Class l2:PortSecurityPolDef (CONCRETE)

Class ID:9101
Class Label: Port Security Policy
Encrypted: false - Exportable: false - Persistent: true - Configurable: false - Subject to Quota: Disabled
Write Access: [NON CONFIGURABLE]
Read Access: [access-protocol-l2, admin]
Creatable/Deletable: yes (see Container Mos for details)
Possible Semantic Scopes: EPG, Fabric,
Semantic Scope Evaluation Rule: Parent
Monitoring Policy Source: Parent
Monitoring Flags : [ IsObservable: true, HasStats: false, HasFaults: true, HasHealth: true, HasEventRules: false ]

Port Security Policy

Naming Rules
RN FORMAT: portsecuritypolD

    [1] PREFIX=portsecuritypolD


DN FORMAT: 

[0] topology/pod-{id}/node-{id}/sys/conng/path-{[id]}/portsecuritypolD

[1] sys/conng/path-{[id]}/portsecuritypolD

[2] topology/pod-{id}/node-{id}/sys/ctxsubstitute-{[encap]}/bd-{[fabEncap]}/qinq-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[3] sys/ctxsubstitute-{[encap]}/bd-{[fabEncap]}/qinq-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[4] topology/pod-{id}/node-{id}/sys/inst-{name}/bd-{[fabEncap]}/qinq-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[5] sys/inst-{name}/bd-{[fabEncap]}/qinq-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[6] topology/pod-{id}/node-{id}/sys/ctx-{[encap]}/bd-{[fabEncap]}/qinq-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[7] sys/ctx-{[encap]}/bd-{[fabEncap]}/qinq-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[8] topology/pod-{id}/node-{id}/sys/ctxsubstitute-{[encap]}/bd-{[fabEncap]}/vxlan-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[9] sys/ctxsubstitute-{[encap]}/bd-{[fabEncap]}/vxlan-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[10] topology/pod-{id}/node-{id}/sys/inst-{name}/bd-{[fabEncap]}/vxlan-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[11] sys/inst-{name}/bd-{[fabEncap]}/vxlan-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[12] topology/pod-{id}/node-{id}/sys/ctx-{[encap]}/bd-{[fabEncap]}/vxlan-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[13] sys/ctx-{[encap]}/bd-{[fabEncap]}/vxlan-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[14] topology/pod-{id}/node-{id}/sys/ctxsubstitute-{[encap]}/bd-{[fabEncap]}/vlan-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[15] sys/ctxsubstitute-{[encap]}/bd-{[fabEncap]}/vlan-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[16] topology/pod-{id}/node-{id}/sys/inst-{name}/bd-{[fabEncap]}/vlan-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[17] sys/inst-{name}/bd-{[fabEncap]}/vlan-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[18] topology/pod-{id}/node-{id}/sys/ctx-{[encap]}/bd-{[fabEncap]}/vlan-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[19] sys/ctx-{[encap]}/bd-{[fabEncap]}/vlan-{[encap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[20] topology/pod-{id}/node-{id}/sys/ctxsubstitute-{[encap]}/bd-{[fabEncap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[21] sys/ctxsubstitute-{[encap]}/bd-{[fabEncap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[22] topology/pod-{id}/node-{id}/sys/inst-{name}/bd-{[fabEncap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[23] sys/inst-{name}/bd-{[fabEncap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[24] topology/pod-{id}/node-{id}/sys/ctx-{[encap]}/bd-{[fabEncap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

[25] sys/ctx-{[encap]}/bd-{[fabEncap]}/rspathDomAtt-{[tDn]}/portsecuritypolD

                


Diagram

Super Mo: fabric:L2PortSecurityPol,
Container Mos: l2:RsPathDomAtt (deletable:yes), nw:PathEp (deletable:yes),


Containers Hierarchies
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] fabric:Topology The root for IFC topology.
 
 ├
[V] fabric:Pod A pod.
 
 
 ├
[V] fabric:Node The root node for the APIC.
 
 
 
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 
 
 
 ├
[V] nw:ConnGrp A connection group.
 
 
 
 
 
 ├
[V] nw:PathEp An abstraction of an endpoint path.
 
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 ├
[V] nw:ConnGrp A connection group.
 
 
 ├
[V] nw:PathEp An abstraction of an endpoint path.
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] fabric:Topology The root for IFC topology.
 
 ├
[V] fabric:Pod A pod.
 
 
 ├
[V] fabric:Node The root node for the APIC.
 
 
 
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 
 
 
 ├
[V] l3:CtxSubstitute  Tenant context object substitute. Its needed for internal PE purposes but it doesnt instantiate any VRF in the node.
 
 
 
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 
 
 
 ├
[V] qinq:CktEp  802.1q Vlan
 
 
 
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 ├
[V] l3:CtxSubstitute  Tenant context object substitute. Its needed for internal PE purposes but it doesnt instantiate any VRF in the node.
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 ├
[V] qinq:CktEp  802.1q Vlan
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] fabric:Topology The root for IFC topology.
 
 ├
[V] fabric:Pod A pod.
 
 
 ├
[V] fabric:Node The root node for the APIC.
 
 
 
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 
 
 
 ├
[V] l3:Inst The infra VRF is created for the iNXOS fabric infrastructure. All communications between fabric elements, such as spine, leaf and vleaf, take place in this VRF.
 
 
 
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 
 
 
 ├
[V] qinq:CktEp  802.1q Vlan
 
 
 
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 ├
[V] l3:Inst The infra VRF is created for the iNXOS fabric infrastructure. All communications between fabric elements, such as spine, leaf and vleaf, take place in this VRF.
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 ├
[V] qinq:CktEp  802.1q Vlan
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] fabric:Topology The root for IFC topology.
 
 ├
[V] fabric:Pod A pod.
 
 
 ├
[V] fabric:Node The root node for the APIC.
 
 
 
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 
 
 
 ├
[V] l3:Ctx The tenant context information is equivalent to a virtual routing and forwarding (VRF) instance created for the tenant's L3 network. Similar to a VRF in traditional Cisco routers, the tenant context isolates the IP addresses of the tenant, allowing different tenants to have overlapping IP addresses.
 
 
 
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 
 
 
 ├
[V] qinq:CktEp  802.1q Vlan
 
 
 
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 ├
[V] l3:Ctx The tenant context information is equivalent to a virtual routing and forwarding (VRF) instance created for the tenant's L3 network. Similar to a VRF in traditional Cisco routers, the tenant context isolates the IP addresses of the tenant, allowing different tenants to have overlapping IP addresses.
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 ├
[V] qinq:CktEp  802.1q Vlan
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] fabric:Topology The root for IFC topology.
 
 ├
[V] fabric:Pod A pod.
 
 
 ├
[V] fabric:Node The root node for the APIC.
 
 
 
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 
 
 
 ├
[V] l3:CtxSubstitute  Tenant context object substitute. Its needed for internal PE purposes but it doesnt instantiate any VRF in the node.
 
 
 
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 
 
 
 ├
[V] vxlan:CktEp A VXLAN circuit.
 
 
 
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 ├
[V] l3:CtxSubstitute  Tenant context object substitute. Its needed for internal PE purposes but it doesnt instantiate any VRF in the node.
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 ├
[V] vxlan:CktEp A VXLAN circuit.
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] fabric:Topology The root for IFC topology.
 
 ├
[V] fabric:Pod A pod.
 
 
 ├
[V] fabric:Node The root node for the APIC.
 
 
 
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 
 
 
 ├
[V] l3:Inst The infra VRF is created for the iNXOS fabric infrastructure. All communications between fabric elements, such as spine, leaf and vleaf, take place in this VRF.
 
 
 
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 
 
 
 ├
[V] vxlan:CktEp A VXLAN circuit.
 
 
 
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 ├
[V] l3:Inst The infra VRF is created for the iNXOS fabric infrastructure. All communications between fabric elements, such as spine, leaf and vleaf, take place in this VRF.
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 ├
[V] vxlan:CktEp A VXLAN circuit.
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] fabric:Topology The root for IFC topology.
 
 ├
[V] fabric:Pod A pod.
 
 
 ├
[V] fabric:Node The root node for the APIC.
 
 
 
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 
 
 
 ├
[V] l3:Ctx The tenant context information is equivalent to a virtual routing and forwarding (VRF) instance created for the tenant's L3 network. Similar to a VRF in traditional Cisco routers, the tenant context isolates the IP addresses of the tenant, allowing different tenants to have overlapping IP addresses.
 
 
 
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 
 
 
 ├
[V] vxlan:CktEp A VXLAN circuit.
 
 
 
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 ├
[V] l3:Ctx The tenant context information is equivalent to a virtual routing and forwarding (VRF) instance created for the tenant's L3 network. Similar to a VRF in traditional Cisco routers, the tenant context isolates the IP addresses of the tenant, allowing different tenants to have overlapping IP addresses.
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 ├
[V] vxlan:CktEp A VXLAN circuit.
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] fabric:Topology The root for IFC topology.
 
 ├
[V] fabric:Pod A pod.
 
 
 ├
[V] fabric:Node The root node for the APIC.
 
 
 
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 
 
 
 ├
[V] l3:CtxSubstitute  Tenant context object substitute. Its needed for internal PE purposes but it doesnt instantiate any VRF in the node.
 
 
 
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 
 
 
 ├
[V] vlan:CktEp A VLAN object created for an endpoint group with an 802.1q encap.
 
 
 
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 ├
[V] l3:CtxSubstitute  Tenant context object substitute. Its needed for internal PE purposes but it doesnt instantiate any VRF in the node.
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 ├
[V] vlan:CktEp A VLAN object created for an endpoint group with an 802.1q encap.
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] fabric:Topology The root for IFC topology.
 
 ├
[V] fabric:Pod A pod.
 
 
 ├
[V] fabric:Node The root node for the APIC.
 
 
 
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 
 
 
 ├
[V] l3:Inst The infra VRF is created for the iNXOS fabric infrastructure. All communications between fabric elements, such as spine, leaf and vleaf, take place in this VRF.
 
 
 
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 
 
 
 ├
[V] vlan:CktEp A VLAN object created for an endpoint group with an 802.1q encap.
 
 
 
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 ├
[V] l3:Inst The infra VRF is created for the iNXOS fabric infrastructure. All communications between fabric elements, such as spine, leaf and vleaf, take place in this VRF.
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 ├
[V] vlan:CktEp A VLAN object created for an endpoint group with an 802.1q encap.
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] fabric:Topology The root for IFC topology.
 
 ├
[V] fabric:Pod A pod.
 
 
 ├
[V] fabric:Node The root node for the APIC.
 
 
 
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 
 
 
 ├
[V] l3:Ctx The tenant context information is equivalent to a virtual routing and forwarding (VRF) instance created for the tenant's L3 network. Similar to a VRF in traditional Cisco routers, the tenant context isolates the IP addresses of the tenant, allowing different tenants to have overlapping IP addresses.
 
 
 
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 
 
 
 ├
[V] vlan:CktEp A VLAN object created for an endpoint group with an 802.1q encap.
 
 
 
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 ├
[V] l3:Ctx The tenant context information is equivalent to a virtual routing and forwarding (VRF) instance created for the tenant's L3 network. Similar to a VRF in traditional Cisco routers, the tenant context isolates the IP addresses of the tenant, allowing different tenants to have overlapping IP addresses.
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 ├
[V] vlan:CktEp A VLAN object created for an endpoint group with an 802.1q encap.
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] fabric:Topology The root for IFC topology.
 
 ├
[V] fabric:Pod A pod.
 
 
 ├
[V] fabric:Node The root node for the APIC.
 
 
 
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 
 
 
 ├
[V] l3:CtxSubstitute  Tenant context object substitute. Its needed for internal PE purposes but it doesnt instantiate any VRF in the node.
 
 
 
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 ├
[V] l3:CtxSubstitute  Tenant context object substitute. Its needed for internal PE purposes but it doesnt instantiate any VRF in the node.
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] fabric:Topology The root for IFC topology.
 
 ├
[V] fabric:Pod A pod.
 
 
 ├
[V] fabric:Node The root node for the APIC.
 
 
 
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 
 
 
 ├
[V] l3:Inst The infra VRF is created for the iNXOS fabric infrastructure. All communications between fabric elements, such as spine, leaf and vleaf, take place in this VRF.
 
 
 
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 ├
[V] l3:Inst The infra VRF is created for the iNXOS fabric infrastructure. All communications between fabric elements, such as spine, leaf and vleaf, take place in this VRF.
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] fabric:Topology The root for IFC topology.
 
 ├
[V] fabric:Pod A pod.
 
 
 ├
[V] fabric:Node The root node for the APIC.
 
 
 
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 
 
 
 ├
[V] l3:Ctx The tenant context information is equivalent to a virtual routing and forwarding (VRF) instance created for the tenant's L3 network. Similar to a VRF in traditional Cisco routers, the tenant context isolates the IP addresses of the tenant, allowing different tenants to have overlapping IP addresses.
 
 
 
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 ├
[V] l3:Ctx The tenant context information is equivalent to a virtual routing and forwarding (VRF) instance created for the tenant's L3 network. Similar to a VRF in traditional Cisco routers, the tenant context isolates the IP addresses of the tenant, allowing different tenants to have overlapping IP addresses.
 
 
 ├
[V] l2:BD The Layer 2 Bridge-domain identifies the boundary of a tenant’s bridged/layer 2 traffic. This is similar to a VLAN in a traditional layer 2 switched network.
 
 
 
 ├
[V] l2:RsPathDomAtt A source relation to the ports on this domain is allowed. This is an internal object.
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy


Contained Hierarchy
[V] l2:PortSecurityPolDef  Port Security Policy
 ├
[V] fault:Counts An immutable object that provides the number of critical, major, minor, and warning faults raised on its parent object and its subtree.
 ├
[V] fault:Delegate Exposes internal faults to the user. A fault delegate object can be defined on IFC (for example, for an endpoint group) and when the fault is raised (for example, under an endpoint policy on a switch), a fault delegate object is created on IFC under the specified object. A fault delegate object follows the lifecycle of the original fault instance object, being created, modified, or deleted based on the changes of the original fault.
 ├
[V] fault:Inst Contains detailed information of a fault. This object is attached as a child of the object on which the fault condition occurred. One instance object is created for each fault condition of the parent object. A fault instance object is identified by a fault code.
 ├
[V] health:Inst A base class for a health score instance.(Switch only)


Inheritance
[V] naming:NamedObject An abstract base class for an object that contains a name.
 ├
[V] pol:Obj Represents a generic policy object.
 
 ├
[V] pol:Def Represents self-contained policy document.
 
 
 ├
[V] fabric:ProtoPol A base class for protocol policies.
 
 
 
 ├
[V] fabric:ProtoIfPol A base class for interface-level protocol policies.
 
 
 
 
 ├
[V] fabric:L2PortSecurityPol 
 
 
 
 
 
 ├
[V] l2:PortSecurityPolDef  Port Security Policy


Events
                


Faults
                l2:PortSecurityPolDef:macLimitHit
l2:PortSecurityPolDef:unsupported


Fsms
                


Properties Summary
Defined in: l2:PortSecurityPolDef
l2:PortSecurityMaximum
          scalar:Uint16
maximum  (l2:PortSecurityPolDef:maximum)
           Port Security Maximum
reference:BinRef monPolDn  (l2:PortSecurityPolDef:monPolDn)
           The monitoring policy attached to this observable object.
epm:PortSecurityOperSt
          scalar:Enum8
operSt  (l2:PortSecurityPolDef:operSt)
           The runtime state of the object or policy.
l2:PortSecurityTimeout
          scalar:Uint16
timeout  (l2:PortSecurityPolDef:timeout)
           The amount of time between authentication attempts.
l2:PortSecurityViolation
          scalar:Enum8
violation  (l2:PortSecurityPolDef:violation)
           Port Security Violation
Defined in: pol:Def
naming:Descr
          string:Basic
descr  (pol:Def:descr)
           Specifies a description of the policy definition.
naming:Descr
          string:Basic
ownerKey  (pol:Def:ownerKey)
           The key for enabling clients to own their data for entity correlation.
naming:Descr
          string:Basic
ownerTag  (pol:Def:ownerTag)
           A tag for enabling clients to add their own data. For example, to indicate who created this object.
Defined in: pol:Obj
naming:Name
          string:Basic
name  (pol:Obj:name)
           Overrides:naming:NamedObject:name
           null
Defined in: naming:NamedObject
naming:NameAlias
          string:Basic
nameAlias  (naming:NamedObject:nameAlias)
           NO COMMENTS
Defined in: mo:TopProps
mo:ModificationChildAction
          scalar:Bitmask32
childAction  (mo:TopProps:childAction)
           Delete or ignore. For internal use only.
reference:BinRef dn  (mo:TopProps:dn)
           A tag or metadata is a non-hierarchical keyword or term assigned to the fabric module.
reference:BinRN rn  (mo:TopProps:rn)
           Identifies an object from its siblings within the context of its parent object. The distinguished name contains a sequence of relative names.
mo:ModificationStatus
          scalar:Bitmask32
status  (mo:TopProps:status)
           The upgrade status. This property is for internal use only.
Defined in: mo:Resolvable
mo:Owner
          scalar:Enum8
lcOwn  (mo:Resolvable:lcOwn)
           A value that indicates how this object was created. For internal use only.
Defined in: mo:Modifiable
mo:TStamp
          scalar:Date
modTs  (mo:Modifiable:modTs)
           The time when this object was last modified.
Properties Detail

childAction

Type: mo:ModificationChildAction
Primitive Type: scalar:Bitmask32

Units: null
Encrypted: false
Access: implicit
Category: TopLevelChildAction
    Comments:
Delete or ignore. For internal use only.
Constants
deleteAll 16384u deleteAll NO COMMENTS
ignore 4096u ignore NO COMMENTS
deleteNonPresent 8192u deleteNonPresent NO COMMENTS
DEFAULT 0 --- This type is used to





descr

Type: naming:Descr
Primitive Type: string:Basic

Like: naming:Described:descr
Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
    Comments:
Specifies a description of the policy definition.



dn

Type: reference:BinRef

Units: null
Encrypted: false
Access: implicit
Category: TopLevelDn
    Comments:
A tag or metadata is a non-hierarchical keyword or term assigned to the fabric module.



lcOwn

Type: mo:Owner
Primitive Type: scalar:Enum8

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
A value that indicates how this object was created. For internal use only.
Constants
local 0 Local NO COMMENTS
policy 1 Policy NO COMMENTS
replica 2 Replica NO COMMENTS
resolveOnBehalf 3 ResolvedOnBehalf NO COMMENTS
implicit 4 Implicit NO COMMENTS
DEFAULT local(0) Local NO COMMENTS





maximum

Type: l2:PortSecurityMaximum
Primitive Type: scalar:Uint16

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
    Comments:
Port Security Maximum
Constants
defaultValue 0 --- NO COMMENTS





modTs

Type: mo:TStamp
Primitive Type: scalar:Date

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
The time when this object was last modified.
Constants
never 0ull never NO COMMENTS
DEFAULT never(0ull) never NO COMMENTS





monPolDn

Type: reference:BinRef

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
The monitoring policy attached to this observable object.



name

Type: naming:Name
Primitive Type: string:Basic

Overrides:naming:NamedObject:name
Units: null Encrypted: false Access: admin Category: TopLevelRegular
    Comments:
null



nameAlias

Type: naming:NameAlias
Primitive Type: string:Basic

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
    Comments:
NO COMMENTS



operSt

Type: epm:PortSecurityOperSt
Primitive Type: scalar:Enum8

Units: null
Encrypted: false
Access: oper
Category: TopLevelRegular
    Comments:
The runtime state of the object or policy.
Constants
unspecified 0 Unspecified Unspecified
unsupported 1 Feature not supported Feature not supported on this hardware or (interface) or (interface,vlan)
macLimitHit 2 MacLimit count has reached MacLimit is hit
enabled 3 Configuration applied without any errors MacLimit is enabled
DEFAULT enabled(3) Configuration applied without any errors MacLimit is enabled





ownerKey

Type: naming:Descr
Primitive Type: string:Basic

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
    Comments:
The key for enabling clients to own their data for entity correlation.



ownerTag

Type: naming:Descr
Primitive Type: string:Basic

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
    Comments:
A tag for enabling clients to add their own data. For example, to indicate who created this object.



rn

Type: reference:BinRN

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRn
    Comments:
Identifies an object from its siblings within the context of its parent object. The distinguished name contains a sequence of relative names.



status

Type: mo:ModificationStatus
Primitive Type: scalar:Bitmask32

Units: null
Encrypted: false
Access: implicit
Category: TopLevelStatus
    Comments:
The upgrade status. This property is for internal use only.
Constants
created 2u created In a setter method: specifies that an object should be created. An error is returned if the object already exists.
In the return value of a setter method: indicates that an object has been created.
modified 4u modified In a setter method: specifies that an object should be modified
In the return value of a setter method: indicates that an object has been modified.
deleted 8u deleted In a setter method: specifies that an object should be deleted.
In the return value of a setter method: indicates that an object has been deleted.
DEFAULT 0 --- This type controls the life cycle of objects passed in the XML API.

When used in a setter method (such as configConfMo), the ModificationStatus specifies whether an object should be created, modified, deleted or removed.
In the return value of a setter method, the ModificationStatus indicates the actual operation that was performed. For example, the ModificationStatus is set to "created" if the object was created. The ModificationStatus is not set if the object was neither created, modified, deleted or removed.

When invoking a setter method, the ModificationStatus is optional:
If a setter method such as configConfMo is invoked and the ModificationStatus is not set, the system automatically determines if the object should be created or modified.






timeout

Type: l2:PortSecurityTimeout
Primitive Type: scalar:Uint16

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
    Comments:
The amount of time between authentication attempts.
Constants
defaultValue 60 --- NO COMMENTS





violation

Type: l2:PortSecurityViolation
Primitive Type: scalar:Enum8

Units: null
Encrypted: false
Access: admin
Category: TopLevelRegular
    Comments:
Port Security Violation
Constants
protect 1 protect NO COMMENTS
DEFAULT protect(1) protect NO COMMENTS