├
|
|
pol:Obj Represents a generic policy object. |
|
├
|
|
pol:Comp Represents a policy component. This object is part of the policy definition. |
|
|
├
|
|
callhome:Dest The Call Home destination profile contains the delivery information for receiving email-based alert notifications of critical system policies.
A range of message formats are available for compatibility with pager services or XML-based automated parsing applications. You can use this feature to page a network support engineer, email a Network Operations Center, or use Cisco Smart Call Home services to generate a case with the Technical Assistance... |
|
|
├
|
|
comm:Comp default port value is 0. All services that have assigned port override port value. 0 indicates that this service does not use a separate port |
|
|
|
├
|
|
comm:Shell SuperClass for shell-based access (Ssh and Telnet) and not directly used for user configuration. |
|
|
|
|
├
|
|
comm:Ssh Object that encompasses properties related to Secure Shell access to the APIC, namely admin-state (default=enabled) and port(default=22). |
|
|
|
├
|
|
comm:Web SuperClass for web based access (HTTP and HTTPS) and not directly used for user configuration. |
|
|
├
|
|
compat:Filter Feature filter - software is not compatible when any of the filters evaluates to True |
|
|
├
|
|
coop:Rep The COOP repository. The user can only change the associated policy. |
|
|
├
|
|
datetime:ANtpAuthKey This object is a digital signature. The usual data packet plus the key is used to build a non-reversible number that is appended to the packet. The receiver (having the same key) does the same computation and compares the result. If the results match, authentication succeeds. |
|
|
|
├
|
|
datetime:NtpAuth The NTP client authentication configures the device to authenticate the time sources to which the local clock is synchronized. When you enable NTP authentication, the device synchronizes to a time source only if the source carries one of the authentication keys specified by the ntp trusted-key command. The device drops any packets that fail the authentication check and prevents them from updating the local clock. NTP authentication is disabled by... |
|
|
|
├
|
|
datetime:NtpAuthKey The date/time NTP authentication key is used to define a client authentication key if your NTP server requires authentication. |
|
|
├
|
|
datetime:ANtpProv These user-configured NTP provider names are listed as host names/IP addresses and can be between 1 and 64 alphanumeric characters. These names cannot be changed after the objects have been saved. |
|
|
|
├
|
|
dbg:ACRuleIp The IP match rule policy for atomic counter probe. |
|
|
├
|
|
dbg:AtomicCntrP User-configured flows/match rules for atomic counter probes. |
|
|
|
├
|
|
bgp:RRNodePEp The MP-BGP Route Reflector End Point Policy is used to specify Route Reflector Nodes/Spines for the MP-BGP running inside the fabric. |
|
|
|
├
|
|
fabric:NodePEp The node policy endpoint. This is specified by a unique node ID. |
|
|
|
├
|
|
pres:Resolver This is generated and used only by internal processes. |
|
|
├
|
|
fabric:ProtLink The information about a protected link between two fabric nodes. |
|
|
|
|
├
|
|
dns:Dom The DNS domain uses a hierarchical scheme for establishing host names for network nodes and allows local control of the segments of the network through a client-server scheme. The DNS system can locate a network device by translating the hostname of the device into its associated IP address. |
|
|
|
|
├
|
|
dns:Domain The DNS domain uses a hierarchical scheme for establishing host names for network nodes and allows local control of the segments of the network through a client-server scheme. The DNS system can locate a network device by translating the hostname of the device into its associated IP address. |
|
|
|
|
├
|
|
edr:EventP The per event recovery policy specifies from which error event a port is allowed to recover. The supported error events are bpdu guard, mcp loop, and ep move. |
|
|
|
|
├
|
|
stp:MstDomPol The MST domain policy enables you to assign two or more VLANs to a spanning tree instance. MST is not the default spanning tree mode; Rapid per VLAN Spanning Tree (Rapid PVST+) is the default mode. MST instances with the same name, revision number, and VLAN-to-instance mapping combine to form an MST region. The MST region appears as a single bridge to spanning tree configurations outside the region. MST fails over to IEEE 802.1D Spanning Tree Pro... |
|
|
|
|
├
|
|
stp:MstRegionPol The MST region policy enables switches to participate in MST instances when you consistently configure the switches with the same MST configuration information. A collection of interconnected switches that have the same MST configuration is an MST region. An MST region is a linked group of MST bridges with the same MST configuration. |
|
|
|
|
├
|
|
bgp:AAsP The profile of an autonomous system (AS) is a set of routers under a single technical administration, using an interior gateway protocol (IGP) and common metrics to determine how to route packets within the AS, and using an inter-AS routing protocol to determine how to route packets to other autonomous systems. |
|
|
|
|
|
├
|
|
bgp:AsDef An internal object for the BGP autonomous system profile definition. |
|
|
|
|
|
├
|
|
bgp:AsP The BGP autonomous system profile information. |
|
|
|
|
├
|
|
bgp:AExtP The profile of an external BGP neighbor. |
|
|
|
|
|
├
|
|
bgp:ExtDef An internal object for the BGP external profile definition. |
|
|
|
|
|
├
|
|
bgp:ExtP When created, this profile indicates that IBGP will be configured for the endpoint groups in this external network. |
|
|
|
|
├
|
|
bgp:ALocalAsnP An abstraction of a local autonomous system (AS) information profile. |
|
|
|
|
|
├
|
|
bgp:LocalAsnP The local autonomous system information pertaining to a peer. |
|
|
|
|
├
|
|
bgp:APeerP The profile for connecting with a BGP peer. |
|
|
|
|
|
|
├
|
|
bgp:PeerDef An internal object for the BGP peer connectivity definition. |
|
|
|
|
|
├
|
|
bgp:PeerP The BGP peer connectivity profile contains the peer IP address and defines the peer connectivity control settings. These values are for BGP routers, which can only exchange routing information when they establish a peer connection between them. |
|
|
|
|
├
|
|
bgp:ARRP Abstract Route Reflector Profile |
|
|
|
|
|
├
|
|
bgp:RRP The BGP route reflector profile information. |
|
|
|
|
├
|
|
eigrp:AExtP The abstraction of an EIGRP external profile. |
|
|
|
|
|
├
|
|
eigrp:ExtP The EIGRP external profile information. |
|
|
|
|
├
|
|
eigrp:AIfP The abstraction of an interface profile. |
|
|
|
|
|
├
|
|
eigrp:IfP The EIGRP interface profile, which enables EIGRP on the interface. Optionally, the EIGRP interface profile can have a relation to an EIGRP interface policy for more granular control over interface proprieties. |
|
|
|
|
├
|
|
l3ext:AIp The abstraction of a secondary IP address. |
|
|
|
|
|
├
|
|
l3ext:Ip A secondary IP address policy. |
|
|
|
|
|
├
|
|
l3ext:IpDef The definition of a secondary IP address policy. |
|
|
|
|
├
|
|
mgmt:AIp Secondary interface connection parameters |
|
|
|
|
|
├
|
|
mgmt:Ip Secondary interface connection parameters |
|
|
|
|
|
├
|
|
mgmt:IpDef Secondary interface connection parameters definition |
|
|
|
|
├
|
|
ospf:AExtP An abstraction of the OSPF external profile. |
|
|
|
|
|
├
|
|
ospf:ExtP The OSPF external profile information. |
|
|
|
|
├
|
|
ospf:AIfP An abstraction of the OSPF interface profile information. |
|
|
|
|
|
├
|
|
ospf:IfP The OSPF interface profile enables OSPF on the interface. Optionally, the OSPF interface profile can have a relation to an OSPF interface policy for more granular control over interface proprieties. |
|
|
|
|
|
├
|
|
rtctrl:AttrP The action rule profile, which specifies actions for events that meet a configured action rule. |
|
|
|
|
|
|
|
├
|
|
ip:RouteDef The route definitions, which are are used for pushing subnets and static routes to PE. They also push subnets under EpPD to VMMMGR
(for configuring external networks in vCD). |
|
|
|
|
|
|
|
├
|
|
ip:RouteP Configure the IP address and next hop IP address for the routed outside network. |
|
|
|
|
|
├
|
|
rtctrl:ASetComm The abstraction of a set action rule based on communities. |
|
|
|
|
|
├
|
|
rtctrl:ASetNh Sets the action rule based on a next hop address. |
|
|
|
|
|
|
├
|
|
rtctrl:SetNh Sets action rule based on the next hop address. |
|
|
|
|
|
├
|
|
rtctrl:ASetTag The abstraction of a set action rule based on the route tag. |
|
|
|
|
|
|
├
|
|
l3ext:AInstPSubnet An abstract logical node profile. This defines the characteristics to be applied to resources that match with the profile name. |
|
|
|
|
|
|
|
├
|
|
l3ext:SubnetDef An internal object that represents subnets defined under an L3 outside. |
|
|
|
|
|
├
|
|
fv:Subnet A subnet defines the IP address range that can be used within the bridge domain. While a context defines a unique layer 3 space, that space can consist of multiple subnets. These subnets are defined per bridge domain. A bridge domain can contain multiple subnets, but a subnet is contained within a single bridge domain. |
|
|
|
|
|
|
├
|
|
mgmt:Subnet The external subnet to be imported. The bridge domain context defines a unique IP address space, which can consist of
multiple subnets. Those subnets are defined in one or more bridge domains that reference the corresponding context. |
|
|
|
|
|
├
|
|
nd:RaSubnet Neighbor Discovery (ND) uses ICMPv6 messages known as Router advertisement (RA) messages, which have a value of 134 in the Type field of the ICMP packet header, are periodically sent out each configured interface of an IPv6 device. For stateless autoconfiguration to work properly, the advertised prefix length in RA messages must always be 64 bits. |
|
|
|
├
|
|
callhome:SmtpServer The hostname or IP for export destination. Call Home sends email messages to either the IP address or hostname, and the associated port number. |
|
|
|
|
├
|
|
file:RemotePath The remote destination path parameters for the data export. |
|
|
|
|
├
|
|
stats:DestP The export policy. The export policy enables you to output statistics collection policy reports in an XML or JSON format. The reports are exported at a specified frequency and to a chosen export destination.
Specifying the export destination can require selecting the protocol used when communicating with a remote server and entering a hostname/IP address, a remote path, the username and password the system should use to log in to the remote s... |
|
|
|
├
|
|
snmp:TrapDest A destination to which traps and informs are sent. |
|
|
|
├
|
|
syslog:RemoteDest The syslog remote destination host enables you to specify syslog servers to which messages from the APIC and fabric nodes should be forwarded. |
|
|
├
|
|
firmware:Source The firmware source specifications including CCO, and any server (SCP, HTTP, FTP) in which Curl can extract files. |
|
|
|
├
|
|
firmware:InternalSource The internal source of firmware images, which contains images that are pre-packaged into the controller. |
|
|
├
|
|
fmcast:NodePEp The root of the multicast tree. Note that only the spine can be the root. |
|
|
├
|
|
fmcast:NumTree The number of multicast trees rooted on the node. For example, the number of multicast tree objects contained by the multicast tree root object . |
|
|
├
|
|
fmcast:TreeEp The multicast tree. This is an internal object that contains the tree number and is used for propagating tree information between the APIC and the nodes. |
|
|
|
├
|
|
fv:FcIfConn Represents the FC If connectivity parametres |
|
|
|
├
|
|
fv:IfConn Connectivity parameters for an interface. |
|
|
├
|
|
fv:ASiteConnP Abstract class for Multisite Connectivity Information |
|
|
|
├
|
|
fv:SiteConnP Container for Local Multisite Connectivity Information for MultiSite deployments |
|
|
|
├
|
|
fv:SiteConnPDef Container for Local Multisite Connectivity Information for MultiSite deployments |
|
|
├
|
|
fv:CepNetCfgPol Represents Client End Point network configuration policy,
Used this information for Microsoft SCVMM/Azure application
to create SCVMM static IP pool |
|
|
├
|
|
fv:Comp An abstraction of the fabric virtualization policy definition. |
|
|
|
├
|
|
fv:ATg Base class for the Attachable Target Group |
|
|
|
|
├
|
|
fv:CCg A special endpoint group representing a set of connectivity rules to a compute container or hypervisor. |
|
|
|
|
|
├
|
|
extnw:EPg An abstraction of a policy controlling connectivity to an external network such as another fabric or WAN. |
|
|
|
|
|
|
├
|
|
l2ext:InstP The external network instance profile represents a group of external
subnets that have the same security behavior. These subnets inherit contract profiles
applied to the parent instance profile. Each subnet can also associate to route
control profiles, which defines the routing behavior for that subnet. |
|
|
|
|
|
|
├
|
|
l3ext:InstP The external network instance profile represents a group of external subnets that have the same security behavior. These subnets inherit contract profiles applied to the parent instance profile. Each subnet can also associate to route control profiles, which defines the routing behavior for that subnet. |
|
|
|
|
|
├
|
|
fv:CEPg A set of hypothetical client endpoints attaching to the network. |
|
|
|
|
|
|
├
|
|
fv:AEPg A set of requirements for the application-level EPG instance. The policy regulates connectivity and visibility among the end points within the scope of the policy. |
|
|
|
|
|
|
|
├
|
|
vns:EPpInfo Internal object to store encap info (vlan ID) for an endpoint. |
|
|
|
|
|
├
|
|
infra:EPg Abstraction of an infrastructure endpoint group. |
|
|
|
|
|
|
├
|
|
infra:ACEPg An abstraction of the infrastructure client endpoint group. The client endpoint group represents a set of hypothetical client endpoints attaching to the network. |
|
|
|
|
|
|
|
├
|
|
dhcp:CRelPg A group of DHCP relay function providers: A set of DHCP Server to which client DHCP requests are relayed. |
|
|
|
|
|
|
|
├
|
|
infra:CEPg A base class for the client endpoint group. |
|
|
|
|
|
|
├
|
|
infra:APEPg An abstraction of the infrastructure provider endpoint group. The provider endpoint group represents a set of hypothetical provider endpoints attaching to the network; for example, a set of DHCP servers, fabric relays, or client requests. |
|
|
|
|
|
|
|
├
|
|
dhcp:PRelPg A group of DHCP Relay Function Providers: A set of DHCP Servers to which client DHCP Requests are relayed. |
|
|
|
|
|
├
|
|
mgmt:InB The in-band management endpoint group consists of switches (leaves/spines) and APICs.
Each node in the group is assigned an IP address that is dynamically allocated from the address pool associated with the corresponding
in-band management zone. The allocated IP address is then configured as the in-band management access IP address on the corresponding node.
Any host that is part of another endpoint group can communicate with the nodes in the... |
|
|
|
|
├
|
|
mgmt:InstP The external management entity instance profile communicates with nodes that are part of out-of-band management endpoint group. To enable this communication, a contract is required between the instance profile and the out-of-band management endpoint group. |
|
|
|
|
├
|
|
mgmt:OoB An out-of-band management endpoint group, which consists of switches (leaves/spines) and APICs that are part of the associated
out-of-band management zone. Each node in the group is assigned an IP address that is dynamically allocated from the address pool
associated with the corresponding out-of-band management zone. The allocated IP address is then configured on the out-of-band management
port of the corresponding node. Hosts that are par... |
|
|
|
├
|
|
vz:Any vzAny associates all endpoint groups (EPGs) in a context (fvCtx) to one or more contracts (vzBrCP), rather than creating a separate contract relation for each EPG. EPGs can only communicate with other EPGs according to contract rules. A relationship between an EPG and a contract specifies whether the EPG provides the communications defined by the contract rules, consumes them, or both. By dynamically applying contract rules to all EPGs in a conte... |
|
|
├
|
|
fv:Encap The encapsulation associated with the functions. |
|
|
├
|
|
fv:EncapDef An internal encapsulation definition. This is an internal object used for deployment of encapsulation. |
|
|
├
|
|
fv:ExtLocaleCont A container for the extended fabric node information shared across all nodes. |
|
|
├
|
|
fv:SystemGIPoDef System GIPo - one value across the whole fabric. Its used when sending
multicast traffic across PODs.
@@@ It is same as Infra BDs GIPo. It should work according to switch team
@@@ Its sharded by the tenant infra's dn. |
|
|
|
├
|
|
fvns:McastAddrBlk The multicast address block policy defines the multicast IP address ranges. These addresses can be used for various purposes, such as VxLAN encapsulation. |
|
|
|
├
|
|
fvns:UcastAddrBlk Defines the first and last unicast IP addresses in the namespace block. |
|
|
├
|
|
geo:Building The building identifier where the node is located. |
|
|
├
|
|
geo:Floor The floor number of the building where the node is located. |
|
|
├
|
|
geo:Rack The rack identifier where the node is located. |
|
|
├
|
|
geo:Room The room name or number where the node is located. |
|
|
├
|
|
geo:Row The row name where the node is located. |
|
|
├
|
|
health:Pol Defines how much influence a child's health score has on its parent's health score. |
|
|
├
|
|
hvs:Encap Contains the encap and multicast address of the ExtPol. If this child encap exists, the ExtPol uses this encap or the encap properties of the ExtPol. |
|
|
├
|
|
ident:Block The base class for the ID block subclasses must have the From and To properties defined. |
|
|
├
|
|
igmp:ASnoopAccessGroup IGMP Snoop Access Group, defines a filter for the IGMP
joins that can be accepted on a given port/encap or
fvAEPg. This enable to perform a selective admission
control on certain interfaces |
|
|
|
├
|
|
igmp:SnoopAccessGroupDef In case the filter will take place at the fvAEPg level For future releases Internal Representation of an IGMP snooping filter |
|
|
├
|
|
igmp:ASnoopStaticGroup IGMP Snoop Static Group, it's used to allow a tenant
admin to statically join a multicast stream on some
port,encap or fvAEPG |
|
|
|
├
|
|
igmp:SnoopStaticGroupDef In case the static group membership is at the
fvAEPg level For future releases Internal representation of the group memebership |
|
|
├
|
|
infra:AFunc The abstraction of a function or functions provided by the port selector. |
|
|
|
├
|
|
infra:Boot The hypervisor boot function provides the policies used for booting hypervisors. For example, the VLAN and endpoint group policies used during hypervisor bootup. |
|
|
|
├
|
|
infra:Generic The hypervisor generic function provides policies used for any generic hypervisor functionality. This can be used when any other pre-defined functions are not sufficient. The VLAN and endpoint group policies associated with this function are deployed on the leaf ports. |
|
|
|
├
|
|
infra:Image The port characteristics required for accessing storage. Note that this is only used for L2 storage. |
|
|
|
├
|
|
infra:Mgmt The Vcenter management connectivity. The Vcenter management encap is a regular VLAN. |
|
|
|
├
|
|
infra:ProvAcc The provider access function is defined when the hypervisor is using an encapsulation protocol, such as VxLAN/NVGRE, and provides the policies to impacting VxLAN/NvGRE packets from NVGRE. You do not need to provide the encapsulation VLAN and endpoint for the provider access function. The system uses the Infra VLAN (provided during APIC bootup) as the encapsulation and associates it to the default endpoint group under the default tenant. |
|
|
|
├
|
|
infra:Storage The hypervisor storage function provides the policies used for hypervisors and virtual machines to access the storage network. For example, the VLAN and endpoint group policies. |
|
|
├
|
|
infra:ANode A node is a base class representing the node where the endpoint group will be deployed. |
|
|
|
├
|
|
fv:ANode Abstract Node Definition
@@@ Class for passing some internal node specific information between PM & PE |
|
|
|
|
├
|
|
fv:ExtNodeDef ExtNodeDef represents a node that is external to the
pod, like a remote leaf node. |
|
|
|
|
├
|
|
fv:NodeDef Node Definition
@@@ Class for passing some internal node specific information between PM & PE |
|
|
|
├
|
|
infra:Node The node where the endpoint group will be deployed. |
|
|
├
|
|
infra:AttPolicyGroup The attachable policy group acts as an override of the policies given at the AccBaseGrp for the ports associated with the Attachable Entity Profile. |
|
|
├
|
|
infra:Encap The encaps associated with the functions. |
|
|
├
|
|
infra:EncapDef The encapsulation information. This object is generated and used only by internal processes. |
|
|
├
|
|
infrazone:Zone Infrastructure Zone: Represents a policy deployment zone in the fabric. A zone consists of member nodes |
|
|
├
|
|
l2:Cons Used for reference counting the consumers corresponding to the RsPathDomAtt relation. Requirement from switch team: If an circuit is associated to port-x, then the BD should also get associated with the same port. This managed object is used for reference counting the circuit endpoints that need the BD-to-port association. |
|
|
├
|
|
l3:Cons Represents a consumer of a resource. |
|
|
├
|
|
l3ext:AMember The member. The member is used for providing per node IP address configuration. |
|
|
|
├
|
|
l3ext:Member The member. The member is used for providing per node IP address configuration. |
|
|
|
├
|
|
l3ext:MemberDef The member definition. The member is used for providing per node IP address configuration. This is used internally. |
|
|
|
├
|
|
mon:Target The base monitoring target policy model. |
|
|
|
|
├
|
|
mon:EPGTarget Creating a monitoring target will allow you to associate certain monitoring policies to the target object for this tenant. These associated policies can be related to stats collection, stats export, Callhome/SNMP/Syslog, event severities, fault severities, and fault lifecycle policies. The target object will be found in the Monitoring Object drop-down menu in the sub-folders of this monitoring policy, if available. |
|
|
|
|
├
|
|
mon:FabricTarget The monitoring target policy model for the fabric semantic scope. |
|
|
|
|
├
|
|
mon:InfraTarget Creating a monitoring target will allow you to associate certain monitoring policies to the target object for the fabric infrastructure. These associated policies can be related to stats collection, stats export, Callhome/SNMP/Syslog, event severities, fault severities, and fault lifecycle policies. The target object will be found in the Monitoring Object drop-down menu in the sub-folders of this monitoring policy, if available. |
|
|
|
├
|
|
stats:ExportP The export policy, which enables you to output statistics collection policy reports in an XML or JSON format. The reports are exported at a specified frequency with an option for gzip file compression. |
|
|
|
├
|
|
callhome:Group Call Home provides an email-based notification for critical system policies. A range of message formats are available for compatibility with pager services or XML-based automated parsing applications. You can use this feature to page a network support engineer, email a Network Operations Center, or use Cisco Smart Call Home services to generate a case with the Technical Assistance Center. |
|
|
|
├
|
|
snmp:Group The SNMP destination group contains information needed to send traps or informs to a set of destinations..
SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network.
|
|
|
|
├
|
|
syslog:Group The syslog destination group contains all information required to send syslog messages to a group of destinations. |
|
|
├
|
|
mon:ProtoP The objects in the hierarchy under mon:Pol (Policy, Target Subjects, ...) that define scopes for monitoring activities,
including statistics reporting and notification dispatching. To enable notification dispatching, a user attaches a mon:Src object under the
object with the desired scope. The source provides an association to a group, which contains all the information needed to dispatch notifications
to a set of destinations using a specifie... |
|
|
|
├
|
|
callhome:Prof Contains all site information and the address of the SMTP server used to send emails. |
|
|
|
├
|
|
syslog:Prof Represents the configuration parameters used for this protocol. |
|
|
├
|
|
mon:Src Acts as a tap: place it under another mon managed object to start funnelling events to the destinations in the group using
the specified profiles and credentials. Note that the creation of Fault/Event/Audit record managed objects happens independently of the
presence of an Src. |
|
|
|
├
|
|
callhome:Src The call home source profile determines the information to deliver and the urgency level for sending email-based alert notifications to a call home destination.
A range of message formats are available for compatibility with pager services or XML-based automated parsing applications. You can use this feature to page a network support engineer, email a Network Operations Center, or use Cisco Smart Call Home services to generate a case with the Te... |
|
|
|
├
|
|
snmp:Src The SNMP source profile determines the fault information, severity level, and destination for sending messages to the SNMP destination.
SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network
. |
|
|
|
├
|
|
syslog:Src The syslog source configures a syslog source that specifies the minimum severity of items to be sent as syslog messages to the syslog servers in the destination group. |
|
|
├
|
|
mon:Subj An abstract object that identifies a scope within a target. Reaction to conditions (fault/events) are examples of scopes that can be captured with a Subj MO. |
|
|
|
├
|
|
condition:CondP Represents a base class for policies on conditions within a given scope. |
|
|
|
|
|
├
|
|
event:SevAsnP Represents a policy that specifies the initial
and target severity for a specific event. |
|
|
|
|
|
├
|
|
fault:SevAsnP The initial and target severities for a specific fault can be specified in a custom or default monitoring policy directly under an observable target object. |
|
|
|
|
├
|
|
fault:LcP The fault lifecycle policy specifies the timer intervals of faults in their lifecycle. This policy can be specified in a common, default, or custom monitoring policy. Custom and default monitoring policies can be applied globally, per monitoring object or to a group of monitoring objects. |
|
|
├
|
|
monitor:Session The monitor session definition. There can only be a few sessions active at a given time (with a maximum of 4). |
|
|
|
├
|
|
nws:ASyslogSrc Abstract Syslog Source for Firewall. Contains configuration parameters for syslog functionality of the firewall device and a relation to the syslog group, which contains the list of destination servers |
|
|
|
|
├
|
|
nws:SyslogSrc Policy providing a concrete implementation of a syslog source for a firewall. |
|
|
|
|
├
|
|
nws:SyslogSrcDef Read-only instance of syslog source for a firewall. Intended for internal use. |
|
|
├
|
|
qos:ABuffer The buffer policy holder describes the minimum guaranteed packet buffer reservations. These are applied per class currently in the system. |
|
|
|
├
|
|
qos:Buffer The buffering information of a class, such as the minimum buffer required for a class. This is applied at system level |
|
|
|
├
|
|
qosp:Buffer The buffering information of a class, such as the minimum buffer required for a class, which is applied at system level. |
|
|
├
|
|
qos:ACong An abstraction of a congestion management policy holder. This object describes congestion algorithms and ECN information. These are applied at a per class today in the system. |
|
|
|
├
|
|
qos:Cong The congestion algorithm and ECN information of a class. This is applied at system level |
|
|
|
├
|
|
qosp:Cong A container for the congestion policy. This container holds information that describes the congestion parameters of the class such as ECN, WRED, and Tail-drop. These congestion parameters are applied at per class-level in the system. |
|
|
├
|
|
qos:AQueue An abstraction of a queue management policy holder. This object describes the queue threshold parameters, such as management method, limits, etc. These are applied at a per class today in the system. |
|
|
|
├
|
|
qos:Queue The queuing information, such as the limit and queuing method. This is applied at system level. |
|
|
|
├
|
|
qosp:Queue A container for the queue management policy. This container holds information that describes the queue threshold parameters, such as the management method, which are applied at a per-class basis in the system. |
|
|
├
|
|
qos:ASched An abstraction of a schedule policy holder. This object describes the minimum guaranteed packet buffer reservations. These are applied at a per class today in the system. |
|
|
|
├
|
|
qos:Sched The information about the scheduling parameter of the class. This object has the scheduling method and bandwidth parameter and is applied at system level. |
|
|
|
├
|
|
qosp:Sched A container for the schedule policy. This container holds information that describes the bandwidth and scheduling algorithm (Strict priority or WRR), which are applied at a per-class basis in the system. |
|
|
|
|
├
|
|
qos:Dot1PClassDef The definition class to be attached to the endpoint profile. Note that this is an internal object. |
|
|
|
|
├
|
|
qos:DscpClassDef The definition class to be attached to the endpoint profile. Note that this is an internal object. |
|
|
├
|
|
rtctrl:CtxP The context policy, which is a unique layer 3 forwarding and application policy domain. The context defines a layer 3 address domain. |
|
|
├
|
|
rtctrl:Scope The route context Scope. The scope defines the node on which the policy is deployed. |
|
|
|
|
├
|
|
pim:BidirPatPol Not configurable until feature is ready - Bidirectional Multicast Pattern policy |
|
|
|
|
├
|
|
pim:BSRPDef The Bootstrap Router (BSR) policy definition. |
|
|
|
├
|
|
snmp:ClientGrp A client group is a group of client IP addresses that allows SNMP access to routers or switches. |
|
|
|
├
|
|
snmp:ClientGrpP A client group is a group of client IP addresses that allows SNMP access to routers or switches. |
|
|
|
├
|
|
snmp:CommSecP A security profile using a community string match for authentication. |
|
|
|
├
|
|
snmp:CommunityP The SNMP community profile enables access to the router or switch statistics for monitoring.
SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network. |
|
|
├
|
|
snmp:AUserP An abstract representation of a user profile. |
|
|
|
├
|
|
snmp:UserP The SNMP user profile is used to associate users with SNMP policies for monitoring devices in a network.
SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network. |
|
|
├
|
|
span:ASource The abstraction of a SPAN source. A SPAN source is where traffic is sampled. A SPAN source can be an endpoint group (EPG), one or more ports, or port traffic filtered by an EPG (Access SPAN), a Layer 2 bridge domain, or a Layer 3 context (Fabric SPAN). When you create a traffic monitoring session, you must select a SPAN source and a SPAN destination. The type of session (Tenant, Access or fabric) determines the allowed types of SPAN sources and d... |
|
|
|
├
|
|
span:FabSource The fabric source port (also called a monitored port), which is a switched port that you monitor for network traffic analysis. In a single local SPAN session, you can monitor source port traffic such as received (Rx), transmitted (Tx), or bidirectional (both). The switch supports any number of source ports (up to the maximum number of available ports on the switch). |
|
|
|
├
|
|
span:Source The SPAN or ERSPAN source, which is where traffic is sampled. A source can be an endpoint group (EPG), one or more ports, or port traffic filtered by an EPG (Access SPAN), a Layer 2 bridge domain, or a Layer 3 context (Fabric SPAN). When you create a traffic monitoring session, you must select a source and a destination. The type of session (Tenant, Access, or Fabric) determines the allowed types of sources and destinations. The destination can b... |
|
|
├
|
|
span:Destination The SPAN destination, which is where network traffic is sent for analysis by a network analyzer. A SPAN destination can be local or remote (ERSPAN). When you create a traffic monitoring session, you must select a SPAN source and a SPAN destination. The type of session (Tenant, Access, or Fabric) determines the allowed types of SPAN sources and destinations. The destination can be either a port or an endpoint group. If the destination is a port, i... |
|
|
|
├
|
|
span:ERDestination The ERSPAN destination, which is where network traffic is sent for analysis by a network analyzer. When you create a traffic monitoring session, you must select an ERSPAN source and ERSPAN destination. The type of session (Tenant, Access, or Fabric) determines the allowed types of ERSPAN sources and destinations. The destination can be either a remote port or endpoint group. If the destination is a port, it should not be one that has been config... |
|
|
|
├
|
|
span:LDestination The local SPAN destination, which is where network traffic is sent for analysis by a network analyzer. When you create a traffic monitoring session, you must select an local SPAN source and destination. The type of session (Tenant, Access, or Fabric) determines the allowed types of local SPAN sources and destinations. The destination can be either a port or endpoint group. If the destination is a port, it should not be one that has been configur... |
|
|
├
|
|
span:Session A local SPAN session is an association of a destination port with source ports. You can monitor incoming or outgoing traffic on a series or range of ports. |
|
|
├
|
|
stats:AColl A superclass that configures collection rules according to the granularity of the statistics. |
|
|
|
├
|
|
stats:Coll The collection configuration policy, which configures the collection policy according to the granularity of the statistics.. This is also a container for threshold policies for the statistic granularity. |
|
|
|
├
|
|
stats:HierColl The statistics collection policy, which enables you to determine how often the system collects data and to specify how far back in time data should be collected. |
|
|
|
├
|
|
stats:ExportJob The model for the holding status of an export job for statistical data. |
|
|
├
|
|
stats:AThrP The superclass for the statistical threshold policy. Subclasses represent export policies for specific data types. |
|
|
|
├
|
|
stats:ThrDoubleP The concrete statistical threshold policy for a double data type. |
|
|
|
├
|
|
stats:ThrFloatP The concrete statistical threshold policy for a float data type. |
|
|
|
├
|
|
stats:ThrSByteP The concrete statistical threshold policy for a signed byte data type. |
|
|
|
├
|
|
stats:ThrSint16P The concrete statistical threshold policy for a 16-bit signed Int data type. |
|
|
|
├
|
|
stats:ThrSint32P The concrete statistical threshold policy for a 32-bit signed Int data type. |
|
|
|
├
|
|
stats:ThrSint64P The concrete statistical threshold policy for a 64-bit signed integer data type. |
|
|
|
├
|
|
stats:ThrTriggerP The concrete statistical threshold policy for a trigger counter type. |
|
|
|
├
|
|
stats:ThrUByteP The concrete statistical threshold policy for an unsigned byte data type. |
|
|
|
├
|
|
stats:ThrUint16P The concrete statistical threshold policy for a 16-bit unsigned Int data type. |
|
|
|
├
|
|
stats:ThrUint32P The concrete statistical threshold policy for a 32-bit unsigned Int data type. |
|
|
|
├
|
|
stats:ThrUint64P The concrete statistical threshold policy for a 64-bit unsigned integer data type. |
|
|
├
|
|
stats:Reportable A statistics policy container, which contains statistic collections and export policies for different types of statistics. |
|
|
├
|
|
stp:EncapSegIdPair The table created at the node for efficient lookups of the spanning tree flooding segment ID. This table is created from the spanning-tree protocol encap block definition for allocated IDs and the base segment ID used for the range pushed by IFC. |
|
|
|
├
|
|
callhome:InvP The call home inventory policy is used to send Call Home messages with system inventory information. |
|
|
|
|
├
|
|
config:ExportP A configuration export policy is used to backup the system configuration. |
|
|
|
|
├
|
|
config:ImportP A configuration import policy specifies how to import a fabric configuration file. |
|
|
|
├
|
|
dbgexp:ExportP The data export policy creates an archive containing configuration information, logs and diagnostic data that will help TAC with troubleshooting and resolving a technical issue. This is an abstract class for technical support and core policies. |
|
|
|
|
├
|
|
dbgexp:CoreP The core policy provides a core file report containing data about the system and the component at the time of the failure. |
|
|
|
|
|
├
|
|
dbgexp:TechSupOnD The on-demand tech support policy creates an archive containing configuration information, logs and diagnostic data that will help TAC with troubleshooting and resolving a technical issue. |
|
|
|
|
├
|
|
dbgexp:TechSupP A tech support policy creates an archive containing configuration information, logs and diagnostic data that will help TAC with troubleshooting and resolving a technical issue. |
|
|
|
├
|
|
maint:AMaintP The maintenance policy specifies when and how maintenance takes place. |
|
|
|
|
├
|
|
maint:CatMaintP The catalog maintenance policy specifies when catalog maintenance takes place. |
|
|
|
|
├
|
|
maint:CtrlrMaintP The controller maintenance policy specification describes when and how maintenance takes place. |
|
|
|
|
├
|
|
maint:MaintP The maintenance policy determines the pre-defined action to take when there is a disruptive change made to the service profile associated with the node or set of nodes. |
|
|
|
|
├
|
|
maint:MaintPOnD The On Demand Maintenance policy specification for the node, which describes when and how maintenance takes place. |
|
|
├
|
|
tunnel:Cons tunnel:Cons: Used for reference counting the consumers responsible for
creation of this tunnel |
|
|
|
├
|
|
vns:LDevCtx A device cluster context points to the device cluster used to pick a specific device based on contract, subject, and function label or names. To specify a wild card, set the name to Any. |
|
|
|
├
|
|
vns:LDevHint Contains hints for the device cluster that must be picked for a specific node of a graph that belongs to a specific subject of a specific contract. In the absence of this hint in an abstract graph, a match for a device cluster context will be done based on the name of the contract, subject, and node. If that fails, a match will be made by wildcarding: the contract followed by the contract, and the subject followed by the contract, subject, and no... |
|
|
|
├
|
|
vns:LIfCtx The logical interface context points to the logical interface used to pick a specific logical interface based on the connector name. To specify a wild card, set the name to Any. |
|
|
|
├
|
|
vns:LIfHint Contains hints for the logical interface that must be picked for a specific connector of a graph that belongs to the selected device cluster. The device cluster is selected based on device cluster hint. |
|
|
|
├
|
|
vns:InTerm An input terminal node. For abstract graphs (AbsGraph), InTerm refers to the terminal node at the input end. |
|
|
|
├
|
|
vns:OutTerm An output terminal node. For abstract graphs (AbsGraph), OutTerm refers to the terminal node at the output end. |
|
|
├
|
|
vns:CtrlrMgmtPol The management policy for the controller appliance IP address. |
|
|
├
|
|
vns:FltInst The representation of a whitelist filter that needs to be applied on a particular endpoint group. |
|
|
├
|
|
vz:AFiltEntry An abstraction of a filter entry. A filter entry is a combination of network traffic classification properties. |
|
|
|
├
|
|
actrl:Entry The filter entry in the system, which is a unique set of classification filters identified by l4 parameters. |
|
|
|
├
|
|
vz:Entry A filter entry is a combination of network traffic classification properties. |
|
|
|
├
|
|
vz:RFltE A remote filter entry. A filter entry is a combination of network traffic classification properties. Note that this relation is an internal object. |
|
|
├
|
|
vz:ASubj The abstraction of a subject. A subject represents a sub application running behind an endpoint group. For example, an exchange server or a firewall. |
|
|
|
├
|
|
vz:Subj A subject is a sub-application running behind an endpoint group (for example, an Exchange server). A subject is parented by the contract, which can encapsulate multiple subjects. An endpoint group associated to a contract is providing one or more subjects or is communicating with the subject as a peer entity. An endpoint group always associates with a subject and defines rules under the association for consuming/providing/peer-to-peer communicati... |
|
|
|
├
|
|
vz:TSubj The subjects for a service contract represents a sub-application running behind an endpoint group, such as an exchange server. A subject is parented by the contract. |
|
|
├
|
|
vz:ATerm The abstraction of a terminal. |
|
|
|
├
|
|
vz:ASTerm An abstraction of a subject terminal. |
|
|
|
|
├
|
|
vz:InTerm An input terminal node. For abstract graphs, this is the terminal node at the input end. |
|
|
|
|
├
|
|
vz:OutTerm An output terminal node. For abstract graphs, this is the terminal node at the output end. |
|