage
configure authority router routing ospf area interface password [<routing-password-type>]
Positional Arguments
name | description |
---|---|
routing-password-type | The value to set for this field |
Description
routing-password-type (string)
A routing engine password that is hidden from the UI.
Invalid whitespace or other unrecognized character.
configure authority router routing ospf area interface priority
Router priority
Usage
configure authority router routing ospf area interface priority [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 1
uint8
An unsigned 8-bit integer.
Range: 0-255
configure authority router routing ospf area routing-interface
List of routing interfaces in area
Usage
configure authority router routing ospf area routing-interface <routing-interface>
Positional Arguments
name | description |
---|---|
routing-interface | Routing interface name |
Subcommands
command | description |
---|---|
cost | Interface cost |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
routing-interface | Routing interface name |
show | Show configuration data for 'routing-interface' |
configure authority router routing ospf area routing-interface cost
Interface cost
Usage
configure authority router routing ospf area routing-interface cost [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Default: 10
uint16
An unsigned 16-bit integer.
Range: 1-65535
configure authority router routing ospf area routing-interface routing-interface
Routing interface name
Usage
configure authority router routing ospf area routing-interface routing-interface [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing ospf area summary-advertisement
Enable/Disable summary advertisement into the stub or NSSA area.
Usage
configure authority router routing ospf area summary-advertisement [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router routing ospf area summary-range
Summarize routes matching address/mask - Applicable to Area Border Routers (ABRs) only
Usage
configure authority router routing ospf area summary-range <prefix>
Positional Arguments
name | description |
---|---|
prefix | Summarization prefix |
Subcommands
command | description |
---|---|
advertise | Advertise or hide |
cost | Advertised cost of summary route |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
prefix | Summarization prefix |
show | Show configuration data for 'summary-range' |
configure authority router routing ospf area summary-range advertise
Advertise or hide
Usage
configure authority router routing ospf area summary-range advertise [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router routing ospf area summary-range cost
Advertised cost of summary route
Usage
configure authority router routing ospf area summary-range cost [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32
An unsigned 32-bit integer.
Range: 0-16777214
configure authority router routing ospf area summary-range prefix
Summarization prefix
Usage
configure authority router routing ospf area summary-range prefix [<ip-prefix>]
Positional Arguments
name | description |
---|---|
ip-prefix | The value to set for this field |
Description
ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority router routing ospf area type
Area type
Usage
configure authority router routing ospf area type [<area-type>]
Positional Arguments
name | description |
---|---|
area-type | The value to set for this field |
Description
Default: normal
area-type (enumeration)
A value from a set of predefined names.
Options:
- normal: OSPF normal area
- stub: OSPF stub area
- nssa: OSPF Not-So-Stubby Area (NSSA)
configure authority router routing ospf distance
OSPF route administrative distance
Subcommands
command | description |
---|---|
delete | Delete configuration data |
external | Administrative distance for external OSPF routes |
inter-area | Administrative distance for inter-area OSPF routes |
intra-area | Administrative distance for intra-area OSPF routes |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'distance' |
configure authority router routing ospf distance external
Administrative distance for external OSPF routes
Usage
configure authority router routing ospf distance external [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 110
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing ospf distance inter-area
Administrative distance for inter-area OSPF routes
Usage
configure authority router routing ospf distance inter-area [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 110
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing ospf distance intra-area
Administrative distance for intra-area OSPF routes
Usage
configure authority router routing ospf distance intra-area [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 110
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing ospf graceful-restart
Enable OSPF graceful restart
Subcommands
command | description |
---|---|
delete | Delete configuration data |
helper | OSPF graceful restart helper support |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
restart-time | OSPF graceful restart duration |
show | Show configuration data for 'graceful-restart' |
configure authority router routing ospf graceful-restart helper
OSPF graceful restart helper support
Subcommands
command | description |
---|---|
delete | Delete configuration data |
helper-restart-time | Helper support graceful restart duration |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'helper' |
strict-lsa-checking | When enabled, helper will abort graceful restart if a LSA change occurs that affects the restarting router |
configure authority router routing ospf graceful-restart helper helper-restart-time
Helper support graceful restart duration
Usage
configure authority router routing ospf graceful-restart helper helper-restart-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 120
uint16
An unsigned 16-bit integer.
Range: 10-1800
configure authority router routing ospf graceful-restart helper strict-lsa-checking
When enabled, helper will abort graceful restart if a LSA change occurs that affects the restarting router
Usage
configure authority router routing ospf graceful-restart helper strict-lsa-checking [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
- Units: seconds
- Range: 10-1800
- Default: 120
configure authority router routing ospf graceful-restart restart-time
OSPF graceful restart duration
Usage
configure authority router routing ospf graceful-restart restart-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 120
uint16
An unsigned 16-bit integer.
Range: 1-1800
configure authority router routing ospf instance
Number of OSPF instance
Usage
configure authority router routing ospf instance [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
uint8
An unsigned 8-bit integer.
Range: 1-8
configure authority router routing ospf redistribute
List of routing protocols to redistribute into OSPF
Usage
configure authority router routing ospf redistribute <protocol>
Positional Arguments
name | description |
---|---|
protocol | The routing protocol to redistribute into OSPF |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
metric | Advertised metric of redistributed route |
metric-type | Advertised metric type of redistributed route |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
policy | A policy to apply to the redistributed route |
protocol | The routing protocol to redistribute into OSPF |
show | Show configuration data for 'redistribute' |
configure authority router routing ospf redistribute metric
Advertised metric of redistributed route
Usage
configure authority router routing ospf redistribute metric [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32
An unsigned 32-bit integer.
Range: 0-16777214
configure authority router routing ospf redistribute metric-type
Advertised metric type of redistributed route
Usage
configure authority router routing ospf redistribute metric-type [<ospf-external-metric-type>]
Positional Arguments
name | description |
---|---|
ospf-external-metric-type | The value to set for this field |
Description
Default: type-2
ospf-external-metric-type (enumeration)
OSPF external metric type
Options:
- type-1: External metric type 1, comparable to link state metric
- type-2: External metric type 2, larger than link state metric
configure authority router routing ospf redistribute policy
A policy to apply to the redistributed route
Usage
configure authority router routing ospf redistribute policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing ospf redistribute protocol
The routing protocol to redistribute into OSPF
Usage
configure authority router routing ospf redistribute protocol [<redistribute-into-ospf>]
Positional Arguments
name | description |
---|---|
redistribute-into-ospf | The value to set for this field |
Description
redistribute-into-ospf (enumeration)
A value from a set of predefined names.
Options:
- bgp: BGP routes
- connected: Interface routes
- service: Service routes
- static: Static routes
configure authority router routing ospf router-id
Defined in RFC 2328. A 32-bit number that uniquely identifies the router
Usage
configure authority router routing ospf router-id [<dotted-quad>]
Positional Arguments
name | description |
---|---|
dotted-quad | The value to set for this field |
Description
dotted-quad (string)
An unsigned 32-bit number expressed in the dotted-quad notation, i.e., four octets written as decimal numbers and separated with the '.' (full stop) character.
configure authority router routing ospf timers
OSPF Timers
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'timers' |
spf | OSPF SPF Timers |
configure authority router routing ospf timers spf
OSPF SPF Timers
Subcommands
command | description |
---|---|
delay | Initial SPF delay. |
delete | Delete configuration data |
hold-time | Adaptive hold-time. |
maximum-hold-time | Maximum hold-time. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'spf' |
configure authority router routing ospf timers spf delay
Initial SPF delay.
Usage
configure authority router routing ospf timers spf delay [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 0
uint32
An unsigned 32-bit integer.
Range: 0-600000
configure authority router routing ospf timers spf hold-time
Adaptive hold-time.
Usage
configure authority router routing ospf timers spf hold-time [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 5000
uint32
An unsigned 32-bit integer.
Range: 0-600000
configure authority router routing ospf timers spf maximum-hold-time
Maximum hold-time.
Usage
configure authority router routing ospf timers spf maximum-hold-time [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 30000
uint32
An unsigned 32-bit integer.
Range: 0-600000
configure authority router routing ospf version
OSPF version
Usage
configure authority router routing ospf version [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: ospfv2
enumeration
A value from a set of predefined names.
Options:
- ospfv2:
- ospfv3:
configure authority router routing pim
PIM configuration
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
interface | List of PIM interfaces |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
rp | PIM RP Configuration |
show | Show configuration data for 'pim' |
configure authority router routing pim interface
List of PIM interfaces
Usage
configure authority router routing pim interface <node> <interface>
Positional Arguments
name | description |
---|---|
node | Interface node name |
interface | Network interface name |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
dr-priority | Preference of a particular device in the DR election process. The lowest priority is 1. |
hello-interval | Configure Hello Interval |
interface | Network interface name |
node | Interface node name |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'interface' |
configure authority router routing pim interface dr-priority
Preference of a particular device in the DR election process. The lowest priority is 1.
Usage
configure authority router routing pim interface dr-priority [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 1
uint32
An unsigned 32-bit integer.
Range: 1-4294967295
configure authority router routing pim interface hello-interval
Configure Hello Interval
Usage
configure authority router routing pim interface hello-interval [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Units: seconds
Default: 30
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing pim interface interface
Network interface name
Usage
configure authority router routing pim interface interface [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing pim interface node
Interface node name
Usage
configure authority router routing pim interface node [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing pim rp
PIM RP Configuration
Usage
configure authority router routing pim rp <group-range>
Positional Arguments
name | description |
---|---|
group-range | Multicast Group address range for this RP |
Subcommands
command | description |
---|---|
address | IPv4 address of the RP |
delete | Delete configuration data |
group-range | Multicast Group address range for this RP |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'rp' |
configure authority router routing pim rp address
IPv4 address of the RP
Usage
configure authority router routing pim rp address [<unicast-ipv4-address>]
Positional Arguments
name | description |
---|---|
unicast-ipv4-address | The value to set for this field |
Description
unicast-ipv4-address (string) (required)
A unicast IPv4 address
Must be a valid IPv4 address.
configure authority router routing pim rp group-range
Multicast Group address range for this RP
Usage
configure authority router routing pim rp group-range [<multicast-ipv4-prefix>]
Positional Arguments
name | description |
---|---|
multicast-ipv4-prefix | The value to set for this field |
Description
multicast-ipv4-prefix (string)
A multicast IPv4 prefix
configure authority router routing rib-policy
List of protocol specific RIB policies
Usage
configure authority router routing rib-policy <family> <protocol>
Positional Arguments
name | description |
---|---|
family | The routing protocol address family |
protocol | The routing protocol RIB policy |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
family | The routing protocol address family |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
policy | A policy to apply to the protocol route |
protocol | The routing protocol RIB policy |
show | Show configuration data for 'rib-policy' |
configure authority router routing rib-policy family
The routing protocol address family
Usage
configure authority router routing rib-policy family [<rib-family>]
Positional Arguments
name | description |
---|---|
rib-family | The value to set for this field |
Description
rib-family (enumeration)
A value from a set of predefined names.
Options:
- ipv4: IPv4 Address Family
- ipv6: IPv6 Address Famimly
configure authority router routing rib-policy policy
A policy to apply to the protocol route
Usage
configure authority router routing rib-policy policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing rib-policy protocol
The routing protocol RIB policy
Usage
configure authority router routing rib-policy protocol [<rib-protocol>]
Positional Arguments
name | description |
---|---|
rib-protocol | The value to set for this field |
Description
rib-protocol (enumeration)
A value from a set of predefined names.
Options:
- any: Any RIB protocol
- bgp: BGP routes
- connected: Interface routes
- ospf: OSPF routes
- service: Service routes
- static: Static routes
configure authority router routing routing-protocol
Each entry contains configuration of a routing protocol instance.
Usage
configure authority router routing routing-protocol <type>
Positional Arguments
name | description |
---|---|
type | Type of the routing protocol - an identity derived from the 'routing-protocol' base identity. |
Subcommands
command | description |
---|---|
address-family | Address family configuration |
clone | Clone a list item |
cluster-id | Route reflector cluster id. |
conditional-advertisement | Configure Conditional Advertisement |
confederation | Configuration options specifying parameters when the local router is within an autonomous system which is part of a BGP confederation. |
delete | Delete configuration data |
description | Textual description of the routing protocol instance. |
graceful-restart | Configuration parameters relating to BGP graceful restart. |
local-as | Local autonomous system number of the router. Uses the 32-bit as-number type from the model in RFC 6991. |
neighbor | List of BGP neighbors configured on the local system, uniquely identified by neighbor IPv[46] address |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
redistribute | List of routing protocols to redistribute into BGP |
route-reflector-allow-outbound-policy | Apply outbound policy on route reflector clients. |
route-selection-options | Set of configuration options that govern best path selection. |
router-id | Router id of the router, expressed as an 32-bit value, IPv4 address. |
show | Show configuration data for 'routing-protocol' |
timers | Config parameters related to timers associated with the BGP neighbor |
type | Type of the routing protocol - an identity derived from the 'routing-protocol' base identity. |
configure authority router routing routing-protocol address-family
Address family configuration
Usage
configure authority router routing routing-protocol address-family <afi-safi>
Positional Arguments
name | description |
---|---|
afi-safi | Address family type |
Subcommands
command | description |
---|---|
afi-safi | Address family type |
aggregate-address | Address prefixes to aggregate |
clone | Clone a list item |
default-route-distance | Configuration options relating to the administrative distance (or preference) assigned to routes received from different sources (external, internal, and local). |
delete | Delete configuration data |
graceful-restart | Configuration parameters relating to BGP graceful restart. |
network | Advertises a network into BGP |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
redistribute | List of routing protocols to redistribute into BGP |
show | Show configuration data for 'address-family' |
use-multiple-paths | Parameters related to the use of multiple paths for the same NLRI |
vpn-export | Configure Vpn Export |
vpn-import | Configure Vpn Import |
configure authority router routing routing-protocol address-family afi-safi
Address family type
Usage
configure authority router routing routing-protocol address-family afi-safi [<identityref>]
Positional Arguments
name | description |
---|---|
identityref | The value to set for this field |
Description
identityref
A value from a set of predefined names.
Options:
- ipv4-unicast: IPv4 unicast (AFI,SAFI = 1,1)
- ipv6-unicast: IPv6 unicast (AFI,SAFI = 2,1)
- ipv4-vpn: IPv4 vpn (AFI,SAFI = 1,128)
- ipv6-vpn: IPv6 vpn (AFI,SAFI = 2,128)
configure authority router routing routing-protocol address-family aggregate-address
Address prefixes to aggregate
Usage
configure authority router routing routing-protocol address-family aggregate-address <prefix>
Positional Arguments
name | description |
---|---|
prefix | The prefix to aggregate from |
Subcommands
command | description |
---|---|
as-set | Generate as-set information for the resultant aggregate |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
policy | Policy to apply to the aggregate route |
prefix | The prefix to aggregate from |
show | Show configuration data for 'aggregate-address' |
summary-only | Specifies that the prefixes aggregated by this aggregation are not to be advertised: only the aggregate itself will be advertised |
configure authority router routing routing-protocol address-family aggregate-address as-set
Generate as-set information for the resultant aggregate
Usage
configure authority router routing routing-protocol address-family aggregate-address as-set [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing routing-protocol address-family aggregate-address policy
Policy to apply to the aggregate route
Usage
configure authority router routing routing-protocol address-family aggregate-address policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing routing-protocol address-family aggregate-address prefix
The prefix to aggregate from
Usage
configure authority router routing routing-protocol address-family aggregate-address prefix [<not-host-ip-prefix>]
Positional Arguments
name | description |
---|---|
not-host-ip-prefix | The value to set for this field |
Description
not-host-ip-prefix (union)
A not host IPv4 or IPv6 prefix
Must be one of the following types:
(0) not-host-ipv4-prefix (string)
A not host IPv4 prefix
(1) not-host-ipv6-prefix (string)
A not host IPv6 prefix
configure authority router routing routing-protocol address-family aggregate-address summary-only
Specifies that the prefixes aggregated by this aggregation are not to be advertised: only the aggregate itself will be advertised
Usage
configure authority router routing routing-protocol address-family aggregate-address summary-only [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing routing-protocol address-family default-route-distance
Configuration options relating to the administrative distance (or preference) assigned to routes received from different sources (external, internal, and local).
Subcommands
command | description |
---|---|
delete | Delete configuration data |
external | Administrative distance for routes learned from external BGP (eBGP). |
internal | Administrative distance for routes learned from internal BGP (iBGP). |
local | Administrative distance for local routes |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'default-route-distance' |
configure authority router routing routing-protocol address-family default-route-distance external
Administrative distance for routes learned from external BGP (eBGP).
Usage
configure authority router routing routing-protocol address-family default-route-distance external [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 20
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing routing-protocol address-family default-route-distance internal
Administrative distance for routes learned from internal BGP (iBGP).
Usage
configure authority router routing routing-protocol address-family default-route-distance internal [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 200
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing routing-protocol address-family default-route-distance local
Administrative distance for local routes
Usage
configure authority router routing routing-protocol address-family default-route-distance local [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 200
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing routing-protocol address-family graceful-restart
Configuration parameters relating to BGP graceful restart.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
restart-time | Estimated time for the local BGP speaker to restart a session. This value is advertised in the graceful restart BGP capability. This is a 12-bit value, referred to as Restart Time in RFC4724. Per RFC4724, the suggested default value is less than or equal to the hold-time value. |
show | Show configuration data for 'graceful-restart' |
stale-routes-time | An upper-bound on the time that the stale routes will be retained by a router after a session is restarted. If an End-of-RIB (EOR) marker is received prior to this timer expiring stale-routes will be flushed upon its receipt - if no EOR is received, then when this timer expires stale paths will be purged. This timer is referred to as the Selection_Deferral_Timer in RFC4724 |
Description
graceful-restart
is deprecated and will be removed in a future software version
configure authority router routing routing-protocol address-family graceful-restart restart-time
Estimated time for the local BGP speaker to restart a session. This value is advertised in the graceful restart BGP capability. This is a 12-bit value, referred to as Restart Time in RFC4724. Per RFC4724, the suggested default value is less than or equal to the hold-time value.
Usage
configure authority router routing routing-protocol address-family graceful-restart restart-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
restart-time
is deprecated and will be removed in a future software version
uint16
An unsigned 16-bit integer.
Range: 0-4096
configure authority router routing routing-protocol address-family graceful-restart stale-routes-time
An upper-bound on the time that the stale routes will be retained by a router after a session is restarted. If an End-of-RIB (EOR) marker is received prior to this timer expiring stale-routes will be flushed upon its receipt - if no EOR is received, then when this timer expires stale paths will be purged. This timer is referred to as the Selection_Deferral_Timer in RFC4724
Usage
configure authority router routing routing-protocol address-family graceful-restart stale-routes-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
stale-routes-time
is deprecated and will be removed in a future software version
uint16
An unsigned 16-bit integer.
Range: 1-3600
configure authority router routing routing-protocol address-family network
Advertises a network into BGP
Usage
configure authority router routing routing-protocol address-family network <network-address>
Positional Arguments
name | description |
---|---|
network-address | Specify a network to announce via BGP for this address family |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
network-address | Specify a network to announce via BGP for this address family |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
policy | a policy to apply to the imported route |
show | Show configuration data for 'network' |
configure authority router routing routing-protocol address-family network network-address
Specify a network to announce via BGP for this address family
Usage
configure authority router routing routing-protocol address-family network network-address [<ip-prefix>]
Positional Arguments
name | description |
---|---|
ip-prefix | The value to set for this field |
Description
ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority router routing routing-protocol address-family network policy
a policy to apply to the imported route
Usage
configure authority router routing routing-protocol address-family network policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing routing-protocol address-family redistribute
List of routing protocols to redistribute into BGP
Usage
configure authority router routing routing-protocol address-family redistribute <protocol>
Positional Arguments
name | description |
---|---|
protocol | The routing protocol to redistribute into BGP |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
policy | A policy to apply to the redistributed route |
protocol | The routing protocol to redistribute into BGP |
show | Show configuration data for 'redistribute' |
configure authority router routing routing-protocol address-family redistribute policy
A policy to apply to the redistributed route
Usage
configure authority router routing routing-protocol address-family redistribute policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing routing-protocol address-family redistribute protocol
The routing protocol to redistribute into BGP
Usage
configure authority router routing routing-protocol address-family redistribute protocol [<redistribute-into-bgp>]
Positional Arguments
name | description |
---|---|
redistribute-into-bgp | The value to set for this field |
Description
redistribute-into-bgp (enumeration)
A value from a set of predefined names.
Options:
- connected: Interface routes
- service: Service routes
- static: Static routes
- ospf: OSPF routes
configure authority router routing routing-protocol address-family use-multiple-paths
Parameters related to the use of multiple paths for the same NLRI
Subcommands
command | description |
---|---|
delete | Delete configuration data |
ebgp | Multipath parameters for eBGP |
ibgp | Multipath parameters for iBGP |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'use-multiple-paths' |
configure authority router routing routing-protocol address-family use-multiple-paths ebgp
Multipath parameters for eBGP
Subcommands
command | description |
---|---|
delete | Delete configuration data |
maximum-paths | Maximum number of parallel paths to consider when using eBGP multipath for this address family. The default is to use a single path. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'ebgp' |
configure authority router routing routing-protocol address-family use-multiple-paths ebgp maximum-paths
Maximum number of parallel paths to consider when using eBGP multipath for this address family. The default is to use a single path.
Usage
configure authority router routing routing-protocol address-family use-multiple-paths ebgp maximum-paths [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: paths
Default: 1
uint32
An unsigned 32-bit integer.
Range: 1-64
configure authority router routing routing-protocol address-family use-multiple-paths ibgp
Multipath parameters for iBGP
Subcommands
command | description |
---|---|
delete | Delete configuration data |
maximum-paths | Maximum number of parallel paths to consider when using iBGP multipath for this address family. The default is to use a single path |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'ibgp' |
configure authority router routing routing-protocol address-family use-multiple-paths ibgp maximum-paths
Maximum number of parallel paths to consider when using iBGP multipath for this address family. The default is to use a single path
Usage
configure authority router routing routing-protocol address-family use-multiple-paths ibgp maximum-paths [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: paths
Default: 1
uint32
An unsigned 32-bit integer.
Range: 1-64
configure authority router routing routing-protocol address-family vpn-export
Configure Vpn Export
Subcommands
command | description |
---|---|
delete | Delete configuration data |
export-policy | Export policy for vpn export |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
route-distinguisher | Route Distinguisher for vpn export |
show | Show configuration data for 'vpn-export' |
vpn-export-route-target | Route Target list for vpn export |
configure authority router routing routing-protocol address-family vpn-export export-policy
Export policy for vpn export
Usage
configure authority router routing routing-protocol address-family vpn-export export-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing routing-protocol address-family vpn-export route-distinguisher
Route Distinguisher for vpn export
Usage
configure authority router routing routing-protocol address-family vpn-export route-distinguisher [<set-extended-community>]
Positional Arguments
name | description |
---|---|
set-extended-community | The value to set for this field |
Description
set-extended-community (union) (required)
A BGP extended community (RFC-4360), an 8 octet value, 6 value octets are specified here. The 2 octet type is part of the set extended community action. The following formats are accepted:
a) A.B.C.D:EF b) EF:GHJK c) GHJK:EF
A.B.C.D: Four Byte IP EF: Two byte ASN (in decimal) GHJK: Four-byte ASN (in decimal)
Must be one of the following types:
(0) string (required)
A text value.
Must be <ipv4-address>:<uint16>
(1) string (required)
A text value.
Must be <uint16>:<uint32>
(2) string (required)
A text value.
Must be <uint32>:<uint16>
configure authority router routing routing-protocol address-family vpn-export vpn-export-route-target
Route Target list for vpn export
Usage
configure authority router routing routing-protocol address-family vpn-export vpn-export-route-target [<set-extended-community>]
Positional Arguments
name | description |
---|---|
set-extended-community | Value to add to this list |
Description
set-extended-community (union) (required)
A BGP extended community (RFC-4360), an 8 octet value, 6 value octets are specified here. The 2 octet type is part of the set extended community action. The following formats are accepted:
a) A.B.C.D:EF b) EF:GHJK c) GHJK:EF
A.B.C.D: Four Byte IP EF: Two byte ASN (in decimal) GHJK: Four-byte ASN (in decimal)
Must be one of the following types:
(0) string (required)
A text value.
Must be <ipv4-address>:<uint16>
(1) string (required)
A text value.
Must be <uint16>:<uint32>
(2) string (required)
A text value.
Must be <uint32>:<uint16>
configure authority router routing routing-protocol address-family vpn-import
Configure Vpn Import
Subcommands
command | description |
---|---|
delete | Delete configuration data |
import-policy | Export policy for vpn import |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'vpn-import' |
vpn-import-route-target | Route Target list for vpn import |
configure authority router routing routing-protocol address-family vpn-import import-policy
Export policy for vpn import
Usage
configure authority router routing routing-protocol address-family vpn-import import-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing routing-protocol address-family vpn-import vpn-import-route-target
Route Target list for vpn import
Usage
configure authority router routing routing-protocol address-family vpn-import vpn-import-route-target [<set-extended-community>]
Positional Arguments
name | description |
---|---|
set-extended-community | Value to add to this list |
Description
set-extended-community (union) (required)
A BGP extended community (RFC-4360), an 8 octet value, 6 value octets are specified here. The 2 octet type is part of the set extended community action. The following formats are accepted:
a) A.B.C.D:EF b) EF:GHJK c) GHJK:EF
A.B.C.D: Four Byte IP EF: Two byte ASN (in decimal) GHJK: Four-byte ASN (in decimal)
Must be one of the following types:
(0) string (required)
A text value.
Must be <ipv4-address>:<uint16>
(1) string (required)
A text value.
Must be <uint16>:<uint32>
(2) string (required)
A text value.
Must be <uint32>:<uint16>
configure authority router routing routing-protocol cluster-id
Route reflector cluster id.
Usage
configure authority router routing routing-protocol cluster-id [<ipv4-address>]
Positional Arguments
name | description |
---|---|
ipv4-address | The value to set for this field |
Description
ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
configure authority router routing routing-protocol conditional-advertisement
Configure Conditional Advertisement
Subcommands
command | description |
---|---|
delete | Delete configuration data |
interval-time | Conditional advertisement scanner process interval time. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'conditional-advertisement' |
configure authority router routing routing-protocol conditional-advertisement interval-time
Conditional advertisement scanner process interval time.
Usage
configure authority router routing routing-protocol conditional-advertisement interval-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 60
uint16
An unsigned 16-bit integer.
Range: 5-240
configure authority router routing routing-protocol confederation
Configuration options specifying parameters when the local router is within an autonomous system which is part of a BGP confederation.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
identifier | Confederation identifier for the autonomous system. |
member-as | Remote autonomous systems that are to be treated as part of the local confederation. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'confederation' |
configure authority router routing routing-protocol confederation identifier
Confederation identifier for the autonomous system.
Usage
configure authority router routing routing-protocol confederation identifier [<as-number>]
Positional Arguments
name | description |
---|---|
as-number | The value to set for this field |
Description
as-number (uint32)
The as-number type represents autonomous system numbers which identify an Autonomous System (AS). An AS is a set of routers under a single technical administration, using an interior gateway protocol and common metrics to route packets within the AS, and using an exterior gateway protocol to route packets to other ASs'. IANA maintains the AS number space and has delegated large parts to the regional registries.
Autonomous system numbers were originally limited to 16 bits. BGP extensions have enlarged the autonomous system number space to 32 bits. This type therefore uses an uint32 base type without a range restriction in order to support a larger autonomous system number space.
In the value set and its semantics, this type is equivalent to the InetAutonomousSystemNumber textual convention of the SMIv2.
configure authority router routing routing-protocol confederation member-as
Remote autonomous systems that are to be treated as part of the local confederation.
Usage
configure authority router routing routing-protocol confederation member-as [<as-number>]
Positional Arguments
name | description |
---|---|
as-number | Value to add to this list |
Description
as-number (uint32)
The as-number type represents autonomous system numbers which identify an Autonomous System (AS). An AS is a set of routers under a single technical administration, using an interior gateway protocol and common metrics to route packets within the AS, and using an exterior gateway protocol to route packets to other ASs'. IANA maintains the AS number space and has delegated large parts to the regional registries.
Autonomous system numbers were originally limited to 16 bits. BGP extensions have enlarged the autonomous system number space to 32 bits. This type therefore uses an uint32 base type without a range restriction in order to support a larger autonomous system number space.
In the value set and its semantics, this type is equivalent to the InetAutonomousSystemNumber textual convention of the SMIv2.
configure authority router routing routing-protocol description
Textual description of the routing protocol instance.
Usage
configure authority router routing routing-protocol description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router routing routing-protocol graceful-restart
Configuration parameters relating to BGP graceful restart.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
mode | Graceful restart mode. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
restart-time | Estimated time for the local BGP speaker to restart a session. This value is advertised in the graceful restart BGP capability. This is a 12-bit value, referred to as Restart Time in RFC4724. Per RFC4724, the suggested default value is less than or equal to the hold-time value. |
select-delay-time | After GR restart and reconnect with a GR helper peer, this is the minimum time to delay the best route selection process and sending the initial End-of-RIB to all BGP neighbors. This is the minimum of the currently unexposed selection deferral timer (RFC-4724) where that timer is a maximum and currently hard- coded to 360 seconds. |
show | Show configuration data for 'graceful-restart' |
stale-routes-time | An upper-bound on the time that the stale routes will be retained by a router after a session is restarted or 0 to disable. If an End-of-RIB (EOR) marker is received prior to this timer expiring stale-routes will be flushed upon its receipt - if no EOR is received, then when this timer expires stale paths will be purged. |
configure authority router routing routing-protocol graceful-restart mode
Graceful restart mode.
Usage
configure authority router routing routing-protocol graceful-restart mode [<graceful-restart-mode>]
Positional Arguments
name | description |
---|---|
graceful-restart-mode | The value to set for this field |
Description
Default: helper
graceful-restart-mode (enumeration)
configure BGP graceful restart mode [rfc4724]
Options:
- enable: enable graceful restart and helper mode
- helper: enable graceful restart helper mode only
- disable: disable graceful restart
configure authority router routing routing-protocol graceful-restart restart-time
Estimated time for the local BGP speaker to restart a session. This value is advertised in the graceful restart BGP capability. This is a 12-bit value, referred to as Restart Time in RFC4724. Per RFC4724, the suggested default value is less than or equal to the hold-time value.
Usage
configure authority router routing routing-protocol graceful-restart restart-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 120
uint16
An unsigned 16-bit integer.
Range: 1-4095
configure authority router routing routing-protocol graceful-restart select-delay-time
After GR restart and reconnect with a GR helper peer, this is the minimum time to delay the best route selection process and sending the initial End-of-RIB to all BGP neighbors. This is the minimum of the currently unexposed selection deferral timer (RFC-4724) where that timer is a maximum and currently hard- coded to 360 seconds.
Usage
configure authority router routing routing-protocol graceful-restart select-delay-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 0
uint16
An unsigned 16-bit integer.
Range: 0-360
configure authority router routing routing-protocol graceful-restart stale-routes-time
An upper-bound on the time that the stale routes will be retained by a router after a session is restarted or 0 to disable. If an End-of-RIB (EOR) marker is received prior to this timer expiring stale-routes will be flushed upon its receipt - if no EOR is received, then when this timer expires stale paths will be purged.
Usage
configure authority router routing routing-protocol graceful-restart stale-routes-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 360
uint16
An unsigned 16-bit integer.
Range: 0-3600
configure authority router routing routing-protocol local-as
Local autonomous system number of the router. Uses the 32-bit as-number type from the model in RFC 6991.
Usage
configure authority router routing routing-protocol local-as [<as-number>]
Positional Arguments
name | description |
---|---|
as-number | The value to set for this field |
Description
as-number (uint32)
The as-number type represents autonomous system numbers which identify an Autonomous System (AS). An AS is a set of routers under a single technical administration, using an interior gateway protocol and common metrics to route packets within the AS, and using an exterior gateway protocol to route packets to other ASs'. IANA maintains the AS number space and has delegated large parts to the regional registries.
Autonomous system numbers were originally limited to 16 bits. BGP extensions have enlarged the autonomous system number space to 32 bits. This type therefore uses an uint32 base type without a range restriction in order to support a larger autonomous system number space.
In the value set and its semantics, this type is equivalent to the InetAutonomousSystemNumber textual convention of the SMIv2.
configure authority router routing routing-protocol neighbor
List of BGP neighbors configured on the local system, uniquely identified by neighbor IPv[46] address
Usage
configure authority router routing routing-protocol neighbor <neighbor-address>
Positional Arguments
name | description |
---|---|
neighbor-address | IP address of the BGP neighbor |
Subcommands
command | description |
---|---|
address-family | Address family configuration |
auth-password | Configures an MD5 authentication password for use with neighboring devices. |
bfd | BFD Client Configuration. |
clone | Clone a list item |
delete | Delete configuration data |
description | An optional textual description (intended primarily for use with a neighbor or group |
graceful-restart | Configuration parameters relating to BGP neighbor graceful restart. If not explicitly configured, neighbor inherits from BGP instance. |
local-as | The local autonomous system number that is to be used when establishing sessions with the remote neighbor or neighbor group, if this differs from the global BGP router autonomous system number. |
multihop | Configuration parameters specifying the multihop behaviour for BGP sessions to the neighbor |
negotiate-capabilities | If set to false, suppress sending the Capabilities Optional Parameter in the BGP OPEN message. |
neighbor-address | IP address of the BGP neighbor |
neighbor-as | AS number of the neighbor. |
neighbor-policy | Configure Neighbor Policy |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'neighbor' |
shutdown | If set to true, the neighbors connection will not come up. |
timers | Config parameters related to timers associated with the BGP neighbor |
transport | Configuration parameters relating to the transport protocol used by the BGP session to the neighbor |
configure authority router routing routing-protocol neighbor address-family
Address family configuration
Usage
configure authority router routing routing-protocol neighbor address-family <afi-safi>
Positional Arguments
name | description |
---|---|
afi-safi | Address family type |
Subcommands
command | description |
---|---|
activate | Activate address family for neighbor |
afi-safi | Address family type |
as-path-options | Configuration parameters allowing manipulation of the AS_PATH attribute for this address family |
conditional-advertisement | Configure Conditional Advertisement |
delete | Delete configuration data |
neighbor-policy | Configure Neighbor Policy |
next-hop-self | Sets the router as the next hop for this neighbor and this address family |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
prefix-limit | Configure the maximum number of prefixes that will be accepted from a neighbor for this address family |
remove-private-as | Modify private AS numbers in updates sent to neighbors for this address family. |
route-reflector | Route reflector client configuration |
send-default-route | If set to true, generate and send the default-route for this address-family to the neighbor |
show | Show configuration data for 'address-family' |
configure authority router routing routing-protocol neighbor address-family activate
Activate address family for neighbor
Usage
configure authority router routing routing-protocol neighbor address-family activate [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router routing routing-protocol neighbor address-family afi-safi
Address family type
Usage
configure authority router routing routing-protocol neighbor address-family afi-safi [<identityref>]
Positional Arguments
name | description |
---|---|
identityref | The value to set for this field |
Description
identityref
A value from a set of predefined names.
Options:
- ipv4-unicast: IPv4 unicast (AFI,SAFI = 1,1)
- ipv6-unicast: IPv6 unicast (AFI,SAFI = 2,1)
- ipv4-vpn: IPv4 vpn (AFI,SAFI = 1,128)
- ipv6-vpn: IPv6 vpn (AFI,SAFI = 2,128)
configure authority router routing routing-protocol neighbor address-family as-path-options
Configuration parameters allowing manipulation of the AS_PATH attribute for this address family
Subcommands
command | description |
---|---|
allow-own-as | Specify the number of occurrences of the local BGP speaker's AS that can occur within the AS_PATH before it is rejected for this address family. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'as-path-options' |
configure authority router routing routing-protocol neighbor address-family as-path-options allow-own-as
Specify the number of occurrences of the local BGP speaker's AS that can occur within the AS_PATH before it is rejected for this address family.
Usage
configure authority router routing routing-protocol neighbor address-family as-path-options allow-own-as [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
uint8
An unsigned 8-bit integer.
Range: 0-255
configure authority router routing routing-protocol neighbor address-family conditional-advertisement
Configure Conditional Advertisement
Subcommands
command | description |
---|---|
advertisement-policy | A policy selecting routes to conditionally advertise. |
delete | Delete configuration data |
exist-policy | If this policy matches any BGP route, advertise the routes matched by advertisement-policy, otherwise do not advertise the routes matched by advertisement-policy. |
non-exist-policy | If this policy does not match any BGP route, advertise the routes matched by advertisement-policy, otherwise do not advertise the routes matched by advertisement-policy. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'conditional-advertisement' |
configure authority router routing routing-protocol neighbor address-family conditional-advertisement advertisement-policy
A policy selecting routes to conditionally advertise.
Usage
configure authority router routing routing-protocol neighbor address-family conditional-advertisement advertisement-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref) (required)
A reference to an existing value in the instance data.
configure authority router routing routing-protocol neighbor address-family conditional-advertisement exist-policy
If this policy matches any BGP route, advertise the routes matched by advertisement-policy, otherwise do not advertise the routes matched by advertisement-policy.
Usage
configure authority router routing routing-protocol neighbor address-family conditional-advertisement exist-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing routing-protocol neighbor address-family conditional-advertisement non-exist-policy
If this policy does not match any BGP route, advertise the routes matched by advertisement-policy, otherwise do not advertise the routes matched by advertisement-policy.
Usage
configure authority router routing routing-protocol neighbor address-family conditional-advertisement non-exist-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing routing-protocol neighbor address-family neighbor-policy
Configure Neighbor Policy
Subcommands
command | description |
---|---|
delete | Delete configuration data |
inbound-policy | A policy to apply to the NLRIs inbound from this neighbor. |
outbound-policy | A policy to apply to the NLRIs outbound to this neighbor. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'neighbor-policy' |
configure authority router routing routing-protocol neighbor address-family neighbor-policy inbound-policy
A policy to apply to the NLRIs inbound from this neighbor.
Usage
configure authority router routing routing-protocol neighbor address-family neighbor-policy inbound-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing routing-protocol neighbor address-family neighbor-policy outbound-policy
A policy to apply to the NLRIs outbound to this neighbor.
Usage
configure authority router routing routing-protocol neighbor address-family neighbor-policy outbound-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing routing-protocol neighbor address-family next-hop-self
Sets the router as the next hop for this neighbor and this address family
Usage
configure authority router routing routing-protocol neighbor address-family next-hop-self [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing routing-protocol neighbor address-family prefix-limit
Configure the maximum number of prefixes that will be accepted from a neighbor for this address family
Subcommands
command | description |
---|---|
delete | Delete configuration data |
max-prefixes | Maximum number of prefixes that will be accepted from the neighbor for this address family |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
restart-timer | Time interval after which the BGP session is re-established after being torn down due to exceeding the max-prefix limit for this adddress family. |
show | Show configuration data for 'prefix-limit' |
shutdown-threshold-pct | Threshold on number of prefixes that can be received from a neighbor for this address family before generation of warning messages or log entries. |
configure authority router routing routing-protocol neighbor address-family prefix-limit max-prefixes
Maximum number of prefixes that will be accepted from the neighbor for this address family
Usage
configure authority router routing routing-protocol neighbor address-family prefix-limit max-prefixes [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: prefixes
uint32 (required)
An unsigned 32-bit integer.
configure authority router routing routing-protocol neighbor address-family prefix-limit restart-timer
Time interval after which the BGP session is re-established after being torn down due to exceeding the max-prefix limit for this adddress family.
Usage
configure authority router routing routing-protocol neighbor address-family prefix-limit restart-timer [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
uint16
An unsigned 16-bit integer.
Range: 1-65535
configure authority router routing routing-protocol neighbor address-family prefix-limit shutdown-threshold-pct
Threshold on number of prefixes that can be received from a neighbor for this address family before generation of warning messages or log entries.
Usage
configure authority router routing routing-protocol neighbor address-family prefix-limit shutdown-threshold-pct [<percentage>]
Positional Arguments
name | description |
---|---|
percentage | The value to set for this field |
Description
Units: percent
percentage (uint8)
Integer indicating a percentage value
Range: 0-100
configure authority router routing routing-protocol neighbor address-family remove-private-as
Modify private AS numbers in updates sent to neighbors for this address family.
Usage
configure authority router routing routing-protocol neighbor address-family remove-private-as [<remove-private-as-option>]
Positional Arguments
name | description |
---|---|
remove-private-as-option | The value to set for this field |
Description
remove-private-as-option (enumeration)
Set of options for configuring how private AS numbers are modified in advertised AS paths.
Options:
- all: Remove all private ASes in the AS path.
- replace-all: Replace all private ASes with the local AS.
- only: Remove private ASes only if the AS path contains just private ASes.
- replace-only: Replace private ASes with the local AS only if the AS path contains just private ASes.
- disable: Do not remove private ASes.
configure authority router routing routing-protocol neighbor address-family route-reflector
Route reflector client configuration
Subcommands
command | description |
---|---|
client | Configure the neighbor as a route reflector client for this address family. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'route-reflector' |
configure authority router routing routing-protocol neighbor address-family route-reflector client
Configure the neighbor as a route reflector client for this address family.
Usage
configure authority router routing routing-protocol neighbor address-family route-reflector client [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing routing-protocol neighbor address-family send-default-route
If set to true, generate and send the default-route for this address-family to the neighbor
Usage
configure authority router routing routing-protocol neighbor address-family send-default-route [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing routing-protocol neighbor auth-password
Configures an MD5 authentication password for use with neighboring devices.
Usage
configure authority router routing routing-protocol neighbor auth-password [<password>]
Positional Arguments
name | description |
---|---|
password | The value to set for this field |
Description
password (string)
A password type that is hidden from the UI. The internal storage format is dependent on the individual field.
configure authority router routing routing-protocol neighbor bfd
BFD Client Configuration.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
desired-tx-interval | The minimum transmission interval in milliseconds used to send BFD control packets. |
enable | Enable/Disable BFD protocol |
multiplier | The number of BFD packets that can be lost without the BFD session declared as down. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
required-min-rx-interval | Represents the minimum interval between BFD asynchronous control packets that this router is capable of supporting. |
show | Show configuration data for 'bfd' |
configure authority router routing routing-protocol neighbor bfd desired-tx-interval
The minimum transmission interval in milliseconds used to send BFD control packets.
Usage
configure authority router routing routing-protocol neighbor bfd desired-tx-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
uint16
An unsigned 16-bit integer.
Range: 50-60000
configure authority router routing routing-protocol neighbor bfd enable
Enable/Disable BFD protocol
Usage
configure authority router routing routing-protocol neighbor bfd enable [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing routing-protocol neighbor bfd multiplier
The number of BFD packets that can be lost without the BFD session declared as down.
Usage
configure authority router routing routing-protocol neighbor bfd multiplier [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 3
uint8
An unsigned 8-bit integer.
Range: 2-255
configure authority router routing routing-protocol neighbor bfd required-min-rx-interval
Represents the minimum interval between BFD asynchronous control packets that this router is capable of supporting.
Usage
configure authority router routing routing-protocol neighbor bfd required-min-rx-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
uint16
An unsigned 16-bit integer.
Range: 50-60000
configure authority router routing routing-protocol neighbor description
An optional textual description (intended primarily for use with a neighbor or group
Usage
configure authority router routing routing-protocol neighbor description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router routing routing-protocol neighbor graceful-restart
Configuration parameters relating to BGP neighbor graceful restart. If not explicitly configured, neighbor inherits from BGP instance.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
mode | Graceful restart mode. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'graceful-restart' |
configure authority router routing routing-protocol neighbor graceful-restart mode
Graceful restart mode.
Usage
configure authority router routing routing-protocol neighbor graceful-restart mode [<graceful-restart-mode>]
Positional Arguments
name | description |
---|---|
graceful-restart-mode | The value to set for this field |
Description
graceful-restart-mode (enumeration)
configure BGP graceful restart mode [rfc4724]
Options:
- enable: enable graceful restart and helper mode
- helper: enable graceful restart helper mode only
- disable: disable graceful restart
configure authority router routing routing-protocol neighbor local-as
The local autonomous system number that is to be used when establishing sessions with the remote neighbor or neighbor group, if this differs from the global BGP router autonomous system number.
Usage
configure authority router routing routing-protocol neighbor local-as [<as-number>]
Positional Arguments
name | description |
---|---|
as-number | The value to set for this field |
Description
as-number (uint32)
The as-number type represents autonomous system numbers which identify an Autonomous System (AS). An AS is a set of routers under a single technical administration, using an interior gateway protocol and common metrics to route packets within the AS, and using an exterior gateway protocol to route packets to other ASs'. IANA maintains the AS number space and has delegated large parts to the regional registries.
Autonomous system numbers were originally limited to 16 bits. BGP extensions have enlarged the autonomous system number space to 32 bits. This type therefore uses an uint32 base type without a range restriction in order to support a larger autonomous system number space.
In the value set and its semantics, this type is equivalent to the InetAutonomousSystemNumber textual convention of the SMIv2.
configure authority router routing routing-protocol neighbor multihop
Configuration parameters specifying the multihop behaviour for BGP sessions to the neighbor
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'multihop' |
ttl | Time-to-live value to use when packets are sent to the referenced group or neighbors and ebgp-multihop is enabled |
configure authority router routing routing-protocol neighbor multihop ttl
Time-to-live value to use when packets are sent to the referenced group or neighbors and ebgp-multihop is enabled
Usage
configure authority router routing routing-protocol neighbor multihop ttl [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing routing-protocol neighbor negotiate-capabilities
If set to false, suppress sending the Capabilities Optional Parameter in the BGP OPEN message.
Usage
configure authority router routing routing-protocol neighbor negotiate-capabilities [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router routing routing-protocol neighbor neighbor-address
IP address of the BGP neighbor
Usage
configure authority router routing routing-protocol neighbor neighbor-address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router routing routing-protocol neighbor neighbor-as
AS number of the neighbor.
Usage
configure authority router routing routing-protocol neighbor neighbor-as [<as-number>]
Positional Arguments
name | description |
---|---|
as-number | The value to set for this field |
Description
as-number (uint32) (required)
The as-number type represents autonomous system numbers which identify an Autonomous System (AS). An AS is a set of routers under a single technical administration, using an interior gateway protocol and common metrics to route packets within the AS, and using an exterior gateway protocol to route packets to other ASs'. IANA maintains the AS number space and has delegated large parts to the regional registries.
Autonomous system numbers were originally limited to 16 bits. BGP extensions have enlarged the autonomous system number space to 32 bits. This type therefore uses an uint32 base type without a range restriction in order to support a larger autonomous system number space.
In the value set and its semantics, this type is equivalent to the InetAutonomousSystemNumber textual convention of the SMIv2.
configure authority router routing routing-protocol neighbor neighbor-policy
Configure Neighbor Policy
Subcommands
command | description |
---|---|
delete | Delete configuration data |
inbound-policy | A policy to apply to the NLRIs inbound from this neighbor. |
outbound-policy | A policy to apply to the NLRIs outbound to this neighbor. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'neighbor-policy' |
configure authority router routing routing-protocol neighbor neighbor-policy inbound-policy
A policy to apply to the NLRIs inbound from this neighbor.
Usage
configure authority router routing routing-protocol neighbor neighbor-policy inbound-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing routing-protocol neighbor neighbor-policy outbound-policy
A policy to apply to the NLRIs outbound to this neighbor.
Usage
configure authority router routing routing-protocol neighbor neighbor-policy outbound-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing routing-protocol neighbor shutdown
If set to true, the neighbors connection will not come up.
Usage
configure authority router routing routing-protocol neighbor shutdown [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing routing-protocol neighbor timers
Config parameters related to timers associated with the BGP neighbor
Subcommands
command | description |
---|---|
connect-retry | Time interval between attempts to establish a session with the neighbor. |
delete | Delete configuration data |
hold-time | Time interval that a BGP session will be considered active in the absence of keepalive or other messages from the neighbor. The hold-time is typically set to 3x the keepalive-interval. |
keepalive-interval | Time interval between transmission of keepalive messages to the neighbor. Must be set to 1/3 the hold-time or smaller. |
minimum-advertisement-interval | Minimum time which must elapse between subsequent UPDATE messages relating to a common set of NLRI being transmitted to a neighbor. This timer is referred to as MinRouteAdvertisementIntervalTimer by RFC 4721 and serves to reduce the number of UPDATE messages transmitted when a particular set of NLRI exhibit instability. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'timers' |
configure authority router routing routing-protocol neighbor timers connect-retry
Time interval between attempts to establish a session with the neighbor.
Usage
configure authority router routing routing-protocol neighbor timers connect-retry [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 30
uint16
An unsigned 16-bit integer.
Range: 0-65535
configure authority router routing routing-protocol neighbor timers hold-time
Time interval that a BGP session will be considered active in the absence of keepalive or other messages from the neighbor. The hold-time is typically set to 3x the keepalive-interval.
Usage
configure authority router routing routing-protocol neighbor timers hold-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
uint16
An unsigned 16-bit integer.
Range: 0,3-65535
configure authority router routing routing-protocol neighbor timers keepalive-interval
Time interval between transmission of keepalive messages to the neighbor. Must be set to 1/3 the hold-time or smaller.
Usage
configure authority router routing routing-protocol neighbor timers keepalive-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
uint16
An unsigned 16-bit integer.
Range: 0-65535
configure authority router routing routing-protocol neighbor timers minimum-advertisement-interval
Minimum time which must elapse between subsequent UPDATE messages relating to a common set of NLRI being transmitted to a neighbor. This timer is referred to as MinRouteAdvertisementIntervalTimer by RFC 4721 and serves to reduce the number of UPDATE messages transmitted when a particular set of NLRI exhibit instability.
Usage
configure authority router routing routing-protocol neighbor timers minimum-advertisement-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 30
uint16
An unsigned 16-bit integer.
Range: 0-600
configure authority router routing routing-protocol neighbor transport
Configuration parameters relating to the transport protocol used by the BGP session to the neighbor
Subcommands
command | description |
---|---|
bgp-service-generation | Approach used for generating a BGP service and service routes to enable SVR transport for the BGP session with the neighbor. |
delete | Delete configuration data |
local-address | Set the source IP address to be used for the BGP peering session. This must be expressed as a reference to the name of a routing interface or network interface. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
passive-mode | Wait for neighbors to issue requests to open a BGP session, rather than initiating sessions from the local router. |
show | Show configuration data for 'transport' |
configure authority router routing routing-protocol neighbor transport bgp-service-generation
Approach used for generating a BGP service and service routes to enable SVR transport for the BGP session with the neighbor.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
disabled | Do not generate a BGP service or service routes. |
neighbor-vrf | Name of the neighbor's VRF in which the peer BGP instance resides. Can be 'default'. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
same-neighbor-vrf | Generate BGP service if there is a matching peer with a BGP instance within the same VRF. |
show | Show configuration data for 'bgp-service-generation' |
configure authority router routing routing-protocol neighbor transport bgp-service-generation disabled
Do not generate a BGP service or service routes.
Usage
configure authority router routing routing-protocol neighbor transport bgp-service-generation disabled
Description
empty
Has no value.
configure authority router routing routing-protocol neighbor transport bgp-service-generation neighbor-vrf
Name of the neighbor's VRF in which the peer BGP instance resides. Can be 'default'.
Usage
configure authority router routing routing-protocol neighbor transport bgp-service-generation neighbor-vrf [<vrf-name-or-default-vrf>]
Positional Arguments
name | description |
---|---|
vrf-name-or-default-vrf | The value to set for this field |
Description
vrf-name-or-default-vrf (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 15 characters, and cannot be the words 'all', 'any', or 'unknown'.
Must contain only alphanumeric characters or any of the following: _ - Length: 1-15
configure authority router routing routing-protocol neighbor transport bgp-service-generation same-neighbor-vrf
Generate BGP service if there is a matching peer with a BGP instance within the same VRF.
Usage
configure authority router routing routing-protocol neighbor transport bgp-service-generation same-neighbor-vrf
Description
empty
Has no value.
configure authority router routing routing-protocol neighbor transport local-address
Set the source IP address to be used for the BGP peering session. This must be expressed as a reference to the name of a routing interface or network interface.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
interface | Network interface name |
node | Interface node name |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
routing-interface | Configure Routing Interface |
show | Show configuration data for 'local-address' |
configure authority router routing routing-protocol neighbor transport local-address interface
Network interface name
Usage
configure authority router routing routing-protocol neighbor transport local-address interface [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref (required)
A reference to an existing value in the instance data.
configure authority router routing routing-protocol neighbor transport local-address node
Interface node name
Usage
configure authority router routing routing-protocol neighbor transport local-address node [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref (required)
A reference to an existing value in the instance data.
configure authority router routing routing-protocol neighbor transport local-address routing-interface
Configure Routing Interface
Usage
configure authority router routing routing-protocol neighbor transport local-address routing-interface [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing routing-protocol neighbor transport passive-mode
Wait for neighbors to issue requests to open a BGP session, rather than initiating sessions from the local router.
Usage
configure authority router routing routing-protocol neighbor transport passive-mode [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing routing-protocol redistribute
List of routing protocols to redistribute into BGP
Usage
configure authority router routing routing-protocol redistribute <protocol>
Positional Arguments
name | description |
---|---|
protocol | The routing protocol to redistribute into BGP |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
policy | A policy to apply to the redistributed route |
protocol | The routing protocol to redistribute into BGP |
show | Show configuration data for 'redistribute' |
configure authority router routing routing-protocol redistribute policy
A policy to apply to the redistributed route
Usage
configure authority router routing routing-protocol redistribute policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing routing-protocol redistribute protocol
The routing protocol to redistribute into BGP
Usage
configure authority router routing routing-protocol redistribute protocol [<redistribute-into-bgp>]
Positional Arguments
name | description |
---|---|
redistribute-into-bgp | The value to set for this field |
Description
redistribute-into-bgp (enumeration)
A value from a set of predefined names.
Options:
- connected: Interface routes
- service: Service routes
- static: Static routes
- ospf: OSPF routes
configure authority router routing routing-protocol route-reflector-allow-outbound-policy
Apply outbound policy on route reflector clients.
Usage
configure authority router routing routing-protocol route-reflector-allow-outbound-policy [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing routing-protocol route-selection-options
Set of configuration options that govern best path selection.
Subcommands
command | description |
---|---|
always-compare-med | Compare multi-exit discriminator (MED) value from different ASes when selecting the best route. The default behavior is to only compare MEDs for paths received from the same AS. |
delete | Delete configuration data |
external-compare-router-id | When comparing similar routes received from external BGP neighbors, use the router-id as a criterion to select the active path. |
ignore-as-path-length | Ignore the AS path length when selecting the best path. The default is to use the AS path length and prefer paths with shorter length. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'route-selection-options' |
configure authority router routing routing-protocol route-selection-options always-compare-med
Compare multi-exit discriminator (MED) value from different ASes when selecting the best route. The default behavior is to only compare MEDs for paths received from the same AS.
Usage
configure authority router routing routing-protocol route-selection-options always-compare-med [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing routing-protocol route-selection-options external-compare-router-id
When comparing similar routes received from external BGP neighbors, use the router-id as a criterion to select the active path.
Usage
configure authority router routing routing-protocol route-selection-options external-compare-router-id [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router routing routing-protocol route-selection-options ignore-as-path-length
Ignore the AS path length when selecting the best path. The default is to use the AS path length and prefer paths with shorter length.
Usage
configure authority router routing routing-protocol route-selection-options ignore-as-path-length [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing routing-protocol router-id
Router id of the router, expressed as an 32-bit value, IPv4 address.
Usage
configure authority router routing routing-protocol router-id [<ipv4-address>]
Positional Arguments
name | description |
---|---|
ipv4-address | The value to set for this field |
Description
ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
configure authority router routing routing-protocol timers
Config parameters related to timers associated with the BGP neighbor
Subcommands
command | description |
---|---|
delete | Delete configuration data |
hold-time | Time interval that a BGP session will be considered active in the absence of keepalive or other messages from the neighbor. The hold-time is typically set to 3x the keepalive-interval. |
keepalive-interval | Time interval between transmission of keepalive messages to the neighbor. Must be set to 1/3 the hold-time or smaller. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'timers' |
configure authority router routing routing-protocol timers hold-time
Time interval that a BGP session will be considered active in the absence of keepalive or other messages from the neighbor. The hold-time is typically set to 3x the keepalive-interval.
Usage
configure authority router routing routing-protocol timers hold-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 90
uint16
An unsigned 16-bit integer.
Range: 0,3-65535
configure authority router routing routing-protocol timers keepalive-interval
Time interval between transmission of keepalive messages to the neighbor. Must be set to 1/3 the hold-time or smaller.
Usage
configure authority router routing routing-protocol timers keepalive-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 30
uint16
An unsigned 16-bit integer.
Range: 0-65535
configure authority router routing routing-protocol type
Type of the routing protocol - an identity derived from the 'routing-protocol' base identity.
Usage
configure authority router routing routing-protocol type [<identityref>]
Positional Arguments
name | description |
---|---|
identityref | The value to set for this field |
Description
identityref
A value from a set of predefined names.
Options:
- bgp: BGP routing protocol
configure authority router routing service-admin-distance
Administrative distance for routes generated from services.
Usage
configure authority router routing service-admin-distance [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 254
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing static-route
A list of static routes. The sub-element that allows administrators to configure static routes, that will be entered into the SSR's Routing Information Base (RIB).
Usage
configure authority router routing static-route <destination-prefix> <distance>
Positional Arguments
name | description |
---|---|
destination-prefix | IPv4 or IPv6 destination prefix that must be unicast. |
distance | Static route administrative distance. Used in calculating route preference when multiple possible paths exist learned via different sources. |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
description | Textual description of the route. |
destination-prefix | IPv4 or IPv6 destination prefix that must be unicast. |
distance | Static route administrative distance. Used in calculating route preference when multiple possible paths exist learned via different sources. |
next-hop | List of next-hops. An empty list creates a blackhole route. |
next-hop-interface | List of next-hop interfaces. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'static-route' |
configure authority router routing static-route description
Textual description of the route.
Usage
configure authority router routing static-route description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router routing static-route destination-prefix
IPv4 or IPv6 destination prefix that must be unicast.
Usage
configure authority router routing static-route destination-prefix [<unicast-ip-prefix>]
Positional Arguments
name | description |
---|---|
unicast-ip-prefix | The value to set for this field |
Description
unicast-ip-prefix (union)
A unicast IPv4 or IPv6 prefix
Must be one of the following types:
(0) unicast-ipv4-prefix (string)
A unicast IPv4 prefix
(1) unicast-ipv6-prefix (string)
A unicast IPv6 prefix
configure authority router routing static-route distance
Static route administrative distance. Used in calculating route preference when multiple possible paths exist learned via different sources.
Usage
configure authority router routing static-route distance [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing static-route next-hop
List of next-hops. An empty list creates a blackhole route.
Usage
configure authority router routing static-route next-hop [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router routing static-route next-hop-interface
List of next-hop interfaces.
Usage
configure authority router routing static-route next-hop-interface <node> <interface>
Positional Arguments
name | description |
---|---|
node | Interface node name |
interface | Network interface name |
Subcommands
command | description |
---|---|
interface | Network interface name |
node | Interface node name |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'next-hop-interface' |
configure authority router routing static-route next-hop-interface interface
Network interface name
Usage
configure authority router routing static-route next-hop-interface interface [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing static-route next-hop-interface node
Interface node name
Usage
configure authority router routing static-route next-hop-interface node [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing type
The type of the routing instance.
Usage
configure authority router routing type [<identityref>]
Positional Arguments
name | description |
---|---|
identityref | The value to set for this field |
Description
identityref
A value from a set of predefined names.
Options:
- default-instance: This identity represents a default routing instance.
configure authority router routing vrf
A list of virtual router and forward instances (VRF's).
Usage
configure authority router routing vrf <name>
Positional Arguments
name | description |
---|---|
name | The name of the VRF. |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
description | Textual description of the VRF instance. |
igmp | IGMP VRF configuration |
interface | Internal loopback interface used for routing protocols |
msdp | MSDP configuration |
name | The name of the VRF. |
ospf | OSPF instance configuration |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
pim | PIM VRF configuration |
rib-policy | List of protocol specific RIB policies |
routing-protocol | Each entry contains configuration of a routing protocol instance. |
service-admin-distance | Administrative distance for routes generated from services. |
show | Show configuration data for 'vrf' |
static-route | A list of static routes. The sub-element that allows administrators to configure static routes, that will be entered into the SSR's Routing Information Base (RIB). |
tenant-name | List of tenants in this VRF. |
configure authority router routing vrf description
Textual description of the VRF instance.
Usage
configure authority router routing vrf description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router routing vrf igmp
IGMP VRF configuration
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
interface | List of IGMP interfaces |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'igmp' |
configure authority router routing vrf igmp interface
List of IGMP interfaces
Usage
configure authority router routing vrf igmp interface <node> <interface>
Positional Arguments
name | description |
---|---|
node | Interface node name |
interface | Network interface name |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
interface | Network interface name |
join | List of Groups to join |
node | Interface node name |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'interface' |
version | IGMP Version |
configure authority router routing vrf igmp interface interface
Network interface name
Usage
configure authority router routing vrf igmp interface interface [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing vrf igmp interface join
List of Groups to join
Usage
configure authority router routing vrf igmp interface join <group>
Positional Arguments
name | description |
---|---|
group | IPv4 address of the Group to Join |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
group | IPv4 address of the Group to Join |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'join' |
source | IPv4 address of the Source to Join |
configure authority router routing vrf igmp interface join group
IPv4 address of the Group to Join
Usage
configure authority router routing vrf igmp interface join group [<multicast-ipv4-address>]
Positional Arguments
name | description |
---|---|
multicast-ipv4-address | The value to set for this field |
Description
multicast-ipv4-address (string)
A multicast IPv4 address
Must be a valid IPv4 address.
configure authority router routing vrf igmp interface join source
IPv4 address of the Source to Join
Usage
configure authority router routing vrf igmp interface join source [<unicast-ipv4-address>]
Positional Arguments
name | description |
---|---|
unicast-ipv4-address | The value to set for this field |
Description
unicast-ipv4-address (string)
A unicast IPv4 address
Must be a valid IPv4 address.
configure authority router routing vrf igmp interface node
Interface node name
Usage
configure authority router routing vrf igmp interface node [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing vrf igmp interface version
IGMP Version
Usage
configure authority router routing vrf igmp interface version [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 3
uint8
An unsigned 8-bit integer.
Range: 2-3
configure authority router routing vrf interface
Internal loopback interface used for routing protocols
Usage
configure authority router routing vrf interface <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary, unique name for the routing interface, used to reference it in other routing configuration sections. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Administratively enable/disable the interface. |
ip-address | The IP address of the interface. |
name | An arbitrary, unique name for the routing interface, used to reference it in other routing configuration sections. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'interface' |
configure authority router routing vrf interface enabled
Administratively enable/disable the interface.
Usage
configure authority router routing vrf interface enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router routing vrf interface ip-address
The IP address of the interface.
Usage
configure authority router routing vrf interface ip-address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union) (required)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string) (required)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string) (required)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router routing vrf interface name
An arbitrary, unique name for the routing interface, used to reference it in other routing configuration sections.
Usage
configure authority router routing vrf interface name [<bridge-name>]
Positional Arguments
name | description |
---|---|
bridge-name | The value to set for this field |
Description
bridge-name (string)
A string identifier for bridge-name which only uses alphanumerics, underscores, or dashes, and cannot exceed 15 characters.
Must contain only alphanumeric characters, start with a alphabet and can contain any of the following: _ - The name 'lo' is reserved. Length: 0-15
configure authority router routing vrf msdp
MSDP configuration
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
mesh-group | MSDP Mesh-Group Configuration |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
peer | MSDP Peer Configuration |
show | Show configuration data for 'msdp' |
configure authority router routing vrf msdp mesh-group
MSDP Mesh-Group Configuration
Usage
configure authority router routing vrf msdp mesh-group <name>
Positional Arguments
name | description |
---|---|
name | Name of the Mesh-Group |
Subcommands
command | description |
---|---|
auth-password | Configures an MD5 authentication password for use with MSDP peers and Mesh-Groups. |
delete | Delete configuration data |
member | IPv4 address of the Mesh-group member |
name | Name of the Mesh-Group |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'mesh-group' |
source | Source Address for the mesh-group |
configure authority router routing vrf msdp mesh-group auth-password
Configures an MD5 authentication password for use with MSDP peers and Mesh-Groups.
Usage
configure authority router routing vrf msdp mesh-group auth-password [<password>]
Positional Arguments
name | description |
---|---|
password | The value to set for this field |
Description
password (string)
A password type that is hidden from the UI. The internal storage format is dependent on the individual field.
configure authority router routing vrf msdp mesh-group member
IPv4 address of the Mesh-group member
Usage
configure authority router routing vrf msdp mesh-group member [<unicast-ipv4-address>]
Positional Arguments
name | description |
---|---|
unicast-ipv4-address | Value to add to this list |
Description
unicast-ipv4-address (string)
A unicast IPv4 address
Must be a valid IPv4 address.
configure authority router routing vrf msdp mesh-group name
Name of the Mesh-Group
Usage
configure authority router routing vrf msdp mesh-group name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router routing vrf msdp mesh-group source
Source Address for the mesh-group
Usage
configure authority router routing vrf msdp mesh-group source [<unicast-ipv4-address>]
Positional Arguments
name | description |
---|---|
unicast-ipv4-address | The value to set for this field |
Description
unicast-ipv4-address (string) (required)
A unicast IPv4 address
Must be a valid IPv4 address.
configure authority router routing vrf msdp peer
MSDP Peer Configuration
Usage
configure authority router routing vrf msdp peer <address>
Positional Arguments
name | description |
---|---|
address | IPv4 address of the Peer |
Subcommands
command | description |
---|---|
address | IPv4 address of the Peer |
auth-password | Configures an MD5 authentication password for use with MSDP peers and Mesh-Groups. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'peer' |
source | Source Address for the peer adjacency |
configure authority router routing vrf msdp peer address
IPv4 address of the Peer
Usage
configure authority router routing vrf msdp peer address [<unicast-ipv4-address>]
Positional Arguments
name | description |
---|---|
unicast-ipv4-address | The value to set for this field |
Description
unicast-ipv4-address (string)
A unicast IPv4 address
Must be a valid IPv4 address.
configure authority router routing vrf msdp peer auth-password
Configures an MD5 authentication password for use with MSDP peers and Mesh-Groups.
Usage
configure authority router routing vrf msdp peer auth-password [<password>]
Positional Arguments
name | description |
---|---|
password | The value to set for this field |
Description
password (string)
A password type that is hidden from the UI. The internal storage format is dependent on the individual field.
configure authority router routing vrf msdp peer source
Source Address for the peer adjacency
Usage
configure authority router routing vrf msdp peer source [<unicast-ipv4-address>]
Positional Arguments
name | description |
---|---|
unicast-ipv4-address | The value to set for this field |
Description
unicast-ipv4-address (string) (required)
A unicast IPv4 address
Must be a valid IPv4 address.
configure authority router routing vrf name
The name of the VRF.
Usage
configure authority router routing vrf name [<vrf-name>]
Positional Arguments
name | description |
---|---|
vrf-name | The value to set for this field |
Description
vrf-name (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 15 characters, and cannot be the words 'all', 'any', 'default', or 'unknown'.
Must contain only alphanumeric characters or any of the following: _ - The name 'lo' is reserved. Length: 1-15
configure authority router routing vrf ospf
OSPF instance configuration
Usage
configure authority router routing vrf ospf <instance>
Positional Arguments
name | description |
---|---|
instance | Number of OSPF instance |
Subcommands
command | description |
---|---|
advertise-default | Advertise default route into OSPF |
area | List of OSPF areas |
clone | Clone a list item |
delete | Delete configuration data |
distance | OSPF route administrative distance |
graceful-restart | Enable OSPF graceful restart |
instance | Number of OSPF instance |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
redistribute | List of routing protocols to redistribute into OSPF |
router-id | Defined in RFC 2328. A 32-bit number that uniquely identifies the router |
show | Show configuration data for 'ospf' |
timers | OSPF Timers |
version | OSPF version |
configure authority router routing vrf ospf advertise-default
Advertise default route into OSPF
Subcommands
command | description |
---|---|
always | Advertise default route into OSPF even when there is no default route in the routing table |
delete | Delete configuration data |
metric | Advertised metric of the default route |
metric-type | Advertised metric type of default route |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
policy | A policy to apply to the default route |
show | Show configuration data for 'advertise-default' |
configure authority router routing vrf ospf advertise-default always
Advertise default route into OSPF even when there is no default route in the routing table
Usage
configure authority router routing vrf ospf advertise-default always [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing vrf ospf advertise-default metric
Advertised metric of the default route
Usage
configure authority router routing vrf ospf advertise-default metric [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32
An unsigned 32-bit integer.
Range: 0-16777214
configure authority router routing vrf ospf advertise-default metric-type
Advertised metric type of default route
Usage
configure authority router routing vrf ospf advertise-default metric-type [<ospf-external-metric-type>]
Positional Arguments
name | description |
---|---|
ospf-external-metric-type | The value to set for this field |
Description
Default: type-2
ospf-external-metric-type (enumeration)
OSPF external metric type
Options:
- type-1: External metric type 1, comparable to link state metric
- type-2: External metric type 2, larger than link state metric
configure authority router routing vrf ospf advertise-default policy
A policy to apply to the default route
Usage
configure authority router routing vrf ospf advertise-default policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing vrf ospf area
List of OSPF areas
Usage
configure authority router routing vrf ospf area <id>
Positional Arguments
name | description |
---|---|
id | Area ID |
Subcommands
command | description |
---|---|
authentication-type | Area authentication type |
clone | Clone a list item |
default-cost | Set the summary default route cost for a stub or NSSA area. |
delete | Delete configuration data |
id | Area ID |
interface | List of interfaces in area |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
routing-interface | List of routing interfaces in area |
show | Show configuration data for 'area' |
summary-advertisement | Enable/Disable summary advertisement into the stub or NSSA area. |
summary-range | Summarize routes matching address/mask - Applicable to Area Border Routers (ABRs) only |
type | Area type |
configure authority router routing vrf ospf area authentication-type
Area authentication type
Usage
configure authority router routing vrf ospf area authentication-type [<area-authentication-type>]
Positional Arguments
name | description |
---|---|
area-authentication-type | The value to set for this field |
Description
Default: none
area-authentication-type (enumeration)
OSPF area authentication. Can be overriden by interface authentication.
Options:
- none: No authentication
- simple: Simple (plain text) password authentication
- md5: MD5 HMAC authentication
configure authority router routing vrf ospf area default-cost
Set the summary default route cost for a stub or NSSA area.
Usage
configure authority router routing vrf ospf area default-cost [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 1
uint32
An unsigned 32-bit integer.
Range: 1-16777215
configure authority router routing vrf ospf area id
Area ID
Usage
configure authority router routing vrf ospf area id [<area-id-type>]
Positional Arguments
name | description |
---|---|
area-id-type | The value to set for this field |
Description
area-id-type (string)
Area ID type.
configure authority router routing vrf ospf area interface
List of interfaces in area
Usage
configure authority router routing vrf ospf area interface <node> <interface>
Positional Arguments
name | description |
---|---|
node | Interface node name |
interface | Network interface name |
Subcommands
command | description |
---|---|
authentication-type | OSPF interface authentication type. |
bfd | BFD Client Configuration. |
clone | Clone a list item |
cost | Interface cost |
dead-interval | Interval after which a neighbor is declared down (seconds) if hello packets are not received. |
delete | Delete configuration data |
hello-interval | Interval between hello packets (seconds). |
interface | Network interface name |
message-digest-key | MD5 HMAC authentication message digest keys |
network-type | Interface network type |
node | Interface node name |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
passive | Enable/Disable passive interface - a passive interface's prefix will be advertised but no neighbor adjacencies will be formed on the interface. |
password | OSPF simple authentication password |
priority | Router priority |
show | Show configuration data for 'interface' |
configure authority router routing vrf ospf area interface authentication-type
OSPF interface authentication type.
Usage
configure authority router routing vrf ospf area interface authentication-type [<interface-authentication-type>]
Positional Arguments
name | description |
---|---|
interface-authentication-type | The value to set for this field |
Description
Default: area
interface-authentication-type (enumeration)
OSPF interface authentication type
Options:
- area: Use area authentication type
- none: No interface authentication
- simple: Simple (plain text) password authentication
- md5: MD5 HMAC authentication
configure authority router routing vrf ospf area interface bfd
BFD Client Configuration.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
desired-tx-interval | The minimum transmission interval in milliseconds used to send BFD control packets. |
enable | Enable/Disable BFD protocol |
multiplier | The number of BFD packets that can be lost without the BFD session declared as down. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
required-min-rx-interval | Represents the minimum interval between BFD asynchronous control packets that this router is capable of supporting. |
show | Show configuration data for 'bfd' |
configure authority router routing vrf ospf area interface bfd desired-tx-interval
The minimum transmission interval in milliseconds used to send BFD control packets.
Usage
configure authority router routing vrf ospf area interface bfd desired-tx-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
uint16
An unsigned 16-bit integer.
Range: 50-60000
configure authority router routing vrf ospf area interface bfd enable
Enable/Disable BFD protocol
Usage
configure authority router routing vrf ospf area interface bfd enable [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing vrf ospf area interface bfd multiplier
The number of BFD packets that can be lost without the BFD session declared as down.
Usage
configure authority router routing vrf ospf area interface bfd multiplier [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 3
uint8
An unsigned 8-bit integer.
Range: 2-255
configure authority router routing vrf ospf area interface bfd required-min-rx-interval
Represents the minimum interval between BFD asynchronous control packets that this router is capable of supporting.
Usage
configure authority router routing vrf ospf area interface bfd required-min-rx-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
uint16
An unsigned 16-bit integer.
Range: 50-60000
configure authority router routing vrf ospf area interface cost
Interface cost
Usage
configure authority router routing vrf ospf area interface cost [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Default: 10
uint16
An unsigned 16-bit integer.
Range: 1-65535
configure authority router routing vrf ospf area interface dead-interval
Interval after which a neighbor is declared down (seconds) if hello packets are not received.
Usage
configure authority router routing vrf ospf area interface dead-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 40
uint32
An unsigned 32-bit integer.
Range: 1-2147483647
configure authority router routing vrf ospf area interface hello-interval
Interval between hello packets (seconds).
Usage
configure authority router routing vrf ospf area interface hello-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 10
uint16
An unsigned 16-bit integer.
Range: 1-65535
configure authority router routing vrf ospf area interface interface
Network interface name
Usage
configure authority router routing vrf ospf area interface interface [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing vrf ospf area interface message-digest-key
MD5 HMAC authentication message digest keys
Usage
configure authority router routing vrf ospf area interface message-digest-key <id>
Positional Arguments
name | description |
---|---|
id | Message digest key identifier |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
id | Message digest key identifier |
key | Message digest secret key |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'message-digest-key' |
configure authority router routing vrf ospf area interface message-digest-key id
Message digest key identifier
Usage
configure authority router routing vrf ospf area interface message-digest-key id [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing vrf ospf area interface message-digest-key key
Message digest secret key
Usage
configure authority router routing vrf ospf area interface message-digest-key key [<routing-password-type>]
Positional Arguments
name | description |
---|---|
routing-password-type | The value to set for this field |
Description
routing-password-type (string)
A routing engine password that is hidden from the UI.
Invalid whitespace or other unrecognized character.
configure authority router routing vrf ospf area interface network-type
Interface network type
Usage
configure authority router routing vrf ospf area interface network-type [<interface-network-type>]
Positional Arguments
name | description |
---|---|
interface-network-type | The value to set for this field |
Description
Default: unspecified
interface-network-type (enumeration)
OSPF interface network type
Options:
- unspecified: Unspecified network type
- broadcast: Broadcast network
- point-to-point: Point-to-point network
configure authority router routing vrf ospf area interface node
Interface node name
Usage
configure authority router routing vrf ospf area interface node [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing vrf ospf area interface passive
Enable/Disable passive interface - a passive interface's prefix will be advertised but no neighbor adjacencies will be formed on the interface.
Usage
configure authority router routing vrf ospf area interface passive [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing vrf ospf area interface password
OSPF simple authentication password
Usage
configure authority router routing vrf ospf area interface password [<routing-password-type>]
Positional Arguments
name | description |
---|---|
routing-password-type | The value to set for this field |
Description
routing-password-type (string)
A routing engine password that is hidden from the UI.
Invalid whitespace or other unrecognized character.
configure authority router routing vrf ospf area interface priority
Router priority
Usage
configure authority router routing vrf ospf area interface priority [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 1
uint8
An unsigned 8-bit integer.
Range: 0-255
configure authority router routing vrf ospf area routing-interface
List of routing interfaces in area
Usage
configure authority router routing vrf ospf area routing-interface <routing-interface>
Positional Arguments
name | description |
---|---|
routing-interface | Routing interface name |
Subcommands
command | description |
---|---|
cost | Interface cost |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
routing-interface | Routing interface name |
show | Show configuration data for 'routing-interface' |
configure authority router routing vrf ospf area routing-interface cost
Interface cost
Usage
configure authority router routing vrf ospf area routing-interface cost [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Default: 10
uint16
An unsigned 16-bit integer.
Range: 1-65535
configure authority router routing vrf ospf area routing-interface routing-interface
Routing interface name
Usage
configure authority router routing vrf ospf area routing-interface routing-interface [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing vrf ospf area summary-advertisement
Enable/Disable summary advertisement into the stub or NSSA area.
Usage
configure authority router routing vrf ospf area summary-advertisement [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router routing vrf ospf area summary-range
Summarize routes matching address/mask - Applicable to Area Border Routers (ABRs) only
Usage
configure authority router routing vrf ospf area summary-range <prefix>
Positional Arguments
name | description |
---|---|
prefix | Summarization prefix |
Subcommands
command | description |
---|---|
advertise | Advertise or hide |
cost | Advertised cost of summary route |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
prefix | Summarization prefix |
show | Show configuration data for 'summary-range' |
configure authority router routing vrf ospf area summary-range advertise
Advertise or hide
Usage
configure authority router routing vrf ospf area summary-range advertise [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router routing vrf ospf area summary-range cost
Advertised cost of summary route
Usage
configure authority router routing vrf ospf area summary-range cost [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32
An unsigned 32-bit integer.
Range: 0-16777214
configure authority router routing vrf ospf area summary-range prefix
Summarization prefix
Usage
configure authority router routing vrf ospf area summary-range prefix [<ip-prefix>]
Positional Arguments
name | description |
---|---|
ip-prefix | The value to set for this field |
Description
ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority router routing vrf ospf area type
Area type
Usage
configure authority router routing vrf ospf area type [<area-type>]
Positional Arguments
name | description |
---|---|
area-type | The value to set for this field |
Description
Default: normal
area-type (enumeration)
A value from a set of predefined names.
Options:
- normal: OSPF normal area
- stub: OSPF stub area
- nssa: OSPF Not-So-Stubby Area (NSSA)
configure authority router routing vrf ospf distance
OSPF route administrative distance
Subcommands
command | description |
---|---|
delete | Delete configuration data |
external | Administrative distance for external OSPF routes |
inter-area | Administrative distance for inter-area OSPF routes |
intra-area | Administrative distance for intra-area OSPF routes |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'distance' |
configure authority router routing vrf ospf distance external
Administrative distance for external OSPF routes
Usage
configure authority router routing vrf ospf distance external [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 110
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing vrf ospf distance inter-area
Administrative distance for inter-area OSPF routes
Usage
configure authority router routing vrf ospf distance inter-area [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 110
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing vrf ospf distance intra-area
Administrative distance for intra-area OSPF routes
Usage
configure authority router routing vrf ospf distance intra-area [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 110
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing vrf ospf graceful-restart
Enable OSPF graceful restart
Subcommands
command | description |
---|---|
delete | Delete configuration data |
helper | OSPF graceful restart helper support |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
restart-time | OSPF graceful restart duration |
show | Show configuration data for 'graceful-restart' |
configure authority router routing vrf ospf graceful-restart helper
OSPF graceful restart helper support
Subcommands
command | description |
---|---|
delete | Delete configuration data |
helper-restart-time | Helper support graceful restart duration |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'helper' |
strict-lsa-checking | When enabled, helper will abort graceful restart if a LSA change occurs that affects the restarting router |
configure authority router routing vrf ospf graceful-restart helper helper-restart-time
Helper support graceful restart duration
Usage
configure authority router routing vrf ospf graceful-restart helper helper-restart-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 120
uint16
An unsigned 16-bit integer.
Range: 10-1800
configure authority router routing vrf ospf graceful-restart helper strict-lsa-checking
When enabled, helper will abort graceful restart if a LSA change occurs that affects the restarting router
Usage
configure authority router routing vrf ospf graceful-restart helper strict-lsa-checking [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router routing vrf ospf graceful-restart restart-time
OSPF graceful restart duration
Usage
configure authority router routing vrf ospf graceful-restart restart-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 120
uint16
An unsigned 16-bit integer.
Range: 1-1800
configure authority router routing vrf ospf instance
Number of OSPF instance
Usage
configure authority router routing vrf ospf instance [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
uint8
An unsigned 8-bit integer.
Range: 1-8
configure authority router routing vrf ospf redistribute
List of routing protocols to redistribute into OSPF
Usage
configure authority router routing vrf ospf redistribute <protocol>
Positional Arguments
name | description |
---|---|
protocol | The routing protocol to redistribute into OSPF |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
metric | Advertised metric of redistributed route |
metric-type | Advertised metric type of redistributed route |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
policy | A policy to apply to the redistributed route |
protocol | The routing protocol to redistribute into OSPF |
show | Show configuration data for 'redistribute' |
configure authority router routing vrf ospf redistribute metric
Advertised metric of redistributed route
Usage
configure authority router routing vrf ospf redistribute metric [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32
An unsigned 32-bit integer.
Range: 0-16777214
configure authority router routing vrf ospf redistribute metric-type
Advertised metric type of redistributed route
Usage
configure authority router routing vrf ospf redistribute metric-type [<ospf-external-metric-type>]
Positional Arguments
name | description |
---|---|
ospf-external-metric-type | The value to set for this field |
Description
Default: type-2
ospf-external-metric-type (enumeration)
OSPF external metric type
Options:
- type-1: External metric type 1, comparable to link state metric
- type-2: External metric type 2, larger than link state metric
configure authority router routing vrf ospf redistribute policy
A policy to apply to the redistributed route
Usage
configure authority router routing vrf ospf redistribute policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing vrf ospf redistribute protocol
The routing protocol to redistribute into OSPF
Usage
configure authority router routing vrf ospf redistribute protocol [<redistribute-into-ospf>]
Positional Arguments
name | description |
---|---|
redistribute-into-ospf | The value to set for this field |
Description
redistribute-into-ospf (enumeration)
A value from a set of predefined names.
Options:
- bgp: BGP routes
- connected: Interface routes
- service: Service routes
- static: Static routes
configure authority router routing vrf ospf router-id
Defined in RFC 2328. A 32-bit number that uniquely identifies the router
Usage
configure authority router routing vrf ospf router-id [<dotted-quad>]
Positional Arguments
name | description |
---|---|
dotted-quad | The value to set for this field |
Description
dotted-quad (string)
An unsigned 32-bit number expressed in the dotted-quad notation, i.e., four octets written as decimal numbers and separated with the '.' (full stop) character.
configure authority router routing vrf ospf timers
OSPF Timers
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'timers' |
spf | OSPF SPF Timers |
configure authority router routing vrf ospf timers spf
OSPF SPF Timers
Subcommands
command | description |
---|---|
delay | Initial SPF delay. |
delete | Delete configuration data |
hold-time | Adaptive hold-time. |
maximum-hold-time | Maximum hold-time. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'spf' |
configure authority router routing vrf ospf timers spf delay
Initial SPF delay.
Usage
configure authority router routing vrf ospf timers spf delay [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 0
uint32
An unsigned 32-bit integer.
Range: 0-600000
configure authority router routing vrf ospf timers spf hold-time
Adaptive hold-time.
Usage
configure authority router routing vrf ospf timers spf hold-time [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 5000
uint32
An unsigned 32-bit integer.
Range: 0-600000
configure authority router routing vrf ospf timers spf maximum-hold-time
Maximum hold-time.
Usage
configure authority router routing vrf ospf timers spf maximum-hold-time [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 30000
uint32
An unsigned 32-bit integer.
Range: 0-600000
configure authority router routing vrf ospf version
OSPF version
Usage
configure authority router routing vrf ospf version [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: ospfv2
enumeration
A value from a set of predefined names.
Options:
- ospfv2:
- ospfv3:
configure authority router routing vrf pim
PIM VRF configuration
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
interface | List of PIM interfaces in the VRF |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
rp | PIM RP Configuration |
show | Show configuration data for 'pim' |
configure authority router routing vrf pim interface
List of PIM interfaces in the VRF
Usage
configure authority router routing vrf pim interface <node> <interface>
Positional Arguments
name | description |
---|---|
node | Interface node name |
interface | Network interface name |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
dr-priority | Preference of a particular device in the DR election process. The lowest priority is 1. |
hello-interval | Configure Hello Interval |
interface | Network interface name |
node | Interface node name |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'interface' |
configure authority router routing vrf pim interface dr-priority
Preference of a particular device in the DR election process. The lowest priority is 1.
Usage
configure authority router routing vrf pim interface dr-priority [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 1
uint32
An unsigned 32-bit integer.
Range: 1-4294967295
configure authority router routing vrf pim interface hello-interval
Configure Hello Interval
Usage
configure authority router routing vrf pim interface hello-interval [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Units: seconds
Default: 30
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing vrf pim interface interface
Network interface name
Usage
configure authority router routing vrf pim interface interface [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing vrf pim interface node
Interface node name
Usage
configure authority router routing vrf pim interface node [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing vrf pim rp
PIM RP Configuration
Usage
configure authority router routing vrf pim rp <group-range>
Positional Arguments
name | description |
---|---|
group-range | Multicast Group address range for this RP |
Subcommands
command | description |
---|---|
address | IPv4 address of the RP |
delete | Delete configuration data |
group-range | Multicast Group address range for this RP |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'rp' |
configure authority router routing vrf pim rp address
IPv4 address of the RP
Usage
configure authority router routing vrf pim rp address [<unicast-ipv4-address>]
Positional Arguments
name | description |
---|---|
unicast-ipv4-address | The value to set for this field |
Description
unicast-ipv4-address (string) (required)
A unicast IPv4 address
Must be a valid IPv4 address.
configure authority router routing vrf pim rp group-range
Multicast Group address range for this RP
Usage
configure authority router routing vrf pim rp group-range [<multicast-ipv4-prefix>]
Positional Arguments
name | description |
---|---|
multicast-ipv4-prefix | The value to set for this field |
Description
multicast-ipv4-prefix (string)
A multicast IPv4 prefix
configure authority router routing vrf rib-policy
List of protocol specific RIB policies
Usage
configure authority router routing vrf rib-policy <family> <protocol>
Positional Arguments
name | description |
---|---|
family | The routing protocol address family |
protocol | The routing protocol RIB policy |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
family | The routing protocol address family |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
policy | A policy to apply to the protocol route |
protocol | The routing protocol RIB policy |
show | Show configuration data for 'rib-policy' |
configure authority router routing vrf rib-policy family
The routing protocol address family
Usage
configure authority router routing vrf rib-policy family [<rib-family>]
Positional Arguments
name | description |
---|---|
rib-family | The value to set for this field |
Description
rib-family (enumeration)
A value from a set of predefined names.
Options:
- ipv4: IPv4 Address Family
- ipv6: IPv6 Address Famimly
configure authority router routing vrf rib-policy policy
A policy to apply to the protocol route
Usage
configure authority router routing vrf rib-policy policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing vrf rib-policy protocol
The routing protocol RIB policy
Usage
configure authority router routing vrf rib-policy protocol [<rib-protocol>]
Positional Arguments
name | description |
---|---|
rib-protocol | The value to set for this field |
Description
rib-protocol (enumeration)
A value from a set of predefined names.
Options:
- any: Any RIB protocol
- bgp: BGP routes
- connected: Interface routes
- ospf: OSPF routes
- service: Service routes
- static: Static routes
configure authority router routing vrf routing-protocol
Each entry contains configuration of a routing protocol instance.
Usage
configure authority router routing vrf routing-protocol <type>
Positional Arguments
name | description |
---|---|
type | Type of the routing protocol - an identity derived from the 'routing-protocol' base identity. |
Subcommands
command | description |
---|---|
address-family | Address family configuration |
clone | Clone a list item |
cluster-id | Route reflector cluster id. |
conditional-advertisement | Configure Conditional Advertisement |
confederation | Configuration options specifying parameters when the local router is within an autonomous system which is part of a BGP confederation. |
delete | Delete configuration data |
description | Textual description of the routing protocol instance. |
graceful-restart | Configuration parameters relating to BGP graceful restart. |
local-as | Local autonomous system number of the router. Uses the 32-bit as-number type from the model in RFC 6991. |
neighbor | List of BGP neighbors configured on the local system, uniquely identified by neighbor IPv[46] address |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
redistribute | List of routing protocols to redistribute into BGP |
route-reflector-allow-outbound-policy | Apply outbound policy on route reflector clients. |
route-selection-options | Set of configuration options that govern best path selection. |
router-id | Router id of the router, expressed as an 32-bit value, IPv4 address. |
show | Show configuration data for 'routing-protocol' |
timers | Config parameters related to timers associated with the BGP neighbor |
type | Type of the routing protocol - an identity derived from the 'routing-protocol' base identity. |
configure authority router routing vrf routing-protocol address-family
Address family configuration
Usage
configure authority router routing vrf routing-protocol address-family <afi-safi>
Positional Arguments
name | description |
---|---|
afi-safi | Address family type |
Subcommands
command | description |
---|---|
afi-safi | Address family type |
aggregate-address | Address prefixes to aggregate |
clone | Clone a list item |
default-route-distance | Configuration options relating to the administrative distance (or preference) assigned to routes received from different sources (external, internal, and local). |
delete | Delete configuration data |
graceful-restart | Configuration parameters relating to BGP graceful restart. |
network | Advertises a network into BGP |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
redistribute | List of routing protocols to redistribute into BGP |
show | Show configuration data for 'address-family' |
use-multiple-paths | Parameters related to the use of multiple paths for the same NLRI |
vpn-export | Configure Vpn Export |
vpn-import | Configure Vpn Import |
configure authority router routing vrf routing-protocol address-family afi-safi
Address family type
Usage
configure authority router routing vrf routing-protocol address-family afi-safi [<identityref>]
Positional Arguments
name | description |
---|---|
identityref | The value to set for this field |
Description
identityref
A value from a set of predefined names.
Options:
- ipv4-unicast: IPv4 unicast (AFI,SAFI = 1,1)
- ipv6-unicast: IPv6 unicast (AFI,SAFI = 2,1)
- ipv4-vpn: IPv4 vpn (AFI,SAFI = 1,128)
- ipv6-vpn: IPv6 vpn (AFI,SAFI = 2,128)
configure authority router routing vrf routing-protocol address-family aggregate-address
Address prefixes to aggregate
Usage
configure authority router routing vrf routing-protocol address-family aggregate-address <prefix>
Positional Arguments
name | description |
---|---|
prefix | The prefix to aggregate from |
Subcommands
command | description |
---|---|
as-set | Generate as-set information for the resultant aggregate |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
policy | Policy to apply to the aggregate route |
prefix | The prefix to aggregate from |
show | Show configuration data for 'aggregate-address' |
summary-only | Specifies that the prefixes aggregated by this aggregation are not to be advertised: only the aggregate itself will be advertised |
configure authority router routing vrf routing-protocol address-family aggregate-address as-set
Generate as-set information for the resultant aggregate
Usage
configure authority router routing vrf routing-protocol address-family aggregate-address as-set [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing vrf routing-protocol address-family aggregate-address policy
Policy to apply to the aggregate route
Usage
configure authority router routing vrf routing-protocol address-family aggregate-address policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing vrf routing-protocol address-family aggregate-address prefix
The prefix to aggregate from
Usage
configure authority router routing vrf routing-protocol address-family aggregate-address prefix [<not-host-ip-prefix>]
Positional Arguments
name | description |
---|---|
not-host-ip-prefix | The value to set for this field |
Description
not-host-ip-prefix (union)
A not host IPv4 or IPv6 prefix
Must be one of the following types:
(0) not-host-ipv4-prefix (string)
A not host IPv4 prefix
(1) not-host-ipv6-prefix (string)
A not host IPv6 prefix
configure authority router routing vrf routing-protocol address-family aggregate-address summary-only
Specifies that the prefixes aggregated by this aggregation are not to be advertised: only the aggregate itself will be advertised
Usage
configure authority router routing vrf routing-protocol address-family aggregate-address summary-only [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing vrf routing-protocol address-family default-route-distance
Configuration options relating to the administrative distance (or preference) assigned to routes received from different sources (external, internal, and local).
Subcommands
command | description |
---|---|
delete | Delete configuration data |
external | Administrative distance for routes learned from external BGP (eBGP). |
internal | Administrative distance for routes learned from internal BGP (iBGP). |
local | Administrative distance for local routes |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'default-route-distance' |
configure authority router routing vrf routing-protocol address-family default-route-distance external
Administrative distance for routes learned from external BGP (eBGP).
Usage
configure authority router routing vrf routing-protocol address-family default-route-distance external [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 20
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing vrf routing-protocol address-family default-route-distance internal
Administrative distance for routes learned from internal BGP (iBGP).
Usage
configure authority router routing vrf routing-protocol address-family default-route-distance internal [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 200
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing vrf routing-protocol address-family default-route-distance local
Administrative distance for local routes
Usage
configure authority router routing vrf routing-protocol address-family default-route-distance local [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 200
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing vrf routing-protocol address-family graceful-restart
Configuration parameters relating to BGP graceful restart.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
restart-time | Estimated time for the local BGP speaker to restart a session. This value is advertised in the graceful restart BGP capability. This is a 12-bit value, referred to as Restart Time in RFC4724. Per RFC4724, the suggested default value is less than or equal to the hold-time value. |
show | Show configuration data for 'graceful-restart' |
stale-routes-time | An upper-bound on the time that the stale routes will be retained by a router after a session is restarted. If an End-of-RIB (EOR) marker is received prior to this timer expiring stale-routes will be flushed upon its receipt - if no EOR is received, then when this timer expires stale paths will be purged. This timer is referred to as the Selection_Deferral_Timer in RFC4724 |
Description
graceful-restart
is deprecated and will be removed in a future software version
configure authority router routing vrf routing-protocol address-family graceful-restart restart-time
Estimated time for the local BGP speaker to restart a session. This value is advertised in the graceful restart BGP capability. This is a 12-bit value, referred to as Restart Time in RFC4724. Per RFC4724, the suggested default value is less than or equal to the hold-time value.
Usage
configure authority router routing vrf routing-protocol address-family graceful-restart restart-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
restart-time
is deprecated and will be removed in a future software version
uint16
An unsigned 16-bit integer.
Range: 0-4096
configure authority router routing vrf routing-protocol address-family graceful-restart stale-routes-time
An upper-bound on the time that the stale routes will be retained by a router after a session is restarted. If an End-of-RIB (EOR) marker is received prior to this timer expiring stale-routes will be flushed upon its receipt - if no EOR is received, then when this timer expires stale paths will be purged. This timer is referred to as the Selection_Deferral_Timer in RFC4724
Usage
configure authority router routing vrf routing-protocol address-family graceful-restart stale-routes-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
stale-routes-time
is deprecated and will be removed in a future software version
uint16
An unsigned 16-bit integer.
Range: 1-3600
configure authority router routing vrf routing-protocol address-family network
Advertises a network into BGP
Usage
configure authority router routing vrf routing-protocol address-family network <network-address>
Positional Arguments
name | description |
---|---|
network-address | Specify a network to announce via BGP for this address family |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
network-address | Specify a network to announce via BGP for this address family |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
policy | a policy to apply to the imported route |
show | Show configuration data for 'network' |
configure authority router routing vrf routing-protocol address-family network network-address
Specify a network to announce via BGP for this address family
Usage
configure authority router routing vrf routing-protocol address-family network network-address [<ip-prefix>]
Positional Arguments
name | description |
---|---|
ip-prefix | The value to set for this field |
Description
ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority router routing vrf routing-protocol address-family network policy
a policy to apply to the imported route
Usage
configure authority router routing vrf routing-protocol address-family network policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing vrf routing-protocol address-family redistribute
List of routing protocols to redistribute into BGP
Usage
configure authority router routing vrf routing-protocol address-family redistribute <protocol>
Positional Arguments
name | description |
---|---|
protocol | The routing protocol to redistribute into BGP |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
policy | A policy to apply to the redistributed route |
protocol | The routing protocol to redistribute into BGP |
show | Show configuration data for 'redistribute' |
configure authority router routing vrf routing-protocol address-family redistribute policy
A policy to apply to the redistributed route
Usage
configure authority router routing vrf routing-protocol address-family redistribute policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing vrf routing-protocol address-family redistribute protocol
The routing protocol to redistribute into BGP
Usage
configure authority router routing vrf routing-protocol address-family redistribute protocol [<redistribute-into-bgp>]
Positional Arguments
name | description |
---|---|
redistribute-into-bgp | The value to set for this field |
Description
redistribute-into-bgp (enumeration)
A value from a set of predefined names.
Options:
- connected: Interface routes
- service: Service routes
- static: Static routes
- ospf: OSPF routes
configure authority router routing vrf routing-protocol address-family use-multiple-paths
Parameters related to the use of multiple paths for the same NLRI
Subcommands
command | description |
---|---|
delete | Delete configuration data |
ebgp | Multipath parameters for eBGP |
ibgp | Multipath parameters for iBGP |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'use-multiple-paths' |
configure authority router routing vrf routing-protocol address-family use-multiple-paths ebgp
Multipath parameters for eBGP
Subcommands
command | description |
---|---|
delete | Delete configuration data |
maximum-paths | Maximum number of parallel paths to consider when using eBGP multipath for this address family. The default is to use a single path. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'ebgp' |
configure authority router routing vrf routing-protocol address-family use-multiple-paths ebgp maximum-paths
Maximum number of parallel paths to consider when using eBGP multipath for this address family. The default is to use a single path.
Usage
configure authority router routing vrf routing-protocol address-family use-multiple-paths ebgp maximum-paths [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: paths
Default: 1
uint32
An unsigned 32-bit integer.
Range: 1-64
configure authority router routing vrf routing-protocol address-family use-multiple-paths ibgp
Multipath parameters for iBGP
Subcommands
command | description |
---|---|
delete | Delete configuration data |
maximum-paths | Maximum number of parallel paths to consider when using iBGP multipath for this address family. The default is to use a single path |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'ibgp' |
configure authority router routing vrf routing-protocol address-family use-multiple-paths ibgp maximum-paths
Maximum number of parallel paths to consider when using iBGP multipath for this address family. The default is to use a single path
Usage
configure authority router routing vrf routing-protocol address-family use-multiple-paths ibgp maximum-paths [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: paths
Default: 1
uint32
An unsigned 32-bit integer.
Range: 1-64
configure authority router routing vrf routing-protocol address-family vpn-export
Configure Vpn Export
Subcommands
command | description |
---|---|
delete | Delete configuration data |
export-policy | Export policy for vpn export |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
route-distinguisher | Route Distinguisher for vpn export |
show | Show configuration data for 'vpn-export' |
vpn-export-route-target | Route Target list for vpn export |
configure authority router routing vrf routing-protocol address-family vpn-export export-policy
Export policy for vpn export
Usage
configure authority router routing vrf routing-protocol address-family vpn-export export-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing vrf routing-protocol address-family vpn-export route-distinguisher
Route Distinguisher for vpn export
Usage
configure authority router routing vrf routing-protocol address-family vpn-export route-distinguisher [<set-extended-community>]
Positional Arguments
name | description |
---|---|
set-extended-community | The value to set for this field |
Description
set-extended-community (union) (required)
A BGP extended community (RFC-4360), an 8 octet value, 6 value octets are specified here. The 2 octet type is part of the set extended community action. The following formats are accepted:
a) A.B.C.D:EF b) EF:GHJK c) GHJK:EF
A.B.C.D: Four Byte IP EF: Two byte ASN (in decimal) GHJK: Four-byte ASN (in decimal)
Must be one of the following types:
(0) string (required)
A text value.
Must be <ipv4-address>:<uint16>
(1) string (required)
A text value.
Must be <uint16>:<uint32>
(2) string (required)
A text value.
Must be <uint32>:<uint16>
configure authority router routing vrf routing-protocol address-family vpn-export vpn-export-route-target
Route Target list for vpn export
Usage
configure authority router routing vrf routing-protocol address-family vpn-export vpn-export-route-target [<set-extended-community>]
Positional Arguments
name | description |
---|---|
set-extended-community | Value to add to this list |
Description
set-extended-community (union) (required)
A BGP extended community (RFC-4360), an 8 octet value, 6 value octets are specified here. The 2 octet type is part of the set extended community action. The following formats are accepted:
a) A.B.C.D:EF b) EF:GHJK c) GHJK:EF
A.B.C.D: Four Byte IP EF: Two byte ASN (in decimal) GHJK: Four-byte ASN (in decimal)
Must be one of the following types:
(0) string (required)
A text value.
Must be <ipv4-address>:<uint16>
(1) string (required)
A text value.
Must be <uint16>:<uint32>
(2) string (required)
A text value.
Must be <uint32>:<uint16>
configure authority router routing vrf routing-protocol address-family vpn-import
Configure Vpn Import
Subcommands
command | description |
---|---|
delete | Delete configuration data |
import-policy | Export policy for vpn import |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'vpn-import' |
vpn-import-route-target | Route Target list for vpn import |
configure authority router routing vrf routing-protocol address-family vpn-import import-policy
Export policy for vpn import
Usage
configure authority router routing vrf routing-protocol address-family vpn-import import-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing vrf routing-protocol address-family vpn-import vpn-import-route-target
Route Target list for vpn import
Usage
configure authority router routing vrf routing-protocol address-family vpn-import vpn-import-route-target [<set-extended-community>]
Positional Arguments
name | description |
---|---|
set-extended-community | Value to add to this list |
Description
set-extended-community (union) (required)
A BGP extended community (RFC-4360), an 8 octet value, 6 value octets are specified here. The 2 octet type is part of the set extended community action. The following formats are accepted:
a) A.B.C.D:EF b) EF:GHJK c) GHJK:EF
A.B.C.D: Four Byte IP EF: Two byte ASN (in decimal) GHJK: Four-byte ASN (in decimal)
Must be one of the following types:
(0) string (required)
A text value.
Must be <ipv4-address>:<uint16>
(1) string (required)
A text value.
Must be <uint16>:<uint32>
(2) string (required)
A text value.
Must be <uint32>:<uint16>
configure authority router routing vrf routing-protocol cluster-id
Route reflector cluster id.
Usage
configure authority router routing vrf routing-protocol cluster-id [<ipv4-address>]
Positional Arguments
name | description |
---|---|
ipv4-address | The value to set for this field |
Description
ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
configure authority router routing vrf routing-protocol conditional-advertisement
Configure Conditional Advertisement
Subcommands
command | description |
---|---|
delete | Delete configuration data |
interval-time | Conditional advertisement scanner process interval time. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'conditional-advertisement' |
configure authority router routing vrf routing-protocol conditional-advertisement interval-time
Conditional advertisement scanner process interval time.
Usage
configure authority router routing vrf routing-protocol conditional-advertisement interval-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 60
uint16
An unsigned 16-bit integer.
Range: 5-240
configure authority router routing vrf routing-protocol confederation
Configuration options specifying parameters when the local router is within an autonomous system which is part of a BGP confederation.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
identifier | Confederation identifier for the autonomous system. |
member-as | Remote autonomous systems that are to be treated as part of the local confederation. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'confederation' |
configure authority router routing vrf routing-protocol confederation identifier
Confederation identifier for the autonomous system.
Usage
configure authority router routing vrf routing-protocol confederation identifier [<as-number>]
Positional Arguments
name | description |
---|---|
as-number | The value to set for this field |
Description
as-number (uint32)
The as-number type represents autonomous system numbers which identify an Autonomous System (AS). An AS is a set of routers under a single technical administration, using an interior gateway protocol and common metrics to route packets within the AS, and using an exterior gateway protocol to route packets to other ASs'. IANA maintains the AS number space and has delegated large parts to the regional registries.
Autonomous system numbers were originally limited to 16 bits. BGP extensions have enlarged the autonomous system number space to 32 bits. This type therefore uses an uint32 base type without a range restriction in order to support a larger autonomous system number space.
In the value set and its semantics, this type is equivalent to the InetAutonomousSystemNumber textual convention of the SMIv2.
configure authority router routing vrf routing-protocol confederation member-as
Remote autonomous systems that are to be treated as part of the local confederation.
Usage
configure authority router routing vrf routing-protocol confederation member-as [<as-number>]
Positional Arguments
name | description |
---|---|
as-number | Value to add to this list |
Description
as-number (uint32)
The as-number type represents autonomous system numbers which identify an Autonomous System (AS). An AS is a set of routers under a single technical administration, using an interior gateway protocol and common metrics to route packets within the AS, and using an exterior gateway protocol to route packets to other ASs'. IANA maintains the AS number space and has delegated large parts to the regional registries.
Autonomous system numbers were originally limited to 16 bits. BGP extensions have enlarged the autonomous system number space to 32 bits. This type therefore uses an uint32 base type without a range restriction in order to support a larger autonomous system number space.
In the value set and its semantics, this type is equivalent to the InetAutonomousSystemNumber textual convention of the SMIv2.
configure authority router routing vrf routing-protocol description
Textual description of the routing protocol instance.
Usage
configure authority router routing vrf routing-protocol description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router routing vrf routing-protocol graceful-restart
Configuration parameters relating to BGP graceful restart.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
mode | Graceful restart mode. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
restart-time | Estimated time for the local BGP speaker to restart a session. This value is advertised in the graceful restart BGP capability. This is a 12-bit value, referred to as Restart Time in RFC4724. Per RFC4724, the suggested default value is less than or equal to the hold-time value. |
select-delay-time | After GR restart and reconnect with a GR helper peer, this is the minimum time to delay the best route selection process and sending the initial End-of-RIB to all BGP neighbors. This is the minimum of the currently unexposed selection deferral timer (RFC-4724) where that timer is a maximum and currently hard- coded to 360 seconds. |
show | Show configuration data for 'graceful-restart' |
stale-routes-time | An upper-bound on the time that the stale routes will be retained by a router after a session is restarted or 0 to disable. If an End-of-RIB (EOR) marker is received prior to this timer expiring stale-routes will be flushed upon its receipt - if no EOR is received, then when this timer expires stale paths will be purged. This timer is referred to as the Selection_Deferral_Timer in RFC4724 |
configure authority router routing vrf routing-protocol graceful-restart mode
Graceful restart mode.
Usage
configure authority router routing vrf routing-protocol graceful-restart mode [<graceful-restart-mode>]
Positional Arguments
name | description |
---|---|
graceful-restart-mode | The value to set for this field |
Description
Default: helper
graceful-restart-mode (enumeration)
configure BGP graceful restart mode [rfc4724]
Options:
- enable: enable graceful restart and helper mode
- helper: enable graceful restart helper mode only
- disable: disable graceful restart
configure authority router routing vrf routing-protocol graceful-restart restart-time
Estimated time for the local BGP speaker to restart a session. This value is advertised in the graceful restart BGP capability. This is a 12-bit value, referred to as Restart Time in RFC4724. Per RFC4724, the suggested default value is less than or equal to the hold-time value.
Usage
configure authority router routing vrf routing-protocol graceful-restart restart-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 120
uint16
An unsigned 16-bit integer.
Range: 1-4095
configure authority router routing vrf routing-protocol graceful-restart select-delay-time
After GR restart and reconnect with a GR helper peer, this is the minimum time to delay the best route selection process and sending the initial End-of-RIB to all BGP neighbors. This is the minimum of the currently unexposed selection deferral timer (RFC-4724) where that timer is a maximum and currently hard- coded to 360 seconds.
Usage
configure authority router routing vrf routing-protocol graceful-restart select-delay-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 0
uint16
An unsigned 16-bit integer.
Range: 0-360
configure authority router routing vrf routing-protocol graceful-restart stale-routes-time
An upper-bound on the time that the stale routes will be retained by a router after a session is restarted or 0 to disable. If an End-of-RIB (EOR) marker is received prior to this timer expiring stale-routes will be flushed upon its receipt - if no EOR is received, then when this timer expires stale paths will be purged. This timer is referred to as the Selection_Deferral_Timer in RFC4724
Usage
configure authority router routing vrf routing-protocol graceful-restart stale-routes-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 360
uint16
An unsigned 16-bit integer.
Range: 0-3600
configure authority router routing vrf routing-protocol local-as
Local autonomous system number of the router. Uses the 32-bit as-number type from the model in RFC 6991.
Usage
configure authority router routing vrf routing-protocol local-as [<as-number>]
Positional Arguments
name | description |
---|---|
as-number | The value to set for this field |
Description
as-number (uint32)
The as-number type represents autonomous system numbers which identify an Autonomous System (AS). An AS is a set of routers under a single technical administration, using an interior gateway protocol and common metrics to route packets within the AS, and using an exterior gateway protocol to route packets to other ASs'. IANA maintains the AS number space and has delegated large parts to the regional registries.
Autonomous system numbers were originally limited to 16 bits. BGP extensions have enlarged the autonomous system number space to 32 bits. This type therefore uses an uint32 base type without a range restriction in order to support a larger autonomous system number space.
In the value set and its semantics, this type is equivalent to the InetAutonomousSystemNumber textual convention of the SMIv2.
configure authority router routing vrf routing-protocol neighbor
List of BGP neighbors configured on the local system, uniquely identified by neighbor IPv[46] address
Usage
configure authority router routing vrf routing-protocol neighbor <neighbor-address>
Positional Arguments
name | description |
---|---|
neighbor-address | IP address of the BGP neighbor |
Subcommands
command | description |
---|---|
address-family | Address family configuration |
auth-password | Configures an MD5 authentication password for use with neighboring devices. |
bfd | BFD Client Configuration. |
clone | Clone a list item |
delete | Delete configuration data |
description | An optional textual description (intended primarily for use with a neighbor or group |
graceful-restart | Configuration parameters relating to BGP neighbor graceful restart. If not explicitly configured, neighbor inherits from BGP instance. |
local-as | The local autonomous system number that is to be used when establishing sessions with the remote neighbor or neighbor group, if this differs from the global BGP router autonomous system number. |
multihop | Configuration parameters specifying the multihop behaviour for BGP sessions to the neighbor |
negotiate-capabilities | If set to false, suppress sending the Capabilities Optional Parameter in the BGP OPEN message. |
neighbor-address | IP address of the BGP neighbor |
neighbor-as | AS number of the neighbor. |
neighbor-policy | Configure Neighbor Policy |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'neighbor' |
shutdown | If set to true, the neighbors connection will not come up. |
timers | Config parameters related to timers associated with the BGP neighbor |
transport | Configuration parameters relating to the transport protocol used by the BGP session to the neighbor |
configure authority router routing vrf routing-protocol neighbor address-family
Address family configuration
Usage
configure authority router routing vrf routing-protocol neighbor address-family <afi-safi>
Positional Arguments
name | description |
---|---|
afi-safi | Address family type |
Subcommands
command | description |
---|---|
activate | Activate address family for neighbor |
afi-safi | Address family type |
as-path-options | Configuration parameters allowing manipulation of the AS_PATH attribute for this address family |
conditional-advertisement | Configure Conditional Advertisement |
delete | Delete configuration data |
neighbor-policy | Configure Neighbor Policy |
next-hop-self | Sets the router as the next hop for this neighbor and this address family |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
prefix-limit | Configure the maximum number of prefixes that will be accepted from a neighbor for this address family |
remove-private-as | Modify private AS numbers in updates sent to neighbors for this address family. |
route-reflector | Route reflector client configuration |
send-default-route | If set to true, generate and send the default-route for this address-family to the neighbor |
show | Show configuration data for 'address-family' |
configure authority router routing vrf routing-protocol neighbor address-family activate
Activate address family for neighbor
Usage
configure authority router routing vrf routing-protocol neighbor address-family activate [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router routing vrf routing-protocol neighbor address-family afi-safi
Address family type
Usage
configure authority router routing vrf routing-protocol neighbor address-family afi-safi [<identityref>]
Positional Arguments
name | description |
---|---|
identityref | The value to set for this field |
Description
identityref
A value from a set of predefined names.
Options:
- ipv4-unicast: IPv4 unicast (AFI,SAFI = 1,1)
- ipv6-unicast: IPv6 unicast (AFI,SAFI = 2,1)
- ipv4-vpn: IPv4 vpn (AFI,SAFI = 1,128)
- ipv6-vpn: IPv6 vpn (AFI,SAFI = 2,128)
configure authority router routing vrf routing-protocol neighbor address-family as-path-options
Configuration parameters allowing manipulation of the AS_PATH attribute for this address family
Subcommands
command | description |
---|---|
allow-own-as | Specify the number of occurrences of the local BGP speaker's AS that can occur within the AS_PATH before it is rejected for this address family. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'as-path-options' |
configure authority router routing vrf routing-protocol neighbor address-family as-path-options allow-own-as
Specify the number of occurrences of the local BGP speaker's AS that can occur within the AS_PATH before it is rejected for this address family.
Usage
configure authority router routing vrf routing-protocol neighbor address-family as-path-options allow-own-as [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
uint8
An unsigned 8-bit integer.
Range: 0-255
configure authority router routing vrf routing-protocol neighbor address-family conditional-advertisement
Configure Conditional Advertisement
Subcommands
command | description |
---|---|
advertisement-policy | A policy selecting routes to conditionally advertise. |
delete | Delete configuration data |
exist-policy | If this policy matches any BGP route, advertise the routes matched by advertisement-policy, otherwise do not advertise the routes matched by advertisement-policy. |
non-exist-policy | If this policy does not match any BGP route, advertise the routes matched by advertisement-policy, otherwise do not advertise the routes matched by advertisement-policy. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'conditional-advertisement' |
configure authority router routing vrf routing-protocol neighbor address-family conditional-advertisement advertisement-policy
A policy selecting routes to conditionally advertise.
Usage
configure authority router routing vrf routing-protocol neighbor address-family conditional-advertisement advertisement-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref) (required)
A reference to an existing value in the instance data.
configure authority router routing vrf routing-protocol neighbor address-family conditional-advertisement exist-policy
If this policy matches any BGP route, advertise the routes matched by advertisement-policy, otherwise do not advertise the routes matched by advertisement-policy.
Usage
configure authority router routing vrf routing-protocol neighbor address-family conditional-advertisement exist-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing vrf routing-protocol neighbor address-family conditional-advertisement non-exist-policy
If this policy does not match any BGP route, advertise the routes matched by advertisement-policy, otherwise do not advertise the routes matched by advertisement-policy.
Usage
configure authority router routing vrf routing-protocol neighbor address-family conditional-advertisement non-exist-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing vrf routing-protocol neighbor address-family neighbor-policy
Configure Neighbor Policy
Subcommands
command | description |
---|---|
delete | Delete configuration data |
inbound-policy | A policy to apply to the NLRIs inbound from this neighbor. |
outbound-policy | A policy to apply to the NLRIs outbound to this neighbor. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'neighbor-policy' |
configure authority router routing vrf routing-protocol neighbor address-family neighbor-policy inbound-policy
A policy to apply to the NLRIs inbound from this neighbor.
Usage
configure authority router routing vrf routing-protocol neighbor address-family neighbor-policy inbound-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing vrf routing-protocol neighbor address-family neighbor-policy outbound-policy
A policy to apply to the NLRIs outbound to this neighbor.
Usage
configure authority router routing vrf routing-protocol neighbor address-family neighbor-policy outbound-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing vrf routing-protocol neighbor address-family next-hop-self
Sets the router as the next hop for this neighbor and this address family
Usage
configure authority router routing vrf routing-protocol neighbor address-family next-hop-self [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing vrf routing-protocol neighbor address-family prefix-limit
Configure the maximum number of prefixes that will be accepted from a neighbor for this address family
Subcommands
command | description |
---|---|
delete | Delete configuration data |
max-prefixes | Maximum number of prefixes that will be accepted from the neighbor for this address family |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
restart-timer | Time interval after which the BGP session is re-established after being torn down due to exceeding the max-prefix limit for this adddress family. |
show | Show configuration data for 'prefix-limit' |
shutdown-threshold-pct | Threshold on number of prefixes that can be received from a neighbor for this address family before generation of warning messages or log entries. |
configure authority router routing vrf routing-protocol neighbor address-family prefix-limit max-prefixes
Maximum number of prefixes that will be accepted from the neighbor for this address family
Usage
configure authority router routing vrf routing-protocol neighbor address-family prefix-limit max-prefixes [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: prefixes
uint32 (required)
An unsigned 32-bit integer.
configure authority router routing vrf routing-protocol neighbor address-family prefix-limit restart-timer
Time interval after which the BGP session is re-established after being torn down due to exceeding the max-prefix limit for this adddress family.
Usage
configure authority router routing vrf routing-protocol neighbor address-family prefix-limit restart-timer [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
uint16
An unsigned 16-bit integer.
Range: 1-65535
configure authority router routing vrf routing-protocol neighbor address-family prefix-limit shutdown-threshold-pct
Threshold on number of prefixes that can be received from a neighbor for this address family before generation of warning messages or log entries.
Usage
configure authority router routing vrf routing-protocol neighbor address-family prefix-limit shutdown-threshold-pct [<percentage>]
Positional Arguments
name | description |
---|---|
percentage | The value to set for this field |
Description
Units: percent
percentage (uint8)
Integer indicating a percentage value
Range: 0-100
configure authority router routing vrf routing-protocol neighbor address-family remove-private-as
Modify private AS numbers in updates sent to neighbors for this address family.
Usage
configure authority router routing vrf routing-protocol neighbor address-family remove-private-as [<remove-private-as-option>]
Positional Arguments
name | description |
---|---|
remove-private-as-option | The value to set for this field |
Description
remove-private-as-option (enumeration)
Set of options for configuring how private AS numbers are modified in advertised AS paths.
Options:
- all: Remove all private ASes in the AS path.
- replace-all: Replace all private ASes with the local AS.
- only: Remove private ASes only if the AS path contains just private ASes.
- replace-only: Replace private ASes with the local AS only if the AS path contains just private ASes.
- disable: Do not remove private ASes.
configure authority router routing vrf routing-protocol neighbor address-family route-reflector
Route reflector client configuration
Subcommands
command | description |
---|---|
client | Configure the neighbor as a route reflector client for this address family. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'route-reflector' |
configure authority router routing vrf routing-protocol neighbor address-family route-reflector client
Configure the neighbor as a route reflector client for this address family.
Usage
configure authority router routing vrf routing-protocol neighbor address-family route-reflector client [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing vrf routing-protocol neighbor address-family send-default-route
If set to true, generate and send the default-route for this address-family to the neighbor
Usage
configure authority router routing vrf routing-protocol neighbor address-family send-default-route [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing vrf routing-protocol neighbor auth-password
Configures an MD5 authentication password for use with neighboring devices.
Usage
configure authority router routing vrf routing-protocol neighbor auth-password [<password>]
Positional Arguments
name | description |
---|---|
password | The value to set for this field |
Description
password (string)
A password type that is hidden from the UI. The internal storage format is dependent on the individual field.
configure authority router routing vrf routing-protocol neighbor bfd
BFD Client Configuration.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
desired-tx-interval | The minimum transmission interval in milliseconds used to send BFD control packets. |
enable | Enable/Disable BFD protocol |
multiplier | The number of BFD packets that can be lost without the BFD session declared as down. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
required-min-rx-interval | Represents the minimum interval between BFD asynchronous control packets that this router is capable of supporting. |
show | Show configuration data for 'bfd' |
configure authority router routing vrf routing-protocol neighbor bfd desired-tx-interval
The minimum transmission interval in milliseconds used to send BFD control packets.
Usage
configure authority router routing vrf routing-protocol neighbor bfd desired-tx-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
uint16
An unsigned 16-bit integer.
Range: 50-60000
configure authority router routing vrf routing-protocol neighbor bfd enable
Enable/Disable BFD protocol
Usage
configure authority router routing vrf routing-protocol neighbor bfd enable [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing vrf routing-protocol neighbor bfd multiplier
The number of BFD packets that can be lost without the BFD session declared as down.
Usage
configure authority router routing vrf routing-protocol neighbor bfd multiplier [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 3
uint8
An unsigned 8-bit integer.
Range: 2-255
configure authority router routing vrf routing-protocol neighbor bfd required-min-rx-interval
Represents the minimum interval between BFD asynchronous control packets that this router is capable of supporting.
Usage
configure authority router routing vrf routing-protocol neighbor bfd required-min-rx-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: milliseconds
Default: 1000
uint16
An unsigned 16-bit integer.
Range: 50-60000
configure authority router routing vrf routing-protocol neighbor description
An optional textual description (intended primarily for use with a neighbor or group
Usage
configure authority router routing vrf routing-protocol neighbor description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router routing vrf routing-protocol neighbor graceful-restart
Configuration parameters relating to BGP neighbor graceful restart. If not explicitly configured, neighbor inherits from BGP instance.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
mode | Graceful restart mode. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'graceful-restart' |
configure authority router routing vrf routing-protocol neighbor graceful-restart mode
Graceful restart mode.
Usage
configure authority router routing vrf routing-protocol neighbor graceful-restart mode [<graceful-restart-mode>]
Positional Arguments
name | description |
---|---|
graceful-restart-mode | The value to set for this field |
Description
graceful-restart-mode (enumeration)
configure BGP graceful restart mode [rfc4724]
Options:
- enable: enable graceful restart and helper mode
- helper: enable graceful restart helper mode only
- disable: disable graceful restart
configure authority router routing vrf routing-protocol neighbor local-as
The local autonomous system number that is to be used when establishing sessions with the remote neighbor or neighbor group, if this differs from the global BGP router autonomous system number.
Usage
configure authority router routing vrf routing-protocol neighbor local-as [<as-number>]
Positional Arguments
name | description |
---|---|
as-number | The value to set for this field |
Description
as-number (uint32)
The as-number type represents autonomous system numbers which identify an Autonomous System (AS). An AS is a set of routers under a single technical administration, using an interior gateway protocol and common metrics to route packets within the AS, and using an exterior gateway protocol to route packets to other ASs'. IANA maintains the AS number space and has delegated large parts to the regional registries.
Autonomous system numbers were originally limited to 16 bits. BGP extensions have enlarged the autonomous system number space to 32 bits. This type therefore uses an uint32 base type without a range restriction in order to support a larger autonomous system number space.
In the value set and its semantics, this type is equivalent to the InetAutonomousSystemNumber textual convention of the SMIv2.
configure authority router routing vrf routing-protocol neighbor multihop
Configuration parameters specifying the multihop behaviour for BGP sessions to the neighbor
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'multihop' |
ttl | Time-to-live value to use when packets are sent to the referenced group or neighbors and ebgp-multihop is enabled |
configure authority router routing vrf routing-protocol neighbor multihop ttl
Time-to-live value to use when packets are sent to the referenced group or neighbors and ebgp-multihop is enabled
Usage
configure authority router routing vrf routing-protocol neighbor multihop ttl [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing vrf routing-protocol neighbor negotiate-capabilities
If set to false, suppress sending the Capabilities Optional Parameter in the BGP OPEN message.
Usage
configure authority router routing vrf routing-protocol neighbor negotiate-capabilities [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router routing vrf routing-protocol neighbor neighbor-address
IP address of the BGP neighbor
Usage
configure authority router routing vrf routing-protocol neighbor neighbor-address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router routing vrf routing-protocol neighbor neighbor-as
AS number of the neighbor.
Usage
configure authority router routing vrf routing-protocol neighbor neighbor-as [<as-number>]
Positional Arguments
name | description |
---|---|
as-number | The value to set for this field |
Description
as-number (uint32) (required)
The as-number type represents autonomous system numbers which identify an Autonomous System (AS). An AS is a set of routers under a single technical administration, using an interior gateway protocol and common metrics to route packets within the AS, and using an exterior gateway protocol to route packets to other ASs'. IANA maintains the AS number space and has delegated large parts to the regional registries.
Autonomous system numbers were originally limited to 16 bits. BGP extensions have enlarged the autonomous system number space to 32 bits. This type therefore uses an uint32 base type without a range restriction in order to support a larger autonomous system number space.
In the value set and its semantics, this type is equivalent to the InetAutonomousSystemNumber textual convention of the SMIv2.
configure authority router routing vrf routing-protocol neighbor neighbor-policy
Configure Neighbor Policy
Subcommands
command | description |
---|---|
delete | Delete configuration data |
inbound-policy | A policy to apply to the NLRIs inbound from this neighbor. |
outbound-policy | A policy to apply to the NLRIs outbound to this neighbor. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'neighbor-policy' |
configure authority router routing vrf routing-protocol neighbor neighbor-policy inbound-policy
A policy to apply to the NLRIs inbound from this neighbor.
Usage
configure authority router routing vrf routing-protocol neighbor neighbor-policy inbound-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing vrf routing-protocol neighbor neighbor-policy outbound-policy
A policy to apply to the NLRIs outbound to this neighbor.
Usage
configure authority router routing vrf routing-protocol neighbor neighbor-policy outbound-policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing vrf routing-protocol neighbor shutdown
If set to true, the neighbors connection will not come up.
Usage
configure authority router routing vrf routing-protocol neighbor shutdown [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing vrf routing-protocol neighbor timers
Config parameters related to timers associated with the BGP neighbor
Subcommands
command | description |
---|---|
connect-retry | Time interval between attempts to establish a session with the neighbor. |
delete | Delete configuration data |
hold-time | Time interval that a BGP session will be considered active in the absence of keepalive or other messages from the neighbor. The hold-time is typically set to 3x the keepalive-interval. |
keepalive-interval | Time interval between transmission of keepalive messages to the neighbor. Must be set to 1/3 the hold-time or smaller. |
minimum-advertisement-interval | Minimum time which must elapse between subsequent UPDATE messages relating to a common set of NLRI being transmitted to a neighbor. This timer is referred to as MinRouteAdvertisementIntervalTimer by RFC 4721 and serves to reduce the number of UPDATE messages transmitted when a particular set of NLRI exhibit instability. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'timers' |
configure authority router routing vrf routing-protocol neighbor timers connect-retry
Time interval between attempts to establish a session with the neighbor.
Usage
configure authority router routing vrf routing-protocol neighbor timers connect-retry [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 30
uint16
An unsigned 16-bit integer.
Range: 0-65535
configure authority router routing vrf routing-protocol neighbor timers hold-time
Time interval that a BGP session will be considered active in the absence of keepalive or other messages from the neighbor. The hold-time is typically set to 3x the keepalive-interval.
Usage
configure authority router routing vrf routing-protocol neighbor timers hold-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
uint16
An unsigned 16-bit integer.
Range: 0,3-65535
configure authority router routing vrf routing-protocol neighbor timers keepalive-interval
Time interval between transmission of keepalive messages to the neighbor. Must be set to 1/3 the hold-time or smaller.
Usage
configure authority router routing vrf routing-protocol neighbor timers keepalive-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
uint16
An unsigned 16-bit integer.
Range: 0-65535
configure authority router routing vrf routing-protocol neighbor timers minimum-advertisement-interval
Minimum time which must elapse between subsequent UPDATE messages relating to a common set of NLRI being transmitted to a neighbor. This timer is referred to as MinRouteAdvertisementIntervalTimer by RFC 4721 and serves to reduce the number of UPDATE messages transmitted when a particular set of NLRI exhibit instability.
Usage
configure authority router routing vrf routing-protocol neighbor timers minimum-advertisement-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 30
uint16
An unsigned 16-bit integer.
Range: 0-600
configure authority router routing vrf routing-protocol neighbor transport
Configuration parameters relating to the transport protocol used by the BGP session to the neighbor
Subcommands
command | description |
---|---|
bgp-service-generation | Approach used for generating a BGP service and service routes to enable SVR transport for the BGP session with the neighbor. |
delete | Delete configuration data |
local-address | Set the source IP address to be used for the BGP peering session. This must be expressed as a reference to the name of a routing interface or network interface. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
passive-mode | Wait for neighbors to issue requests to open a BGP session, rather than initiating sessions from the local router. |
show | Show configuration data for 'transport' |
configure authority router routing vrf routing-protocol neighbor transport bgp-service-generation
Approach used for generating a BGP service and service routes to enable SVR transport for the BGP session with the neighbor.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
disabled | Do not generate a BGP service or service routes. |
neighbor-vrf | Name of the neighbor's VRF in which the peer BGP instance resides. Can be 'default'. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
same-neighbor-vrf | Generate BGP service if there is a matching peer with a BGP instance within the same VRF. |
show | Show configuration data for 'bgp-service-generation' |
configure authority router routing vrf routing-protocol neighbor transport bgp-service-generation disabled
Do not generate a BGP service or service routes.
Usage
configure authority router routing vrf routing-protocol neighbor transport bgp-service-generation disabled
Description
empty
Has no value.
configure authority router routing vrf routing-protocol neighbor transport bgp-service-generation neighbor-vrf
Name of the neighbor's VRF in which the peer BGP instance resides. Can be 'default'.
Usage
configure authority router routing vrf routing-protocol neighbor transport bgp-service-generation neighbor-vrf [<vrf-name-or-default-vrf>]
Positional Arguments
name | description |
---|---|
vrf-name-or-default-vrf | The value to set for this field |
Description
vrf-name-or-default-vrf (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 15 characters, and cannot be the words 'all', 'any', or 'unknown'.
Must contain only alphanumeric characters or any of the following: _ - Length: 1-15
configure authority router routing vrf routing-protocol neighbor transport bgp-service-generation same-neighbor-vrf
Generate BGP service if there is a matching peer with a BGP instance within the same VRF.
Usage
configure authority router routing vrf routing-protocol neighbor transport bgp-service-generation same-neighbor-vrf
Description
empty
Has no value.
configure authority router routing vrf routing-protocol neighbor transport local-address
Set the source IP address to be used for the BGP peering session. This must be expressed as a reference to the name of a routing interface or network interface.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
interface | Network interface name |
node | Interface node name |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
routing-interface | Configure Routing Interface |
show | Show configuration data for 'local-address' |
configure authority router routing vrf routing-protocol neighbor transport local-address interface
Network interface name
Usage
configure authority router routing vrf routing-protocol neighbor transport local-address interface [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref (required)
A reference to an existing value in the instance data.
configure authority router routing vrf routing-protocol neighbor transport local-address node
Interface node name
Usage
configure authority router routing vrf routing-protocol neighbor transport local-address node [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref (required)
A reference to an existing value in the instance data.
configure authority router routing vrf routing-protocol neighbor transport local-address routing-interface
Configure Routing Interface
Usage
configure authority router routing vrf routing-protocol neighbor transport local-address routing-interface [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing vrf routing-protocol neighbor transport passive-mode
Wait for neighbors to issue requests to open a BGP session, rather than initiating sessions from the local router.
Usage
configure authority router routing vrf routing-protocol neighbor transport passive-mode [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing vrf routing-protocol redistribute
List of routing protocols to redistribute into BGP
Usage
configure authority router routing vrf routing-protocol redistribute <protocol>
Positional Arguments
name | description |
---|---|
protocol | The routing protocol to redistribute into BGP |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
policy | A policy to apply to the redistributed route |
protocol | The routing protocol to redistribute into BGP |
show | Show configuration data for 'redistribute' |
configure authority router routing vrf routing-protocol redistribute policy
A policy to apply to the redistributed route
Usage
configure authority router routing vrf routing-protocol redistribute policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority router routing vrf routing-protocol redistribute protocol
The routing protocol to redistribute into BGP
Usage
configure authority router routing vrf routing-protocol redistribute protocol [<redistribute-into-bgp>]
Positional Arguments
name | description |
---|---|
redistribute-into-bgp | The value to set for this field |
Description
redistribute-into-bgp (enumeration)
A value from a set of predefined names.
Options:
- connected: Interface routes
- service: Service routes
- static: Static routes
- ospf: OSPF routes
configure authority router routing vrf routing-protocol route-reflector-allow-outbound-policy
Apply outbound policy on route reflector clients.
Usage
configure authority router routing vrf routing-protocol route-reflector-allow-outbound-policy [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing vrf routing-protocol route-selection-options
Set of configuration options that govern best path selection.
Subcommands
command | description |
---|---|
always-compare-med | Compare multi-exit discriminator (MED) value from different ASes when selecting the best route. The default behavior is to only compare MEDs for paths received from the same AS. |
delete | Delete configuration data |
external-compare-router-id | When comparing similar routes received from external BGP neighbors, use the router-id as a criterion to select the active path. |
ignore-as-path-length | Ignore the AS path length when selecting the best path. The default is to use the AS path length and prefer paths with shorter length. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'route-selection-options' |
configure authority router routing vrf routing-protocol route-selection-options always-compare-med
Compare multi-exit discriminator (MED) value from different ASes when selecting the best route. The default behavior is to only compare MEDs for paths received from the same AS.
Usage
configure authority router routing vrf routing-protocol route-selection-options always-compare-med [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing vrf routing-protocol route-selection-options external-compare-router-id
When comparing similar routes received from external BGP neighbors, use the router-id as a criterion to select the active path.
Usage
configure authority router routing vrf routing-protocol route-selection-options external-compare-router-id [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router routing vrf routing-protocol route-selection-options ignore-as-path-length
Ignore the AS path length when selecting the best path. The default is to use the AS path length and prefer paths with shorter length.
Usage
configure authority router routing vrf routing-protocol route-selection-options ignore-as-path-length [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router routing vrf routing-protocol router-id
Router id of the router, expressed as an 32-bit value, IPv4 address.
Usage
configure authority router routing vrf routing-protocol router-id [<ipv4-address>]
Positional Arguments
name | description |
---|---|
ipv4-address | The value to set for this field |
Description
ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
configure authority router routing vrf routing-protocol timers
Config parameters related to timers associated with the BGP neighbor
Subcommands
command | description |
---|---|
delete | Delete configuration data |
hold-time | Time interval that a BGP session will be considered active in the absence of keepalive or other messages from the neighbor. The hold-time is typically set to 3x the keepalive-interval. |
keepalive-interval | Time interval between transmission of keepalive messages to the neighbor. Must be set to 1/3 the hold-time or smaller. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'timers' |
configure authority router routing vrf routing-protocol timers hold-time
Time interval that a BGP session will be considered active in the absence of keepalive or other messages from the neighbor. The hold-time is typically set to 3x the keepalive-interval.
Usage
configure authority router routing vrf routing-protocol timers hold-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 90
uint16
An unsigned 16-bit integer.
Range: 0,3-65535
configure authority router routing vrf routing-protocol timers keepalive-interval
Time interval between transmission of keepalive messages to the neighbor. Must be set to 1/3 the hold-time or smaller.
Usage
configure authority router routing vrf routing-protocol timers keepalive-interval [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 30
uint16
An unsigned 16-bit integer.
Range: 0-65535
configure authority router routing vrf routing-protocol type
Type of the routing protocol - an identity derived from the 'routing-protocol' base identity.
Usage
configure authority router routing vrf routing-protocol type [<identityref>]
Positional Arguments
name | description |
---|---|
identityref | The value to set for this field |
Description
identityref
A value from a set of predefined names.
Options:
- bgp: BGP routing protocol
configure authority router routing vrf service-admin-distance
Administrative distance for routes generated from services.
Usage
configure authority router routing vrf service-admin-distance [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 254
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing vrf static-route
A list of static routes. The sub-element that allows administrators to configure static routes, that will be entered into the SSR's Routing Information Base (RIB).
Usage
configure authority router routing vrf static-route <destination-prefix> <distance>
Positional Arguments
name | description |
---|---|
destination-prefix | IPv4 or IPv6 destination prefix that must be unicast. |
distance | Static route administrative distance. Used in calculating route preference when multiple possible paths exist learned via different sources. |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
description | Textual description of the route. |
destination-prefix | IPv4 or IPv6 destination prefix that must be unicast. |
distance | Static route administrative distance. Used in calculating route preference when multiple possible paths exist learned via different sources. |
next-hop | List of next-hops. An empty list creates a blackhole route. |
next-hop-interface | List of next-hop interfaces. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'static-route' |
configure authority router routing vrf static-route description
Textual description of the route.
Usage
configure authority router routing vrf static-route description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router routing vrf static-route destination-prefix
IPv4 or IPv6 destination prefix that must be unicast.
Usage
configure authority router routing vrf static-route destination-prefix [<unicast-ip-prefix>]
Positional Arguments
name | description |
---|---|
unicast-ip-prefix | The value to set for this field |
Description
unicast-ip-prefix (union)
A unicast IPv4 or IPv6 prefix
Must be one of the following types:
(0) unicast-ipv4-prefix (string)
A unicast IPv4 prefix
(1) unicast-ipv6-prefix (string)
A unicast IPv6 prefix
configure authority router routing vrf static-route distance
Static route administrative distance. Used in calculating route preference when multiple possible paths exist learned via different sources.
Usage
configure authority router routing vrf static-route distance [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
uint8
An unsigned 8-bit integer.
Range: 1-255
configure authority router routing vrf static-route next-hop
List of next-hops. An empty list creates a blackhole route.
Usage
configure authority router routing vrf static-route next-hop [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router routing vrf static-route next-hop-interface
List of next-hop interfaces.
Usage
configure authority router routing vrf static-route next-hop-interface <node> <interface>
Positional Arguments
name | description |
---|---|
node | Interface node name |
interface | Network interface name |
Subcommands
command | description |
---|---|
interface | Network interface name |
node | Interface node name |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'next-hop-interface' |
configure authority router routing vrf static-route next-hop-interface interface
Network interface name
Usage
configure authority router routing vrf static-route next-hop-interface interface [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing vrf static-route next-hop-interface node
Interface node name
Usage
configure authority router routing vrf static-route next-hop-interface node [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router routing vrf tenant-name
List of tenants in this VRF.
Usage
configure authority router routing vrf tenant-name [<tenant-ref>]
Positional Arguments
name | description |
---|---|
tenant-ref | Value to add to this list |
Description
tenant-ref (leafref)
This type is used by other entities that need to reference configured tenants.
configure authority router service-route
Defines a route for a service or an instance of a service (server or service agent).
Usage
configure authority router service-route <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary, unique name for the service route. |
Subcommands
command | description |
---|---|
bridge-name | EOSVR bridge to forward packets to for the service. |
clone | Clone a list item |
delete | Delete configuration data |
enable-failover | Enable failover across next-hops and service-routes that have this flag set. |
generated | Indicates whether or not the Service Route was automatically generated as a result of STEP topology builder, Conductor, BGP/SVR, or DHCP Relay services. |
host | Packets are passed to the host operating system for processing |
name | An arbitrary, unique name for the service route. |
nat-target | The address or fqdn of the server that packets are forwarded to for the service. The destination is natted to this address. |
next-hop | An instance of the nexthop for the service route. |
next-peer | Peer router to forward packets to for the service. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
peer | Peer router to forward packets to for the service. |
port-target | The port of the server that packets are forwarded to for the service. The destination is port natted to this port. If no value is specified, no translation occurs. |
reachability-detection | Configure Reachability Detection |
routing-stack | Packets are passed to the internal routing agent for processing |
routing-stack-vrf | VRF in which the internal routing agent will receive the packets |
service-name | The name of the service that this service route applies to. |
service-route-policy | Service Route Policy that applies to the service route. |
show | Show configuration data for 'service-route' |
use-bgp-over-svr | Combine BGP over SVR routes with local service routes. |
use-learned-routes | Use learned (from routing protocols), connected, and static routes. |
vector | Vector name to assign a cost to this service-route. |
configure authority router service-route bridge-name
EOSVR bridge to forward packets to for the service.
Usage
configure authority router service-route bridge-name [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router service-route enable-failover
Enable failover across next-hops and service-routes that have this flag set.
Usage
configure authority router service-route enable-failover [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router service-route generated
Indicates whether or not the Service Route was automatically generated as a result of STEP topology builder, Conductor, BGP/SVR, or DHCP Relay services.
Usage
configure authority router service-route generated [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
boolean
A true or false value.
Options: true or false
configure authority router service-route host
Packets are passed to the host operating system for processing
Usage
configure authority router service-route host <node-name>
Positional Arguments
name | description |
---|---|
node-name | The name of the node on which the host interface resides. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
move | Move list items |
node-name | The name of the node on which the host interface resides. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'host' |
target-address | The ipv4 address or fqdn of the server that packets are forwarded to for the service. The destination is natted to this address. |
configure authority router service-route host node-name
The name of the node on which the host interface resides.
Usage
configure authority router service-route host node-name [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router service-route host target-address
The ipv4 address or fqdn of the server that packets are forwarded to for the service. The destination is natted to this address.
Usage
configure authority router service-route host target-address [<hostv4>]
Positional Arguments
name | description |
---|---|
hostv4 | Value to add to this list |
Description
The order of elements matters.
hostv4 (union)
The host type represents either an IPv4 address or a DNS domain name.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router service-route name
An arbitrary, unique name for the service route.
Usage
configure authority router service-route name [<service-route-name>]
Positional Arguments
name | description |
---|---|
service-route-name | The value to set for this field |
Description
service-route-name (string)
A service route name identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 320 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-320
configure authority router service-route nat-target
The address or fqdn of the server that packets are forwarded to for the service. The destination is natted to this address.
Usage
configure authority router service-route nat-target [<host>]
Positional Arguments
name | description |
---|---|
host | The value to set for this field |
Description
host (union)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(2) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router service-route next-hop
An instance of the nexthop for the service route.
Usage
configure authority router service-route next-hop <node-name> <interface>
Positional Arguments
name | description |
---|---|
node-name | The name of the node on which the interface resides. |
interface | A reference to the name of a configured network layer interface used to reach the destination. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
gateway-ip | Gateway ip address of the service route nexthop. |
interface | A reference to the name of a configured network layer interface used to reach the destination. |
move | Move list items |
node-name | The name of the node on which the interface resides. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'next-hop' |
source-nat-pool | Apply source address (and optional port) translation for flows created towards the configured next-hop. This config will override any source-nat settings on the egress network-interface. |
target-address | Target addresses for the service route nexthop. |
vector | Vector name to assign a cost to this next-hop in service-route |
configure authority router service-route next-hop gateway-ip
Gateway ip address of the service route nexthop.
Usage
configure authority router service-route next-hop gateway-ip [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router service-route next-hop interface
A reference to the name of a configured network layer interface used to reach the destination.
Usage
configure authority router service-route next-hop interface [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router service-route next-hop node-name
The name of the node on which the interface resides.
Usage
configure authority router service-route next-hop node-name [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router service-route next-hop source-nat-pool
Apply source address (and optional port) translation for flows created towards the configured next-hop. This config will override any source-nat settings on the egress network-interface.
Usage
configure authority router service-route next-hop source-nat-pool [<nat-pool-ref>]
Positional Arguments
name | description |
---|---|
nat-pool-ref | The value to set for this field |
Description
nat-pool-ref (leafref)
This type is used by other entities that need to reference configured NAT pools.
configure authority router service-route next-hop target-address
Target addresses for the service route nexthop.
Usage
configure authority router service-route next-hop target-address [<host>]
Positional Arguments
name | description |
---|---|
host | Value to add to this list |
Description
The order of elements matters.
host (union)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(2) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router service-route next-hop vector
Vector name to assign a cost to this next-hop in service-route
Usage
configure authority router service-route next-hop vector [<vector-name>]
Positional Arguments
name | description |
---|---|
vector-name | The value to set for this field |
Description
vector-name (string)
A text value.
Must contain only alphanumeric characters or any of the following: . _ - Length: 0-63
configure authority router service-route next-peer
Peer router to forward packets to for the service.
Usage
configure authority router service-route next-peer [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | Value to add to this list |
Description
leafref
A reference to an existing value in the instance data.
configure authority router service-route peer
Peer router to forward packets to for the service.
Usage
configure authority router service-route peer [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router service-route port-target
The port of the server that packets are forwarded to for the service. The destination is port natted to this port. If no value is specified, no translation occurs.
Usage
configure authority router service-route port-target [<l4-port>]
Positional Arguments
name | description |
---|---|
l4-port | The value to set for this field |
Description
l4-port (uint16)
Transport (layer 4) port number.
Range: 0-65535
configure authority router service-route reachability-detection
Configure Reachability Detection
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
detection-window | Time window for aggregate stats calculation (max and mean) |
enabled | Whether reachability detection is enabled on this service-route. |
enforcement | Whether reachability detection is enforced on this service-route. |
hold-down | Hold-down time for when the path is determined down |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
probe | Configure Probe |
probe-type | The mode for performing probes in addition to reachability-detection enforcement |
reachability-profile | The reachability-profile to apply to this service-route |
show | Show configuration data for 'reachability-detection' |
configure authority router service-route reachability-detection detection-window
Time window for aggregate stats calculation (max and mean)
Usage
configure authority router service-route reachability-detection detection-window [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Units: seconds
Default: 5
uint8
An unsigned 8-bit integer.
Range: 5-60
configure authority router service-route reachability-detection enabled
Whether reachability detection is enabled on this service-route.
Usage
configure authority router service-route reachability-detection enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router service-route reachability-detection enforcement
Whether reachability detection is enforced on this service-route.
Usage
configure authority router service-route reachability-detection enforcement [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router service-route reachability-detection hold-down
Hold-down time for when the path is determined down
Usage
configure authority router service-route reachability-detection hold-down [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Units: seconds
Default: 5
uint8
An unsigned 8-bit integer.
Range: 5-60
configure authority router service-route reachability-detection probe
Configure Probe
Usage
configure authority router service-route reachability-detection probe <name>
Positional Arguments
name | description |
---|---|
name | Name of the probe |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Enable reachability probe |
icmp-probe-profile | The ICMP probe profile settings to use for this path |
name | Name of the probe |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'probe' |
configure authority router service-route reachability-detection probe enabled
Enable reachability probe
Usage
configure authority router service-route reachability-detection probe enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router service-route reachability-detection probe icmp-probe-profile
The ICMP probe profile settings to use for this path
Usage
configure authority router service-route reachability-detection probe icmp-probe-profile [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router service-route reachability-detection probe name
Name of the probe
Usage
configure authority router service-route reachability-detection probe name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router service-route reachability-detection probe-type
The mode for performing probes in addition to reachability-detection enforcement
Usage
configure authority router service-route reachability-detection probe-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: disabled
enumeration
A value from a set of predefined names.
Options:
- disabled: Ignore probe state and use organic traffic to determine path health
- always: Factor probe state into path health
configure authority router service-route reachability-detection reachability-profile
The reachability-profile to apply to this service-route
Usage
configure authority router service-route reachability-detection reachability-profile [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router service-route routing-stack
Packets are passed to the internal routing agent for processing
Usage
configure authority router service-route routing-stack
Description
empty
Has no value.
configure authority router service-route routing-stack-vrf
VRF in which the internal routing agent will receive the packets
Usage
configure authority router service-route routing-stack-vrf [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router service-route service-name
The name of the service that this service route applies to.
Usage
configure authority router service-route service-name [<service-name-ref>]
Positional Arguments
name | description |
---|---|
service-name-ref | The value to set for this field |
Description
service-name-ref (leafref) (required)
This type is used by other entities that need to reference configured services.
configure authority router service-route service-route-policy
Service Route Policy that applies to the service route.
Usage
configure authority router service-route service-route-policy [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router service-route use-bgp-over-svr
Combine BGP over SVR routes with local service routes.
Usage
configure authority router service-route use-bgp-over-svr
Description
empty
Has no value.
configure authority router service-route use-learned-routes
Use learned (from routing protocols), connected, and static routes.
Usage
configure authority router service-route use-learned-routes
Description
empty
Has no value.
configure authority router service-route vector
Vector name to assign a cost to this service-route.
Usage
configure authority router service-route vector [<vector-name>]
Positional Arguments
name | description |
---|---|
vector-name | The value to set for this field |
Description
vector-name (string)
A text value.
Must contain only alphanumeric characters or any of the following: . _ - Length: 0-63
configure authority router service-route-policy
Used to define the properties of service routes. These capabilities influence route selection when determining the optimal path for establishing new sessions.
Usage
configure authority router service-route-policy <name>
Positional Arguments
name | description |
---|---|
name | A unique name for the service route policy. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
description | A description for the service route policy. |
include-parent-routes | When true, the routes from the immediate parent service will be used in addition to those provisioned for the child service. By default, only provisioned routes for a child service is in use. |
max-sessions | Maximum number of active sessions. When configured, once the service-route using this service-route-policy reaches the configured threshold, no new sessions will be established until the rate drops below the configured value. |
name | A unique name for the service route policy. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
packet-replication | When true, packets will be replicated for all next-hops in the associated service-route. |
session-high-water-mark | Percentage of maximum sessions above which the route will no longer be considered for load balancing. |
session-low-water-mark | Percentage of maximum sessions below which the route will be reconsidered for load balancing. |
session-rate | Maximum rate in sessions per second. When configured, once the service-route using this service-route-policy reaches the configured rate limit threshold, no new sessions will be established until the rate drops below the configured value. |
show | Show configuration data for 'service-route-policy' |
configure authority router service-route-policy description
A description for the service route policy.
Usage
configure authority router service-route-policy description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router service-route-policy include-parent-routes
When true, the routes from the immediate parent service will be used in addition to those provisioned for the child service. By default, only provisioned routes for a child service is in use.
Usage
configure authority router service-route-policy include-parent-routes [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router service-route-policy max-sessions
Maximum number of active sessions. When configured, once the service-route using this service-route-policy reaches the configured threshold, no new sessions will be established until the rate drops below the configured value.
Usage
configure authority router service-route-policy max-sessions [<limit>]
Positional Arguments
name | description |
---|---|
limit | The value to set for this field |
Description
limit (union)
A type for defining values such as rates and capacities for which the default value is unlimited.
Must be one of the following types:
(0) uint64
An unsigned 64-bit integer.
Range: 0-999999999999
(1) enumeration
A value from a set of predefined names.
Options:
- unlimited: No limit on this value.
configure authority router service-route-policy name
A unique name for the service route policy.
Usage
configure authority router service-route-policy name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router service-route-policy packet-replication
When true, packets will be replicated for all next-hops in the associated service-route.
Usage
configure authority router service-route-policy packet-replication [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router service-route-policy session-high-water-mark
Percentage of maximum sessions above which the route will no longer be considered for load balancing.
Usage
configure authority router service-route-policy session-high-water-mark [<percentage>]
Positional Arguments
name | description |
---|---|
percentage | The value to set for this field |
Description
Units: percent
Default: 95
percentage (uint8)
Integer indicating a percentage value
Range: 0-100
configure authority router service-route-policy session-low-water-mark
Percentage of maximum sessions below which the route will be reconsidered for load balancing.
Usage
configure authority router service-route-policy session-low-water-mark [<percentage>]
Positional Arguments
name | description |
---|---|
percentage | The value to set for this field |
Description
Units: percent
Default: 90
percentage (uint8)
Integer indicating a percentage value
Range: 0-100
configure authority router service-route-policy session-rate
Maximum rate in sessions per second. When configured, once the service-route using this service-route-policy reaches the configured rate limit threshold, no new sessions will be established until the rate drops below the configured value.
Usage
configure authority router service-route-policy session-rate [<limit>]
Positional Arguments
name | description |
---|---|
limit | The value to set for this field |
Description
limit (union)
A type for defining values such as rates and capacities for which the default value is unlimited.
Must be one of the following types:
(0) uint64
An unsigned 64-bit integer.
Range: 0-999999999999
(1) enumeration
A value from a set of predefined names.
Options:
- unlimited: No limit on this value.
configure authority router session-records
Configure Session Records
Subcommands
command | description |
---|---|
delete | Delete configuration data |
include-error-records | Whether to enable session records for session errors; override the authority config. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'session-records' |
configure authority router session-records include-error-records
Whether to enable session records for session errors; override the authority config.
Usage
configure authority router session-records include-error-records [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
boolean
A true or false value.
Options: true or false
configure authority router static-hostname-mapping
Map hostnames to ip-address resolutions. These entries will be put in /etc/hosts. This will prevent DNS requests from being sent for these hostnames.
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'static-hostname-mapping' |
static-entry | Static hostname mapping entry. |
configure authority router static-hostname-mapping static-entry
Static hostname mapping entry.
Usage
configure authority router static-hostname-mapping static-entry <hostname>
Positional Arguments
name | description |
---|---|
hostname | Hostname to set the resolution for. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
hostname | Hostname to set the resolution for. |
ip-address | Ip-address for the corresponding hostname. |
move | Move list items |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'static-entry' |
configure authority router static-hostname-mapping static-entry hostname
Hostname to set the resolution for.
Usage
configure authority router static-hostname-mapping static-entry hostname [<domain-name-not-ipv4>]
Positional Arguments
name | description |
---|---|
domain-name-not-ipv4 | The value to set for this field |
Description
domain-name-not-ipv4 (string)
A subset of domain-name that are not IPv4 addresses
Length: 1-253
configure authority router static-hostname-mapping static-entry ip-address
Ip-address for the corresponding hostname.
Usage
configure authority router static-hostname-mapping static-entry ip-address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | Value to add to this list |
Description
The order of elements matters.
ip-address (union) (required)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string) (required)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string) (required)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router system
System group configuration. Lets administrators configure system-wide properties for their SSR deployment.
Subcommands
command | description |
---|---|
asset-connection-resiliency | Configure Asset Connection Resiliency |
audit | Configuration for audit events |
client-certificate | Contains the content of client certificates for this router. |
clone | Clone a list item |
contact | The administrator contact information for the system. |
delete | Delete configuration data |
inactivity-timer | The amount of time a user is allowed to be idle before being automatically disconnected from the system. |
local-login | Configure Local Login |
log-category | Log category configuration lets administrators configure the SSR's log level for specific log categories, overriding the default log-level setting. |
log-level | The log level is the degree to which the SSR writes information into its log files, by default. WARNING: using the 'trace' level will significantly impact system performance and is not recommended for production environments. The 'log-category' configuration should be used instead for 'trace' level of specific categories. |
metrics | Parameters controlling metric configuration and collection. Governs various aspects of the SSR's data sampling for analytics purposes. |
ntp | NTP configuration lets administrators configure information about the NTP servers within their management network. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
radius | Configure RADIUS |
remote-login | Configure Remote Login |
services | Address information for internal services |
show | Show configuration data for 'system' |
software-access | Configuration for SSR software access for this router. Supported on managed assets only. Any settings configured here will override the authority software access settings. |
software-update | Configuration for SSR software updates. Supported on managed assets only. |
syslog | Syslog configuration lets administrators configure the SSR's interaction with external syslog services. |
configure authority router system asset-connection-resiliency
Configure Asset Connection Resiliency
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Enable asset connection resiliency by creating SSH tunnels for asset connections from managed Router to Conductor. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'asset-connection-resiliency' |
configure authority router system asset-connection-resiliency enabled
Enable asset connection resiliency by creating SSH tunnels for asset connections from managed Router to Conductor.
Usage
configure authority router system asset-connection-resiliency enabled [<union>]
Positional Arguments
name | description |
---|---|
union | The value to set for this field |
Description
Default: use-authority-setting
union
A value that corresponds to one of its member types.
Must be one of the following types:
(0) boolean
A true or false value.
Options: true or false
(1) enumeration
A value from a set of predefined names.
Options:
- use-authority-setting: Use the authority wide asset connection resiliency state.
configure authority router system audit
Configuration for audit events
Subcommands
command | description |
---|---|
administration | Configure Administration |
clone | Clone a list item |
delete | Delete configuration data |
disk-full-action | Action to take when disk is full. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
remote-logging-server | Audit remote logging server using the auditd remote protocol. For standard syslog servers use the syslog server config instead. |
retention | How long events should be persisted. This includes the explicit events here as well as the the implicit alarm and provisioning events |
security | Configure Security |
show | Show configuration data for 'audit' |
system | Configuration for system events |
traffic | Configuration for traffic requests |
configure authority router system audit administration
Configure Administration
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Enable/disable logging of administration events |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
persist | Enable/disable persistence of administration events by SSR |
show | Show configuration data for 'administration' |
configure authority router system audit administration enabled
Enable/disable logging of administration events
Usage
configure authority router system audit administration enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router system audit administration persist
Enable/disable persistence of administration events by SSR
Usage
configure authority router system audit administration persist [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router system audit disk-full-action
Action to take when disk is full.
Usage
configure authority router system audit disk-full-action [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: ignore
enumeration
A value from a set of predefined names.
Options:
- halt: On failure halt the system.
- ignore: Ignore the failure.
configure authority router system audit remote-logging-server
Audit remote logging server using the auditd remote protocol. For standard syslog servers use the syslog server config instead.
Usage
configure authority router system audit remote-logging-server <address> <port>
Positional Arguments
name | description |
---|---|
address | The remote IP address or FQDN of the audit logging server. |
port | The remote port of the audit logging server. |
Subcommands
command | description |
---|---|
address | The remote IP address or FQDN of the audit logging server. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
port | The remote port of the audit logging server. |
show | Show configuration data for 'remote-logging-server' |
configure authority router system audit remote-logging-server address
The remote IP address or FQDN of the audit logging server.
Usage
configure authority router system audit remote-logging-server address [<host>]
Positional Arguments
name | description |
---|---|
host | The value to set for this field |
Description
host (union)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(2) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router system audit remote-logging-server port
The remote port of the audit logging server.
Usage
configure authority router system audit remote-logging-server port [<l4-port>]
Positional Arguments
name | description |
---|---|
l4-port | The value to set for this field |
Description
l4-port (uint16)
Transport (layer 4) port number.
Range: 0-65535
configure authority router system audit retention
How long events should be persisted. This includes the explicit events here as well as the the implicit alarm and provisioning events
Usage
configure authority router system audit retention [<duration>]
Positional Arguments
name | description |
---|---|
duration | The value to set for this field |
Description
Default: 180d
duration (string)
A simple time duration. Valid units are s - seconds, m - minutes, h - hours, and d - days: 5s, 10m, 24h, 15d
Must be a duration with units of seconds, minutes, hours, or days. e.g. 5s, 10m, 23h, 5d
configure authority router system audit security
Configure Security
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Enable/disable logging of security events |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
persist | Enable/disable persistence of security events by SSR |
show | Show configuration data for 'security' |
configure authority router system audit security enabled
Enable/disable logging of security events
Usage
configure authority router system audit security enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router system audit security persist
Enable/disable persistence of security events by SSR
Usage
configure authority router system audit security persist [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router system audit system
Configuration for system events
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Enable/disable logging of system events |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
persist | Enable/disable persistence of system events by SSR |
show | Show configuration data for 'system' |
configure authority router system audit system enabled
Enable/disable logging of system events
Usage
configure authority router system audit system enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router system audit system persist
Enable/disable persistence of system events by SSR
Usage
configure authority router system audit system persist [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router system audit traffic
Configuration for traffic requests
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Enable/disable logging of traffic requests |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
persist | Enable/disable persistence of traffic events by SSR |
show | Show configuration data for 'traffic' |
configure authority router system audit traffic enabled
Enable/disable logging of traffic requests
Usage
configure authority router system audit traffic enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router system audit traffic persist
Enable/disable persistence of traffic events by SSR
Usage
configure authority router system audit traffic persist [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router system client-certificate
Contains the content of client certificates for this router.
Usage
configure authority router system client-certificate <name>
Positional Arguments
name | description |
---|---|
name | An identifier for the client certificate. |
Subcommands
command | description |
---|---|
content | Client certificate content. |
delete | Delete configuration data |
name | An identifier for the client certificate. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'client-certificate' |
validation-mode | Router level Client certificate validation mode. |
configure authority router system client-certificate content
Client certificate content.
Usage
configure authority router system client-certificate content [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string (required)
A text value.
configure authority router system client-certificate name
An identifier for the client certificate.
Usage
configure authority router system client-certificate name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router system client-certificate validation-mode
Router level Client certificate validation mode.
Usage
configure authority router system client-certificate validation-mode [<certificate-validation-mode>]
Positional Arguments
name | description |
---|---|
certificate-validation-mode | The value to set for this field |
Description
certificate-validation-mode (enumeration)
Sets the mode of certificate validation
Options:
- strict: Reject insecure certificates during import.
- warn: Warn when importing insecure certificates
configure authority router system contact
The administrator contact information for the system.
Usage
configure authority router system contact [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router system inactivity-timer
The amount of time a user is allowed to be idle before being automatically disconnected from the system.
Usage
configure authority router system inactivity-timer [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 900
uint32
An unsigned 32-bit integer.
Range: 300-86400
configure authority router system local-login
Configure Local Login
Subcommands
command | description |
---|---|
delete | Delete configuration data |
netconf | Configure Netconf |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'local-login' |
configure authority router system local-login netconf
Configure Netconf
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
session-limit | Number of Netconf sessions permitted on the system. |
session-limit-action | Action performed when local session limit exceeded. |
show | Show configuration data for 'netconf' |
configure authority router system local-login netconf session-limit
Number of Netconf sessions permitted on the system.
Usage
configure authority router system local-login netconf session-limit [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 10
uint32
An unsigned 32-bit integer.
Range: 0-100
configure authority router system local-login netconf session-limit-action
Action performed when local session limit exceeded.
Usage
configure authority router system local-login netconf session-limit-action [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: issue-warning
enumeration
A value from a set of predefined names.
Options:
- no-action: Take no action.
- issue-warning: Log and issue warning to all current shell sessions that the session limit has been exceeded.
configure authority router system log-category
Log category configuration lets administrators configure the SSR's log level for specific log categories, overriding the default log-level setting.
Usage
configure authority router system log-category <name>
Positional Arguments
name | description |
---|---|
name | The log category. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
log-level | The log level setting for this category. |
name | The log category. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'log-category' |
configure authority router system log-category log-level
The log level setting for this category.
Usage
configure authority router system log-category log-level [<log-level>]
Positional Arguments
name | description |
---|---|
log-level | The value to set for this field |
Description
log-level (enumeration) (required)
Log levels
Options:
- fatal: Only record log messages with level "fatal" or higher.
- error: Only record log messages with level "error" or higher.
- warning: Only record log messages with level "warning" or higher.
- info: Only record log messages with level "info" or higher.
- debug: Only record log messages with level "debug" or higher.
- trace: Only record log messages with level "trace" or higher.
configure authority router system log-category name
The log category.
Usage
configure authority router system log-category name [<log-category>]
Positional Arguments
name | description |
---|---|
log-category | The value to set for this field |
Description
log-category (enumeration)
Log categories
Options:
- ATCS: Components related to the SSR Analytics Engine.
- CFGD: Components related to the SSR Configuration Engine.
- DATA: Components related to the configuration and state databases.
- DISC: Discovery-based components (except BFD). Today this is DHCP and ARP.
- USER: User-created log messages, generated via the 'write' command.
- FLC: Control system for packet forwarding.
- FLPP: System for processing the initial packet of each new session.
- HWMC: Control system for packet processing.
- IPC: The subsystem responsible for messaging between components within the SSR product.
- LINK: The subsystem for inter-node communication (today, BFD).
- PLAT: Components related to the underlying platform management.
- PLUG: Components related to plugin management.
- RDB: The subsystem responsible for synchronizing data between nodes.
- RTG: Components related to the routing engine.
- SNMP: Components related to the SNMP engine.
- SATF: Failures related to multi-threaded session setup.
- SESS: Components related to session setup.
- STEP: Components related to STEP.
- TEST: Components related to testing.
- UTIL: Components related to utility libraries.
- DPDK: Components related to DPDK.
- DNS: Components related to DNS.
- HTTP: Components related to HTTP request/response processing.
- PCLI: All the PCLI's log messages.
- BONS: Components related to the configuration database.
- LDAP: All the System Security Services Daemon logs.
- RIB: Components related to routing changes.
- IDP: Components related to IDP.
configure authority router system log-level
The log level is the degree to which the SSR writes information into its log files, by default. WARNING: using the 'trace' level will significantly impact system performance and is not recommended for production environments. The 'log-category' configuration should be used instead for 'trace' level of specific categories.
Usage
configure authority router system log-level [<log-level>]
Positional Arguments
name | description |
---|---|
log-level | The value to set for this field |
Description
Default: info
log-level (enumeration)
Log levels
Options:
- fatal: Only record log messages with level "fatal" or higher.
- error: Only record log messages with level "error" or higher.
- warning: Only record log messages with level "warning" or higher.
- info: Only record log messages with level "info" or higher.
- debug: Only record log messages with level "debug" or higher.
- trace: Only record log messages with level "trace" or higher.
configure authority router system metrics
Parameters controlling metric configuration and collection. Governs various aspects of the SSR's data sampling for analytics purposes.
Subcommands
command | description |
---|---|
application-stats-interval | Interval at which the delta of identified application stats will be computed |
clone | Clone a list item |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
profile | Configure Profile |
retention | The durations to be used for internal metric storage |
sample-period | The period on which metrics are sampled |
show | Show configuration data for 'metrics' |
configure authority router system metrics application-stats-interval
Interval at which the delta of identified application stats will be computed
Usage
configure authority router system metrics application-stats-interval [<duration>]
Positional Arguments
name | description |
---|---|
duration | The value to set for this field |
Description
Default: 1m
duration (string)
A simple time duration. Valid units are s - seconds, m - minutes, h - hours, and d - days: 5s, 10m, 24h, 15d
Must be a duration with units of seconds, minutes, hours, or days. e.g. 5s, 10m, 23h, 5d
configure authority router system metrics profile
Configure Profile
Usage
configure authority router system metrics profile <name>
Positional Arguments
name | description |
---|---|
name | A profile to be used on this router |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
name | A profile to be used on this router |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
retention | How long the metrics should be retained on box |
show | Show configuration data for 'profile' |
configure authority router system metrics profile name
A profile to be used on this router
Usage
configure authority router system metrics profile name [<metrics-profile-ref>]
Positional Arguments
name | description |
---|---|
metrics-profile-ref | The value to set for this field |
Description
metrics-profile-ref (leafref)
A reference to one of the defined metrics profiles
configure authority router system metrics profile retention
How long the metrics should be retained on box
Usage
configure authority router system metrics profile retention [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: in-memory
enumeration
A value from a set of predefined names.
Options:
- in-memory: Don't store any historical data
- short: Metrics will be stored for the short duration as defined in the router's config
- intermediate: Metrics will be stored for the short and intermediate durations as defined in the router's config
- long: Metrics will be stored for the short, intermediate, and long durations as defined in the router's config
configure authority router system metrics retention
The durations to be used for internal metric storage
Subcommands
command | description |
---|---|
delete | Delete configuration data |
intermediate | The intermediate historical retention bucket |
long | The longest historical retention bucket |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
short | The shortest historical retention bucket |
show | Show configuration data for 'retention' |
configure authority router system metrics retention intermediate
The intermediate historical retention bucket
Subcommands
command | description |
---|---|
delete | Delete configuration data |
duration | How long the intermediate retention should retain metrics |
enabled | Whether intermediate and subsequent retentions should be disabled |
interval | How frequently metrics should be aggregated into the intermediate retention |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'intermediate' |
configure authority router system metrics retention intermediate duration
How long the intermediate retention should retain metrics
Usage
configure authority router system metrics retention intermediate duration [<duration>]
Positional Arguments
name | description |
---|---|
duration | The value to set for this field |
Description
Default: 1d
duration (string)
A simple time duration. Valid units are s - seconds, m - minutes, h - hours, and d - days: 5s, 10m, 24h, 15d
Must be a duration with units of seconds, minutes, hours, or days. e.g. 5s, 10m, 23h, 5d
configure authority router system metrics retention intermediate enabled
Whether intermediate and subsequent retentions should be disabled
Usage
configure authority router system metrics retention intermediate enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router system metrics retention intermediate interval
How frequently metrics should be aggregated into the intermediate retention
Usage
configure authority router system metrics retention intermediate interval [<duration>]
Positional Arguments
name | description |
---|---|
duration | The value to set for this field |
Description
Default: 5m
duration (string)
A simple time duration. Valid units are s - seconds, m - minutes, h - hours, and d - days: 5s, 10m, 24h, 15d
Must be a duration with units of seconds, minutes, hours, or days. e.g. 5s, 10m, 23h, 5d
configure authority router system metrics retention long
The longest historical retention bucket
Subcommands
command | description |
---|---|
delete | Delete configuration data |
duration | How long the long retention should retain metrics |
enabled | Whether the long retention should be disabled |
interval | How frequently metrics should be aggregated into the long retention |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'long' |
configure authority router system metrics retention long duration
How long the long retention should retain metrics
Usage
configure authority router system metrics retention long duration [<duration>]
Positional Arguments
name | description |
---|---|
duration | The value to set for this field |
Description
Default: 180d
duration (string)
A simple time duration. Valid units are s - seconds, m - minutes, h - hours, and d - days: 5s, 10m, 24h, 15d
Must be a duration with units of seconds, minutes, hours, or days. e.g. 5s, 10m, 23h, 5d
configure authority router system metrics retention long enabled
Whether the long retention should be disabled
Usage
configure authority router system metrics retention long enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router system metrics retention long interval
How frequently metrics should be aggregated into the long retention
Usage
configure authority router system metrics retention long interval [<duration>]
Positional Arguments
name | description |
---|---|
duration | The value to set for this field |
Description
Default: 1h
duration (string)
A simple time duration. Valid units are s - seconds, m - minutes, h - hours, and d - days: 5s, 10m, 24h, 15d
Must be a duration with units of seconds, minutes, hours, or days. e.g. 5s, 10m, 23h, 5d
configure authority router system metrics retention short
The shortest historical retention bucket
Subcommands
command | description |
---|---|
delete | Delete configuration data |
duration | How long the short retention should retain metrics |
enabled | Whether short and subsequent retentions should be disabled |
interval | How frequently metrics should be inserted into the short retention. This is equivallent to the deprecated 'sample-period' element. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'short' |
configure authority router system metrics retention short duration
How long the short retention should retain metrics
Usage
configure authority router system metrics retention short duration [<duration>]
Positional Arguments
name | description |
---|---|
duration | The value to set for this field |
Description
Default: 1h
duration (string)
A simple time duration. Valid units are s - seconds, m - minutes, h - hours, and d - days: 5s, 10m, 24h, 15d
Must be a duration with units of seconds, minutes, hours, or days. e.g. 5s, 10m, 23h, 5d
configure authority router system metrics retention short enabled
Whether short and subsequent retentions should be disabled
Usage
configure authority router system metrics retention short enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router system metrics retention short interval
How frequently metrics should be inserted into the short retention. This is equivallent to the deprecated 'sample-period' element.
Usage
configure authority router system metrics retention short interval [<duration>]
Positional Arguments
name | description |
---|---|
duration | The value to set for this field |
Description
Default: 5s
duration (string)
A simple time duration. Valid units are s - seconds, m - minutes, h - hours, and d - days: 5s, 10m, 24h, 15d
Must be a duration with units of seconds, minutes, hours, or days. e.g. 5s, 10m, 23h, 5d
configure authority router system metrics sample-period
The period on which metrics are sampled
Usage
configure authority router system metrics sample-period [<int8>]
Positional Arguments
name | description |
---|---|
int8 | The value to set for this field |
Description
Units: seconds
Default: 5
sample-period
is deprecated and will be removed in a future software version
int8
A signed 8-bit integer.
Range: 1-60
configure authority router system ntp
NTP configuration lets administrators configure information about the NTP servers within their management network.
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
orphan-stratum | Value to use as stratum when upstream NTP servers are unavailable and router nodes synchronize in orphan mode. The numerical value should be greater than the expected stratum value of the upstream NTP servers. For example if upstream clocks are stratum 4 or 5, then this setting should be 6. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
server | The list of NTP servers configured for this device. |
show | Show configuration data for 'ntp' |
configure authority router system ntp orphan-stratum
Value to use as stratum when upstream NTP servers are unavailable and router nodes synchronize in orphan mode. The numerical value should be greater than the expected stratum value of the upstream NTP servers. For example if upstream clocks are stratum 4 or 5, then this setting should be 6.
Usage
configure authority router system ntp orphan-stratum [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Default: 5
uint32
An unsigned 32-bit integer.
Range: 1-15
configure authority router system ntp server
The list of NTP servers configured for this device.
Usage
configure authority router system ntp server <ip-address>
Positional Arguments
name | description |
---|---|
ip-address | The address or hostname of NTP server. |
Subcommands
command | description |
---|---|
authentication-key | Configure Authentication Key |
delete | Delete configuration data |
ip-address | The address or hostname of NTP server. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'server' |
configure authority router system ntp server authentication-key
Configure Authentication Key
Subcommands
command | description |
---|---|
delete | Delete configuration data |
key-number | The key number identifier for the authentication key |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'authentication-key' |
type | The algorithm used by symmetric key |
value | The authentication key value |
configure authority router system ntp server authentication-key key-number
The key number identifier for the authentication key
Usage
configure authority router system ntp server authentication-key key-number [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32 (required)
An unsigned 32-bit integer.
Range: 1-65534
configure authority router system ntp server authentication-key type
The algorithm used by symmetric key
Usage
configure authority router system ntp server authentication-key type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
enumeration (required)
A value from a set of predefined names.
Options:
- md5: Key uses MD5 authentication algorithm
- sha1: Key uses SHA1 authentication algorithm
configure authority router system ntp server authentication-key value
The authentication key value
Usage
configure authority router system ntp server authentication-key value [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string (required)
A text value.
Length: 1-40
configure authority router system ntp server ip-address
The address or hostname of NTP server.
Usage
configure authority router system ntp server ip-address [<host>]
Positional Arguments
name | description |
---|---|
host | The value to set for this field |
Description
host (union)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(2) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router system radius
Configure Radius
Subcommands
command | description |
---|---|
account-creation | Control account creation behavior. |
clone | Clone a list item |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
radius-server | Radius Servers against which to authenticate user credentials. |
show | Show configuration data for 'radius' |
configure authority router system radius account-creation
Control account creation behavior.
Usage
configure authority router system radius account-creation [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: use-authority-setting
enumeration
A value from a set of predefined names.
Options:
- use-authority-setting: Use the authority wide account creation behavior.
- manual: Accounts must be created locally on the Router or Conductor before a user can log in.
- automatic: Create accounts automatically on first time login. The Radius server must contain the Vendor Specific Attribute (VSA) 'Juniper-Local-User-Name' set to the role that the user will be assigned. The role must be prefixed with 'SSR-', so to assign the user the admin role the VSA key would be set to 'SSR-admin'.
configure authority router system radius radius-server
Radius Servers against which to authenticate user credentials.
Usage
configure authority router system radius radius-server <name>
Positional Arguments
name | description |
---|---|
name | The name of the Radius server. |
Subcommands
command | description |
---|---|
address | The IP address or FQDN of the Radius server. |
delete | Delete configuration data |
name | The name of the Radius server. |
ocsp | Whether to check the revocation status of the Radius server's certificate. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
port | The port number Radius server listens on. |
protocol | Use TLS or UDP protocol to communicate with Radius server. |
secret | The secret key to bind to the Radius server. |
server-name | Hostname of the Radius server. |
show | Show configuration data for 'radius-server' |
timeout | Radius Request Timeout. |
configure authority router system radius radius-server address
The IP address or FQDN of the Radius server.
Usage
configure authority router system radius radius-server address [<host>]
Positional Arguments
name | description |
---|---|
host | The value to set for this field |
Description
host (union) (required)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ipv4-address (string) (required)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string) (required)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(2) domain-name (string) (required)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router system radius radius-server name
The name of the Radius server.
Usage
configure authority router system radius radius-server name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router system radius radius-server ocsp
Whether to check the revocation status of the Radius server's certificate.
Usage
configure authority router system radius radius-server ocsp [<ocsp>]
Positional Arguments
name | description |
---|---|
ocsp | The value to set for this field |
Description
ocsp (enumeration)
Whether to check the revocation status of a server's certificate.
Options:
- strict: Require a successful OCSP check in order to establish a connection.
- off: Do not check revocation status of the server certificate.
configure authority router system radius radius-server port
The port number Radius server listens on.
Usage
configure authority router system radius radius-server port [<port-number>]
Positional Arguments
name | description |
---|---|
port-number | The value to set for this field |
Description
Default: 1812
port-number (uint16)
The port-number type represents a 16-bit port number of an Internet transport layer protocol such as UDP, TCP, DCCP, or SCTP. Port numbers are assigned by IANA. A current list of all assignments is available from <http://www.iana.org/>.
Note that the port number value zero is reserved by IANA. In situations where the value zero does not make sense, it can be excluded by subtyping the port-number type.
In the value set and its semantics, this type is equivalent to the InetPortNumber textual convention of the SMIv2.
Range: 0-65535
configure authority router system radius radius-server protocol
Use TLS or UDP protocol to communicate with Radius server.
Usage
configure authority router system radius radius-server protocol [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: udp
enumeration
A value from a set of predefined names.
Options:
- udp: Use UDP protocol to communicate with Radius server.
- tls: Use TLS over TCP protocol to communicate with Radius server.
configure authority router system radius radius-server secret
The secret key to bind to the Radius server.
Usage
configure authority router system radius radius-server secret [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
Length: 1-16
configure authority router system radius radius-server server-name
Hostname of the Radius server.
Usage
configure authority router system radius radius-server server-name [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router system radius radius-server timeout
Radius Request Timeout.
Usage
configure authority router system radius radius-server timeout [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 3
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router system remote-login
Configure Remote Login
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Enable remote login from a Conductor to assets on this Router. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'remote-login' |
configure authority router system remote-login enabled
Enable remote login from a Conductor to assets on this Router.
Usage
configure authority router system remote-login enabled [<union>]
Positional Arguments
name | description |
---|---|
union | The value to set for this field |
Description
Default: use-authority-setting
union
A value that corresponds to one of its member types.
Must be one of the following types:
(0) boolean
A true or false value.
Options: true or false
(1) enumeration
A value from a set of predefined names.
Options:
- use-authority-setting: Use the authority wide remote-login state.
configure authority router system services
Address information for internal services
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'services' |
snmp-server | SNMP server configuration. |
webserver | Web server & REST API. |
configure authority router system services snmp-server
SNMP server configuration.
Subcommands
command | description |
---|---|
access-control | SNMP access control policy. |
clone | Clone a list item |
delete | Delete configuration data |
enabled | Enable SNMP server on all control nodes in this router. |
engine-id | The SNMPv3 Engine ID. |
notification-receiver | List of SNMP receivers that the SNMP server will send notifications. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
port | The port on which the SNMP server listens. |
show | Show configuration data for 'snmp-server' |
vacm | View-based Access Control Model settings. |
version | The SNMP server protocol version. |
configure authority router system services snmp-server access-control
SNMP access control policy.
Usage
configure authority router system services snmp-server access-control <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary, unique name for this access control policy. |
Subcommands
command | description |
---|---|
community | The SNMP community string for this access-control policy. |
delete | Delete configuration data |
name | An arbitrary, unique name for this access control policy. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'access-control' |
source | The SNMP client host to restrict access to. |
usm | User-based Security Model settings. |
view | The view to use for this access control policy. |
configure authority router system services snmp-server access-control community
The SNMP community string for this access-control policy.
Usage
configure authority router system services snmp-server access-control community [<snmp-community>]
Positional Arguments
name | description |
---|---|
snmp-community | The value to set for this field |
Description
snmp-community (string)
A string representing an SNMP community.
Cannot contain quotes or spaces in community string. Length: 1-255
configure authority router system services snmp-server access-control name
An arbitrary, unique name for this access control policy.
Usage
configure authority router system services snmp-server access-control name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router system services snmp-server access-control source
The SNMP client host to restrict access to.
Usage
configure authority router system services snmp-server access-control source [<host>]
Positional Arguments
name | description |
---|---|
host | The value to set for this field |
Description
host (union)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string):
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(2) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router system services snmp-server access-control usm
User-based Security Model settings.
Subcommands
command | description |
---|---|
authentication | Authentication type. |
authentication-key | Authentication key. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
privacy | Privacy type. |
privacy-key | Privacy key. |
show | Show configuration data for 'usm' |
user-name | USM User name. |
configure authority router system services snmp-server access-control usm authentication
Authentication type.
Usage
configure authority router system services snmp-server access-control usm authentication [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: none
enumeration
A value from a set of predefined names.
Options:
- none:
- md5:
- sha:
configure authority router system services snmp-server access-control usm authentication-key
Authentication key.
Usage
configure authority router system services snmp-server access-control usm authentication-key [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
Length: 8-128
configure authority router system services snmp-server access-control usm privacy
Privacy type.
Usage
configure authority router system services snmp-server access-control usm privacy [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: none
enumeration
A value from a set of predefined names.
Options:
- none:
- des:
- aes:
configure authority router system services snmp-server access-control usm privacy-key
Privacy key.
Usage
configure authority router system services snmp-server access-control usm privacy-key [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
Length: 8-128
configure authority router system services snmp-server access-control usm user-name
USM User name.
Usage
configure authority router system services snmp-server access-control usm user-name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string) (required)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router system services snmp-server access-control view
The view to use for this access control policy.
Usage
configure authority router system services snmp-server access-control view [<snmp-vacm-view-ref>]
Positional Arguments
name | description |
---|---|
snmp-vacm-view-ref | The value to set for this field |
Description
snmp-vacm-view-ref (leafref)
This type is used by other entities that need to reference configured snmp vacm views.
configure authority router system services snmp-server enabled
Enable SNMP server on all control nodes in this router.
Usage
configure authority router system services snmp-server enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router system services snmp-server engine-id
The SNMPv3 Engine ID.
Usage
configure authority router system services snmp-server engine-id [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority router system services snmp-server notification-receiver
List of SNMP receivers that the SNMP server will send notifications.
Usage
configure authority router system services snmp-server notification-receiver <ip-address> <port> <type>
Positional Arguments
name | description |
---|---|
ip-address | The address to which the SNMP servers send notifications. |
port | The port to which the SNMP servers send notifications. |
type | The type of notification to send. |
Subcommands
command | description |
---|---|
access-control | The access-control policy to use when notifying this receiver. |
community | The SNMP community string to use when notifying this receiver. |
delete | Delete configuration data |
ip-address | The address to which the SNMP servers send notifications. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
port | The port to which the SNMP servers send notifications. |
show | Show configuration data for 'notification-receiver' |
type | The type of notification to send. |
configure authority router system services snmp-server notification-receiver access-control
The access-control policy to use when notifying this receiver.
Usage
configure authority router system services snmp-server notification-receiver access-control [<snmp-access-control-ref>]
Positional Arguments
name | description |
---|---|
snmp-access-control-ref | The value to set for this field |
Description
snmp-access-control-ref (leafref)
This type is used by other entities that need to reference configured snmp access-controls.
configure authority router system services snmp-server notification-receiver community
The SNMP community string to use when notifying this receiver.
Usage
configure authority router system services snmp-server notification-receiver community [<snmp-community>]
Positional Arguments
name | description |
---|---|
snmp-community | The value to set for this field |
Description
community
is deprecated and will be removed in a future software version
snmp-community (string)
A string representing an SNMP community.
Cannot contain quotes or spaces in community string. Length: 1-255
configure authority router system services snmp-server notification-receiver ip-address
The address to which the SNMP servers send notifications.
Usage
configure authority router system services snmp-server notification-receiver ip-address [<ipv4-address>]
Positional Arguments
name | description |
---|---|
ipv4-address | The value to set for this field |
Description
ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
configure authority router system services snmp-server notification-receiver port
The port to which the SNMP servers send notifications.
Usage
configure authority router system services snmp-server notification-receiver port [<l4-port>]
Positional Arguments
name | description |
---|---|
l4-port | The value to set for this field |
Description
l4-port (uint16)
Transport (layer 4) port number.
Range: 0-65535
configure authority router system services snmp-server notification-receiver type
The type of notification to send.
Usage
configure authority router system services snmp-server notification-receiver type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
enumeration
A value from a set of predefined names.
Options:
- trap:
- inform:
configure authority router system services snmp-server port
The port on which the SNMP server listens.
Usage
configure authority router system services snmp-server port [<l4-port>]
Positional Arguments
name | description |
---|---|
l4-port | The value to set for this field |
Description
Default: 161
l4-port (uint16)
Transport (layer 4) port number.
Range: 0-65535
configure authority router system services snmp-server vacm
View-based Access Control Model settings.
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'vacm' |
view | SNMP view policy. |
configure authority router system services snmp-server vacm view
SNMP view policy.
Usage
configure authority router system services snmp-server vacm view <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary, unique name for this view policy. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
excluded | OID view to disallow. |
included | OID view to allow. |
name | An arbitrary, unique name for this view policy. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'view' |
strict | When parsing the included OIDs, strict mode will prevent any OIDs that are not a part of the SSR supported OIDs from being added to the specified view. |
configure authority router system services snmp-server vacm view excluded
OID view to disallow.
Usage
configure authority router system services snmp-server vacm view excluded [<snmp-oid>]
Positional Arguments
name | description |
---|---|
snmp-oid | Value to add to this list |
Description
snmp-oid (string)
A string representing an SNMP OID.
Can only define numerical OIDs with '.' separating objects.
configure authority router system services snmp-server vacm view included
OID view to allow.
Usage
configure authority router system services snmp-server vacm view included [<snmp-oid>]
Positional Arguments
name | description |
---|---|
snmp-oid | Value to add to this list |
Description
snmp-oid (string)
A string representing an SNMP OID.
Can only define numerical OIDs with '.' separating objects.
configure authority router system services snmp-server vacm view name
An arbitrary, unique name for this view policy.
Usage
configure authority router system services snmp-server vacm view name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority router system services snmp-server vacm view strict
When parsing the included OIDs, strict mode will prevent any OIDs that are not a part of the SSR supported OIDs from being added to the specified view.
Usage
configure authority router system services snmp-server vacm view strict [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router system services snmp-server version
The SNMP server protocol version.
Usage
configure authority router system services snmp-server version [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: v2c
enumeration
A value from a set of predefined names.
Options:
- v2c:
- v3:
configure authority router system services webserver
Web server & REST API.
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
enabled | Enable Web server & REST API on all control nodes in this router. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
port | The port on which the Web servers listen. |
server | List of control node server addresses. When present, they override the defaults from global configuration. |
show | Show configuration data for 'webserver' |
ssl | Configure SSL encryption for HTTPS. |
configure authority router system services webserver enabled
Enable Web server & REST API on all control nodes in this router.
Usage
configure authority router system services webserver enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router system services webserver port
The port on which the Web servers listen.
Usage
configure authority router system services webserver port [<l4-port>]
Positional Arguments
name | description |
---|---|
l4-port | The value to set for this field |
Description
Default: 443
l4-port (uint16)
Transport (layer 4) port number.
Range: 0-65535
configure authority router system services webserver server
List of control node server addresses. When present, they override the defaults from global configuration.
Usage
configure authority router system services webserver server <node-name>
Positional Arguments
name | description |
---|---|
node-name | The name of the control node. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
ip-address | IP address for the server on the control node. |
node-name | The name of the control node. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'server' |
configure authority router system services webserver server ip-address
IP address for the server on the control node.
Usage
configure authority router system services webserver server ip-address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union) (required)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string) (required)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string) (required)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority router system services webserver server node-name
The name of the control node.
Usage
configure authority router system services webserver server node-name [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority router system services webserver ssl
Configure SSL encryption for HTTPS.
Subcommands
command | description |
---|---|
ciphers | Configure the allowed ciphers. The full list of available ciphers can be viewed by running the 'openssl ciphers' shell command. See 'CIPHER LIST FORMAT' and 'CIPHER STRINGS' in the OpenSSL documentation https://www.openssl.org/docs/man1.1.1/man1/ciphers.html for the permitted values and their meanings. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
protocol | Configure the allowed protocols. By default both 'TLSv1.2' and 'TLSv1.3' are used. |
show | Show configuration data for 'ssl' |
configure authority router system services webserver ssl ciphers
Configure the allowed ciphers. The full list of available ciphers can be viewed by running the 'openssl ciphers' shell command. See 'CIPHER LIST FORMAT' and 'CIPHER STRINGS' in the OpenSSL documentation https://www.openssl.org/docs/man1.1.1/man1/ciphers.html for the permitted values and their meanings.
Usage
configure authority router system services webserver ssl ciphers [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
Default: HIGH:!aNULL:!MD5
string
A text value.
configure authority router system services webserver ssl protocol
Configure the allowed protocols. By default both 'TLSv1.2' and 'TLSv1.3' are used.
Usage
configure authority router system services webserver ssl protocol [<string>]
Positional Arguments
name | description |
---|---|
string | Value to add to this list |
Description
string
A text value.
Must contain only alphanumeric characters or any of the following: . - _ Length: 1-63
configure authority router system software-access
Configuration for SSR software access for this router. Supported on managed assets only. Any settings configured here will override the authority software access settings.
Subcommands
command | description |
---|---|
channel | The software access channel to use. The channel will only grant access to software which is permitted for the given software access username and token. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
router-credentials | Configure Router Credentials |
rpm-channel | The software access RPM channel to use. The RPM channel will override the router channel for repositories providing RPMs. The channel will only grant access to software which is permitted for the given software access username and token. |
show | Show configuration data for 'software-access' |
ssr-image-channel | The software access SSR image channel to use. The SSR image channel will override the router channel for repositories providing SSR images. The channel will only grant access to software which is permitted for the given software access username and token. |
use-authority-credentials | Configure Use Authority Credentials |
configure authority router system software-access channel
The software access channel to use. The channel will only grant access to software which is permitted for the given software access username and token.
Usage
configure authority router system software-access channel [<router-software-access-channel>]
Positional Arguments
name | description |
---|---|
router-software-access-channel | The value to set for this field |
Description
Default: use-authority-channel
router-software-access-channel (enumeration)
The router software access channel.
Options:
- use-authority-channel: Use the configured authority channel.
- prealpha: Override the authority channel with the prealpha channel.
- alpha: Override the authority channel with the alpha channel.
- beta: Override the authority channel with the beta channel.
- release: Override the authority channel with the release channel.
configure authority router system software-access router-credentials
Configure Router Credentials
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'router-credentials' |
token | The router software access token. |
username | The router software access username. |
configure authority router system software-access router-credentials token
The router software access token.
Usage
configure authority router system software-access router-credentials token [<software-access-token>]
Positional Arguments
name | description |
---|---|
software-access-token | The value to set for this field |
Description
software-access-token (string)
The software access token.
Must not contain whitespace in the software access token.
configure authority router system software-access router-credentials username
The router software access username.
Usage
configure authority router system software-access router-credentials username [<software-access-username>]
Positional Arguments
name | description |
---|---|
software-access-username | The value to set for this field |
Description
software-access-username (string)
The software access username.
Must not contain a colon or whitespace in the software access username.
configure authority router system software-access rpm-channel
The software access RPM channel to use. The RPM channel will override the router channel for repositories providing RPMs. The channel will only grant access to software which is permitted for the given software access username and token.
Usage
configure authority router system software-access rpm-channel [<router-software-access-channel-override>]
Positional Arguments
name | description |
---|---|
router-software-access-channel-override | The value to set for this field |
Description
Default: use-software-access-channel
router-software-access-channel-override (enumeration)
The router software access channel overrides.
Options:
- use-authority-channel: Use the configured authority channel.
- use-software-access-channel: Use the configured router channel.
- prealpha: Override the configured channel with the prealpha channel.
- alpha: Override the configured channel with the alpha channel.
- beta: Override the configured channel with the beta channel.
- release: Override the configured channel with the release channel.
configure authority router system software-access ssr-image-channel
The software access SSR image channel to use. The SSR image channel will override the router channel for repositories providing SSR images. The channel will only grant access to software which is permitted for the given software access username and token.
Usage
configure authority router system software-access ssr-image-channel [<router-software-access-channel-override>]
Positional Arguments
name | description |
---|---|
router-software-access-channel-override | The value to set for this field |
Description
Default: use-software-access-channel
router-software-access-channel-override (enumeration)
The router software access channel overrides.
Options:
- use-authority-channel: Use the configured authority channel.
- use-software-access-channel: Use the configured router channel.
- prealpha: Override the configured channel with the prealpha channel.
- alpha: Override the configured channel with the alpha channel.
- beta: Override the configured channel with the beta channel.
- release: Override the configured channel with the release channel.
configure authority router system software-access use-authority-credentials
Configure Use Authority Credentials
Usage
configure authority router system software-access use-authority-credentials [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority router system software-update
Configuration for SSR software updates. Supported on managed assets only.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
max-bandwidth | Bandwidth limit for downloads of software updates. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
repository | Configuration for how to retrieve software updates. |
show | Show configuration data for 'software-update' |
configure authority router system software-update max-bandwidth
Bandwidth limit for downloads of software updates.
Usage
configure authority router system software-update max-bandwidth [<union>]
Positional Arguments
name | description |
---|---|
union | The value to set for this field |
Description
Units: bits/second
Default: unlimited
union
A value that corresponds to one of its member types.
Must be one of the following types:
(0) uint64
An unsigned 64-bit integer.
Range: 1-999999999999
(1) enumeration
A value from a set of predefined names.
Options:
- unlimited: No limit on this value
configure authority router system software-update repository
Configuration for how to retrieve software updates.
Subcommands
command | description |
---|---|
address | The address of the Conductor to use as a proxy to the Internet. |
delete | Delete configuration data |
offline-mode | Software updates are received through the Conductor without internet connectivity |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'repository' |
source-type | The location from which to retrieve software updates. |
configure authority router system software-update repository address
The address of the Conductor to use as a proxy to the Internet.
Usage
configure authority router system software-update repository address [<host>]
Positional Arguments
name | description |
---|---|
host | The value to set for this field |
Description
host (union)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types :
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(2) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router system software-update repository offline-mode
Software updates are received through the Conductor without internet connectivity
Usage
configure authority router system software-update repository offline-mode [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority router system software-update repository source-type
The location from which to retrieve software updates.
Usage
configure authority router system software-update repository source-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: internet-only
enumeration
A value from a set of predefined names.
Options:
- conductor-only: Download software from the Conductor, using it as a proxy to the Internet if it has not already downloaded the requested software.
- prefer-conductor: Download software from the Conductor, using the Internet if the Conductor has not already downloaded the requested software.
- internet-only: Download software from publicly available sources via the Internet.
configure authority router system syslog
Syslog configuration lets administrators configure the SSR's interaction with external syslog services.
Subcommands
command | description |
---|---|
client-certificate-name | A client certificate to be used to communicate with syslog server. |
clone | Clone a list item |
delete | Delete configuration data |
facility | The facility under which syslog messages will be recorded. |
ocsp | Whether to check the revocation status of the Syslog server's certificate. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
protocol | Use TCP or UDP protocol to communicate with syslog server. |
router-client-certificate-name | A client certificate to be used to communicate with syslog server. |
server | The list of syslog servers configured for this device. |
severity | Sets the level at which messages will be sent to the syslog server. |
show | Show configuration data for 'syslog' |
configure authority router system syslog client-certificate-name
A client certificate to be used to communicate with syslog server.
Usage
configure authority router system syslog client-certificate-name [<client-certificate-ref>]
Positional Arguments
name | description |
---|---|
client-certificate-ref | The value to set for this field |
Description
client-certificate-ref (leafref)
This type is used by other entities that need to reference configured client certificate.
configure authority router system syslog facility
The facility under which syslog messages will be recorded.
Usage
configure authority router system syslog facility [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: local0
enumeration
A value from a set of predefined names.
Options:
- auth: security and authorization messages
- authpriv: security and authorization messages (private)
- cron: cron daemon messages
- daemon: system daemons without separate facility
- kern: kernel messages
- lpr: line printer subsystem messages
- mail: mail subsystem messages
- news: USENET news subsystem messages
- syslog: messages generated internally by syslog
- user: generic user-level messages
- uucp: UUCP messages
- local0: syslog local use 0 facility reserved for local use
- local1: syslog local use 1 facility reserved for local use
- local2: syslog local use 2 facility reserved for local use
- local3: syslog local use 3 facility reserved for local use
- local4: syslog local use 4 facility reserved for local use
- local5: syslog local use 5 facility reserved for local use
- local6: syslog local use 6 facility reserved for local use
- local7: syslog local use 7 facility reserved for local use
- any: match any syslog facility
configure authority router system syslog ocsp
Whether to check the revocation status of the Syslog server's certificate.
Usage
configure authority router system syslog ocsp [<ocsp>]
Positional Arguments
name | description |
---|---|
ocsp | The value to set for this field |
Description
ocsp (enumeration)
Whether to check the revocation status of a server's certificate.
Options:
- strict: Require a successful OCSP check in order to establish a connection.
- off: Do not check revocation status of the server certificate.
configure authority router system syslog protocol
Use TCP or UDP protocol to communicate with syslog server.
Usage
configure authority router system syslog protocol [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: udp
enumeration
A value from a set of predefined names.
Options:
- udp: Use UDP protocol to communicate with syslog server.
- tcp: Use TCP protocol to communicate with syslog server.
- tls: Use TLS over TCP protocol to communicate with syslog server.
configure authority router system syslog router-client-certificate-name
A client certificate to be used to communicate with syslog server.
Usage
configure authority router system syslog router-client-certificate-name [<router-client-certificate-ref>]
Positional Arguments
name | description |
---|---|
router-client-certificate-ref | The value to set for this field |
Description
router-client-certificate-ref (leafref)
This type is used by other entities that need to reference configured client certificate for a specific router.
configure authority router system syslog server
The list of syslog servers configured for this device.
Usage
configure authority router system syslog server <ip-address> <port>
Positional Arguments
name | description |
---|---|
ip-address | The address of remote syslog server. |
port | The port on which remote syslog server listens |
Subcommands
command | description |
---|---|
ip-address | The address of remote syslog server. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
port | The port on which remote syslog server listens |
show | Show configuration data for 'server' |
configure authority router system syslog server ip-address
The address of remote syslog server.
Usage
configure authority router system syslog server ip-address [<host>]
Positional Arguments
name | description |
---|---|
host | The value to set for this field |
Description
host (union)
The host type represents either an IP address or a DNS domain name.
Must be one of the following types:
(0) ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string):
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(2) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority router system syslog server port
The port on which remote syslog server listens
Usage
configure authority router system syslog server port [<l4-port>]
Positional Arguments
name | description |
---|---|
l4-port | The value to set for this field |
Description
l4-port (uint16)
Transport (layer 4) port number.
Range: 0-65535
configure authority router system syslog severity
Sets the level at which messages will be sent to the syslog server.
Usage
configure authority router system syslog severity [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: error
enumeration
A value from a set of predefined names.
Options:
- emergency: Only record log messages with level "emergency" or higher
- alert: Only record log messages with level "alert" or higher
- critical: Only record log messages with level "critical" or higher
- error: Only record log messages with level "error" or higher
- warning: Only record log messages with level "warning" or higher
- notice: Only record log messages with level "notice" or higher
- info: Only record log messages with level "info" or higher
- debug: Only record log messages with level "debug" or higher
configure authority router udp-transform
UDP transform settings for interoperating with stateful TCP firewalls for nodes within the router.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
detect-interval | Represents the frequency with which the stateful TCP firewall discovery is performed. |
mode | Configure Mode |
nat-keep-alive-mode | Configure Nat Keep Alive Mode |
nat-keep-alive-timeout | Represents the frequency with which keep-alive packets are generated. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'udp-transform' |
configure authority router udp-transform detect-interval
Represents the frequency with which the stateful TCP firewall discovery is performed.
Usage
configure authority router udp-transform detect-interval [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 300
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority router udp-transform mode
Configure Mode
Usage
configure authority router udp-transform mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: auto-detect
enumeration
A value from a set of predefined names.
Options:
- auto-detect: Detect if TCP to UDP transform is required. Special TCP packets are sent to the peer at the specified interval. If these packets are not returned, transformation is required.
- always-transform: Force UDP transform for all TCP traffic to the peer. TCP detection packets are never sent in this mode.
configure authority router udp-transform nat-keep-alive-mode
Configure Nat Keep Alive Mode
Usage
configure authority router udp-transform nat-keep-alive-mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: disabled
enumeration
A value from a set of predefined names.
Options:
- disabled: Do not send keep-alive packets to keep UDP sessions active during UDP transform.
- enabled: Inject keep-alive packets to keep UDP sessions active during UDP transform.
configure authority router udp-transform nat-keep-alive-timeout
Represents the frequency with which keep-alive packets are generated.
Usage
configure authority router udp-transform nat-keep-alive-timeout [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: seconds
Default: 30
uint32
An unsigned 32-bit integer.
Range: 1-86400
configure authority routing
authority level routing configuration
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
filter | A filter which operates on a set of objects and returns accept or reject to be used by other constructs to process the objects |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
policy | A construct for processing which consists of a set of statements executed in sequence |
resource-group | Associate this routing configuration with a top-level resource-group. |
show | Show configuration data for 'routing' |
configure authority routing filter
A filter which operates on a set of objects and returns accept or reject to be used by other constructs to process the objects
Usage
configure authority routing filter <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary identifying name |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
move | Move list items |
name | An arbitrary identifying name |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
rule | A fragment of the filter which defines a subset of the logic on how to process the objects going through the filter |
show | Show configuration data for 'filter' |
type | A filter type |
configure authority routing filter name
An arbitrary identifying name
Usage
configure authority routing filter name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority routing filter rule
A fragment of the filter which defines a subset of the logic on how to process the objects going through the filter
Usage
configure authority routing filter rule <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary identifying name |
Subcommands
command | description |
---|---|
as-path | An AS-path regex to match on |
community | A BGP community regex to match on |
delete | Delete configuration data |
extended-community | A BGP extended community regex to match on |
filter | Filter action indicating how to handle elements matching the rule |
ge | Match the prefix greater than or equal to said prefix length |
le | Match the prefix less than or equal to said prefix length |
name | An arbitrary identifying name |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
prefix | The prefix to match |
show | Show configuration data for 'rule' |
Description
The order of elements matters.
configure authority routing filter rule as-path
An AS-path regex to match on
Usage
configure authority routing filter rule as-path [<regex>]
Positional Arguments
name | description |
---|---|
regex | The value to set for this field |
Description
regex (string)
A regular expression (regex) type.
configure authority routing filter rule community
A BGP community regex to match on
Usage
configure authority routing filter rule community [<regex>]
Positional Arguments
name | description |
---|---|
regex | The value to set for this field |
Description
regex (string)
A regular expression (regex) type.
configure authority routing filter rule extended-community
A BGP extended community regex to match on
Usage
configure authority routing filter rule extended-community [<regex>]
Positional Arguments
name | description |
---|---|
regex | The value to set for this field |
Description
regex (string)
A regular expression (regex) type.
configure authority routing filter rule filter
Filter action indicating how to handle elements matching the rule
Usage
configure authority routing filter rule filter [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: accept
enumeration
A value from a set of predefined names.
Options:
- accept: Indicates elements matching the rule should not be filtered by the calling construct
- reject: Indicates elements matching the rule should be filtered by the calling construct
configure authority routing filter rule ge
Match the prefix greater than or equal to said prefix length
Usage
configure authority routing filter rule ge [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
uint8
An unsigned 8-bit integer.
Range: 1-128
configure authority routing filter rule le
Match the prefix less than or equal to said prefix length
Usage
configure authority routing filter rule le [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
uint8
An unsigned 8-bit integer.
Range: 1-128
configure authority routing filter rule name
An arbitrary identifying name
Usage
configure authority routing filter rule name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority routing filter rule prefix
The prefix to match
Usage
configure authority routing filter rule prefix [<ip-prefix>]
Positional Arguments
name | description |
---|---|
ip-prefix | The value to set for this field |
Description
ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority routing filter type
A filter type
Usage
configure authority routing filter type [<identityref>]
Positional Arguments
name | description |
---|---|
identityref | The value to set for this field |
Description
identityref (required)
A value from a set of predefined names.
Options:
- prefix-filter: Filter based on IPv4 prefixes within a given range
- prefix-filter-ipv6: Filter based on IPv6 prefixes within a given range
- as-path-filter: Filter based on the BGP AS path
- community-filter: Filter based on the BGP community value
- extended-community-filter: Filter based on the BGP extended community value
configure authority routing policy
A construct for processing which consists of a set of statements executed in sequence
Usage
configure authority routing policy <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary identifying name |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
move | Move list items |
name | An arbitrary identifying name |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'policy' |
statement | A fragment of a policy that is executed in sequence. A statement is executed by first running the conditions. If all the conditions match (or if no conditions are specified) the policy (accept or reject) is consulted. An accept means execute the actions in the statement and then terminate the policy returning accept. A reject means do not execute the actions and terminate the policy returning reject. The accept terminating the policy may be modified by flow actions. If a policy reaches the end of the statement list and no statement has been executed there is an implicit reject |
configure authority routing policy name
An arbitrary identifying name
Usage
configure authority routing policy name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority routing policy statement
A fragment of a policy that is executed in sequence. A statement is executed by first running the conditions. If all the conditions match (or if no conditions are specified) the policy (accept or reject) is consulted. An accept means execute the actions in the statement and then terminate the policy returning accept. A reject means do not execute the actions and terminate the policy returning reject. The accept terminating the policy may be modified by flow actions. If a policy reaches the end of the statement list and no statement has been executed there is an implicit reject
Usage
configure authority routing policy statement <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary identifying name |
Subcommands
command | description |
---|---|
action | The actions to take if the conditions evaluates to true and policy is accept. Flow altering actions are executed last |
clone | Clone a list item |
condition | The conditions which define a match to the statement. |
delete | Delete configuration data |
name | An arbitrary identifying name |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
policy | The policy action, accept or reject, to be returned if the conditions evaluate to true. If no conditions are given the condition evaluation is true |
show | Show configuration data for 'statement' |
Description
The order of elements matters.
configure authority routing policy statement action
The actions to take if the conditions evaluates to true and policy is accept. Flow altering actions are executed last
Usage
configure authority routing policy statement action <type>
Positional Arguments
name | description |
---|---|
type | The action type |
Subcommands
command | description |
---|---|
add | The metric value to add |
additive | Merge the community attribute values |
aggregator-address | The aggregator IP address |
as | The aggregator as |
bgp-weight | The BGP weight value |
community-attribute | The new community attribute values |
community-filter | The community filter to use to remove matching communities. |
delete | Delete configuration data |
distance | The administrative distance value |
exclude | The AS(s) to exclude from the as-path |
ip-address | The new next hop IP address to set |
local-preference | The local preference value |
no-extended-communities | Remove all extended communities |
none | Remove all communities |
origin | The BGP origin value |
originator-id | The new originator id to set |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
peer-address | Set the next hop to the IP address of the peer |
policy | The policy to call. If this policy returns reject then the current policy will terminate and return reject |
prepend | The AS(s) to prepend to the as-path |
route-target | The new extended-community route target value |
service-policy | The service policy to select the best path. |
set | The metric value |
show | Show configuration data for 'action' |
site-of-origin | The new extended-community site of origin value |
statement | The statement to process next which must be after the current statement. |
subtract | The metric value to subtract |
tag | The tag value |
type | The action type |
configure authority routing policy statement action add
The metric value to add
Usage
configure authority routing policy statement action add [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32
An unsigned 32-bit integer.
configure authority routing policy statement action additive
Merge the community attribute values
Usage
configure authority routing policy statement action additive
Description
empty
Has no value.
configure authority routing policy statement action aggregator-address
The aggregator IP address
Usage
configure authority routing policy statement action aggregator-address [<ipv4-address>]
Positional Arguments
name | description |
---|---|
ipv4-address | The value to set for this field |
Description
ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
configure authority routing policy statement action as
The aggregator as
Usage
configure authority routing policy statement action as [<as-number>]
Positional Arguments
name | description |
---|---|
as-number | The value to set for this field |
Description
as-number (uint32)
The as-number type represents autonomous system numbers which identify an Autonomous System (AS). An AS is a set of routers under a single technical administration, using an interior gateway protocol and common metrics to route packets within the AS, and using an exterior gateway protocol to route packets to other ASs'. IANA maintains the AS number space and has delegated large parts to the regional registries.
Autonomous system numbers were originally limited to 16 bits. BGP extensions have enlarged the autonomous system number space to 32 bits. This type therefore uses an uint32 base type without a range restriction in order to support a larger autonomous system number space.
In the value set and its semantics, this type is equivalent to the InetAutonomousSystemNumber textual convention of the SMIv2.
configure authority routing policy statement action bgp-weight
The BGP weight value
Usage
configure authority routing policy statement action bgp-weight [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32
An unsigned 32-bit integer.
configure authority routing policy statement action community-attribute
The new community attribute values
Usage
configure authority routing policy statement action community-attribute [<set-community>]
Positional Arguments
name | description |
---|---|
set-community | Value to add to this list |
Description
set-community (union)
A BGP community. Accepts the well-known communities internet, local-AS, no-advertise and no-export or any 32 bit communtity value specified as <uint16>:<uint16> (in decimal).
Must be one of the following types:
(0) enumeration
A value from a set of predefined names.
Options:
- internet:
- local-AS:
- no-advertise:
- no-export:
(1) string
A text value.
Must be <uint16>:<uint16>
configure authority routing policy statement action community-filter
The community filter to use to remove matching communities.
Usage
configure authority routing policy statement action community-filter [<filter-ref>]
Positional Arguments
name | description |
---|---|
filter-ref | The value to set for this field |
Description
filter-ref (leafref)
A reference to an existing value in the instance data.
configure authority routing policy statement action distance
The administrative distance value
Usage
configure authority routing policy statement action distance [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
uint8
An unsigned 8-bit integer.
Range: 0-255
configure authority routing policy statement action exclude
The AS(s) to exclude from the as-path
Usage
configure authority routing policy statement action exclude [<as-path>]
Positional Arguments
name | description |
---|---|
as-path | The value to set for this field |
Description
as-path (string)
A list of BGP autonomous system numbers (uint32) space separated.
Must be space separated list of <uint32>
configure authority routing policy statement action ip-address
The new next hop IP address to set
Usage
configure authority routing policy statement action ip-address [<unicast-non-default-ipv4-address>]
Positional Arguments
name | description |
---|---|
unicast-non-default-ipv4-address | The value to set for this field |
Description
unicast-non-default-ipv4-address (string)
A unicast non-default IPv4 address
Must be a valid IPv4 address.
configure authority routing policy statement action local-preference
The local preference value
Usage
configure authority routing policy statement action local-preference [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32
An unsigned 32-bit integer.
configure authority routing policy statement action no-extended-communities
Remove all extended communities
Usage
configure authority routing policy statement action no-extended-communities
Description
empty
Has no value.
configure authority routing policy statement action none
Remove all communities
Usage
configure authority routing policy statement action none
Description
empty
Has no value.
configure authority routing policy statement action origin
The BGP origin value
Usage
configure authority routing policy statement action origin [<origin>]
Positional Arguments
name | description |
---|---|
origin | The value to set for this field |
Description
origin (enumeration)
BGP ORIGIN attribute.
Options:
- igp: Network Layer Reachability Information is interior to the originating AS.
- egp: Network Layer Reachability Information learned via the EGP protocol [RFC904].
- incomplete: Network Layer Reachability Information learned by some other means.
configure authority routing policy statement action originator-id
The new originator id to set
Usage
configure authority routing policy statement action originator-id [<ipv4-address>]
Positional Arguments
name | description |
---|---|
ipv4-address | The value to set for this field |
Description
ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
configure authority routing policy statement action peer-address
Set the next hop to the IP address of the peer
Usage
configure authority routing policy statement action peer-address
Description
empty
Has no value.
configure authority routing policy statement action policy
The policy to call. If this policy returns reject then the current policy will terminate and return reject
Usage
configure authority routing policy statement action policy [<policy-ref>]
Positional Arguments
name | description |
---|---|
policy-ref | The value to set for this field |
Description
policy-ref (leafref)
A reference to an existing value in the instance data.
configure authority routing policy statement action prepend
The AS(s) to prepend to the as-path
Usage
configure authority routing policy statement action prepend [<as-path>]
Positional Arguments
name | description |
---|---|
as-path | The value to set for this field |
Description
as-path (string)
A list of BGP autonomous system numbers (uint32) space separated.
Must be space separated list of <uint32>
configure authority routing policy statement action route-target
The new extended-community route target value
Usage
configure authority routing policy statement action route-target [<set-extended-community>]
Positional Arguments
name | description |
---|---|
set-extended-community | Value to add to this list |
Description
set-extended-community (union)
A BGP extended community (RFC-4360), an 8 octet value, 6 value octets are specified here. The 2 octet type is part of the set extended community action. The following formats are accepted:
a) A.B.C.D:EF b) EF:GHJK c) GHJK:EF
A.B.C.D: Four Byte IP EF: Two byte ASN (in decimal) GHJK: Four-byte ASN (in decimal)
Must be one of the following types:
(0) string
A text value.
Must be <ipv4-address>:<uint16>
(1) string
A text value.
Must be <uint16>:<uint32>
(2) string
A text value.
Must be <uint32>:<uint16>
configure authority routing policy statement action service-policy
The service policy to select the best path.
Usage
configure authority routing policy statement action service-policy [<service-policy-ref>]
Positional Arguments
name | description |
---|---|
service-policy-ref | The value to set for this field |
Description
service-policy-ref (leafref)
This type is used by other entities that need to reference configured service policies.
configure authority routing policy statement action set
The metric value
Usage
configure authority routing policy statement action set [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32
An unsigned 32-bit integer.
configure authority routing policy statement action site-of-origin
The new extended-community site of origin value
Usage
configure authority routing policy statement action site-of-origin [<set-extended-community>]
Positional Arguments
name | description |
---|---|
set-extended-community | Value to add to this list |
Description
set-extended-community (union)
A BGP extended community (RFC-4360), an 8 octet value, 6 value octets are specified here. The 2 octet type is part of the set extended community action. The following formats are accepted:
a) A.B.C.D:EF b) EF:GHJK c) GHJK:EF
A.B.C.D: Four Byte IP EF: Two byte ASN (in decimal) GHJK: Four-byte ASN (in decimal)
Must be one of the following types:
(0) string
A text value.
Must be <ipv4-address>:<uint16>
(1) string
A text value.
Must be <uint16>:<uint32>
(2) string
A text value.
Must be <uint32>:<uint16>
configure authority routing policy statement action statement
The statement to process next which must be after the current statement.
Usage
configure authority routing policy statement action statement [<policy-statement-ref>]
Positional Arguments
name | description |
---|---|
policy-statement-ref | The value to set for this field |
Description
policy-statement-ref (leafref)
A reference to an existing value in the instance data.
configure authority routing policy statement action subtract
The metric value to subtract
Usage
configure authority routing policy statement action subtract [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32
An unsigned 32-bit integer.
configure authority routing policy statement action tag
The tag value
Usage
configure authority routing policy statement action tag [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32
An unsigned 32-bit integer.
configure authority routing policy statement action type
The action type
Usage
configure authority routing policy statement action type [<identityref>]
Positional Arguments
name | description |
---|---|
identityref | The value to set for this field |
Description
identityref
A value from a set of predefined names.
Options:
- set-aggregator: An action which sets the BGP aggregator
- modify-as-path: An action which changes the BGP as-path
- set-path-based-as-path: An action which changes the BGP as-path depending on the best path to a peer
- set-atomic-aggregate: An action which sets the BGP atomic aggregate attribute
- set-community: An action which sets the BGP community attribute
- remove-community: An action which removes the BGP community attribute
- set-extended-community: An action which sets the BGP extended community attribute
- set-next-hop: An action which sets the next hop
- set-local-preference: An action which sets the BGP local preference
- modify-metric: An action which sets the metric
- set-originator-id: An action which sets the originator id
- set-origin: An action which sets the origin
- set-tag: An action which sets the tag
- set-bgp-weight: An action which sets the BGP weight
- set-distance: An action which sets the administrative distance
- continue: A flow action that advances to the next (or specified) entry in the policy
- call: A flow action calls the given policy
configure authority routing policy statement condition
The conditions which define a match to the statement.
Usage
configure authority routing policy statement condition <type>
Positional Arguments
name | description |
---|---|
type | The condition type |
Subcommands
command | description |
---|---|
as-path-filter | The autonomous system path filter name |
community-filter | The community filter name |
delete | Delete configuration data |
extended-community-filter | The extended community filter name |
metric | The metric value to match on. |
next-hop-interface | Name of the next hop interface to match on |
next-hop-node | Name of the node the next hop interface resides on. |
origin | The BGP origin to match on |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
peer-address | The peer address to match |
peer-local | Match local addresses (static or redistributed routes) |
prefix-filter | The prefix filter name |
probability | The probability of a match |
show | Show configuration data for 'condition' |
tag | The tag to match |
type | The condition type |
configure authority routing policy statement condition as-path-filter
The autonomous system path filter name
Usage
configure authority routing policy statement condition as-path-filter [<filter-ref>]
Positional Arguments
name | description |
---|---|
filter-ref | The value to set for this field |
Description
filter-ref (leafref)
A reference to an existing value in the instance data.
configure authority routing policy statement condition community-filter
The community filter name
Usage
configure authority routing policy statement condition community-filter [<filter-ref>]
Positional Arguments
name | description |
---|---|
filter-ref | The value to set for this field |
Description
filter-ref (leafref)
A reference to an existing value in the instance data.
configure authority routing policy statement condition extended-community-filter
The extended community filter name
Usage
configure authority routing policy statement condition extended-community-filter [<filter-ref>]
Positional Arguments
name | description |
---|---|
filter-ref | The value to set for this field |
Description
filter-ref (leafref)
A reference to an existing value in the instance data.
configure authority routing policy statement condition metric
The metric value to match on.
Usage
configure authority routing policy statement condition metric [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32
An unsigned 32-bit integer.
configure authority routing policy statement condition next-hop-interface
Name of the next hop interface to match on
Usage
configure authority routing policy statement condition next-hop-interface [<network-interface-ref>]
Positional Arguments
name | description |
---|---|
network-interface-ref | The value to set for this field |
Description
network-interface-ref (leafref)
This type is used by other entities that need to reference all configured network interfaces across all routers, nodes, and device interfaces.
configure authority routing policy statement condition next-hop-node
Name of the node the next hop interface resides on.
Usage
configure authority routing policy statement condition next-hop-node [<node-name-ref>]
Positional Arguments
name | description |
---|---|
node-name-ref | The value to set for this field |
Description
node-name-ref (leafref)
This type is used by other entities that need to reference all configured nodes across all routers.
configure authority routing policy statement condition origin
The BGP origin to match on
Usage
configure authority routing policy statement condition origin [<origin>]
Positional Arguments
name | description |
---|---|
origin | The value to set for this field |
Description
origin (enumeration)
BGP ORIGIN attribute.
Options:
- igp: Network Layer Reachability Information is interior to the originating AS.
- egp: Network Layer Reachability Information learned via the EGP protocol [RFC904].
- incomplete: Network Layer Reachability Information learned by some other means.
configure authority routing policy statement condition peer-address
The peer address to match
Usage
configure authority routing policy statement condition peer-address [<ip-address>]
Positional Arguments
name | description |
---|---|
ip-address | The value to set for this field |
Description
ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
configure authority routing policy statement condition peer-local
Match local addresses (static or redistributed routes)
Usage
configure authority routing policy statement condition peer-local
Description
empty
Has no value.
configure authority routing policy statement condition prefix-filter
The prefix filter name
Usage
configure authority routing policy statement condition prefix-filter [<filter-ref>]
Positional Arguments
name | description |
---|---|
filter-ref | The value to set for this field |
Description
filter-ref (leafref)
A reference to an existing value in the instance data.
configure authority routing policy statement condition probability
The probability of a match
Usage
configure authority routing policy statement condition probability [<percentage>]
Positional Arguments
name | description |
---|---|
percentage | The value to set for this field |
Description
percentage (uint8)
Integer indicating a percentage value
Range: 0-100
configure authority routing policy statement condition tag
The tag to match
Usage
configure authority routing policy statement condition tag [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
uint32
An unsigned 32-bit integer.
Range: 1-4294967295
configure authority routing policy statement condition type
The condition type
Usage
configure authority routing policy statement condition type [<identityref>]
Positional Arguments
name | description |
---|---|
identityref | The value to set for this field |
Description
identityref
A value from a set of predefined names.
Options:
- address-prefix-filter-condition: An IPv4 prefix filter condition on address
- next-hop-prefix-filter-condition: An IPv4 prefix filter condition on next hop
- source-prefix-filter-condition: An IPv4 prefix filter condition on route source
- address-prefix-filter-ipv6-condition: An IPv6 prefix filter condition on address
- next-hop-prefix-filter-ipv6-condition: An IPv6 prefix filter condition on next hop
- as-path-filter-condition: An autonomous path filter condition
- community-filter-condition: A community filter condition
- extended-community-filter-condition: An extended community filter condition
- next-hop-interface-condition: A next hop interface condition
- metric-condition: A metric condition
- origin-condition: An origin condition
- peer-condition: A peer condition
- probability-condition: A probablity condition
- tag-condition: A tag condition
configure authority routing policy statement name
An arbitrary identifying name
Usage
configure authority routing policy statement name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority routing policy statement policy
The policy action, accept or reject, to be returned if the conditions evaluate to true. If no conditions are given the condition evaluation is true
Usage
configure authority routing policy statement policy [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: accept
enumeration
A value from a set of predefined names.
Options:
- accept: On the conditions evaluating true execute the actions specified in the statement and terminate the policy returning accept
- reject: On the conditions evaluating true do not execute the actions specified in the statement and terminate the policy returning reject
configure authority routing resource-group
Associate this routing configuration with a top-level resource-group.
Usage
configure authority routing resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority security
The security elements represent security policies for governing how and when the SSR encrypts and/or authenticates packets.
Usage
configure authority security <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary, unique name for the security policy, used to reference it in other configuration sections. |
Subcommands
command | description |
---|---|
adaptive-encryption | Prevent packets that are detected as encrypted from being encrypted again as they pass through the router. |
delete | Delete configuration data |
description | A description of the security policy. |
encrypt | When enabled, the router will encrypt metadata (between nodes or routers) or payload (for a service or a tenant). |
encryption-cipher | Encryption cipher and mode. |
encryption-iv | The initialization vector (IV) for encryption. |
encryption-key | The encryption key for the security policy. |
hmac | Whether or not to add HMAC to a packet. |
hmac-cipher | The cipher used for generating the HMAC value inserted into metadata. |
hmac-key | The HMAC key for the security policy. |
hmac-mode | Whether or not to add HMAC to packets. |
name | An arbitrary, unique name for the security policy, used to reference it in other configuration sections. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
resource-group | Associate this security with a top-level resource-group. |
show | Show configuration data for 'security' |
configure authority security adaptive-encryption
Prevent packets that are detected as encrypted from being encrypted again as they pass through the router.
Usage
configure authority security adaptive-encryption [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority security description
A description of the security policy.
Usage
configure authority security description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority security encrypt
When enabled, the router will encrypt metadata (between nodes or routers) or payload (for a service or a tenant).
Usage
configure authority security encrypt [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority security encryption-cipher
Encryption cipher and mode.
Usage
configure authority security encryption-cipher [<encryption-cipher>]
Positional Arguments
name | description |
---|---|
encryption-cipher | The value to set for this field |
Description
Default: aes-cbc-128
encryption-cipher (enumeration)
Encryption cipher and mode.
Options:
- aes-cbc-128: AES Cipher Block Chaining 128-bit Encryption Mode.
- aes-cbc-256: AES Cipher Block Chaining 256-bit Encryption Mode.
configure authority security encryption-iv
The initialization vector (IV) for encryption.
Usage
configure authority security encryption-iv [<union>]
Positional Arguments
name | description |
---|---|
union | The value to set for this field |
Description
union
A value that corresponds to one of its member types.
Must be one of the following types:
(0) hex-string (string)
A hexadecimal string with octets represented as hex digits.
Length: 32
(1) hex-string (string)
A hexadecimal string with octets represented as hex digits separated by colons. The canonical representation uses lowercase characters.
Required format: 'XX:XX:XX:XX:XX:XX', where 'X' is a hexidecimal digit (e.g., 00:0a:95:9d:68:16). Length may vary from the example shown. Length: 47
configure authority security encryption-key
The encryption key for the security policy.
Usage
configure authority security encryption-key [<union>]
Positional Arguments
name | description |
---|---|
union | The value to set for this field |
Description
union
A value that corresponds to one of its member types.
Must be one of the following types:
(0) hex-string (string)
A hexadecimal string with octets represented as hex digits.
Length: 32,64
(1) hex-string (string)
A hexadecimal string with octets represented as hex digits separated by colons. The canonical representation uses lowercase characters.
Required format: 'XX:XX:XX:XX:XX:XX', where 'X' is a hexidecimal digit (e.g., 00:0a:95:9d:68:16). Length may vary from the example shown. Length: 47,95
configure authority security hmac
Whether or not to add HMAC to a packet.
Usage
configure authority security hmac [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
hmac
is deprecated and will be removed in a future software version
boolean
A true or false value.
Options: true or false
configure authority security hmac-cipher
The cipher used for generating the HMAC value inserted into metadata.
Usage
configure authority security hmac-cipher [<hmac-cipher>]
Positional Arguments
name | description |
---|---|
hmac-cipher | The value to set for this field |
Description
Default: sha256-128
hmac-cipher (enumeration)
HMAC cipher and mode.
Options:
- sha1: SHA1 160-bit Key Hashed Message Authentication Code Mode.
- sha256: SHA256 256-bit Key Hashed Message Authentication Code Mode.
- sha256-128: SHA256 128-bit Key Hashed Message Authentication Code Mode.
configure authority security hmac-key
The HMAC key for the security policy.
Usage
configure authority security hmac-key [<union>]
Positional Arguments
name | description |
---|---|
union | The value to set for this field |
Description
union
A value that corresponds to one of its member types.
Must be one of the following types:
(0) hex-string (string)
A hexadecimal string with octets represented as hex digits.
Length: 8,16,32,40,64
(1) hex-string (string)
A hexadecimal string with octets represented as hex digits separated by colons. The canonical representation uses lowercase characters.
Required format: 'XX:XX:XX:XX:XX:XX', where 'X' is a hexidecimal digit (e.g., 00:0a:95:9d:68:16). Length may vary from the example shown. Length: 11,23,47,59,95
configure authority security hmac-mode
Whether or not to add HMAC to packets.
Usage
configure authority security hmac-mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: time-based
enumeration
A value from a set of predefined names.
Options:
- disabled: Do not add HMAC to packets.
- regular: Add HMAC to packets.
- time-based: Add time-based HMAC to packets.
configure authority security name
An arbitrary, unique name for the security policy, used to reference it in other configuration sections.
Usage
configure authority security name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority security resource-group
Associate this security with a top-level resource-group.
Usage
configure authority security resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority service
The service configuration is where you define the services that reside within the authority's tenants as well as the policies to apply to those services.
Usage
configure authority service <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary, unique name for the service such as the domain/host name portion of the URL to reach the service. |
Subcommands
command | description |
---|---|
access-policy | List of access policies by address prefix, QSN or tenant and prefix. |
access-policy-generated | Indicates whether or not the access-policy configuration was automatically created during conductor service generation. |
address | The destination address prefix or hostname to match the route. |
application-identification | Application identification mode. |
application-name | Application name to identify application. This will be matched against the Domain Names imported via the application modules |
application-type | Use generic service behavior, or custom application specific logic. |
applies-to | Logical group to which a configuration element applies |
clone | Clone a list item |
delete | Delete configuration data |
description | A description about the service/application. |
domain-name | Domain name that identifies a service. Traffic matching this domain name will be considered to belong to this service. |
domain-name-category | Domain name categorization of this service. This will be matched against the imported categories using the domain pulled from the data stream |
dscp-range | When matched with a dscp-steering configuration in the network-interface, this dscp-range allows tunnel traffic to be matched to a more specific service via DSCP value. |
enabled | Enable/disable the service. When disabled, packets addressed to this service's address(es) will not be processed. |
fqdn-resolution-type | IP address family to use for FQDN resolutions for this service. |
generate-categories | Automatically generate category-based application identification services under this service. |
generated | Indicates whether or not the Service was automatically generated as a result of Conductor, BGP/SVR, or DHCP Relay services. |
multicast-sender-policy | List of multicast sender policies by address prefix, QSN or tenant and prefix. |
name | An arbitrary, unique name for the service such as the domain/host name portion of the URL to reach the service. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
scope | Defines whether or not tenantless sources have access to this service. |
security | The name of the security policy to use for the service |
service-group | A string used to group services together, where each service with the same string gets added to the service group. Service Groups can be referenced within the QSN to target a group of services. |
service-policy | Service policy that applies to the service. |
session-record | Settings related to session records. |
share-service-routes | Enable/disable sharing of service routes with other routers via STEP. |
show | Show configuration data for 'service' |
source-nat | Configure Source Nat |
subcategory | Subcategory of this service. This will be matched against the subcategory classification derived from the data stream. Subcategories are treated as more specific matches than its enclosing category. |
tap-multiplexing | Enable/disable tap-multiplexing on this service. |
tenant | The configured tenant. |
transport | The transport protocol(s) and port(s) for the service. |
ttl-padding | Configure Ttl Padding |
url | URL that identifies a service. Traffic matching this URL will be considered to belong to this service. |
configure authority service access-policy
List of access policies by address prefix, QSN or tenant and prefix.
Usage
configure authority service access-policy <source>
Positional Arguments
name | description |
---|---|
source | The source QSN or address(es) to which the policy applies. For a QSN, this may be a tenant, service-group, or service, or a combination there of. The following forms are valid: tenant tenant/service-group/ tenant/service-group/service tenant/service /service-group/ /service-group/service /service |
Subcommands
command | description |
---|---|
anti-virus-policy | Built-in policy for unified threat management. |
anti-virus-profile | User-defined profile for unified threat management. |
delete | Delete configuration data |
idp-policy | Built-in policy for intrusion detection prevention and monitoring. |
idp-profile | User-defined profile for intrusion detection prevention and monitoring. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
permission | Whether or not to allow access to the service. |
show | Show configuration data for 'access-policy' |
source | The source QSN or address(es) to which the policy applies. For a QSN, this may be a tenant, service-group, or service, or a combination there of. The following forms are valid: tenant tenant/service-group/ tenant/service-group/service tenant/service /service-group/ /service-group/service /service |
configure authority service access-policy anti-virus-policy
Built-in policy for unified threat management.
Usage
configure authority service access-policy anti-virus-policy [<optional-anti-virus-policy>]
Positional Arguments
name | description |
---|---|
optional-anti-virus-policy | The value to set for this field |
Description
optional-anti-virus-policy (enumeration)
Predefined policies for Unified Threat Management.
Options:
- none: No AV policy.
- default-policy: Include all protocols.
- no-ftp: Include all protocols except ftp.
- http-only: Include only http protocol.
configure authority service access-policy anti-virus-profile
User-defined profile for unified threat management.
Usage
configure authority service access-policy anti-virus-profile [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority service access-policy idp-policy
Built-in policy for intrusion detection prevention and monitoring.
Usage
configure authority service access-policy idp-policy [<optional-idp-policy>]
Positional Arguments
name | description |
---|---|
optional-idp-policy | The value to set for this field |
Description
optional-idp-policy (enumeration)
Predefined policies for intrusion detection actions
Options:
- none: No IDP policy.
- alert: A policy that only alerts.
- standard: The standard blocking and alerting policy.
- strict: A strict blocking and alerting policy.
- critical: A strict blocking and alerting policy with dynamic group critical.
configure authority service access-policy idp-profile
User-defined profile for intrusion detection prevention and monitoring.
Usage
configure authority service access-policy idp-profile [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | The value to set for this field |
Description
leafref
A reference to an existing value in the instance data.
configure authority service access-policy permission
Whether or not to allow access to the service.
Usage
configure authority service access-policy permission [<access-mode>]
Positional Arguments
name | description |
---|---|
access-mode | The value to set for this field |
Description
Default: allow
access-mode (enumeration)
Enumeration defining whether access is allowed or denied.
Options:
- allow: Allow access.
- deny: Deny access.
configure authority service access-policy source
The source QSN or address(es) to which the policy applies. For a QSN, this may be a tenant, service-group, or service, or a combination there of. The following forms are valid: tenant tenant/service-group/ tenant/service-group/service tenant/service /service-group/ /service-group/service /service
Usage
configure authority service access-policy source [<source-spec>]
Positional Arguments
name | description |
---|---|
source-spec | The value to set for this field |
Description
source-spec (union)
A source address prefix, QSN, service-group or combination of tenant-name and prefix.
Must be one of the following types:
(0) ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string):
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
(2) qsn (string)
Qualified Service Name in the form: tenant[.authority][/[service-group/]service]
Must contain only alphanumeric characters or any of the following: / . _ - Required format: 'Tenant[.Authority[/ServiceGroup[/Service]]]'. No forward slash-delimited segment can exceed 62 characters.(e.g., Engineering.Authority128/Video/private_conferencing). Length: 1-1024
(3) service-spec (string)
Service group and service name portion of a Qualified Service Name.
Must contain only alphanumeric characters or any of the following: - _ / . Required format: '/groupLabel1[/groupLabel2[/groupLabel3...]]'. No forward slash-delimited segment can exceed 62 characters. Length: 0-127
(4) tenant-prefix (string)
A string identifier for a tenant prefix. Consists of a valid tenant name, followed by @ and a valid IP Address.
Must contain a valid tenant name, followed by @ and a valid IP Address. Length: 0-280
configure authority service access-policy-generated
Indicates whether or not the access-policy configuration was automatically created during conductor service generation.
Usage
configure authority service access-policy-generated [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
boolean
A true or false value.
Options: true or false
configure authority service address
The destination address prefix or hostname to match the route.
Usage
configure authority service address [<host-prefix>]
Positional Arguments
name | description |
---|---|
host-prefix | Value to add to this list |
Description
host-prefix (union)
The host type represents either an IP prefix or a DNS domain name.
Must be one of the following types:
(0) ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string):
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
(2) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority service application-identification
Application identification mode.
Usage
configure authority service application-identification [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: inherited
enumeration
A value from a set of predefined names.
Options:
- inherited: Inherit from router level config for application identification.
- disabled: Disable application identification.
configure authority service application-name
Application name to identify application. This will be matched against the Domain Names imported via the application modules
Usage
configure authority service application-name [<glob-pattern>]
Positional Arguments
name | description |
---|---|
glob-pattern | Value to add to this list |
Description
glob-pattern (string)
A glob style pattern (following POSIX.2 fnmatch() without special treatment of file paths):
-
- matches a sequence of characters
- ? matches a single character
- [seq] matches any character in seq
- [!seq] matches any character not in seq
A backslash followed by a character matches the following character. In particular:
- * matches *
- ? matches ?
- \ matches \
A sequence seq may be a sequence of characters (e.g., [abc] or a range of characters (e.g., [a-c]).
Length: 1-18446744073709551615
configure authority service application-type
Use generic service behavior, or custom application specific logic.
Usage
configure authority service application-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: generic
enumeration
A value from a set of predefined names.
Options:
- generic: Default service handling.
- dhcp-relay: Act as a DHCP relay.
- dns-proxy: Act as a DNS Proxy.
- ftp-control: Handle FTP control traffic on this service. Pinholes for data flows will be established based on passive mode exchanges detected on the control flows.
- ftp-data: Pinhole service for FTP data flows. Must be paired with an FTP control service to be effective.
- template: Template service for hierarchical services.
configure authority service applies-to
Logical group to which a configuration element applies
Usage
configure authority service applies-to <type>
Positional Arguments
name | description |
---|---|
type | Type of group to which the configuration applies. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
group-name | Name of the router-group to which this configuration applies. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
resource-group | Name of the resource-group to which this configuration applies. |
router-name | Name of the router to which this configuration applies. |
show | Show configuration data for 'applies-to' |
type | Type of group to which the configuration applies. |
configure authority service applies-to group-name
Name of the router-group to which this configuration applies.
Usage
configure authority service applies-to group-name [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | Value to add to this list |
Description
leafref
A reference to an existing value in the instance data.
configure authority service applies-to resource-group
Name of the resource-group to which this configuration applies.
Usage
configure authority service applies-to resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority service applies-to router-name
Name of the router to which this configuration applies.
Usage
configure authority service applies-to router-name [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | Value to add to this list |
Description
leafref
A reference to an existing value in the instance data.
configure authority service applies-to type
Type of group to which the configuration applies.
Usage
configure authority service applies-to type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
enumeration
A value from a set of predefined names.
Options:
- authority: Applies to all routers in the authority.
- router: Router(s) to which the configuration applies.
- router-group: Logical group of router(s) to which the configuration applies.
- resource-group: An RBAC management group to which the configuration applies
configure authority service description
A description about the service/application.
Usage
configure authority service description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority service domain-name
Domain name that identifies a service. Traffic matching this domain name will be considered to belong to this service.
Usage
configure authority service domain-name [<glob-pattern>]
Positional Arguments
name | description |
---|---|
glob-pattern | Value to add to this list |
Description
glob-pattern (string)
A glob style pattern (following POSIX.2 fnmatch() without special treatment of file paths):
- matches a sequence of characters ? matches a single character [seq] matches any character in seq [!seq] matches any character not in seq
A backslash followed by a character matches the following character. In particular:
* matches * ? matches ? \ matches \
A sequence seq may be a sequence of characters (e.g., [abc] or a range of characters (e.g., [a-c]).
Length: 1-18446744073709551615
configure authority service domain-name-category
Domain name categorization of this service. This will be matched against the imported categories using the domain pulled from the data stream
Usage
configure authority service domain-name-category [<domain-category-type>]
Positional Arguments
name | description |
---|---|
domain-category-type | Value to add to this list |
Description
domain-category-type (string)
A domain name category type identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 20 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-20
configure authority service dscp-range
When matched with a dscp-steering configuration in the network-interface, this dscp-range allows tunnel traffic to be matched to a more specific service via DSCP value.
Usage
configure authority service dscp-range <start-value>
Positional Arguments
name | description |
---|---|
start-value | Lower DSCP number. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
end-value | Upper DSCP number. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'dscp-range' |
start-value | Lower DSCP number. |
configure authority service dscp-range end-value
Upper DSCP number.
Usage
configure authority service dscp-range end-value [<dscp-end-value>]
Positional Arguments
name | description |
---|---|
dscp-end-value | The value to set for this field |
Description
dscp-end-value (uint8)
Upper dscp range value. Default value is the start dscp value
Range: 0-63
configure authority service dscp-range start-value
Lower DSCP number.
Usage
configure authority service dscp-range start-value [<dscp>]
Positional Arguments
name | description |
---|---|
dscp | The value to set for this field |
Description
dscp (uint8) (required)
A DSCP value (0-63)
Range: 0-63
configure authority service enabled
Enable/disable the service. When disabled, packets addressed to this service's address(es) will not be processed.
Usage
configure authority service enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority service fqdn-resolution-type
IP address family to use for FQDN resolutions for this service.
Usage
configure authority service fqdn-resolution-type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: v4
enumeration
A value from a set of predefined names.
Options:
- v4: Resolve FQDNs as IPv4 addresses only.
- v6: Resolve FQDNs as IPv6 addresses only.
configure authority service generate-categories
Automatically generate category-based application identification services under this service.
Usage
configure authority service generate-categories [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority service generated
Indicates whether or not the Service was automatically generated as a result of Conductor, BGP/SVR, or DHCP Relay services.
Usage
configure authority service generated [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
boolean
A true or false value.
Options: true or false
configure authority service multicast-sender-policy
List of multicast sender policies by address prefix, QSN or tenant and prefix.
Usage
configure authority service multicast-sender-policy <source>
Positional Arguments
name | description |
---|---|
source | The source QSN or address(es) to which the policy applies. For a QSN, this may be a tenant, service-group, or service, or a combination there of. The following forms are valid: tenant tenant/service-group/ tenant/service-group/service tenant/service /service-group/ /service-group/service /service |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
permission | Whether or not to allow access to the service. |
show | Show configuration data for 'multicast-sender-policy' |
source | The source QSN or address(es) to which the policy applies. For a QSN, this may be a tenant, service-group, or service, or a combination there of. The following forms are valid: tenant tenant/service-group/ tenant/service-group/service tenant/service /service-group/ /service-group/service /service |
configure authority service multicast-sender-policy permission
Whether or not to allow access to the service.
Usage
configure authority service multicast-sender-policy permission [<access-mode>]
Positional Arguments
name | description |
---|---|
access-mode | The value to set for this field |
Description
Default: allow
access-mode (enumeration)
Enumeration defining whether access is allowed or denied.
Options:
- allow: Allow access.
- deny: Deny access.
configure authority service multicast-sender-policy source
The source QSN or address(es) to which the policy applies. For a QSN, this may be a tenant, service-group, or service, or a combination there of. The following forms are valid: tenant tenant/service-group/ tenant/service-group/service tenant/service /service-group/ /service-group/service /service
Usage
configure authority service multicast-sender-policy source [<source-spec>]
Positional Arguments
name | description |
---|---|
source-spec | The value to set for this field |
Description
source-spec (union)
A source address prefix, QSN, service-group or combination of tenant-name and prefix.
Must be one of the following types:
(0) ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string):
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
(2) qsn (string)
Qualified Service Name in the form: tenant[.authority][/[service-group/]service]
Must contain only alphanumeric characters or any of the following: / . _ - Required format: 'Tenant[.Authority[/ServiceGroup[/Service]]]'. No forward slash-delimited segment can exceed 62 characters.(e.g., Engineering.Authority128/Video/private_conferencing). Length: 1-1024
(3) service-spec (string)
Service group and service name portion of a Qualified Service Name.
Must contain only alphanumeric characters or any of the following: - _ / . Required format: '/groupLabel1[/groupLabel2[/groupLabel3...]]'. No forward slash-delimited segment can exceed 62 characters. Length: 0-127
(4) tenant-prefix (string)
A string identifier for a tenant prefix. Consists of a valid tenant name, followed by @ and a valid IP Address.
Must contain a valid tenant name, followed by @ and a valid IP Address. Length: 0-280
configure authority service name
An arbitrary, unique name for the service such as the domain/host name portion of the URL to reach the service.
Usage
configure authority service name [<service-name>]
Positional Arguments
name | description |
---|---|
service-name | The value to set for this field |
Description
service-name (string)
A service name identifier which only uses alphanumerics, underscores, dots, or dashes, and cannot exceed 255 characters.
Must contain only alphanumeric characters or any of the following: _.- Length: 0-255
configure authority service scope
Defines whether or not tenantless sources have access to this service.
Usage
configure authority service scope [<service-scope>]
Positional Arguments
name | description |
---|---|
service-scope | The value to set for this field |
Description
Default: private
service-scope (enumeration)
Enumeration defining whether a service scope is public or private
Options:
- public: Everyone allowed in the absence of access policy that restricts it. Shared on public interfaces.
- private: Restricted to the access policy of the service. Shared with other routers in the authority.
configure authority service security
The name of the security policy to use for the service
Usage
configure authority service security [<security-ref>]
Positional Arguments
name | description |
---|---|
security-ref | The value to set for this field |
Description
security-ref (leafref)
This type is used by other entities that need to reference configured security policies.
configure authority service service-group
A string used to group services together, where each service with the same string gets added to the service group. Service Groups can be referenced within the QSN to target a group of services.
Usage
configure authority service service-group [<service-group>]
Positional Arguments
name | description |
---|---|
service-group | The value to set for this field |
Description
service-group (string)
A string identifier for a service group.
Must contain only alphanumeric characters or any of the following: - _ / . Required format: 'groupLabel1[/groupLabel2[/groupLabel3...]]'. No forward slash-delimited segment can exceed 62 characters. Length: 0-127
configure authority service service-policy
Service policy that applies to the service.
Usage
configure authority service service-policy [<service-policy-ref>]
Positional Arguments
name | description |
---|---|
service-policy-ref | The value to set for this field |
Description
service-policy-ref (leafref)
This type is used by other entities that need to reference configured service policies.
configure authority service session-record
Settings related to session records.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
include-hierarchical-services | Enable/disable session-record-profile inheritance to ancestor hierarchical services. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
profile | The session record profile to use. |
show | Show configuration data for 'session-record' |
configure authority service session-record include-hierarchical-services
Enable/disable session-record-profile inheritance to ancestor hierarchical services.
Usage
configure authority service session-record include-hierarchical-services [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority service session-record profile
The session record profile to use.
Usage
configure authority service session-record profile [<session-record-profile-name>]
Positional Arguments
name | description |
---|---|
session-record-profile-name | The value to set for this field |
Description
session-record-profile-name (string)
A text value.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-15
configure authority service share-service-routes
Enable/disable sharing of service routes with other routers via STEP.
Usage
configure authority service share-service-routes [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority service source-nat
Configure Source Nat
Usage
configure authority service source-nat [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: network-interface
enumeration
A value from a set of predefined names.
Options:
- network-interface: Use source-nat settings of egress network-interface
- disabled: Disable source nat for this service
configure authority service subcategory
Subcategory of this service. This will be matched against the subcategory classification derived from the data stream. Subcategories are treated as more specific matches than its enclosing category.
Usage
configure authority service subcategory [<string>]
Positional Arguments
name | description |
---|---|
string | Value to add to this list |
Description
string
A text value.
configure authority service tap-multiplexing
Enable/disable tap-multiplexing on this service.
Usage
configure authority service tap-multiplexing [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority service tenant
The configured tenant.
Usage
configure authority service tenant [<tenant-ref>]
Positional Arguments
name | description |
---|---|
tenant-ref | The value to set for this field |
Description
tenant
is deprecated and will be removed in a future software version
tenant-ref (leafref)
This type is used by other entities that need to reference configured tenants.
configure authority service transport
The transport protocol(s) and port(s) for the service.
Usage
configure authority service transport <protocol>
Positional Arguments
name | description |
---|---|
protocol | Layer 4 transport protocol. |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
port-range | Configure Port Range |
protocol | Layer 4 transport protocol. |
show | Show configuration data for 'transport' |
configure authority service transport port-range
Configure Port Range
Usage
configure authority service transport port-range <start-port>
Positional Arguments
name | description |
---|---|
start-port | Lower transport (layer 4) port number. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
end-port | Upper transport (layer 4) port number. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'port-range' |
start-port | Lower transport (layer 4) port number. |
configure authority service transport port-range end-port
Upper transport (layer 4) port number.
Usage
configure authority service transport port-range end-port [<end-port>]
Positional Arguments
name | description |
---|---|
end-port | The value to set for this field |
Description
end-port (uint16)
Upper transport (layer 4) port number. Default value is the start-port
Range: 0-65535
configure authority service transport port-range start-port
Lower transport (layer 4) port number.
Usage
configure authority service transport port-range start-port [<l4-port>]
Positional Arguments
name | description |
---|---|
l4-port | The value to set for this field |
Description
l4-port (uint16) (required)
Transport (layer 4) port number.
Range: 0-65535
configure authority service transport protocol
Layer 4 transport protocol.
Usage
configure authority service transport protocol [<protocol>]
Positional Arguments
name | description |
---|---|
protocol | The value to set for this field |
Description
protocol (enumeration)
Transport (Layer 4) protocol.
Options:
- tcp: Transmission Control Protocol.
- udp: User Datagram Protocol.
- icmp: Internet Control Management Protocol.
- gre: Generic Routing Encapsulation Protocol.
- esp: IPSec Encapsulating Security Payload Protocol.
- pim: Protocol Independent Multicast.
configure authority service ttl-padding
Configure Ttl Padding
Usage
configure authority service ttl-padding [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: neighborhood
enumeration
A value from a set of predefined names.
Options:
- neighborhood: Use ttl-padding settings of the neighborhood
- disabled: Disable ttl-padding for this service
configure authority service url
URL that identifies a service. Traffic matching this URL will be considered to belong to this service.
Usage
configure authority service url [<glob-pattern>]
Positional Arguments
name | description |
---|---|
glob-pattern | Value to add to this list |
Description
glob-pattern (string)
A glob style pattern (following POSIX.2 fnmatch() without special treatment of file paths):
- matches a sequence of characters ? matches a single character [seq] matches any character in seq [!seq] matches any character not in seq
A backslash followed by a character matches the following character. In particular:
* matches * ? matches ? \ matches \
A sequence seq may be a sequence of characters (e.g., [abc] or a range of characters (e.g., [a-c]).
Length: 1-18446744073709551615
configure authority service-class
Defines the association between DSCP value and a priority queue.
Usage
configure authority service-class <name>
Positional Arguments
name | description |
---|---|
name | Configure Name |
Subcommands
command | description |
---|---|
aggregate-rate-limit-policy | Apply this rate limiting policy for all incoming traffic for services associated with this service-class. |
delete | Delete configuration data |
description | A description of the service class. |
dscp | The DSCP value assigned to this service class to mark egress packets with. |
max-flow-burst | Limit the maximum burst size of each flow of this service class to this value. |
max-flow-rate | Limit the maximum rate of each flow of this service class to this value. |
name | Configure Name |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
rate-limit | Enable/disable rate limiting for flows of this service class. |
resource-group | Associate this service class with a top-level resource-group. |
show | Show configuration data for 'service-class' |
traffic-class | The traffic-class assigned to this service class. Governs the treatment for the traffic. |
configure authority service-class aggregate-rate-limit-policy
Apply this rate limiting policy for all incoming traffic for services associated with this service-class.
Usage
configure authority service-class aggregate-rate-limit-policy [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority service-class description
A description of the service class.
Usage
configure authority service-class description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority service-class dscp
The DSCP value assigned to this service class to mark egress packets with.
Usage
configure authority service-class dscp [<dscp>]
Positional Arguments
name | description |
---|---|
dscp | The value to set for this field |
Description
dscp (uint8) (required)
The dscp type represents a Differentiated Services Code-Point that may be used for marking packets in a traffic stream.
In the value set and its semantics, this type is equivalent to the Dscp textual convention of the SMIv2.
Range: 0-63
configure authority service-class max-flow-burst
Limit the maximum burst size of each flow of this service class to this value.
Usage
configure authority service-class max-flow-burst [<uint64>]
Positional Arguments
name | description |
---|---|
uint64 | The value to set for this field |
Description
Units: bits
Default: 0
uint64
An unsigned 64-bit integer.
configure authority service-class max-flow-rate
Limit the maximum rate of each flow of this service class to this value.
Usage
configure authority service-class max-flow-rate [<uint64>]
Positional Arguments
name | description |
---|---|
uint64 | The value to set for this field |
Description
Units: bits/second
Default: 0
uint64
An unsigned 64-bit integer.
Range: 0-107374182400
configure authority service-class name
Configure Name
Usage
configure authority service-class name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority service-class rate-limit
Enable/disable rate limiting for flows of this service class.
Usage
configure authority service-class rate-limit [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority service-class resource-group
Associate this service class with a top-level resource-group.
Usage
configure authority service-class resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority service-class traffic-class
The traffic-class assigned to this service class. Governs the treatment for the traffic.
Usage
configure authority service-class traffic-class [<traffic-class-id>]
Positional Arguments
name | description |
---|---|
traffic-class-id | The value to set for this field |
Description
traffic-class-id (enumeration)
Relative priority of traffic.
Options:
- high: High priority traffic class.
- medium: Medium priority traffic class.
- low: Low priority traffic class.
- best-effort: Best-effort priority traffic class.
configure authority service-policy
A service policy, which defines parameters applied to services that reference the policy
Usage
configure authority service-policy <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary, unique name for the service policy. |
Subcommands
command | description |
---|---|
applies-to | Logical group to which a configuration element applies |
best-effort | Enable/disable filtering out paths that exceed the acceptable SLA threshold. When enabled, even if all paths do not meet the acceptable SLA threshold, they will be used as a best-effort |
best-path-criteria | This defines the criteria for selecting best paths for the service. |
clone | Clone a list item |
delete | Delete configuration data |
description | A description of the service policy. |
forward-error-correction-profile | Parameters for Forward Error Correction. |
generated | Indicates whether or not the Service Policy was automatically generated as a result of Conductor services. |
ingress-source-nat | Controls the ingress source nat treatment for the service |
lb-strategy | Defines load balancing strategy to distribute traffic to service routes of services assigned this policy. |
max-jitter | Maximum acceptable jitter for services that use this service class. |
max-latency | Maximum acceptable latency for services that use this service class. |
max-loss | The acceptable threshold of packet loss for services that use this service class. |
min-mos | Minimum acceptable Mean Opinion Score (MOS) for services that use thus service class |
move | Move list items |
name | An arbitrary, unique name for the service policy. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
packet-resiliency | Types of packet resiliency govern how the SSR provides resilience for packets in the event of network loss. |
path-quality-filter | Enable/disable filtering out paths that exceed maximum quality limits. |
peer-path-resiliency | Whether or not session resiliency failover occurs among multiple peers. |
qp-preference | Preference for ordering interfaces by QP values. |
required-qp | Minimum quality points required on network interface. |
service-class | A reference to the name of the service class to use. |
session-resiliency | Types of session resiliency govern how the SSR provides resilience for sessions in the event of network issues that would cause it to choose a new path for active traffic processing. |
show | Show configuration data for 'service-policy' |
transport-state-enforcement | The level of enforcement applied to the transport layer. Governs the behavior of the TCP state machine when processing packets. |
vector | List of vectors to prefer/avoid for the service. |
configure authority service-policy applies-to
Logical group to which a configuration element applies
Usage
configure authority service-policy applies-to <type>
Positional Arguments
name | description |
---|---|
type | Type of group to which the configuration applies. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
group-name | Name of the router-group to which this configuration applies. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
resource-group | Name of the resource-group to which this configuration applies. |
router-name | Name of the router to which this configuration applies. |
show | Show configuration data for 'applies-to' |
type | Type of group to which the configuration applies. |
configure authority service-policy applies-to group-name
Name of the router-group to which this configuration applies.
Usage
configure authority service-policy applies-to group-name [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | Value to add to this list |
Description
leafref
A reference to an existing value in the instance data.
configure authority service-policy applies-to resource-group
Name of the resource-group to which this configuration applies.
Usage
configure authority service-policy applies-to resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority service-policy applies-to router-name
Name of the router to which this configuration applies.
Usage
configure authority service-policy applies-to router-name [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | Value to add to this list |
Description
leafref
A reference to an existing value in the instance data.
configure authority service-policy applies-to type
Type of group to which the configuration applies.
Usage
configure authority service-policy applies-to type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
enumeration
A value from a set of predefined names.
Options:
- authority: Applies to all routers in the authority.
- router: Router(s) to which the configuration applies.
- router-group: Logical group of router(s) to which the configuration applies.
- resource-group: An RBAC management group to which the configuration applies
configure authority service-policy best-effort
Enable/disable filtering out paths that exceed the acceptable SLA threshold. When enabled, even if all paths do not meet the acceptable SLA threshold, they will be used as a best-effort
Usage
configure authority service-policy best-effort [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority service-policy best-path-criteria
This defines the criteria for selecting best paths for the service.
Usage
configure authority service-policy best-path-criteria [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: vector
enumeration
A value from a set of predefined names.
Options:
- vector: Path with best vector cost is selected.
- average-latency: Path with the lowest rolling average latency is selected.
- mos: Path with the best Mean Opinion Score (MOS) score is selected.
configure authority service-policy description
A description of the service policy.
Usage
configure authority service-policy description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority service-policy forward-error-correction-profile
Parameters for Forward Error Correction.
Usage
configure authority service-policy forward-error-correction-profile [<fec-profile-ref>]
Positional Arguments
name | description |
---|---|
fec-profile-ref | The value to set for this field |
Description
fec-profile-ref (leafref)
This type is used by other entities that need to reference configured Forward Error Correction profiles.
configure authority service-policy generated
Indicates whether or not the Service Policy was automatically generated as a result of Conductor services.
Usage
configure authority service-policy generated [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
boolean
A true or false value.
Options: true or false
configure authority service-policy ingress-source-nat
Controls the ingress source nat treatment for the service
Usage
configure authority service-policy ingress-source-nat [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: network-interface
enumeration
A value from a set of predefined names.
Options:
- network-interface: Use source-nat settings of ingress network-interface
- disabled: Disable ingress source nat for this service
configure authority service-policy lb-strategy
Defines load balancing strategy to distribute traffic to service routes of services assigned this policy.
Usage
configure authority service-policy lb-strategy [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: hunt
enumeration
A value from a set of predefined names.
Options:
- hunt: Servers are chosen in order with highest capacity first.
- proportional: Traffic is distributed evenly to all servers weighted by capacity.
configure authority service-policy max-jitter
Maximum acceptable jitter for services that use this service class.
Usage
configure authority service-policy max-jitter [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 100
uint32
An unsigned 32-bit integer.
configure authority service-policy max-latency
Maximum acceptable latency for services that use this service class.
Usage
configure authority service-policy max-latency [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: milliseconds
Default: 250
uint32
An unsigned 32-bit integer.
configure authority service-policy max-loss
The acceptable threshold of packet loss for services that use this service class.
Usage
configure authority service-policy max-loss [<decimal64>]
Positional Arguments
name | description |
---|---|
decimal64 | The value to set for this field |
Description
Units: percent
Default: 0.5
decimal64
A 64-bit decimal value.
Range: 0-100 Fraction digits: 16
configure authority service-policy min-mos
Minimum acceptable Mean Opinion Score (MOS) for services that use thus service class
Usage
configure authority service-policy min-mos [<union>]
Positional Arguments
name | description |
---|---|
union | The value to set for this field |
Description
Default: disabled
union
A value that corresponds to one of its member types.
Must be one of the following types:
(0) enumeration
A value from a set of predefined names.
Options:
- disabled:
(1) decimal64
A 64-bit decimal value.
Range: 1.0-5.0 Fraction digits: 2
configure authority service-policy name
An arbitrary, unique name for the service policy.
Usage
configure authority service-policy name [<service-policy-name>]
Positional Arguments
name | description |
---|---|
service-policy-name | The value to set for this field |
Description
service-policy-name (string)
A service policy name identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority service-policy packet-resiliency
Types of packet resiliency govern how the SSR provides resilience for packets in the event of network loss.
Usage
configure authority service-policy packet-resiliency [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: none
enumeration
A value from a set of predefined names.
Options:
- none: No resiliency for packet loss.
- packet-retransmission: Enable packet loss detection. Lost packets within buffer are retransmitted.
- packet-retransmission-with-dpi: Enable packet loss detection. Lost packets within buffer are retransmitted. Additionally, if the service traffic is contained within a tunnel, apply packet retransmission to individual sessions within the tunnel.
- forward-error-correction: Enable Forward Error Correction, which will send parity packets to reconstruct lost packets.
configure authority service-policy path-quality-filter
Enable/disable filtering out paths that exceed maximum quality limits.
Usage
configure authority service-policy path-quality-filter [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority service-policy peer-path-resiliency
Whether or not session resiliency failover occurs among multiple peers.
Usage
configure authority service-policy peer-path-resiliency [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority service-policy qp-preference
Preference for ordering interfaces by QP values.
Usage
configure authority service-policy qp-preference [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: highest
qp-preference
is deprecated and will be removed in a future software version
enumeration
A value from a set of predefined names.
Options:
- lowest: Order interfaces from lowest to highest qualifying QP value.
- highest: Order interfaces from highest to lowest qualifying QP value.
configure authority service-policy required-qp
Minimum quality points required on network interface.
Usage
configure authority service-policy required-qp [<uint32>]
Positional Arguments
name | description |
---|---|
uint32 | The value to set for this field |
Description
Units: points
Default: 0
required-qp
is deprecated and will be removed in a future software version
uint32
An unsigned 32-bit integer.
configure authority service-policy service-class
A reference to the name of the service class to use.
Usage
configure authority service-policy service-class [<service-class-ref>]
Positional Arguments
name | description |
---|---|
service-class-ref | The value to set for this field |
Description
service-class-ref (leafref)
This type is used by other entities that need to reference configured service classes.
configure authority service-policy session-resiliency
Types of session resiliency govern how the SSR provides resilience for sessions in the event of network issues that would cause it to choose a new path for active traffic processing.
Usage
configure authority service-policy session-resiliency [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: none
enumeration
A value from a set of predefined names.
Options:
- none: No failover support when path goes down.
- failover: Fail over the session to use a secondary path when the best path goes down due to link failure or unacceptable path quality values. This session will stay on the secondary path and will not switch back unless the secondary path itself goes down.
- revertible-failover: Fail over the session to use a secondary path when the best path goes down due to link failure or unacceptable path quality values. This session will revert back to the best path if it comes back up or is within permissible path quality values.
- packet-duplication: Duplicate packets across all multihomed-paths to another router. Only one set of packets will be sent to the final destination.
- packet-retransmission: Enable packet loss detection. Lost packets within buffer are retransmitted.
- packet-retransmission-with-dpi: Enable packet loss detection. Lost packets within buffer are retransmitted. Additionally, if the service traffic is contained within a tunnel, apply packet retransmission to individual sessions within the tunnel.
configure authority service-policy transport-state-enforcement
The level of enforcement applied to the transport layer. Governs the behavior of the TCP state machine when processing packets.
Usage
configure authority service-policy transport-state-enforcement [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: reset
enumeration
A value from a set of predefined names.
Options:
- allow: TCP non-syn first packets are allowed, as well as packets that do not conform to the TCP state machine.
- block: TCP non-syn first packets are blocked, and packets that do not conform to the TCP state machine are dropped.
- reset: TCP non-syn first packets cause a reset on the session and packets that do not conform to the TCP state machine are dropped.
- strict: TCP non-syn first packets cause a reset on the session, packets that do not conform to the TCP state machine are dropped, and packets that do not conform to sequence checking are dropped.
configure authority service-policy vector
List of vectors to prefer/avoid for the service.
Usage
configure authority service-policy vector <name>
Positional Arguments
name | description |
---|---|
name | Name of the vector. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
name | Name of the vector. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
priority | Priority value for the paths with the vector. |
show | Show configuration data for 'vector' |
Description
The order of elements matters.
configure authority service-policy vector name
Name of the vector.
Usage
configure authority service-policy vector name [<vector-name>]
Positional Arguments
name | description |
---|---|
vector-name | The value to set for this field |
Description
vector-name (string)
A text value.
Must contain only alphanumeric characters or any of the following: . _ - Length: 0-63
configure authority service-policy vector priority
Priority value for the paths with the vector.
Usage
configure authority service-policy vector priority [<vector-priority>]
Positional Arguments
name | description |
---|---|
vector-priority | The value to set for this field |
Description
vector-priority (union)
A type for defining priorities for vector use.
Must be one of the following types:
(0) uint32
An unsigned 32-bit integer.
Range: 1-999999
(1) enumeration
A value from a set of predefined names.
Options:
- ordered: priority value determined by ordinal position
- never: paths with the vector are not used
configure authority session-record-profile
A profile to describe how to collect session records.
Usage
configure authority session-record-profile <name>
Positional Arguments
name | description |
---|---|
name | The name of session record profile. |
Subcommands
command | description |
---|---|
applies-to | Logical group to which a configuration element applies |
clone | Clone a list item |
delete | Delete configuration data |
enabled | Whether to enable session records for this service |
include-modify-record | Whether to include the modify record. |
include-start-record | Whether to include the start record. |
intermediate-records | Configuration for intermediate records. |
name | The name of session record profile. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'session-record-profile' |
configure authority session-record-profile applies-to
Logical group to which a configuration element applies
Usage
configure authority session-record-profile applies-to <type>
Positional Arguments
name | description |
---|---|
type | Type of group to which the configuration applies. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
group-name | Name of the router-group to which this configuration applies. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
resource-group | Name of the resource-group to which this configuration applies. |
router-name | Name of the router to which this configuration applies. |
show | Show configuration data for 'applies-to' |
type | Type of group to which the configuration applies. |
configure authority session-record-profile applies-to group-name
Name of the router-group to which this configuration applies.
Usage
configure authority session-record-profile applies-to group-name [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | Value to add to this list |
Description
leafref
A reference to an existing value in the instance data.
configure authority session-record-profile applies-to resource-group
Name of the resource-group to which this configuration applies.
Usage
configure authority session-record-profile applies-to resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority session-record-profile applies-to router-name
Name of the router to which this configuration applies.
Usage
configure authority session-record-profile applies-to router-name [<leafref>]
Positional Arguments
name | description |
---|---|
leafref | Value to add to this list |
Description
leafref
A reference to an existing value in the instance data.
configure authority session-record-profile applies-to type
Type of group to which the configuration applies.
Usage
configure authority session-record-profile applies-to type [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
enumeration
A value from a set of predefined names.
Options:
- authority: Applies to all routers in the authority.
- router: Router(s) to which the configuration applies.
- router-group: Logical group of router(s) to which the configuration applies.
- resource-group: An RBAC management group to which the configuration applies
configure authority session-record-profile enabled
Whether to enable session records for this service
Usage
configure authority session-record-profile enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority session-record-profile include-modify-record
Whether to include the modify record.
Usage
configure authority session-record-profile include-modify-record [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority session-record-profile include-start-record
Whether to include the start record.
Usage
configure authority session-record-profile include-start-record [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority session-record-profile intermediate-records
Configuration for intermediate records.
Subcommands
command | description |
---|---|
delete | Delete configuration data |
enabled | Enable/disable intermediate records |
interval | Interval in which to send intermediate records. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'intermediate-records' |
configure authority session-record-profile intermediate-records enabled
Enable/disable intermediate records
Usage
configure authority session-record-profile intermediate-records enabled [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: true
boolean
A true or false value.
Options: true or false
configure authority session-record-profile intermediate-records interval
Interval in which to send intermediate records.
Usage
configure authority session-record-profile intermediate-records interval [<duration>]
Positional Arguments
name | description |
---|---|
duration | The value to set for this field |
Description
Default: 3m
duration (string)
A simple time duration. Valid units are s - seconds, m - minutes, h - hours, and d - days: 5s, 10m, 24h, 15d
Must be a duration with units of seconds, minutes, hours, or days. e.g. 5s, 10m, 23h, 5d
configure authority session-record-profile name
The name of session record profile.
Usage
configure authority session-record-profile name [<short-name-id>]
Positional Arguments
name | description |
---|---|
short-name-id | The value to set for this field |
Description
short-name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 15 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-15
configure authority session-records
Configure Session Records
Subcommands
command | description |
---|---|
delete | Delete configuration data |
include-error-records | Whether to enable session records for session errors |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'session-records' |
configure authority session-records include-error-records
Whether to enable session records for session errors
Usage
configure authority session-records include-error-records [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
boolean
A true or false value.
Options: true or false
configure authority session-recovery-detection
Configure Session Recovery Detection
Subcommands
command | description |
---|---|
delete | Delete configuration data |
inactivity-timeout | How long the flow must remain idle before session recovery detection will trigger. |
mode | What mode to enable session recovery detection. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'session-recovery-detection' |
configure authority session-recovery-detection inactivity-timeout
How long the flow must remain idle before session recovery detection will trigger.
Usage
configure authority session-recovery-detection inactivity-timeout [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 5
uint16
An unsigned 16-bit integer.
Range: 1-30
configure authority session-recovery-detection mode
What mode to enable session recovery detection.
Usage
configure authority session-recovery-detection mode [<enumeration>]
Positional Arguments
name | description |
---|---|
enumeration | The value to set for this field |
Description
Default: packet-based
enumeration
A value from a set of predefined names.
Options:
- packet-based: Detect sessions needing recovery due to unsolicited packets.
- inactivity-based: Detect sessions needing recovery due to session inactivity.
configure authority session-type
Type of session classification based on protocol and port, and associates it with a default class of service.
Usage
configure authority session-type <name>
Positional Arguments
name | description |
---|---|
name | The name of the session type. |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
description | A description of the session type. |
initial-timeout | The inactivity timeout for sessions that are not yet established. |
name | The name of the session type. |
nat-keep-alive | Enable/disable generation of NAT keep-alives for sessions of this type if the functionality is enabled in the neighborhood |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
resource-group | Associate this session type with a top-level resource-group. |
service-class | The service class this type belongs to. |
show | Show configuration data for 'session-type' |
timeout | The inactivity timeout for sessions of this type. |
transport | The transport protocol(s) and port(s) for the session type. |
configure authority session-type description
A description of the session type.
Usage
configure authority session-type description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority session-type initial-timeout
The inactivity timeout for sessions that are not yet established.
Usage
configure authority session-type initial-timeout [<uint64>]
Positional Arguments
name | description |
---|---|
uint64 | The value to set for this field |
Description
Units: milliseconds
Default: 10000
uint64
An unsigned 64-bit integer.
configure authority session-type name
The name of the session type.
Usage
configure authority session-type name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority session-type nat-keep-alive
Enable/disable generation of NAT keep-alives for sessions of this type if the functionality is enabled in the neighborhood
Usage
configure authority session-type nat-keep-alive [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
Default: false
boolean
A true or false value.
Options: true or false
configure authority session-type resource-group
Associate this session type with a top-level resource-group.
Usage
configure authority session-type resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority session-type service-class
The service class this type belongs to.
Usage
configure authority session-type service-class [<service-class-ref>]
Positional Arguments
name | description |
---|---|
service-class-ref | The value to set for this field |
Description
service-class-ref (leafref) (required)
This type is used by other entities that need to reference configured service classes.
configure authority session-type timeout
The inactivity timeout for sessions of this type.
Usage
configure authority session-type timeout [<uint64>]
Positional Arguments
name | description |
---|---|
uint64 | The value to set for this field |
Description
Units: milliseconds
Default: 180000
uint64
An unsigned 64-bit integer.
configure authority session-type transport
The transport protocol(s) and port(s) for the session type.
Usage
configure authority session-type transport <protocol>
Positional Arguments
name | description |
---|---|
protocol | Layer 4 transport protocol. |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
port-range | Configure Port Range |
protocol | Layer 4 transport protocol. |
show | Show configuration data for 'transport' |
configure authority session-type transport port-range
Configure Port Range
Usage
configure authority session-type transport port-range <start-port>
Positional Arguments
name | description |
---|---|
start-port | Lower transport (layer 4) port number. |
Subcommands
command | description |
---|---|
delete | Delete configuration data |
end-port | Upper transport (layer 4) port number. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'port-range' |
start-port | Lower transport (layer 4) port number. |
configure authority session-type transport port-range end-port
Upper transport (layer 4) port number.
Usage
configure authority session-type transport port-range end-port [<end-port>]
Positional Arguments
name | description |
---|---|
end-port | The value to set for this field |
Description
end-port (uint16)
Upper transport (layer 4) port number. Default value is the start-port
Range: 0-65535
configure authority session-type transport port-range start-port
Lower transport (layer 4) port number.
Usage
configure authority session-type transport port-range start-port [<l4-port>]
Positional Arguments
name | description |
---|---|
l4-port | The value to set for this field |
Description
l4-port (uint16) (required)
Transport (layer 4) port number.
Range: 0-65535
configure authority session-type transport protocol
Layer 4 transport protocol.
Usage
configure authority session-type transport protocol [<protocol>]
Positional Arguments
name | description |
---|---|
protocol | The value to set for this field |
Description
protocol (enumeration)
Transport (Layer 4) protocol.
Options:
- tcp: Transmission Control Protocol.
- udp: User Datagram Protocol.
- icmp: Internet Control Management Protocol.
- gre: Generic Routing Encapsulation Protocol.
- esp: IPSec Encapsulating Security Payload Protocol.
- pim: Protocol Independent Multicast.
configure authority software-access
Configuration for SSR software access for the authority. Supported on managed assets only.
Subcommands
command | description |
---|---|
channel | The software access channel to use. The channel will only grant access to software which is permitted for the given software access username and token. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
rpm-channel | The software access RPM channel to use. The RPM channel will override the authority channel for repositories providing RPMs. The channel will only grant access to software which is permitted for the given software access username and token. |
show | Show configuration data for 'software-access' |
ssr-image-channel | The software access SSR image channel to use. The SSR image channel will override the authority channel for repositories providing SSR images. The channel will only grant access to software which is permitted for the given software access username and token. |
token | The authority software access token. |
username | The authority software access username. |
configure authority software-access channel
The software access channel to use. The channel will only grant access to software which is permitted for the given software access username and token.
Usage
configure authority software-access channel [<software-access-channel>]
Positional Arguments
name | description |
---|---|
software-access-channel | The value to set for this field |
Description
Default: release
software-access-channel (enumeration)
The software access channels.
Options:
- prealpha: Enable access to software in the prealpha channel.
- alpha: Enable access to software in the alpha channel.
- beta: Enable access to software in the beta channel.
- release: Enable access to software in the release channel.
configure authority software-access rpm-channel
The software access RPM channel to use. The RPM channel will override the authority channel for repositories providing RPMs. The channel will only grant access to software which is permitted for the given software access username and token.
Usage
configure authority software-access rpm-channel [<software-access-channel-override>]
Positional Arguments
name | description |
---|---|
software-access-channel-override | The value to set for this field |
Description
Default: use-software-access-channel
software-access-channel-override (enumeration)
The software access channel overrides.
Options:
- use-software-access-channel: Use the configured channel.
- prealpha: Override the configured channel with the prealpha channel.
- alpha: Override the configured channel with the alpha channel.
- beta: Override the configured channel with the beta channel.
- release: Override the configured channel with the release channel.
configure authority software-access ssr-image-channel
The software access SSR image channel to use. The SSR image channel will override the authority channel for repositories providing SSR images. The channel will only grant access to software which is permitted for the given software access username and token.
Usage
configure authority software-access ssr-image-channel [<software-access-channel-override>]
Positional Arguments
name | description |
---|---|
software-access-channel-override | The value to set for this field |
Description
Default: use-software-access-channel
software-access-channel-override (enumeration)
The software access channel overrides.
Options:
- use-software-access-channel Use the configured channel.
- prealpha Override the configured channel with the prealpha channel.
- alpha Override the configured channel with the alpha channel.
- beta Override the configured channel with the beta channel.
- release Override the configured channel with the release channel.
configure authority software-access token
The authority software access token.
Usage
configure authority software-access token [<software-access-token>]
Positional Arguments
name | description |
---|---|
software-access-token | The value to set for this field |
Description
software-access-token (string)
The software access token.
Must not contain whitespace in the software access token.
configure authority software-access username
The authority software access username.
Usage
configure authority software-access username [<software-access-username>]
Positional Arguments
name | description |
---|---|
software-access-username | The value to set for this field |
Description
software-access-username (string)
The software access username.
Must not contain a colon or whitespace in the software access username.
configure authority software-access
Configuration for SSR software access for the authority. Supported on managed assets only.
Subcommands
command | description |
---|---|
channel | The software access channel to use. The channel will only grant access to software which is permitted for the given software access username and token. |
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
rpm-channel | The software access RPM channel to use. The RPM channel will override the authority channel for repositories providing RPMs. The channel will only grant access to software which is permitted for the given software access username and token. |
show | Show configuration data for 'software-access' |
ssr-image-channel | The software access SSR image channel to use. The SSR image channel will override the authority channel for repositories providing SSR images. The channel will only grant access to software which is permitted for the given software access username and token. |
token | The authority software access token. |
username | The authority software access username. |
configure authority software-access channel
The software access channel to use. The channel will only grant access to software which is permitted for the given software access username and token.
Usage
configure authority software-access channel [<software-access-channel>]
Positional Arguments
name | description |
---|---|
software-access-channel | The value to set for this field |
Description
Default: release
software-access-channel (enumeration)
The software access channels.
Options:
- prealpha Enable access to software in the prealpha channel.
- alpha Enable access to software in the alpha channel.
- beta Enable access to software in the beta channel.
- release Enable access to software in the release channel.
configure authority software-access rpm-channel
The software access RPM channel to use. The RPM channel will override the authority channel for repositories providing RPMs. The channel will only grant access to software which is permitted for the given software access username and token.
Usage
configure authority software-access rpm-channel [<software-access-channel-override>]
Positional Arguments
name | description |
---|---|
software-access-channel-override | The value to set for this field |
Description
Default: use-software-access-channel
software-access-channel-override (enumeration)
The software access channel overrides.
Options:
- use-software-access-channel: Use the configured channel.
- prealpha: Override the configured channel with the prealpha channel.
- alpha: Override the configured channel with the alpha channel.
- beta: Override the configured channel with the beta channel.
- release: Override the configured channel with the release channel.
configure authority software-access ssr-image-channel
The software access SSR image channel to use. The SSR image channel will override the authority channel for repositories providing SSR images. The channel will only grant access to software which is permitted for the given software access username and token.
Usage
configure authority software-access ssr-image-channel [<software-access-channel-override>]
Positional Arguments
name | description |
---|---|
software-access-channel-override | The value to set for this field |
Description
Default: use-software-access-channel
software-access-channel-override (enumeration)
The software access channel overrides.
Options:
- use-software-access-channel: Use the configured channel.
- prealpha: Override the configured channel with the prealpha channel.
- alpha: Override the configured channel with the alpha channel.
- beta: Override the configured channel with the beta channel.
- release: Override the configured channel with the release channel.
configure authority software-access token
The authority software access token.
Usage
configure authority software-access token [<software-access-token>]
Positional Arguments
name | description |
---|---|
software-access-token | The value to set for this field |
Description
software-access-token (string)
The software access token.
Must not contain whitespace in the software access token.
configure authority software-access username
The authority software access username.
Usage
configure authority software-access username [<software-access-username>]
Positional Arguments
name | description |
---|---|
software-access-username | The value to set for this field |
Description
software-access-username (string)
The software access username.
Must not contain a colon or whitespace in the software access username.
configure authority software-update
Configure Software Update
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
proxy-allowed-domain | Domains that should be accessible through the conductor repo proxy |
proxy-allowed-ip | IP addresses or prefixes that should be accessible through the conductor repo proxy |
show | Show configuration data for 'software-update' |
configure authority software-update proxy-allowed-domain
Domains that should be accessible through the conductor repo proxy
Usage
configure authority software-update proxy-allowed-domain [<squid-proxy-domain>]
Positional Arguments
name | description |
---|---|
squid-proxy-domain | Value to add to this list |
Description
squid-proxy-domain (string)
A domain name, optionally preceded with a '.'. If preceded by the '.', the pattern will match the given domain, as well as any subdomains
Length: 1-253
configure authority software-update proxy-allowed-ip
IP addresses or prefixes that should be accessible through the conductor repo proxy
Usage
configure authority software-update proxy-allowed-ip [<ip-address-or-prefix>]
Positional Arguments
name | description |
---|---|
ip-address-or-prefix | Value to add to this list |
Description
ip-address-or-prefix (union)
An IP address or prefix.
Must be one of the following types:
(0) ip-address (union)
The ip-address type represents an IP address and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-address (string):
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) ipv6-address (string)
The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation.
The canonical format of IPv6 addresses uses the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
Must be a valid IPv6 address.
(1) ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string):
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(3) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority step
Configure Step
Subcommands
command | description |
---|---|
delete | Delete configuration data |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
session-expiry-time | The maximum amount of time waiting for a request response after which the session between STEP repository and client will be disconnected. |
show | Show configuration data for 'step' |
configure authority step session-expiry-time
The maximum amount of time waiting for a request response after which the session between STEP repository and client will be disconnected.
Usage
configure authority step session-expiry-time [<uint16>]
Positional Arguments
name | description |
---|---|
uint16 | The value to set for this field |
Description
Units: seconds
Default: 60
uint16
An unsigned 16-bit integer.
Range: 5-65535
configure authority step-repo
List of Service and Topology Exchange Protocol repositories.
Usage
configure authority step-repo <address>
Positional Arguments
name | description |
---|---|
address | Address of the STEP server. This could be the IP address/FQDN of the Conductor, standalone server or router where the STEP server is hosted. |
Subcommands
command | description |
---|---|
address | Address of the STEP server. This could be the IP address/FQDN of the Conductor, standalone server or router where the STEP server is hosted. |
delete | Delete configuration data |
description | A description about the STEP repository. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
priority | The priority assigned to the STEP server. The STEP server with the highest priority will be preferred. |
resource-group | Associate this STEP repo with a top-level resource-group. |
show | Show configuration data for 'step-repo' |
configure authority step-repo address
Address of the STEP server. This could be the IP address/FQDN of the Conductor, standalone server or router where the STEP server is hosted.
Usage
configure authority step-repo address [<hostv4>]
Positional Arguments
name | description |
---|---|
hostv4 | The value to set for this field |
Description
hostv4 (union)
The host type represents either an IPv4 address or a DNS domain name.
Must be one of the following types:
(0) ipv4-address (string)
The ipv4-address type represents an IPv4 address in dotted-quad notation.
Must be a valid IPv4 address.
(1) domain-name (string)
The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible.
Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability.
The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation.
The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitely or it may depend on the configuration of the resolver.
Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492
Length: 1-253
configure authority step-repo description
A description about the STEP repository.
Usage
configure authority step-repo description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority step-repo priority
The priority assigned to the STEP server. The STEP server with the highest priority will be preferred.
Usage
configure authority step-repo priority [<uint8>]
Positional Arguments
name | description |
---|---|
uint8 | The value to set for this field |
Description
Default: 0
uint8
An unsigned 8-bit integer.
Range: 0-255
configure authority step-repo resource-group
Associate this STEP repo with a top-level resource-group.
Usage
configure authority step-repo resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority tenant
A customer or user group within the Authority.
Usage
configure authority tenant <name>
Positional Arguments
name | description |
---|---|
name | An arbitrary, unique name for the tenant, used to reference it in other configuration sections. |
Subcommands
command | description |
---|---|
clone | Clone a list item |
delete | Delete configuration data |
description | A description about the tenant. |
generated | Indicates whether or not the Tenant was automatically generated as a result of Conductor or BGP/SVR services. |
member | A member of the tenant. |
name | An arbitrary, unique name for the tenant, used to reference it in other configuration sections. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
resource-group | Associate this tenant with a top-level resource-group. |
security | The name of the security policy to use when the service does not specify a security policy |
show | Show configuration data for 'tenant' |
configure authority tenant description
A description about the tenant.
Usage
configure authority tenant description [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority tenant generated
Indicates whether or not the Tenant was automatically generated as a result of Conductor or BGP/SVR services.
Usage
configure authority tenant generated [<boolean>]
Positional Arguments
name | description |
---|---|
boolean | The value to set for this field |
Description
boolean
A true or false value.
Options: true or false
configure authority tenant member
A member of the tenant.
Usage
configure authority tenant member <neighborhood>
Positional Arguments
name | description |
---|---|
neighborhood | Neigborhood where tenant members are located. |
Subcommands
command | description |
---|---|
address | The source address(es) within the neighborhood that define the tenant members. |
delete | Delete configuration data |
neighborhood | Neigborhood where tenant members are located. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'member' |
configure authority tenant member address
The source address(es) within the neighborhood that define the tenant members.
Usage
configure authority tenant member address [<ip-prefix>]
Positional Arguments
name | description |
---|---|
ip-prefix | Value to add to this list |
Description
ip-prefix (union)
The ip-prefix type represents an IP prefix and is IP version neutral. The format of the textual representations implies the IP version.
Must be one of the following types:
(0) ipv4-prefix (string)
The ipv4-prefix type represents an IPv4 address prefix. The prefix length is given by the number following the slash character and must be less than or equal to 32.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The canonical format of an IPv4 prefix has all bits of the IPv4 address set to zero that are not part of the IPv4 prefix.
(1) ipv6-prefix (string)
The ipv6-prefix type represents an IPv6 address prefix. The prefix length is given by the number following the slash character and must be less than or equal 128.
A prefix length value of n corresponds to an IP address mask that has n contiguous 1-bits from the most significant bit (MSB) and all other bits set to 0.
The IPv6 address should have all bits that do not belong to the prefix set to zero.
The canonical format of an IPv6 prefix has all bits of the IPv6 address set to zero that are not part of the IPv6 prefix. Furthermore, IPv6 address is represented in the compressed format described in RFC 4291, Section 2.2, item 2 with the following additional rules: the :: substitution must be applied to the longest sequence of all-zero 16-bit chunks in an IPv6 address. If there is a tie, the first sequence of all-zero 16-bit chunks is replaced by ::. Single all-zero 16-bit chunks are not compressed. The canonical format uses lowercase characters and leading zeros are not allowed.
configure authority tenant member neighborhood
Neigborhood where tenant members are located.
Usage
configure authority tenant member neighborhood [<neighborhood-id>]
Positional Arguments
name | description |
---|---|
neighborhood-id | The value to set for this field |
Description
neighborhood-id (string)
A string identifier for network neighborhood.
Must contain only alphanumeric characters or any of the following: . _ - Length: 0-63
configure authority tenant name
An arbitrary, unique name for the tenant, used to reference it in other configuration sections.
Usage
configure authority tenant name [<tenant-name>]
Positional Arguments
name | description |
---|---|
tenant-name | The value to set for this field |
Description
tenant-name (string)
A string identifier for a tenant, which uses alphanumerics, underscores, dots, or dashes, and cannot exceed 253 characters (similar to domain-name).
Must contain only alphanumeric characters or any of the following: - _ . Length: 0-253
configure authority tenant resource-group
Associate this tenant with a top-level resource-group.
Usage
configure authority tenant resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority tenant security
The name of the security policy to use when the service does not specify a security policy
Usage
configure authority tenant security [<security-ref>]
Positional Arguments
name | description |
---|---|
security-ref | The value to set for this field |
Description
security
is deprecated and will be removed in a future software version
security-ref (leafref)
This type is used by other entities that need to reference configured security policies.
configure authority traffic-profile
A set of minimum guaranteed bandwidths, one for each traffic priority
Usage
configure authority traffic-profile <name>
Positional Arguments
name | description |
---|---|
name | The name of the Traffic Profile |
Subcommands
command | description |
---|---|
best-effort | Configure Best Effort |
delete | Delete configuration data |
high | Configure High |
low | Configure Low |
medium | Configure Medium |
name | The name of the Traffic Profile |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
resource-group | Associate this traffic profile with a top-level resource-group. |
show | Show configuration data for 'traffic-profile' |
configure authority traffic-profile best-effort
Configure Best Effort
Subcommands
command | description |
---|---|
delete | Delete configuration data |
distribution | Percentage of minimum guaranteed bandwidth of the port rate for best-effort priority traffic. This value, plus high, medium, and low must add up to 100. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'best-effort' |
configure authority traffic-profile best-effort distribution
Percentage of minimum guaranteed bandwidth of the port rate for best-effort priority traffic. This value, plus high, medium, and low must add up to 100.
Usage
configure authority traffic-profile best-effort distribution [<percentage>]
Positional Arguments
name | description |
---|---|
percentage | The value to set for this field |
Description
Units: percent
percentage (uint8)
Integer indicating a percentage value
Range: 0-100
configure authority traffic-profile high
Configure High
Subcommands
command | description |
---|---|
delete | Delete configuration data |
distribution | Percentage of minimum guaranteed bandwidth of the port rate for high priority traffic. This value, plus medium, low, and best-effort must add up to 100. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'high' |
configure authority traffic-profile high distribution
Percentage of minimum guaranteed bandwidth of the port rate for high priority traffic. This value, plus medium, low, and best-effort must add up to 100.
Usage
configure authority traffic-profile high distribution [<percentage>]
Positional Arguments
name | description |
---|---|
percentage | The value to set for this field |
Description
Units: percent
percentage (uint8)
Integer indicating a percentage value
Range: 0-100
configure authority traffic-profile low
Configure Low
Subcommands
command | description |
---|---|
delete | Delete configuration data |
distribution | Percentage of minimum guaranteed bandwidth of the port rate for low priority traffic. This value, plus high, medium, and best-effort must add up to 100. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'low' |
configure authority traffic-profile low distribution
Percentage of minimum guaranteed bandwidth of the port rate for low priority traffic. This value, plus high, medium, and best-effort must add up to 100.
Usage
configure authority traffic-profile low distribution [<percentage>]
Positional Arguments
name | description |
---|---|
percentage | The value to set for this field |
Description
Units: percent
percentage (uint8)
Integer indicating a percentage value
Range: 0-100
configure authority traffic-profile medium
Configure Medium
Subcommands
command | description |
---|---|
delete | Delete configuration data |
distribution | Percentage of minimum guaranteed bandwidth of the port rate for medium priority traffic. This value, plus high, low, and best-effort must add up to 100. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'medium' |
configure authority traffic-profile medium distribution
Percentage of minimum guaranteed bandwidth of the port rate for medium priority traffic. This value, plus high, low, and best-effort must add up to 100.
Usage
configure authority traffic-profile medium distribution [<percentage>]
Positional Arguments
name | description |
---|---|
percentage | The value to set for this field |
Description
Units: percent
percentage (uint8)
Integer indicating a percentage value
Range: 0-100
configure authority traffic-profile name
The name of the Traffic Profile
Usage
configure authority traffic-profile name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority traffic-profile resource-group
Associate this traffic profile with a top-level resource-group.
Usage
configure authority traffic-profile resource-group [<resource-group-ref>]
Positional Arguments
name | description |
---|---|
resource-group-ref | Value to add to this list |
Description
resource-group-ref (leafref)
This type is used by other entities that need to reference configured resource groups.
configure authority trusted-ca-certificate
The trusted-ca-certificate configuration contains CA certificate content.
Usage
configure authority trusted-ca-certificate <name>
Positional Arguments
name | description |
---|---|
name | An identifier for the trusted CA certificate. |
Subcommands
command | description |
---|---|
content | Trusted CA certificate content. |
delete | Delete configuration data |
name | An identifier for the trusted CA certificate. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'trusted-ca-certificate' |
validation-mode | Trusted CA certificate validation mode. |
configure authority trusted-ca-certificate content
Trusted CA certificate content.
Usage
configure authority trusted-ca-certificate content [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string (required)
A text value.
configure authority trusted-ca-certificate name
An identifier for the trusted CA certificate.
Usage
configure authority trusted-ca-certificate name [<name-id>]
Positional Arguments
name | description |
---|---|
name-id | The value to set for this field |
Description
name-id (string)
A string identifier which only uses alphanumerics, underscores, or dashes, and cannot exceed 63 characters.
Must contain only alphanumeric characters or any of the following: _ - Length: 0-63
configure authority trusted-ca-certificate validation-mode
Trusted CA certificate validation mode.
Usage
configure authority trusted-ca-certificate validation-mode [<certificate-validation-mode>]
Positional Arguments
name | description |
---|---|
certificate-validation-mode | The value to set for this field |
Description
certificate-validation-mode (enumeration)
Sets the mode of certificate validation
Options:
- strict: Reject insecure certificates during import.
- warn: Warn when importing insecure certificates
configure authority web-messages
Configure Web Messages
Subcommands
command | description |
---|---|
delete | Delete configuration data |
login-message | The message displayed on the login screen. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
show | Show configuration data for 'web-messages' |
welcome-message | The message displayed after a successful login. |
configure authority web-messages login-message
The message displayed on the login screen.
Usage
configure authority web-messages login-message [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority web-messages welcome-message
The message displayed after a successful login.
Usage
configure authority web-messages welcome-message [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority web-theme
Configure Web Theme
Subcommands
command | description |
---|---|
delete | Delete configuration data |
logo | The logo used across the authority. |
override-generated | Force auto-generated configuration and any modifications to it to persist on commit |
primary-color | The hexidecimal code of the primary color in the authority's theme. |
secondary-color | The hexidecimal code of the secondary color in the authority's theme. |
show | Show configuration data for 'web-theme' |
tab-icon | The icon displayed in the browser tab. |
configure authority web-theme logo
The logo used across the authority.
Usage
configure authority web-theme logo [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.
configure authority web-theme primary-color
The hexidecimal code of the primary color in the authority's theme.
Usage
configure authority web-theme primary-color [<hex-string>]
Positional Arguments
name | description |
---|---|
hex-string | The value to set for this field |
Description
hex-string (string)
A hexadecimal string with octets represented as hex digits.
Length: 6
configure authority web-theme secondary-color
The hexidecimal code of the secondary color in the authority's theme.
Usage
configure authority web-theme secondary-color [<hex-string>]
Positional Arguments
name | description |
---|---|
hex-string | The value to set for this field |
Description
hex-string (string)
A hexadecimal string with octets represented as hex digits.
Length: 6
configure authority web-theme tab-icon
The icon displayed in the browser tab.
Usage
configure authority web-theme tab-icon [<string>]
Positional Arguments
name | description |
---|---|
string | The value to set for this field |
Description
string
A text value.