├
|
|
pol:Obj Represents a generic policy object. |
|
├
|
|
comm:RLTepInfo This object holds TEP address for RemoteLeaf information . |
|
├
|
|
comp:Obj An abstraction of compute objects in the system. This object is generated and used only by internal process. |
|
|
├
|
|
comp:StatsPol The statistics policy for the controller. This object is generated and used internally by the system |
|
├
|
|
copp:ACustomValues Base Class for all the custom settings a user can apply under a coppAProfile of type custom |
|
|
├
|
|
dhcp:Option The DHCP option is used to supply DHCP clients with configuration parameters such as a domain, name server, subnet, and network address. DHCP provides a framework for passing configuration information to clients on a TCP/IP network. The configuration parameters, and other control information, are carried in tagged data items that are stored in the options field of a DHCP message. The data items themselves are also called options. You can view, se... |
|
|
├
|
|
dhcp:OptionDef The option definition. Each DHCP option is defined by a unique name, ID, and option data. |
|
├
|
|
dhcp:Ep The DHCP Discovered Endpoint. |
|
├
|
|
dns:AProv Sets the DNS provider parameters. DNS uses a hierarchical scheme for establishing host names for network nodes, which allows local control of the segments of the network through a client-server scheme. The DNS system can locate a network device by translating the hostname of the device into its associated IP address. |
|
|
├
|
|
dns:Prov The DNS provider is a DNS server that uses a hierarchical scheme for establishing host names for network nodes, which local control of the segments of the network through a client-server scheme. The DNS system can locate a network device by translating the hostname of the device into its associated IP address. |
|
|
├
|
|
dns:Provider The DNS provider is a DNS server that uses a hierarchical scheme for establishing host names for network nodes, which local control of the segments of the network through a client-server scheme. The DNS system can locate a network device by translating the hostname of the device into its associated IP address. |
|
├
|
|
fabric:ANodeBlk A base class for node blocks. This is a range of nodes. Each node block begins with the first port and ends with the last port. |
|
|
├
|
|
fabric:NodeBlk The node block. This is a range of nodes. Each node block begins with the first port and ends with the last port. |
|
|
├
|
|
infra:ConnNodeBlk The Connectivity Node Block is used for grouping nodes for connecting hosts (such as hypervisor). |
|
|
├
|
|
infra:NodeBlk A node block is a range of nodes. Each node block begins with the first port and ends with the last port. |
|
├
|
|
fabric:APodBlk The definition of a block object that represents selection ranges. |
|
|
├
|
|
fabric:PortBlk A port block. This represents a range of ports and a range of cards. Each port block starts with the first port and first card and ends with the last port and last card. |
|
|
├
|
|
infra:ConnPortBlk The connectivity port block is used for grouping ports between the node and the host (such as hypervisor). |
|
|
├
|
|
infra:PortBlk The port block enables you to specify a range of interfaces. |
|
├
|
|
fabric:SecurityToken Holds the internal fabric security token
(for various protocols - coop, isis) |
|
|
|
├
|
|
hcloud:InfraRes This object contains the hierarcy of the infrastructure resources that the cloud provider offers. Examples are message queues, storage services etc |
|
|
|
├
|
|
hcloud:MsgQ Message queue services offered by the provider |
|
|
|
├
|
|
hcloud:Topic Topic is the container for the notifications from various resources in the pub sub model |
|
|
├
|
|
infra:ConnFexBlk A block used for grouping fex for connecting hosts (such as hypervisor). |
|
├
|
|
pol:Comp Represents a policy component. This object is part of the policy definition. |
|
|
├
|
|
callhome:ADest Dest indentifies a single destination to which a callhome
message is sent. Multipe destinations can be configured in a single
callhome Group and a called message will be sent to all destinations that are
part of that Group (depending on the severity level of the destinations and the
message).
|
|
|
|
├
|
|
callhome:Dest The Call Home destination profile contains the delivery information for receiving email-based alert notifications of critical system policies.
A range of message formats are available for compatibility with pager services or XML-based automated parsing applications. You can use this feature to page a network support engineer, email a Network Operations Center, or use Cisco Smart Call Home services to generate a case with the Technical Assistance... |
|
|
├
|
|
comm:Comp default port value is 0. All services that have assigned port override port value. 0 indicates that this service does not use a separate port |
|
|
|
├
|
|
comm:Shell SuperClass for shell-based access (Ssh and Telnet) and not directly used for user configuration. |
|
|
|
|
├
|
|
comm:Ssh Object that encompasses properties related to Secure Shell access to the APIC, namely admin-state (default=enabled) and port(default=22). |
|
|
|
├
|
|
comm:Web SuperClass for web based access (HTTP and HTTPS) and not directly used for user configuration. |
|
|
├
|
|
compat:Filter Feature filter - software is not compatible when any of the filters evaluates to True |
|
|
├
|
|
coop:Rep The COOP repository. The user can only change the associated policy. |
|
|
├
|
|
datetime:ANtpAuthKey This object is a digital signature. The usual data packet plus the key is used to build a non-reversible number that is appended to the packet. The receiver (having the same key) does the same computation and compares the result. If the results match, authentication succeeds. |
|
|
|
├
|
|
datetime:NtpAuth The NTP client authentication configures the device to authenticate the time sources to which the local clock is synchronized. When you enable NTP authentication, the device synchronizes to a time source only if the source carries one of the authentication keys specified by the ntp trusted-key command. The device drops any packets that fail the authentication check and prevents them from updating the local clock. NTP authentication is disabled by... |
|
|
|
├
|
|
datetime:NtpAuthKey The date/time NTP authentication key is used to define a client authentication key if your NTP server requires authentication. |
|
|
├
|
|
datetime:ANtpProv These user-configured NTP provider names are listed as host names/IP addresses and can be between 1 and 64 alphanumeric characters. These names cannot be changed after the objects have been saved. |
|
|
|
├
|
|
dbg:ACRuleIp The IP match rule policy for atomic counter probe. |
|
|
├
|
|
dbg:AtomicCntrP User-configured flows/match rules for atomic counter probes. |
|
|
|
├
|
|
bgp:RRNodePEp The MP-BGP Route Reflector End Point Policy is used to specify Route Reflector Nodes/Spines for the MP-BGP running inside the fabric. |
|
|
|
├
|
|
fabric:NodePEp The node policy endpoint. This is specified by a unique node ID. |
|
|
|
├
|
|
pres:Resolver This is generated and used only by internal processes. |
|
|
├
|
|
fabric:ProtLink The information about a protected link between two fabric nodes. |
|
|
|
|
├
|
|
dns:Dom The DNS domain uses a hierarchical scheme for establishing host names for network nodes and allows local control of the segments of the network through a client-server scheme. The DNS system can locate a network device by translating the hostname of the device into its associated IP address. |
|
|
|
|
├
|
|
dns:Domain The DNS domain uses a hierarchical scheme for establishing host names for network nodes and allows local control of the segments of the network through a client-server scheme. The DNS system can locate a network device by translating the hostname of the device into its associated IP address. |
|
|
|
|
├
|
|
edr:EventP The per event recovery policy specifies from which error event a port is allowed to recover. The supported error events are bpdu guard, mcp loop, and ep move. |
|
|
|
|
├
|
|
stp:MstDomPol The MST domain policy enables you to assign two or more VLANs to a spanning tree instance. MST is not the default spanning tree mode; Rapid per VLAN Spanning Tree (Rapid PVST+) is the default mode. MST instances with the same name, revision number, and VLAN-to-instance mapping combine to form an MST region. The MST region appears as a single bridge to spanning tree configurations outside the region. MST fails over to IEEE 802.1D Spanning Tree Pro... |
|
|
|
|
├
|
|
stp:MstRegionPol The MST region policy enables switches to participate in MST instances when you consistently configure the switches with the same MST configuration information. A collection of interconnected switches that have the same MST configuration is an MST region. An MST region is a linked group of MST bridges with the same MST configuration. |
|
|
|
|
├
|
|
bgp:AAsP The profile of an autonomous system (AS) is a set of routers under a single technical administration, using an interior gateway protocol (IGP) and common metrics to determine how to route packets within the AS, and using an inter-AS routing protocol to determine how to route packets to other autonomous systems. |
|
|
|
|
|
├
|
|
bgp:AsDef An internal object for the BGP autonomous system profile definition. |
|
|
|
|
|
├
|
|
bgp:AsP The BGP autonomous system profile information. |
|
|
|
|
├
|
|
bgp:AExtP The profile of an external BGP neighbor. |
|
|
|
|
|
├
|
|
bgp:ExtDef An internal object for the BGP external profile definition. |
|
|
|
|
|
├
|
|
bgp:ExtP When created, this profile indicates that IBGP will be configured for the endpoint groups in this external network. |
|
|
|
|
├
|
|
bgp:ALocalAsnP An abstraction of a local autonomous system (AS) information profile. |
|
|
|
|
|
├
|
|
bgp:LocalAsnP The local autonomous system information pertaining to a peer. |
|
|
|
|
├
|
|
bgp:APeerP The profile for connecting with a BGP peer. |
|
|
|
|
|
|
├
|
|
bgp:PeerDef An internal object for the BGP peer connectivity definition. |
|
|
|
|
|
├
|
|
bgp:PeerP The BGP peer connectivity profile contains the peer IP address and defines the peer connectivity control settings. These values are for BGP routers, which can only exchange routing information when they establish a peer connection between them. |
|
|
|
|
├
|
|
bgp:ARRP Abstract Route Reflector Profile |
|
|
|
|
|
├
|
|
bgp:RRP The BGP route reflector profile information. |
|
|
|
|
├
|
|
eigrp:AExtP The abstraction of an EIGRP external profile. |
|
|
|
|
|
├
|
|
eigrp:ExtP The EIGRP external profile information. |
|
|
|
|
├
|
|
eigrp:AIfP The abstraction of an interface profile. |
|
|
|
|
|
├
|
|
eigrp:IfP The EIGRP interface profile, which enables EIGRP on the interface. Optionally, the EIGRP interface profile can have a relation to an EIGRP interface policy for more granular control over interface proprieties. |
|
|
|
|
├
|
|
l3ext:AIp The abstraction of a secondary IP address. |
|
|
|
|
|
├
|
|
l3ext:Ip A secondary IP address policy. |
|
|
|
|
|
├
|
|
l3ext:IpDef The definition of a secondary IP address policy. |
|
|
|
|
├
|
|
mgmt:AIp Secondary interface connection parameters |
|
|
|
|
|
├
|
|
mgmt:Ip Secondary interface connection parameters |
|
|
|
|
|
├
|
|
mgmt:IpDef Secondary interface connection parameters definition |
|
|
|
|
├
|
|
ospf:AExtP An abstraction of the OSPF external profile. |
|
|
|
|
|
├
|
|
ospf:ExtP The OSPF external profile information. |
|
|
|
|
├
|
|
ospf:AIfP An abstraction of the OSPF interface profile information. |
|
|
|
|
|
├
|
|
ospf:IfP The OSPF interface profile enables OSPF on the interface. Optionally, the OSPF interface profile can have a relation to an OSPF interface policy for more granular control over interface proprieties. |
|
|
|
|
|
├
|
|
rtctrl:AttrP The action rule profile, which specifies actions for events that meet a configured action rule. |
|
|
|
|
|
|
|
├
|
|
ip:RouteDef The route definitions, which are are used for pushing subnets and static routes to PE. They also push subnets under EpPD to VMMMGR
(for configuring external networks in vCD). |
|
|
|
|
|
|
|
├
|
|
ip:RouteP Configure the IP address and next hop IP address for the routed outside network. |
|
|
|
|
|
├
|
|
rtctrl:ASetComm The abstraction of a set action rule based on communities. |
|
|
|
|
|
├
|
|
rtctrl:ASetNh Sets the action rule based on a next hop address. |
|
|
|
|
|
|
├
|
|
rtctrl:SetNh Sets action rule based on the next hop address. |
|
|
|
|
|
├
|
|
rtctrl:ASetTag The abstraction of a set action rule based on the route tag. |
|
|
|
|
|
|
├
|
|
l3ext:AInstPSubnet An abstract logical node profile. This defines the characteristics to be applied to resources that match with the profile name. |
|
|
|
|
|
|
|
├
|
|
l3ext:SubnetDef An internal object that represents subnets defined under an L3 outside. |
|
|
|
|
|
├
|
|
fv:Subnet A subnet defines the IP address range that can be used within the bridge domain. While a context defines a unique layer 3 space, that space can consist of multiple subnets. These subnets are defined per bridge domain. A bridge domain can contain multiple subnets, but a subnet is contained within a single bridge domain. |
|
|
|
|
|
|
├
|
|
mgmt:Subnet The external subnet to be imported. The bridge domain context defines a unique IP address space, which can consist of
multiple subnets. Those subnets are defined in one or more bridge domains that reference the corresponding context. |
|
|
|
|
|
├
|
|
nd:RaSubnet Neighbor Discovery (ND) uses ICMPv6 messages known as Router advertisement (RA) messages, which have a value of 134 in the Type field of the ICMP packet header, are periodically sent out each configured interface of an IPv6 device. For stateless autoconfiguration to work properly, the advertised prefix length in RA messages must always be 64 bits. |
|
|
|
├
|
|
callhome:SmtpServer The hostname or IP for export destination. Call Home sends email messages to either the IP address or hostname, and the associated port number. |
|
|
|
|
├
|
|
file:RemotePath The remote destination path parameters for the data export. |
|
|
|
|
├
|
|
stats:DestP The export policy. The export policy enables you to output statistics collection policy reports in an XML or JSON format. The reports are exported at a specified frequency and to a chosen export destination.
Specifying the export destination can require selecting the protocol used when communicating with a remote server and entering a hostname/IP address, a remote path, the username and password the system should use to log in to the remote s... |
|
|
|
├
|
|
snmp:TrapDest A destination to which traps and informs are sent. |
|
|
|
├
|
|
syslog:RemoteDest The syslog remote destination host enables you to specify syslog servers to which messages from the APIC and fabric nodes should be forwarded. |
|
|
├
|
|
firmware:Source The firmware source specifications including CCO, and any server (SCP, HTTP, FTP) in which Curl can extract files. |
|
|
|
├
|
|
firmware:InternalSource The internal source of firmware images, which contains images that are pre-packaged into the controller. |
|
|
├
|
|
fmcast:NodePEp The root of the multicast tree. Note that only the spine can be the root. |
|
|
├
|
|
fmcast:NumTree The number of multicast trees rooted on the node. For example, the number of multicast tree objects contained by the multicast tree root object . |
|
|
├
|
|
fmcast:TreeEp The multicast tree. This is an internal object that contains the tree number and is used for propagating tree information between the APIC and the nodes. |
|
|
|
├
|
|
fv:ImplEpAnycast represents the Implicit counterpart for fv:EpAnycast.
This is not externally configurable and used
internally during graph rendering for matching
connectors to BD |
|
|
|
├
|
|
fv:FcIfConn Represents the FC If connectivity parametres |
|
|
|
├
|
|
fv:IfConn Connectivity parameters for an interface. |
|
|
├
|
|
fv:ASiteConnP Abstract class for Multisite Connectivity Information |
|
|
|
├
|
|
fv:SiteConnP Container for Local Multisite Connectivity Information for MultiSite deployments |
|
|
|
├
|
|
fv:SiteConnPDef Container for Local Multisite Connectivity Information for MultiSite deployments |
|
|
├
|
|
fv:CepNetCfgPol Represents Client End Point network configuration policy,
Used this information for Microsoft SCVMM/Azure application
to create SCVMM static IP pool |
|
|
├
|
|
fv:Comp An abstraction of the fabric virtualization policy definition. |
|
|
|
├
|
|
fv:ATg Base class for the Attachable Target Group |
|
|
|
|
├
|
|
fv:CCg A special endpoint group representing a set of connectivity rules to a compute container or hypervisor. |
|
|
|
|
|
├
|
|
cloud:ABaseEPg Abstract Base Cloud EPg for both Explicit and Implicit cloud EPG's. |
|
|
|
|
|
|
├
|
|
cloud:AAEPg Abstract Cloud EPg. Named AAEPg in order to avoid confusing this with
Application EPg |
|
|
|
|
|
├
|
|
extnw:EPg An abstraction of a policy controlling connectivity to an external network such as another fabric or WAN. |
|
|
|
|
|
|
├
|
|
l2ext:InstP The external network instance profile represents a group of external
subnets that have the same security behavior. These subnets inherit contract profiles
applied to the parent instance profile. Each subnet can also associate to route
control profiles, which defines the routing behavior for that subnet. |
|
|
|
|
|
|
├
|
|
l3ext:InstP The external network instance profile represents a group of external subnets that have the same security behavior. These subnets inherit contract profiles applied to the parent instance profile. Each subnet can also associate to route control profiles, which defines the routing behavior for that subnet. |
|
|
|
|
|
├
|
|
fv:CEPg A set of hypothetical client endpoints attaching to the network. |
|
|
|
|
|
|
├
|
|
fv:AEPg A set of requirements for the application-level EPG instance. The policy regulates connectivity and visibility among the end points within the scope of the policy. |
|
|
|
|
|
|
|
├
|
|
vns:EPpInfo Internal object to store encap info (vlan ID) for an endpoint. |
|
|
|
|
|
├
|
|
infra:EPg Abstraction of an infrastructure endpoint group. |
|
|
|
|
|
|
├
|
|
infra:ACEPg An abstraction of the infrastructure client endpoint group. The client endpoint group represents a set of hypothetical client endpoints attaching to the network. |
|
|
|
|
|
|
|
├
|
|
dhcp:CRelPg A group of DHCP relay function providers: A set of DHCP Server to which client DHCP requests are relayed. |
|
|
|
|
|
|
|
├
|
|
infra:CEPg A base class for the client endpoint group. |
|
|
|
|
|
|
├
|
|
infra:APEPg An abstraction of the infrastructure provider endpoint group. The provider endpoint group represents a set of hypothetical provider endpoints attaching to the network; for example, a set of DHCP servers, fabric relays, or client requests. |
|
|
|
|
|
|
|
├
|
|
dhcp:PRelPg A group of DHCP Relay Function Providers: A set of DHCP Servers to which client DHCP Requests are relayed. |
|
|
|
|
|
├
|
|
mgmt:InB The in-band management endpoint group consists of switches (leaves/spines) and APICs.
Each node in the group is assigned an IP address that is dynamically allocated from the address pool associated with the corresponding
in-band management zone. The allocated IP address is then configured as the in-band management access IP address on the corresponding node.
Any host that is part of another endpoint group can communicate with the nodes in the... |
|
|
|
|
├
|
|
mgmt:InstP The external management entity instance profile communicates with nodes that are part of out-of-band management endpoint group. To enable this communication, a contract is required between the instance profile and the out-of-band management endpoint group. |
|
|
|
|
├
|
|
mgmt:OoB An out-of-band management endpoint group, which consists of switches (leaves/spines) and APICs that are part of the associated
out-of-band management zone. Each node in the group is assigned an IP address that is dynamically allocated from the address pool
associated with the corresponding out-of-band management zone. The allocated IP address is then configured on the out-of-band management
port of the corresponding node. Hosts that are par... |
|
|
|
├
|
|
vz:Any vzAny associates all endpoint groups (EPGs) in a context (fvCtx) to one or more contracts (vzBrCP), rather than creating a separate contract relation for each EPG. EPGs can only communicate with other EPGs according to contract rules. A relationship between an EPG and a contract specifies whether the EPG provides the communications defined by the contract rules, consumes them, or both. By dynamically applying contract rules to all EPGs in a conte... |
|
|
├
|
|
fv:Encap The encapsulation associated with the functions. |
|
|
├
|
|
fv:EncapDef An internal encapsulation definition. This is an internal object used for deployment of encapsulation. |
|
|
├
|
|
fv:ExtLocaleCont A container for the extended fabric node information shared across all nodes. |
|
|
├
|
|
fv:ExtPodSubnetDef PODs Ext TEP Pool Definition. The ext tep pool is
associated with a virtual pod (vPOD) |
|
|
├
|
|
fv:SystemGIPoDef System GIPo - one value across the whole fabric. Its used when sending
multicast traffic across PODs.
@@@ It is same as Infra BDs GIPo. It should work according to switch team
@@@ Its sharded by the tenant infra's dn. |
|
|
|
├
|
|
fvns:McastAddrBlk The multicast address block policy defines the multicast IP address ranges. These addresses can be used for various purposes, such as VxLAN encapsulation. |
|
|
|
├
|
|
fvns:UcastAddrBlk Defines the first and last unicast IP addresses in the namespace block. |
|
|
├
|
|
geo:Building The building identifier where the node is located. |
|
|
├
|
|
geo:Floor The floor number of the building where the node is located. |
|
|
├
|
|
geo:Rack The rack identifier where the node is located. |
|
|
├
|
|
geo:Room The room name or number where the node is located. |
|
|
├
|
|
geo:Row The row name where the node is located. |
|
|
├
|
|
health:Pol Defines how much influence a child's health score has on its parent's health score. |
|
|
├
|
|
hvs:Encap Contains the encap and multicast address of the ExtPol. If this child encap exists, the ExtPol uses this encap or the encap properties of the ExtPol. |
|
|
├
|
|
ident:Block The base class for the ID block subclasses must have the From and To properties defined. |
|
|
├
|
|
igmp:ASnoopAccessGroup IGMP Snoop Access Group, defines a filter for the IGMP
joins that can be accepted on a given port/encap or
fvAEPg. This enable to perform a selective admission
control on certain interfaces |
|
|
|
├
|
|
igmp:SnoopAccessGroupDef In case the filter will take place at the fvAEPg level For future releases Internal Representation of an IGMP snooping filter |
|
|
├
|
|
igmp:ASnoopStaticGroup IGMP Snoop Static Group, it's used to allow a tenant
admin to statically join a multicast stream on some
port,encap or fvAEPG |
|
|
|
├
|
|
igmp:SnoopStaticGroupDef In case the static group membership is at the
fvAEPg level For future releases Internal representation of the group memebership |
|
|
├
|
|
infra:AFunc The abstraction of a function or functions provided by the port selector. |
|
|
|
├
|
|
infra:Boot The hypervisor boot function provides the policies used for booting hypervisors. For example, the VLAN and endpoint group policies used during hypervisor bootup. |
|
|
|
├
|
|
infra:Generic The hypervisor generic function provides policies used for any generic hypervisor functionality. This can be used when any other pre-defined functions are not sufficient. The VLAN and endpoint group policies associated with this function are deployed on the leaf ports. |
|
|
|
├
|
|
infra:Image The port characteristics required for accessing storage. Note that this is only used for L2 storage. |
|
|
|
├
|
|
infra:Mgmt The Vcenter management connectivity. The Vcenter management encap is a regular VLAN. |
|
|
|
├
|
|
infra:ProvAcc The provider access function is defined when the hypervisor is using an encapsulation protocol, such as VxLAN/NVGRE, and provides the policies to impacting VxLAN/NvGRE packets from NVGRE. You do not need to provide the encapsulation VLAN and endpoint for the provider access function. The system uses the Infra VLAN (provided during APIC bootup) as the encapsulation and associates it to the default endpoint group under the default tenant. |
|
|
|
├
|
|
infra:Storage The hypervisor storage function provides the policies used for hypervisors and virtual machines to access the storage network. For example, the VLAN and endpoint group policies. |
|
|
├
|
|
infra:ANode A node is a base class representing the node where the endpoint group will be deployed. |
|
|
|
├
|
|
fv:ANode Abstract Node Definition
@@@ Class for passing some internal node specific information between PM & PE |
|
|
|
|
├
|
|
fv:ExtNodeDef ExtNodeDef represents a node that is external to the
pod, like a remote leaf node. |
|
|
|
|
├
|
|
fv:NodeDef Node Definition
@@@ Class for passing some internal node specific information between PM & PE |
|
|
|
├
|
|
infra:Node The node where the endpoint group will be deployed. |
|
|
├
|
|
infra:AttPolicyGroup The attachable policy group acts as an override of the policies given at the AccBaseGrp for the ports associated with the Attachable Entity Profile. |
|
|
├
|
|
infra:Encap The encaps associated with the functions. |
|
|
├
|
|
infra:EncapDef The encapsulation information. This object is generated and used only by internal processes. |
|
|
├
|
|
infrazone:Zone Infrastructure Zone: Represents a policy deployment zone in the fabric. A zone consists of member nodes |
|
|
├
|
|
l2:Cons Used for reference counting the consumers corresponding to the RsPathDomAtt relation. Requirement from switch team: If an circuit is associated to port-x, then the BD should also get associated with the same port. This managed object is used for reference counting the circuit endpoints that need the BD-to-port association. |
|
|
├
|
|
l3:Cons Represents a consumer of a resource. |
|
|
├
|
|
l3ext:AMember The member. The member is used for providing per node IP address configuration. |
|
|
|
├
|
|
l3ext:Member The member. The member is used for providing per node IP address configuration. |
|
|
|
├
|
|
l3ext:MemberDef The member definition. The member is used for providing per node IP address configuration. This is used internally. |
|
|
|
├
|
|
mon:Target The base monitoring target policy model. |
|
|
|
|
├
|
|
mon:EPGTarget Creating a monitoring target will allow you to associate certain monitoring policies to the target object for this tenant. These associated policies can be related to stats collection, stats export, Callhome/SNMP/Syslog, event severities, fault severities, and fault lifecycle policies. The target object will be found in the Monitoring Object drop-down menu in the sub-folders of this monitoring policy, if available. |
|
|
|
|
├
|
|
mon:FabricTarget The monitoring target policy model for the fabric semantic scope. |
|
|
|
|
├
|
|
mon:InfraTarget Creating a monitoring target will allow you to associate certain monitoring policies to the target object for the fabric infrastructure. These associated policies can be related to stats collection, stats export, Callhome/SNMP/Syslog, event severities, fault severities, and fault lifecycle policies. The target object will be found in the Monitoring Object drop-down menu in the sub-folders of this monitoring policy, if available. |
|
|
|
├
|
|
stats:ExportP The export policy, which enables you to output statistics collection policy reports in an XML or JSON format. The reports are exported at a specified frequency with an option for gzip file compression. |
|
|
|
├
|
|
callhome:AGroup CallHome Group brings together all information needed to send
CallHome messages to a set of destinations.
It is referenced by mon:Src, which determines what information
is sent |
|
|
|
|
├
|
|
callhome:Group Call Home provides an email-based notification for critical system policies. A range of message formats are available for compatibility with pager services or XML-based automated parsing applications. You can use this feature to page a network support engineer, email a Network Operations Center, or use Cisco Smart Call Home services to generate a case with the Technical Assistance Center. |
|
|
|
├
|
|
snmp:Group The SNMP destination group contains information needed to send traps or informs to a set of destinations..
SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network.
|
|
|
|
├
|
|
syslog:Group The syslog destination group contains all information required to send syslog messages to a group of destinations. |
|
|
|
├
|
|
tacacs:Group Group brings together all information needed to send
audit logs to a set of destinations.
It is referenced by mon:Source, which determines which events generate logs.
|
|
|
├
|
|
mon:ProtoP The objects in the hierarchy under mon:Pol (Policy, Target Subjects, ...) that define scopes for monitoring activities,
including statistics reporting and notification dispatching. To enable notification dispatching, a user attaches a mon:Src object under the
object with the desired scope. The source provides an association to a group, which contains all the information needed to dispatch notifications
to a set of destinations using a specifie... |
|
|
|
├
|
|
callhome:Prof Contains all site information and the address of the SMTP server used to send emails. |
|
|
|
├
|
|
syslog:Prof Represents the configuration parameters used for this protocol. |
|
|
├
|
|
mon:Src Acts as a tap: place it under another mon managed object to start funnelling events to the destinations in the group using
the specified profiles and credentials. Note that the creation of Fault/Event/Audit record managed objects happens independently of the
presence of an Src. |
|
|
|
├
|
|
callhome:ASrc Abstract Callhome source used for callhome and smart callhome |
|
|
|
|
├
|
|
callhome:Src The call home source profile determines the information to deliver and the urgency level for sending email-based alert notifications to a call home destination.
A range of message formats are available for compatibility with pager services or XML-based automated parsing applications. You can use this feature to page a network support engineer, email a Network Operations Center, or use Cisco Smart Call Home services to generate a case with the Te... |
|
|
|
├
|
|
snmp:Src The SNMP source profile determines the fault information, severity level, and destination for sending messages to the SNMP destination.
SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network
. |
|
|
|
├
|
|
syslog:Src The syslog source configures a syslog source that specifies the minimum severity of items to be sent as syslog messages to the syslog servers in the destination group. |
|
|
├
|
|
mon:Subj An abstract object that identifies a scope within a target. Reaction to conditions (fault/events) are examples of scopes that can be captured with a Subj MO. |
|
|
|
├
|
|
condition:CondP Represents a base class for policies on conditions within a given scope. |
|
|
|
|
|
├
|
|
event:SevAsnP Represents a policy that specifies the initial
and target severity for a specific event. |
|
|
|
|
|
├
|
|
fault:SevAsnP The initial and target severities for a specific fault can be specified in a custom or default monitoring policy directly under an observable target object. |
|
|
|
|
├
|
|
fault:LcP The fault lifecycle policy specifies the timer intervals of faults in their lifecycle. This policy can be specified in a common, default, or custom monitoring policy. Custom and default monitoring policies can be applied globally, per monitoring object or to a group of monitoring objects. |
|
|
├
|
|
monitor:Session The monitor session definition. There can only be a few sessions active at a given time (with a maximum of 4). |
|
|
|
├
|
|
nws:ASyslogSrc Abstract Syslog Source for Firewall. Contains configuration parameters for syslog functionality of the firewall device and a relation to the syslog group, which contains the list of destination servers |
|
|
|
|
├
|
|
nws:SyslogSrc Policy providing a concrete implementation of a syslog source for a firewall. |
|
|
|
|
├
|
|
nws:SyslogSrcDef Read-only instance of syslog source for a firewall. Intended for internal use. |
|
|
├
|
|
qos:ABuffer The buffer policy holder describes the minimum guaranteed packet buffer reservations. These are applied per class currently in the system. |
|
|
|
├
|
|
qos:Buffer The buffering information of a class, such as the minimum buffer required for a class. This is applied at system level |
|
|
|
├
|
|
qosp:Buffer The buffering information of a class, such as the minimum buffer required for a class, which is applied at system level. |
|
|
├
|
|
qos:ACong An abstraction of a congestion management policy holder. This object describes congestion algorithms and ECN information. These are applied at a per class today in the system. |
|
|
|
├
|
|
qos:Cong The congestion algorithm and ECN information of a class. This is applied at system level |
|
|
|
├
|
|
qosp:Cong A container for the congestion policy. This container holds information that describes the congestion parameters of the class such as ECN, WRED, and Tail-drop. These congestion parameters are applied at per class-level in the system. |
|
|
├
|
|
qos:AQueue An abstraction of a queue management policy holder. This object describes the queue threshold parameters, such as management method, limits, etc. These are applied at a per class today in the system. |
|
|
|
├
|
|
qos:Queue The queuing information, such as the limit and queuing method. This is applied at system level. |
|
|
|
├
|
|
qosp:Queue A container for the queue management policy. This container holds information that describes the queue threshold parameters, such as the management method, which are applied at a per-class basis in the system. |
|
|
├
|
|
qos:ASched An abstraction of a schedule policy holder. This object describes the minimum guaranteed packet buffer reservations. These are applied at a per class today in the system. |
|
|
|
├
|
|
qos:Sched The information about the scheduling parameter of the class. This object has the scheduling method and bandwidth parameter and is applied at system level. |
|
|
|
├
|
|
qosp:Sched A container for the schedule policy. This container holds information that describes the bandwidth and scheduling algorithm (Strict priority or WRR), which are applied at a per-class basis in the system. |
|
|
|
|
├
|
|
qos:Dot1PClassDef The definition class to be attached to the endpoint profile. Note that this is an internal object. |
|
|
|
|
├
|
|
qos:DscpClassDef The definition class to be attached to the endpoint profile. Note that this is an internal object. |
|
|
├
|
|
rtctrl:CtxP The context policy, which is a unique layer 3 forwarding and application policy domain. The context defines a layer 3 address domain. |
|
|
├
|
|
rtctrl:Scope The route context Scope. The scope defines the node on which the policy is deployed. |
|
|
|
|
├
|
|
pim:BidirPatPol Not configurable until feature is ready - Bidirectional Multicast Pattern policy |
|
|
|
|
├
|
|
pim:BSRPDef The Bootstrap Router (BSR) policy definition. |
|
|
|
├
|
|
rtdmc:AInterVRFPol WILL BE EXPOSED/IMPEMENTED in a future release
Abstraction of Multicast Inter VRF policy |
|
|
|
├
|
|
snmp:ClientGrp A client group is a group of client IP addresses that allows SNMP access to routers or switches. |
|
|
|
├
|
|
snmp:ClientGrpP A client group is a group of client IP addresses that allows SNMP access to routers or switches. |
|
|
|
├
|
|
snmp:CommSecP A security profile using a community string match for authentication. |
|
|
|
├
|
|
snmp:CommunityP The SNMP community profile enables access to the router or switch statistics for monitoring.
SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network. |
|
|
├
|
|
snmp:AUserP An abstract representation of a user profile. |
|
|
|
├
|
|
snmp:UserP The SNMP user profile is used to associate users with SNMP policies for monitoring devices in a network.
SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network. |
|
|
├
|
|
span:ASource The abstraction of a SPAN source. A SPAN source is where traffic is sampled. A SPAN source can be an endpoint group (EPG), one or more ports, or port traffic filtered by an EPG (Access SPAN), a Layer 2 bridge domain, or a Layer 3 context (Fabric SPAN). When you create a traffic monitoring session, you must select a SPAN source and a SPAN destination. The type of session (Tenant, Access or fabric) determines the allowed types of SPAN sources and d... |
|
|
|
├
|
|
span:FabSource The fabric source port (also called a monitored port), which is a switched port that you monitor for network traffic analysis. In a single local SPAN session, you can monitor source port traffic such as received (Rx), transmitted (Tx), or bidirectional (both). The switch supports any number of source ports (up to the maximum number of available ports on the switch). |
|
|
|
├
|
|
span:Source The SPAN or ERSPAN source, which is where traffic is sampled. A source can be an endpoint group (EPG), one or more ports, or port traffic filtered by an EPG (Access SPAN), a Layer 2 bridge domain, or a Layer 3 context (Fabric SPAN). When you create a traffic monitoring session, you must select a source and a destination. The type of session (Tenant, Access, or Fabric) determines the allowed types of sources and destinations. The destination can b... |
|
|
├
|
|
span:Destination The SPAN destination, which is where network traffic is sent for analysis by a network analyzer. A SPAN destination can be local or remote (ERSPAN). When you create a traffic monitoring session, you must select a SPAN source and a SPAN destination. The type of session (Tenant, Access, or Fabric) determines the allowed types of SPAN sources and destinations. The destination can be either a port or an endpoint group. If the destination is a port, i... |
|
|
|
├
|
|
span:ERDestination The ERSPAN destination, which is where network traffic is sent for analysis by a network analyzer. When you create a traffic monitoring session, you must select an ERSPAN source and ERSPAN destination. The type of session (Tenant, Access, or Fabric) determines the allowed types of ERSPAN sources and destinations. The destination can be either a remote port or endpoint group. If the destination is a port, it should not be one that has been config... |
|
|
|
├
|
|
span:LDestination The local SPAN destination, which is where network traffic is sent for analysis by a network analyzer. When you create a traffic monitoring session, you must select an local SPAN source and destination. The type of session (Tenant, Access, or Fabric) determines the allowed types of local SPAN sources and destinations. The destination can be either a port or endpoint group. If the destination is a port, it should not be one that has been configur... |
|
|
├
|
|
span:Session A local SPAN session is an association of a destination port with source ports. You can monitor incoming or outgoing traffic on a series or range of ports. |
|
|
├
|
|
stats:AColl A superclass that configures collection rules according to the granularity of the statistics. |
|
|
|
├
|
|
stats:Coll The collection configuration policy, which configures the collection policy according to the granularity of the statistics.. This is also a container for threshold policies for the statistic granularity. |
|
|
|
├
|
|
stats:HierColl The statistics collection policy, which enables you to determine how often the system collects data and to specify how far back in time data should be collected. |
|
|
|
├
|
|
stats:ExportJob The model for the holding status of an export job for statistical data. |
|
|
├
|
|
stats:AThrP The superclass for the statistical threshold policy. Subclasses represent export policies for specific data types. |
|
|
|
├
|
|
stats:ThrDoubleP The concrete statistical threshold policy for a double data type. |
|
|
|
├
|
|
stats:ThrFloatP The concrete statistical threshold policy for a float data type. |
|
|
|
├
|
|
stats:ThrSByteP The concrete statistical threshold policy for a signed byte data type. |
|
|
|
├
|
|
stats:ThrSint16P The concrete statistical threshold policy for a 16-bit signed Int data type. |
|
|
|
├
|
|
stats:ThrSint32P The concrete statistical threshold policy for a 32-bit signed Int data type. |
|
|
|
├
|
|
stats:ThrSint64P The concrete statistical threshold policy for a 64-bit signed integer data type. |
|
|
|
├
|
|
stats:ThrTriggerP The concrete statistical threshold policy for a trigger counter type. |
|
|
|
├
|
|
stats:ThrUByteP The concrete statistical threshold policy for an unsigned byte data type. |
|
|
|
├
|
|
stats:ThrUint16P The concrete statistical threshold policy for a 16-bit unsigned Int data type. |
|
|
|
├
|
|
stats:ThrUint32P The concrete statistical threshold policy for a 32-bit unsigned Int data type. |
|
|
|
├
|
|
stats:ThrUint64P The concrete statistical threshold policy for a 64-bit unsigned integer data type. |
|
|
├
|
|
stats:Reportable A statistics policy container, which contains statistic collections and export policies for different types of statistics. |
|
|
├
|
|
stp:EncapSegIdPair The table created at the node for efficient lookups of the spanning tree flooding segment ID. This table is created from the spanning-tree protocol encap block definition for allocated IDs and the base segment ID used for the range pushed by IFC. |
|
|
|
├
|
|
callhome:InvP The call home inventory policy is used to send Call Home messages with system inventory information. |
|
|
|
|
├
|
|
config:ExportP A configuration export policy is used to backup the system configuration. |
|
|
|
|
├
|
|
config:ImportP A configuration import policy specifies how to import a fabric configuration file. |
|
|
|
├
|
|
dbgexp:ExportP The data export policy creates an archive containing configuration information, logs and diagnostic data that will help TAC with troubleshooting and resolving a technical issue. This is an abstract class for technical support and core policies. |
|
|
|
|
├
|
|
dbgexp:CoreP The core policy provides a core file report containing data about the system and the component at the time of the failure. |
|
|
|
|
|
├
|
|
dbgexp:TechSupOnD The on-demand tech support policy creates an archive containing configuration information, logs and diagnostic data that will help TAC with troubleshooting and resolving a technical issue. |
|
|
|
|
├
|
|
dbgexp:TechSupP A tech support policy creates an archive containing configuration information, logs and diagnostic data that will help TAC with troubleshooting and resolving a technical issue. |
|
|
|
├
|
|
maint:AMaintP The maintenance policy specifies when and how maintenance takes place. |
|
|
|
|
├
|
|
maint:CatMaintP The catalog maintenance policy specifies when catalog maintenance takes place. |
|
|
|
|
├
|
|
maint:CtrlrMaintP The controller maintenance policy specification describes when and how maintenance takes place. |
|
|
|
|
├
|
|
maint:MaintP The maintenance policy determines the pre-defined action to take when there is a disruptive change made to the service profile associated with the node or set of nodes. |
|
|
|
|
├
|
|
maint:MaintPOnD The On Demand Maintenance policy specification for the node, which describes when and how maintenance takes place. |
|
|
├
|
|
tunnel:Cons tunnel:Cons: Used for reference counting the consumers responsible for
creation of this tunnel |
|
|
|
├
|
|
vns:LDevCtx A device cluster context points to the device cluster used to pick a specific device based on contract, subject, and function label or names. To specify a wild card, set the name to Any. |
|
|
|
├
|
|
vns:LDevHint Contains hints for the device cluster that must be picked for a specific node of a graph that belongs to a specific subject of a specific contract. In the absence of this hint in an abstract graph, a match for a device cluster context will be done based on the name of the contract, subject, and node. If that fails, a match will be made by wildcarding: the contract followed by the contract, and the subject followed by the contract, subject, and no... |
|
|
|
├
|
|
vns:LIfCtx The logical interface context points to the logical interface used to pick a specific logical interface based on the connector name. To specify a wild card, set the name to Any. |
|
|
|
├
|
|
vns:LIfHint Contains hints for the logical interface that must be picked for a specific connector of a graph that belongs to the selected device cluster. The device cluster is selected based on device cluster hint. |
|
|
|
├
|
|
vns:InTerm An input terminal node. For abstract graphs (AbsGraph), InTerm refers to the terminal node at the input end. |
|
|
|
├
|
|
vns:OutTerm An output terminal node. For abstract graphs (AbsGraph), OutTerm refers to the terminal node at the output end. |
|
|
├
|
|
vns:CtrlrMgmtPol The management policy for the controller appliance IP address. |
|
|
├
|
|
vns:FltInst The representation of a whitelist filter that needs to be applied on a particular endpoint group. |
|
|
├
|
|
vz:AFiltEntry An abstraction of a filter entry. A filter entry is a combination of network traffic classification properties. |
|
|
|
├
|
|
actrl:Entry The filter entry in the system, which is a unique set of classification filters identified by l4 parameters. |
|
|
|
├
|
|
vz:Entry A filter entry is a combination of network traffic classification properties. |
|
|
|
├
|
|
vz:RFltE A remote filter entry. A filter entry is a combination of network traffic classification properties. Note that this relation is an internal object. |
|
|
├
|
|
vz:ASubj The abstraction of a subject. A subject represents a sub application running behind an endpoint group. For example, an exchange server or a firewall. |
|
|
|
├
|
|
vz:Subj A subject is a sub-application running behind an endpoint group (for example, an Exchange server). A subject is parented by the contract, which can encapsulate multiple subjects. An endpoint group associated to a contract is providing one or more subjects or is communicating with the subject as a peer entity. An endpoint group always associates with a subject and defines rules under the association for consuming/providing/peer-to-peer communicati... |
|
|
|
├
|
|
vz:TSubj The subjects for a service contract represents a sub-application running behind an endpoint group, such as an exchange server. A subject is parented by the contract. |
|
|
├
|
|
vz:ATerm The abstraction of a terminal. |
|
|
|
├
|
|
vz:ASTerm An abstraction of a subject terminal. |
|
|
|
|
├
|
|
vz:InTerm An input terminal node. For abstract graphs, this is the terminal node at the input end. |
|
|
|
|
├
|
|
vz:OutTerm An output terminal node. For abstract graphs, this is the terminal node at the output end. |
|
├
|
|
pol:Cont Represents entities that contain policy definitions. |
|
|
├
|
|
comp:Cont A container for policy definitions. |
|
|
├
|
|
dbgexp:TechSupCollect The tech support data collection policy creates an archive containing configuration information, logs and diagnostic data that will help TAC with troubleshooting and resolving a technical issue. |
|
|
├
|
|
pol:Dom Represents the policy definition or resolution domain. |
|
|
|
├
|
|
comp:ProvP The VM provider profile, which enables you to configure policies for a VM provider such as VMware or Microsoft. |
|
|
|
|
├
|
|
vmm:ProvP The VMM provider profile stores the policies of VMM systems from a particular vendor (VMware or Microsoft). This container is automatically created by the system. |
|
|
|
├
|
|
fv:ADomP A base class for domain profiles. |
|
|
|
|
├
|
|
infra:ADomP The domain profile in the infrastructure is used for carving the infra-elements including, but not limited to, port, vlan, etc. |
|
|
|
|
|
├
|
|
infra:DomP An abstraction of an infrastructure domain profile associated with application endpoint groups. This is used for carving the infra elements including, but not limited to, port, VLAN, etc. |
|
|
|
|
|
|
├
|
|
comp:DomP A virtual machine management domain. |
|
|
|
|
|
|
|
├
|
|
vmm:DomP The VMM domain profile is a policy for grouping VM controllers with similar networking policy requirements. For example, the VM controllers can share VLAN or VXLAN space and application endpoint groups. The APIC communicates with the controller to publish network configurations such as port groups that are then applied to the virtual workloads. |
|
|
|
|
|
|
|
├
|
|
vmm:DomPDef A container for distributed virtual switch policies. This is an object in the iLeaf (switch). |
|
|
|
|
|
|
|
├
|
|
extdev:GroupP External Device Group Profile is a policy pertaining to single External Device Management domain that
also corresponds to a single policy enforcement domain: a UCSM Instance (a cluster of UCS FIs)
forms such domain. This maps into UCS VLAN Group concept. |
|
|
|
|
|
|
├
|
|
extnw:DomP The base class for the external bridged and external routed domain profiles. The external bridged domain profile is a policy for managing the physical infrastructure, such as ports/VLANS, that can be used by an L2 network bridged outside the fabric. The external routed domain profile is a policy for managing the physical infrastructure, such as ports/VLANS, that can be used by an L3 routed outside network. |
|
|
|
|
|
|
|
├
|
|
l2ext:ADomP The abstraction of the external routed domain profile is a policy for managing the physical infrastructure, such as ports/VLANS, that can be used by an L3 routed outside network. |
|
|
|
|
|
|
|
|
├
|
|
l2ext:DomDef This is generated and used only by internal processes. |
|
|
|
|
|
|
|
|
├
|
|
l2ext:DomP The external bridged domain profile is a policy for managing the physical infrastructure, such as ports/VLANS, that can be used by an L2 network bridged outside the fabric. |
|
|
|
|
|
|
|
├
|
|
l3ext:ADomP The abstraction of the external routed domain profile, which is a policy for managing the physical infrastructure, such as ports/VLANS, that can be used by an L3 routed outside network. |
|
|
|
|
|
|
|
|
├
|
|
l3ext:DomDef This is generated and used only by internal processes. |
|
|
|
|
|
|
|
|
├
|
|
l3ext:DomP The external routed domain profile is a policy for managing the physical infrastructure, such as ports/VLANS, that can be used by an L3 routed outside network. |
|
|
|
|
|
|
├
|
|
fc:DomP FC domain profile is a policy pertaining to single FC Management domain that also corresponds to a single policy enforcement domain: representing the FC bindings. |
|
|
|
|
|
|
├
|
|
phys:DomP The physical domain profile stores the physical resources (ports and port-channels) and encap resources (VLAN/VXLAN) that should be used for endpoint groups associated with this domain. |
|
|
|
├
|
|
fv:EpCont An endpoint container. This is an internal object used for deploying endpoints. |
|
|
|
├
|
|
fv:EpPCont The container for an endpoint profile. |
|
|
|
├
|
|
fv:L3EpCont L3 Ep Container: Contains EndPoints per VRF
@@@ This Mo exists only on PE
|
|
|
|
├
|
|
fv:Tenant A policy owner in the virtual fabric. A tenant can be either a private or a shared entity. For example, you can create a tenant with contexts and bridge domains shared by other tenants. A shared type of tenant is typically named common, default, or infra. |
|
|
|
├
|
|
infra:Infra A container for all tenant infra configurations. |
|
|
|
├
|
|
pol:Uni Represents policy definition/resolution universe. |
|
|
├
|
|
recovery:CheckerDiffCont Container to store the config diffs
between PM and PE.
Used for Checker in the task CheckConfig.
|
|
|
├
|
|
res:ASubj This is generated and used only by internal processes. |
|
|
|
├
|
|
res:Subj This is generated and used only by internal processes. |
|
|
|
├
|
|
res:USubj This is generated and used only by internal processes. |
|
├
|
|
pol:Ctrlr Represents the policy controller. |
|
|
├
|
|
comp:CtrlrP A base abstract class for the controller policy. |
|
|
|
├
|
|
vmm:CtrlrP The VMM controller profile specifies how to connect to a single VM management controller that is part of a policy enforcement domain. For example, the VMM controller profile could be a policy to connect a VMware vCenter that is part of a VMM domain. |
|
|
|
├
|
|
vmm:CtrlrPDef A shadow object needed on the iLeaf to get DVS policies for a given controller instance. |
|
|
|
├
|
|
extdev:MgrP External Device Controller Profile specifies how to connect to a single External Device
Management Controller that is part of containing policy enforcement
domain. For example, policy to connect a Cisco UCSM that is part a EDM Group. |
|
├
|
|
pol:Def Represents self-contained policy document. |
|
|
├
|
|
aaa:AuthRealm An authentication realm provides authentication to verify the identity of an entity (person or device) accessing fabric devices. The authentication is based on the user ID and password combination provided by the entity trying to access the fabric. Authentication can be performed locally, using the local lookup database, or by remote, using one or more RADIUS or TACACS+ servers. |
|
|
├
|
|
aaa:Definition The AAA policy definition. This is an abstract class and cannot be instantiated. |
|
|
|
├
|
|
aaa:ADomainRef This object is generated and used only by internal processes. |
|
|
|
|
├
|
|
aaa:DomainRef A reference to the domain that the parent object belongs to. |
|
|
|
|
├
|
|
aaa:IDomainRef This object is generated and used only by internal processes. |
|
|
|
├
|
|
aaa:AProvider An abstract class that is the superclass for the Radius/Tacacs/Ldap provider classes. |
|
|
|
|
├
|
|
aaa:LdapProvider An LDAP provider is a remote server supporting the LDAP protocol that will be used for authentication. |
|
|
|
|
├
|
|
aaa:RadiusProvider A RADIUS provider is a remote server supporting the RADIUS protocol that will be used for authentication. |
|
|
|
|
├
|
|
aaa:TacacsPlusProvider A TACACS+ provider is a remote server supporting the TACACS+ protocol that will be used for authentication. |
|
|
|
├
|
|
aaa:ARbacRule This is generated and used only by internal processes. |
|
|
|
|
├
|
|
aaa:IPRbacRule IPRbacRule mos are created under aaaRbacEp as a side-effect of the creation of PRbacRule under fv:Tenant |
|
|
|
|
├
|
|
aaa:IRbacRule This is generated and used only by internal processes. |
|
|
|
|
├
|
|
aaa:RbacRule A role based access control (RBAC) rule allows users from a security domain to read the subtree starting at a specific object. |
|
|
|
├
|
|
aaa:Banner An abstract class that contains login banners and cannot be instantiated. |
|
|
|
|
├
|
|
aaa:PreLoginBanner A GUI banner is the informational banner to be displayed before user login authentication. |
|
|
|
├
|
|
aaa:Config The generic security authentication configuration. This is an abstract class and cannot be instantiated. |
|
|
|
|
├
|
|
aaa:AuthMethod The generic security authentication method.
This is an abstract class and cannot be instantiated. |
|
|
|
|
|
├
|
|
aaa:DefaultAuth The default authentication configuration for all login methods. |
|
|
|
├
|
|
aaa:Domain An AAA domain is the AAA security method for processing authentication requests. |
|
|
|
├
|
|
aaa:Ep The base class for an AAA endpoint is an abstract class and cannot be instantiated. |
|
|
|
|
├
|
|
aaa:LdapEp The global security management properties for LDAP endpoints
and LDAP provider groups. |
|
|
|
|
├
|
|
aaa:RadiusEp The RADIUS endpoint policy is the global security management properties for RADIUS endpoints
and RADIUS provider groups. |
|
|
|
|
├
|
|
aaa:TacacsPlusEp The TACACS+ endpoint policy is the global security management properties for TACACS+ endpoints
and TACACS+ provider groups. |
|
|
|
├
|
|
aaa:LdapGroupMapRule
The MO represents an LDAP Group Map Rule
The actual Map consisting of Domains and Roles
|
|
|
|
├
|
|
aaa:LoginDomain An AAA login domain for authentication and authorization. The AAA configuration can be configured per domain. |
|
|
|
├
|
|
aaa:ProviderGroup A provider group is a set of providers that will be used by the system during the authentication process. During authentication, all the providers within a
provider group are tried in order. If all of the configured servers are unavailable or unreachable, the system manager automatically falls back to the local
authentication method using the local username and password. |
|
|
|
|
├
|
|
aaa:LdapProviderGroup An LDAP provider group is a group of remote servers supporting the LDAP protocol for authentication. |
|
|
|
|
├
|
|
aaa:RadiusProviderGroup A RADIUS provider group is a group of remote
servers supporting the RADIUS protocol for authentication. |
|
|
|
|
├
|
|
aaa:TacacsPlusProviderGroup A TACACS+ provider group is a group of remote servers supporting the TACACS+ protocol for authentication. |
|
|
|
├
|
|
aaa:PwdProfile The password profile contains the information about password constraints that apply to all local users. |
|
|
|
├
|
|
aaa:RbacEp This is generated and used only by internal processes. |
|
|
|
├
|
|
aaa:Realm The AAA realm is the security method for processing authentication and authorization requests. The realm allows the protected resources on the associated server to be partitioned into a set of protection spaces, each with its own authentication authorization database. This is an abstract class and cannot be instantiated. |
|
|
|
├
|
|
aaa:Role An AAA role is a set of attributes and privileges that describe what a user is authorized to perform. |
|
|
|
├
|
|
aaa:SshAuth A user's public key in PEM format used for certificate-based login. |
|
|
|
├
|
|
aaa:SystemUser The base class for a system user.
This is an abstract class and cannot be instantiated. |
|
|
|
|
├
|
|
aaa:User A locally-authenticated user account. |
|
|
|
├
|
|
aaa:UserCert An AAA user certificate in X.509 format. This certificate is the
RSA public key used for certificate-based REST API calls. |
|
|
|
├
|
|
aaa:UserData This object is managed internally and should not be modified by the user. |
|
|
|
├
|
|
aaa:UserEp A user endpoint is a local user. A user is assigned a role determines the user's privileges, and belongs to a security domain, which determines the user's scope of control |
|
|
├
|
|
cap:Def A base class for capabilities. |
|
|
|
├
|
|
eqptcap:AMfgDef The manufacturing-related properties such as PID and SKU. |
|
|
|
|
├
|
|
eqptcap:MfgDef The manufacturing-related properties such as PID and SKU. |
|
|
|
|
├
|
|
eqptcap:SfpMfgDef The small form-factor pluggable transceiver (SFP) manufacturing-related properties. |
|
|
|
├
|
|
cloud:DomP SHIV TODO: Need to find a propert Super class SHASHANK TODO: Need to add other roles/access besides admin |
|
|
├
|
|
cloud:AL3TunnelIfP IPSec tunnel running on the NIC. The outer tunnel desination address is
on-prem IPN router's public address. The tunnel source address is parent
interface's primary address. |
|
|
├
|
|
cloud:AVpnGwPol Shiv TODO uncomment for next release mo name="DirectConnPol"
concrete="yes"
super="pol:Def"
access="admin"
label="Cloud Direct Connect Policy"
>
... |
|
|
├
|
|
cloud:CtxHolder Mo that will be used to pull
cloudCtxProfileDef from PM to cPE |
|
|
├
|
|
cloud:DefCont Container for all the cloud:DefCont, under top, to
have them neatly organized |
|
|
├
|
|
comm:Pol The communication policy contains the service configuration for various services. |
|
|
├
|
|
comp:AccessP An abstract base class for policies related to access credentials. |
|
|
|
|
├
|
|
vmm:UsrAccP The user account profile is used to access a VM provider account. |
|
|
├
|
|
condition:RetP The condition log record retention policy specifies the maximum number of log records to be retained and the maximum number of log records to be deleted in a 30-second period. |
|
|
|
├
|
|
aaa:ARetP The audit log retention policy specifies the maximum number of audit log records to be retained and the maximum number of audit log records to be deleted in a 30-second period. Note that this is an abstract class and cannot be instantiated. |
|
|
|
|
├
|
|
aaa:CtrlrRetP The controller audit log retention policy specifies the maximum number of controller audit log records to be
retained and the maximum number of controller audit log records to
be deleted in a 30-second period. |
|
|
|
|
├
|
|
aaa:SwRetP The switch AAA audit log retention policy specifies the maximum number of AAA audit log records to be retained and the maximum number of AAA audit log records to be deleted in a 30-second period. |
|
|
|
├
|
|
event:ARetP The event record retention policy, which specifies the maximum number of event history records to be retained on the node or controller and the maximum number of event history records to be deleted in a 30-second period. Note that this is an abstract class and cannot be instantiated. |
|
|
|
|
├
|
|
event:CtrlrRetP The controller event record retention policy, which
specifies the maximum number of controller event records to be
retained and the maximum number of controller event records to
be deleted in a 30-second period. |
|
|
|
|
├
|
|
event:SwRetP The switch event retention policy specifies the maximum number of event records to be retained and the maximum number of
event records to be deleted in a 30-second period. |
|
|
|
├
|
|
fault:ARetP The fault record retention policy specifies the maximum number of fault history records to be retained on the node or controller and the maximum number of fault history records to be deleted in a 30-second period. Note that this is an abstract class and cannot be instantiated. |
|
|
|
|
├
|
|
fault:CtrlrRetP The controller fault record retention policy specifies the maximum number of controller fault records to be
retained and the maximum number of controller fault records to
be deleted in a 30-second period. |
|
|
|
|
├
|
|
fault:SwRetP Specifies the maximum number of fault records to be retained and the maximum number of fault records to be deleted in a 30-second period. These settings can be changed either by creating a custom policy or editing the default policy. |
|
|
|
├
|
|
health:ARetP The health score history record retention policy, which specifies the maximum health score history record count to delete in a 30-second period. Note that this is an abstract class and cannot be instantiated. |
|
|
|
|
├
|
|
health:CtrlrRetP The controller health score history record retention policy, which specifies the maximum number of controller health score history
records to be retained and the maximum number of controller health score history records to be deleted in a 30-second period. |
|
|
|
|
├
|
|
health:SwRetP The switch health retention policy specifies the maximum number of health score history records to be retained and the maximum
number of health score history records to be deleted in a 30-second period. |
|
|
├
|
|
copp:AProfile Abstract class for all the profiles for CoPP that can be applied at the node level |
|
|
├
|
|
datetime:APol The date time policy is based on international time zones and a defined NTP server. Before configuring a date and time policy under a domain group, this policy must first be created. Policies under the Domain Groups root were already created by the system and ready to configure. |
|
|
|
├
|
|
datetime:Pol The date time policy is based on international time zones and a defined NTP server. Before configuring a date and time policy under a domain group, this policy must first be created. Policies under the Domain Groups root were already created by the system and ready to configure. |
|
|
├
|
|
datetime:Format The date/time format policy defines the time-zone for the entire fabric. |
|
|
|
├
|
|
dbgac:Filter The filter properties of the client-defined end point attached to the network. |
|
|
|
|
|
├
|
|
dbgac:EpgToEp The endpoint group-to-endpoint atomic counter policy detects drops and misrouting in the fabric to enable quick debugging and isolation of application connectivity issues. |
|
|
|
|
|
├
|
|
dbgac:EpgToEpg The endpoint group-to-endpoint group atomic counter policy detects drops and misrouting in the fabric to enable quick debugging and isolation of application connectivity issues. |
|
|
|
|
|
├
|
|
dbgac:EpgToIp The endpoint group-to-IP atomic counter policy detects drops and misrouting in the fabric to enable quick debugging and isolation of application connectivity issues |
|
|
|
|
├
|
|
dbgac:ToEpgCmn The abstract object with a destination endpoint group. |
|
|
|
|
|
├
|
|
dbgac:EpToEpg The endpoint-to-endpoint group atomic counter policy detects drops and misrouting in the fabric to enable quick debugging and isolation of application connectivity issues. |
|
|
|
|
|
├
|
|
dbgac:IpToEpg The IP-to-endpoint group atomic counter policy detects drops and misrouting in the fabric and enables quick debugging and isolation of application connectivity issues. |
|
|
|
|
├
|
|
dbgac:EpToAny The endpoint-to-any atomic counter policy which detects drops and misrouting in the fabric to enable quick debugging and isolation of application connectivity issues. |
|
|
|
|
├
|
|
dbgac:EpToEp The endpoint-to-endpoint atomic counter policy detects drops and misrouting in the fabric to enable quick debugging and isolation of application connectivity issues. |
|
|
|
|
├
|
|
dbgac:EpToExt The endpoint-to-external IP address atomic counter policy detects drops and misrouting in the fabric to enable quick debugging and isolation of application connectivity issues. |
|
|
|
├
|
|
dbgac:IpToIp IP Addr to IP policy Defn. Used for an
external host identified by its IP address to
another IP address
|
|
|
|
├
|
|
dbgac:TenantSpaceCmnDef The tenant space common definition. This atomic counter managed object is used internally for managing Epg/Epp source
and destination policies. |
|
|
|
├
|
|
dbgac:ToEpCmn The abstract object for atomic counter with a destination endpoint. |
|
|
|
|
├
|
|
dbgac:AnyToEp Atomic counters detect drops and misrouting in the fabric enables quick debugging and isolation of application connectivity issues. |
|
|
|
|
├
|
|
dbgac:ExtToEp The external host-to-endpoint atomic counter policy detects drops and misrouting in the fabric to enable quick debugging and isolation of application connectivity issues. |
|
|
├
|
|
dhcp:OptionPol The DHCP option policy, which defines lease duration, gateway routers, and other configuration parameters in what are called DHCP options. Every DHCP server must have one or more policies defined for it. The policies are especially useful if you have multiple scopes because you only need to define a policy once and apply it to the multiple scopes. You can define named policies with specific option definitions or you can use system defaults.
Note... |
|
|
|
|
├
|
|
eqptdiagp:LeTsBtEcc The diagnostic test set for leaf fabric nodes to run at bootup on extended chassis cards (FEXes). |
|
|
|
|
├
|
|
eqptdiagp:LeTsBtLc The diagnostic test set for leaf fabric nodes to run at bootup on line cards (I/O cards). |
|
|
|
|
├
|
|
eqptdiagp:LeTsBtSc The diagnostic test set for leaf fabric nodes to run at bootup on supervisor cards. |
|
|
|
|
|
├
|
|
eqptdiagp:TsBtLeafP The diagnostic test set for leaf fabric ports to run at bootup on line cards (I/O cards). |
|
|
|
|
├
|
|
eqptdiagp:SpTsBtLc The diagnostic test set to run at bootup on spine line cards (I/O cards). |
|
|
|
|
├
|
|
eqptdiagp:SpTsBtScc The diagnostic test set to run at bootup on spine system controller cards. |
|
|
|
|
|
|
|
├
|
|
eqptdiagp:LeTsOdEcc The diagnostic test set for leaf fabric nodes to run on extended chassis cards (FEXes). |
|
|
|
|
|
|
|
├
|
|
eqptdiagp:LeTsOdLc The diagnostic on-demand test set for leaf fabric nodes to run on line cards (I/O cards). |
|
|
|
|
|
|
|
├
|
|
eqptdiagp:SpTsOdLc The diagnostic on-demand test set to run on spine line cards (I/O cards). |
|
|
|
|
|
|
|
├
|
|
eqptdiagp:LeTsOdSc The diagnostic on-demand test set for leaf fabric nodes to run on supervisor cards. |
|
|
|
|
|
|
|
├
|
|
eqptdiagp:SpTsOdSc The diagnostic on-demand test set for leaf fabric nodes to run on spine supervisor cards. |
|
|
|
|
|
|
├
|
|
eqptdiagp:SysCTsOd The on-demand abstract diagnostic policy for system controller cards. |
|
|
|
|
|
|
|
├
|
|
eqptdiagp:SpTsOdScc The diagnostic on-demand test set to run on spine system controller cards. |
|
|
|
|
├
|
|
eqptdiagp:LeTsHlEcc The diagnostic test set for leaf fabric nodes to run on extended chassis cards (FEXes). |
|
|
|
|
├
|
|
eqptdiagp:LeTsHlLc The diagnostic ongoing health test set for leaf fabric nodes to run on line cards (I/O cards). |
|
|
|
|
├
|
|
eqptdiagp:LeTsHlSc The ongoing diagnostic health test set for leaf fabric nodes to run on supervisor cards. |
|
|
|
|
├
|
|
eqptdiagp:SpTsHlFc The ongoing diagnostic health test set to run at bootup on spine fabric cards. |
|
|
|
|
├
|
|
eqptdiagp:SpTsHlLc The ongoing diagnostic health test set to run at bootup on spine line cards (I/O cards). |
|
|
|
|
├
|
|
eqptdiagp:SpTsHlSc The ongoing diagnostic health test set to run at bootup on spine supervisor cards. |
|
|
|
|
├
|
|
eqptdiagp:SpTsHlScc The ongoing diagnostic health test set to run at bootup on spine system controller cards. |
|
|
|
|
├
|
|
infra:OSpineS Override Spine Selector
@@@ Its not configurable because theres no spine policy group in infra. |
|
|
|
|
|
├
|
|
fabric:LeCardPGrp A leaf card policy group enables you to apply policies to a group of leaf cards. |
|
|
|
|
|
├
|
|
fabric:SpCardPGrp A spine card policy group enables you to apply policies to a group of spine cards. |
|
|
|
|
|
├
|
|
fabric:LeNodePGrp A leaf node policy group enables you to apply policies to a group of leaf nodes. |
|
|
|
|
|
├
|
|
fabric:SpNodePGrp A spine node policy group enables you to apply policies to a group of spine nodes. |
|
|
|
|
|
|
├
|
|
fabric:LePortPGrp The leaf port policy group enables you to apply policies to a group of leaf ports. |
|
|
|
|
|
├
|
|
fabric:SpAPortPGrp A base class for a spine port policy group. This is used for specifying policies to be applied to the spine ports consuming this policy group. |
|
|
|
|
|
|
├
|
|
fabric:SpPortPGrp A spine port policy group enables you to apply policies to a group of spine ports. |
|
|
|
|
├
|
|
fabric:CtrlrPGrp The controller policy group enables you to apply policies to a group of controllers. |
|
|
|
|
├
|
|
fabric:PodPGrp A POD policy group enables you to apply policies to the leaf nodes that are part of this POD. |
|
|
|
|
|
|
|
|
├
|
|
infra:AccBndlGrp The bundle interface group enables you to specify the interface policy you want to use. |
|
|
|
|
|
|
|
├
|
|
infra:AccPortGrp The interface policy group enables you to specify the interface policies you want to use. |
|
|
|
|
|
├
|
|
infra:AccBndlSubgrp The access bundle subgroup enables you to specify (override) a different LACP member policy name for some of the interfaces that are part of an access bundle group. |
|
|
|
|
├
|
|
infra:AccCardPGrp The module policy group enables you to specify the module policies you want to use. |
|
|
|
|
├
|
|
infra:AccNodePGrp The node policy group enables you to specify the node policies you want to use. |
|
|
|
|
├
|
|
fabric:CardP The template used for deploying card fabric configuration. |
|
|
|
|
|
├
|
|
fabric:LeCardP The leaf card profile is a template used for deploying the card fabric configuration on a leaf. |
|
|
|
|
|
├
|
|
fabric:SpCardP A spine card profile is used for deploying the card configuration on the spine. |
|
|
|
|
├
|
|
fabric:CtrlrP The controller profile. This object represents the template used for deploying controller-level configuration. |
|
|
|
|
├
|
|
fabric:NodeP The node profile. This is the template used for deploying node fabric configuration. |
|
|
|
|
|
├
|
|
fabric:LeafP The leaf profile is a template used for deploying the leaf fabric configuration. It contains leaf selectors and associates to card and port profiles. |
|
|
|
|
|
├
|
|
fabric:SpineP The spine profile is a template used for deploying the leaf fabric configuration. It contains spine selectors and associates to card and port profiles. |
|
|
|
|
├
|
|
fabric:PodP A POD profile. This is a template used for deploying POD level configuration. |
|
|
|
|
|
├
|
|
fabric:LePortP The leaf fabric port profile contains leaf port selectors that can associate with their respective policy groups. |
|
|
|
|
|
├
|
|
fabric:SpPortP A spine port profile contains leaf port selectors that can associate with their respective policy groups. |
|
|
|
|
├
|
|
infra:ANodeP Node Profile: It represents the template used for deploying node
fabric configuration |
|
|
|
|
|
├
|
|
infra:NodeP The node profile enables you to specify which nodes (Example: a leaf) to configure. |
|
|
|
|
|
├
|
|
infra:SpineP Spine Profile Spine Access Policy: It represents the template used for deploying node
access configuration (ex. Configuration for connecting hypervisor, Fex, External
network ) |
|
|
|
|
├
|
|
infra:AccCardP The module profile enables you to specify the modules you want to configure. |
|
|
|
|
├
|
|
infra:AttEntityP The attached entity profile provides a template to deploy hypervisor policies on a large set of leaf ports. This also provides the association of a Virtual Machine Management (VMM) domain and the physical network infrastructure. |
|
|
|
|
├
|
|
infra:FexP The FEX profile enables you to configure FEX interfaces. |
|
|
|
|
├
|
|
infra:FuncP The hypervisor management function provides the policies used for hypervisor management and connectivity. For example, an endpoint group and encap VLAN. |
|
|
|
|
├
|
|
infra:PodP Pod Profile: It represents the template used for deploying POD
level configuration |
|
|
|
|
|
├
|
|
infra:AccPortP The interface profile enables you to specify the interface you want to configure. |
|
|
|
├
|
|
fabric:ProtPol The VPC protection policy is a container of VPC protection groups; it enables you to select a pairing type for creating the protection groups |
|
|
|
|
|
├
|
|
fabric:SpCardS A card selector. This is a range of cards on the spine. |
|
|
|
|
├
|
|
infra:CardS The module selector enables you to select the modules to configure and the configuration method. |
|
|
|
|
├
|
|
fabric:ANodeS An abstraction of the fabric node and access node selectors. |
|
|
|
|
|
|
├
|
|
condition:NodePolGrp The node policy group is a group of nodes to which Fault, Event, Audit, or Health record retention policies can be applied. |
|
|
|
|
|
|
├
|
|
firmware:FwGrp A firmware group is a set of nodes to which a firmware policy may be applied. |
|
|
|
|
|
|
├
|
|
maint:MaintGrp The maintenance group is a set of nodes to which a maintenance policy may be applied. The maintenance policy determines the pre-defined action to take when there is a disruptive change made to the service profile associated with the node group. |
|
|
|
|
|
|
├
|
|
telemetry:FlowServerGrp
Telemtry Flow Server Group. A set of nodes to which a telemetry filter policy
may be applied.
|
|
|
|
|
|
|
├
|
|
fabric:LeafS The leaf selector. This enables you to select all or a range of leaves. |
|
|
|
|
|
|
├
|
|
fabric:SpineS The spine selector. This enables you to select all or a range of spines. |
|
|
|
|
|
|
├
|
|
infra:ConnNodeS The connectivity selector is used for grouping ports between the FEX and the host (such as hypervisor). |
|
|
|
|
|
|
|
├
|
|
infrazone:NodeGrp Infrastructure Zone Node Group: Used for listing member nodes of the zone |
|
|
|
|
|
|
|
├
|
|
mgmt:NodeGrp The managed node group captures the set of nodes that will participate in the management network. All the nodes, a range of nodes, or a specific node can be selected to participate in a given managed node group. |
|
|
|
|
|
|
|
├
|
|
infra:LeafS The leaf selector enables you to select the interface to configure. |
|
|
|
|
|
|
├
|
|
condition:PodPolGrp
A set of PODs to which a set of Fault/Event/Audit/Health policies
may be applied.
|
|
|
|
|
|
|
├
|
|
firmware:PodFwGrp
POD Firmware Group. A set of PODS to which a firmware policy
may be applied.
|
|
|
|
|
|
|
├
|
|
maint:PodMaintGrp
POD Maintenance Group. A set of PODs to which a maintenance policy
may be applied.
|
|
|
|
|
|
├
|
|
fabric:PodS The POD selector enables you to select all or a range of PODs. |
|
|
|
|
├
|
|
fabric:APortS An abstraction of the fabric port selector and access port selector. |
|
|
|
|
|
|
├
|
|
fabric:LFPortS The leaf fabric port selector. This object enables you to specify leaf fabric ports with your leaf fabric port profile. |
|
|
|
|
|
|
├
|
|
fabric:SFPortS The spine fabric port selector. This enables you to specify spine fabric ports with your spine fabric port profile. |
|
|
|
|
|
├
|
|
infra:PortS An abstraction of access interface selectors. |
|
|
|
|
|
|
├
|
|
infra:ConnFexS The Connectivity FEX selector is used for grouping ports between the FEX and the host (such as a hypervisor). |
|
|
|
|
|
|
├
|
|
infra:HConnPortS The host connectivity port selector is used for grouping ports between the node and the host (such as hypervisor). |
|
|
|
|
|
|
├
|
|
infra:HPortS The Host Port Selector is used for grouping ports between the node and the host (such as hypervisor). |
|
|
|
|
|
|
├
|
|
infra:SHPortS Spine Host/Access Port Selector. This selector is used for applying infrastructure
policies on selected ports |
|
|
|
|
├
|
|
fabric:CtrlrS The fabric controller group is made up of a core and a tech support export policy. |
|
|
|
├
|
|
hvs:ExtPol The extended policies, which are common policies for VM interfaces. For example, when implementing VMware, this represents the distributed virtual port group. |
|
|
├
|
|
fabric:ExtPol The configuration of the extended fabric equipment, such as FEX. |
|
|
├
|
|
fabric:MaintPol The maintenance policy. This is used for listing blacklisted or inactive devices. |
|
|
|
├
|
|
fabric:OOServicePol The service policy. This is used for listing equipment under maintenance. |
|
|
├
|
|
fabric:ProtChainP A node proxy IP profile. This is an implicit profile used for managing spine proxy IP addresses. |
|
|
|
|
├
|
|
fabric:HIfPol The host interface policy specifies the layer 1 parameters of host facing ports. |
|
|
|
|
|
├
|
|
bgp:PeerPfxPol The peer prefix policy defines how many prefixes can be received from a neighbor and the action to take when the number of allowed prefixes is exceeded. This feature is commonly used for external BGP peers, but can also be applied to internal BGP peers. |
|
|
|
|
├
|
|
coop:Pol The COOP policy contains groups of Oracles nodes and COOP repositories. |
|
|
|
|
|
|
├
|
|
fv:EpRetPol The endpoint retention policy provides the parameters for the lifecycle of the endpoints. |
|
|
|
|
|
├
|
|
igmp:ASnoopPol Restricts flooding of multicast traffic by sending multicast traffic only to the bridge domains that are subscribed to a particular multicast group. |
|
|
|
|
|
|
├
|
|
igmp:SnoopDef The process of listening to Internet Group Management Protocol (IGMP) network traffic. The feature allows a network switch to listen in on the IGMP conversation between hosts and routers. By listening to these conversations the switch maintains a map of which links need which IP multicast streams. |
|
|
|
|
|
|
├
|
|
igmp:SnoopPol The IGMP snooping policy streamlines multicast traffic handling for VLANs. By examining (snooping) IGMP membership report messages from interested hosts, multicast traffic is limited to the subset of VLAN interfaces on which the hosts reside. |
|
|
|
|
|
|
├
|
|
mld:SnoopDef The process of listening to Multicast Listener Discovery (MLD) network traffic. The feature allows a network switch to listen in on the IGMP conversation between hosts and routers. By listening to these conversations the switch maintains a map of which links need which IP multicast streams. |
|
|
|
|
|
|
├
|
|
mld:SnoopPol The MLD snooping policy streamlines multicast traffic handling for VLANs. By examining (snooping) MLD membership report messages from interested hosts, multicast traffic is limited to the subset of VLAN interfaces on which the hosts reside. |
|
|
|
|
|
|
|
├
|
|
bgp:CtxDef An internal object for the BGP context-level policy definition. |
|
|
|
|
|
|
|
├
|
|
bgp:CtxPol The BGP timers policy uses timers to control periodic activities such as the frequency keepalive messages that are sent to its peer, the amount of time the system waits to declare a peer dead after keepalive messages stop being received, and the amount of time before restarting a dead peer. The BGP timer policy enables you to specify the intervals for the periodic activities and supplies two options for graceful restart control: the graceful rest... |
|
|
|
|
|
|
├
|
|
eigrp:ACtxAfPol The abstraction of the context-level EIGRP policy, which contains the configuration for an address family on a context on the node. The EIGRP policy is configured under the tenant protocol policies and can be applied to one or more contexts (private domains) under the tenant. The EIGRP context policy can be enabled on a context through a relation in the context per address family. If there is no relation to a given address family, or the EIGRP c... |
|
|
|
|
|
|
|
├
|
|
eigrp:CtxAfPol An EIGRP context policy can be applied on one or more contexts under the tenant. EIGRP context policies can be enabled on a context through a relation in the context per address family. If there is no relation to a given address family such as IPv6 or the EIGRP context policy mentioned in the relation doesn't exist, then the default context policy created under Tenant Common will be used for that address family. |
|
|
|
|
|
|
├
|
|
ipmc:ACtxPol Abstraction of Context-level Routed Multicast policy |
|
|
|
|
|
|
|
├
|
|
ospf:CtxDefAf The context-level OSPF definition per address family. |
|
|
|
|
|
|
|
├
|
|
ospf:CtxPol The context-level OSPF timer policy provides the Hello timer and Dead timer intervals configuration. |
|
|
|
|
|
|
├
|
|
rtdmc:ACtxPol Abstraction of Context-level Routed Multicast policy |
|
|
|
|
|
├
|
|
isis:DomPol The domain policy is used to configure IS-IS domain specific properties. |
|
|
|
|
|
├
|
|
stormctrl:IfPol The storm control interface policy. A traffic storm occurs when packets flood the LAN, creating excessive traffic and degrading network performance. You can use the traffic storm control feature to prevent disruptions on ports by a broadcast, multicast, or unknown unicast traffic storm on physical interfaces. |
|
|
|
|
|
├
|
|
cdp:AIfPol The CDP Interface Policy parameters. CDP is primarily used to obtain protocol addresses of neighboring devices and discover the platform of those devices. CDP can also be used to display information about the interfaces your router uses. CDP is media- and protocol-independent, and runs on all Cisco-manufactured equipment including routers, bridges, access servers, and switches. |
|
|
|
|
|
|
├
|
|
cdp:IfPol The CDP interface policy, which is primarily used to obtain protocol addresses of neighboring devices and discover the platform of those devices. CDP can also be used to display information about the interfaces your router uses. CDP is media- and protocol-independent, and runs on all Cisco-manufactured equipment including routers, bridges, access servers, and switches. |
|
|
|
|
|
├
|
|
copp:IfPol Per interface per protocol CoPP policy |
|
|
|
|
|
├
|
|
dwdm:AOptChnlIfPol Abstract class for all the profiles for DWDM C optic channel that can be applied |
|
|
|
|
|
|
├
|
|
dwdm:IfPol DWDM policy that can be applied at interface level |
|
|
|
|
|
|
├
|
|
lacp:LagPol The PortChannel policy enables you to bundle several physical ports together to form a single port channel. LACP enables a node to negotiate an automatic bundling of links by sending LACP packets to the peer node. |
|
|
|
|
|
├
|
|
lacp:IfPol The PortChannel interface policy defines a common configuration that will apply to one or more LACP interfaces. |
|
|
|
|
|
├
|
|
lldp:AIfPol A summary of the interface policy. We recommend you include information about where and when the policy should be used. The abstraction can be up to 128 characters. |
|
|
|
|
|
|
├
|
|
lldp:IfPol The LLDP interface policy, which defines a common configuration that will apply to one or more LLDP interfaces. LLDP uses the logical link control (LLC) services to transmit and receive information to and from other LLDP agents. |
|
|
|
|
|
|
|
├
|
|
netflow:ExporterPolDef Define the Netflow Exporter Policy MO which contains
internal information needed to program the leaf |
|
|
|
|
|
|
├
|
|
netflow:MonitorPolDef Define the Netflow Monitor Policy MO which contains
internal information needed to program the leaf |
|
|
|
|
|
|
├
|
|
netflow:RecordPolDef Define the Netflow Record Policy MO which contains
internal information needed to program the leaf |
|
|
|
|
|
├
|
|
qos:ADppPol Define a Data Plane Policing policy. User is supposed
to use this in scenarios where the incoming traffic need
to be policed to certain levels |
|
|
|
|
|
|
├
|
|
qos:DppPol Define a Data Plane Policing policy. User is supposed
to use this in scenarios where the incoming traffic need
to be policed to certain levels |
|
|
|
|
|
|
├
|
|
qos:DppPolDef Define the Data Plane Policing MO which contains
internal information needed to program the leaf |
|
|
|
|
|
├
|
|
stp:AIfPol An abstraction of an spanning-tree protocol interface policy. This is applicable to leaf ports and n1000v distributed virtual switches. Extended chassis ports have BPDU guard filter enabled by default. |
|
|
|
|
|
|
├
|
|
stp:IfPol The Spanning-Tree Protocol (STP) interface policy defines a common configuration that will apply to one or more interfaces.
STP prevents loops from being formed when the interfaces are interconnected via multiple paths. Spanning-Tree Protocol implements the 802.1D IEEE algorithm by exchanging BPDU messages with other switches to detect loops, and then removes the loop by shutting down selected bridge interfaces. This algorithm guarantees that th... |
|
|
|
|
|
|
├
|
|
stp:IfPolDef The read-only copy of the spanning-tree protocol interface policy. |
|
|
|
|
|
├
|
|
arp:AIfPol This object holds arp information that is operated at a
interface level |
|
|
|
|
|
├
|
|
bfd:AIfPol Interface-level bfd abstraction policy |
|
|
|
|
|
├
|
|
eigrp:IfPol The EIGRP interface policy, which defines a common configuration that will apply to one or more EIGRP interfaces. |
|
|
|
|
|
├
|
|
nd:AIfPol The neighbor discovery interface policy defines a common configuration that will apply to one or more neighbor discovery interfaces. |
|
|
|
|
|
|
├
|
|
nd:IfPol The neighbor discovery interface policy defines a common configuration that will apply to one or more neighbor discovery interfaces. |
|
|
|
|
|
|
├
|
|
nd:IfPolDef The read only copy of the neighbor discovery interface policy. |
|
|
|
|
|
├
|
|
nd:APfxPol The neighbor discovery prefix policy. |
|
|
|
|
|
|
├
|
|
nd:PfxPol The neighbor discovery prefix policy. |
|
|
|
|
|
|
├
|
|
nd:PfxPolDef The neighbor discovery prefix policy definition. |
|
|
|
|
|
├
|
|
ospf:IfPol The OSPF interface-level policy information. |
|
|
|
|
|
|
├
|
|
pim:IfPol Interface-level PIM-SM (sparse mode) policy. |
|
|
|
|
|
├
|
|
dns:Prof The DNS instance information. |
|
|
|
|
|
├
|
|
dns:Profile The DNS profile defines a set of DNS providers and can be deployed to a switch for tenant contexts. To deploy a DNS profile on a switch, the appropriate label has to be defined for the context deployed on switch. |
|
|
|
|
|
├
|
|
edr:ErrDisRecoverPol The error disabled recovery policy specifies the policy for re-enabling a port that was disabled due to one or more pre-defined error conditions. |
|
|
|
|
|
├
|
|
ep:LoopProtectP The endpoint loop protection policy specifies how loops detected by frequent mac moves are handled. |
|
|
|
|
|
|
├
|
|
l2:InstPol The Layer 2 instance policy is used for configuring fabric-wide layer 2 settings. Currently, this policy contains only fabric MTU and management MTU configuration. |
|
|
|
|
|
├
|
|
span:ADest The abstraction of an SPAN destination. The SPAN destination is where network traffic is sent for analysis by a network analyzer. A SPAN destination can be local or remote (ERSPAN). When you create a traffic monitoring session, you must select a SPAN source and a SPAN destination. The type of session (Tenant, Access, or Fabric) determines the allowed types of SPAN sources and destinations. The destination can be either a port or an endpoint group... |
|
|
|
|
|
|
├
|
|
span:AVDest The abstraction of a VSPAN destination. The VSPAN destination is where network traffic is sent for analysis by a network analyzer. A VSPAN destination can be local or remote (VERSPAN). When you create a traffic monitoring session, you must select a VSPAN source and a VSPAN destination. The type of session (Tenant, Access, or Fabric) determines the allowed types of VSPAN sources and destinations. The destination can be either a port or an endpoint... |
|
|
|
|
|
|
|
├
|
|
span:VDest The VSPAN destination is where network traffic is sent for analysis by a network analyzer. A VSPAN destination can be local or remote (VERSPAN). When you create a traffic monitoring session, you must select a VSPAN source and a VSPAN destination. The type of session (tenant, access, or fabric) determines the allowed types of VSPAN sources and destinations. The destination can be either a port or an endpoint group. If the destination is a port, it... |
|
|
|
|
|
|
|
├
|
|
span:VDestDef The VLAN-based SPAN (VSPAN) destination definition. |
|
|
|
|
|
|
├
|
|
span:Dest The SPAN destination is where network traffic is sent for analysis by a network analyzer. A SPAN destination can be local or remote (ERSPAN). When you create a traffic monitoring session, you must select a SPAN source and a SPAN destination. The type of session (Tenant, Access, or Fabric) determines the allowed types of SPAN sources and destinations. The destination can be either a port or an endpoint group. If the destination is a port, it shoul... |
|
|
|
|
|
├
|
|
span:ASrcGrp The abstraction of a SPAN source group. The SPAN source group can contain a group of SPAN sources, which is where network traffic is sampled. A SPAN source can be an endpoint group (EPG), one or more ports, or port traffic filtered by an EPG (Access SPAN), a Layer 2 bridge domain, or a Layer 3 context (Fabric SPAN). When you create a traffic monitoring session, you must select a SPAN source group and a SPAN destination. The type of session (Tenan... |
|
|
|
|
|
|
├
|
|
span:SrcGrp The SPAN source group can contain a group of SPAN sources. A SPAN source is where network traffic is sampled. A SPAN source can be an endpoint group (EPG), one or more ports, or port traffic filtered by an EPG (access SPAN), a Layer 2 bridge domain, or a Layer 3 context (Fabric SPAN). When you create a traffic monitoring session, you must select a SPAN source group and a SPAN destination. The type of session (Tenant, Access, or Fabric) determines... |
|
|
|
|
|
|
├
|
|
span:SrcGrpDef The SPAN source group definitions. The SPAN source is where traffic is sampled. A SPAN source can be an endpoint group (EPG), one or more ports, or port traffic filtered by an EPG (access SPAN), a Layer 2 bridge domain, or a Layer 3 context (fabric SPAN). When you create a traffic monitoring session, you must select a SPAN source and a SPAN destination. The type of session (Tenant, Access or fabric) determines the allowed types of SPAN sources an... |
|
|
|
|
|
├
|
|
span:AVDestGrp The abstraction of a VSPAN destination group. The VSPAN destination group can contain a group of VSPAN destinations. A VSPAN destination is where network traffic is sent for analysis by a network analyzer. A VSPAN destination can be local or remote (VERSPAN). When you create a traffic monitoring session, you must select a VSPAN source and a VSPAN destination. The type of session (Tenant, Access, or Fabric) determines the allowed types of VSPAN so... |
|
|
|
|
|
|
├
|
|
span:VDestGrp The VSPAN destination group contains a group of VSPAN destinations. A VSPAN destination is where network traffic is sent for analysis by a network analyzer. A VSPAN destination can be local or remote (VERSPAN). When you create a traffic monitoring session, you must select a VSPAN source and a VSPAN destination. The type of session (tenant, access, or fabric) determines the allowed types of VSPAN sources and destinations. The destination can be ei... |
|
|
|
|
|
|
├
|
|
span:VDestGrpDef VSPAN destination group used for configuring VSPAN source group definitions. |
|
|
|
|
|
├
|
|
span:AVSrcGrp The abstraction of a VSPAN source group. The VSPAN source group can contain a group of VSPAN sources. A VSPAN source is where network traffic is sampled. A VSPAN source can be an endpoint group (EPG), one or more ports, or port traffic filtered by an EPG (Access VSPAN), a Layer 2 bridge domain, or a Layer 3 context (Fabric VSPAN). When you create a traffic monitoring session, you must select a VSPAN source group and a VSPAN destination. The type ... |
|
|
|
|
|
|
├
|
|
span:VSrcGrp The VSPAN source group can contain a group of VSPAN sources. A VSPAN source is where network traffic is sampled. A VSPAN source can be an endpoint group (EPG), one or more ports; or port traffic filtered by an EPG (access VSPAN), a Layer 2 bridge domain, or a Layer 3 context (fabric VSPAN). When you create a traffic monitoring session, you must select a VSPAN source group and a VSPAN destination. The type of session (tenant, access, or fabric) de... |
|
|
|
|
|
├
|
|
span:DestGrp The SPAN destination group contains a group of SPAN destinations. A SPAN destination is where network traffic is sent for analysis by a network analyzer. A SPAN destination can be local or remote (ERSPAN). When you create a traffic monitoring session, you must select a SPAN source and a SPAN destination. The type of session (Tenant, Access, or Fabric) determines the allowed types of SPAN sources and destinations. The destination can be either a p... |
|
|
|
|
|
├
|
|
span:SpanProv The SPAN destination provider is used for configuring SPAN destination provider parameters. |
|
|
|
|
|
├
|
|
span:VSpanProv The VSPAN destination provider is used for configuring VSPAN destination provider parameters. |
|
|
|
|
|
├
|
|
stp:InstPol The spanning Tree Protocol (STP) instance policy, which enables you to set the bridge protocol data unit (BPDU) guard policy or filter. BDPUs are packets that run the STP protocol. The specification for STP is IEEE 802.1D. The main purpose of STP is to ensure that you do not create loops when you have redundant paths in your network. Loops are deadly to a network. |
|
|
|
|
|
├
|
|
vpc:InstPol The node-level vPC domain policy, which is used to specify a vPC domain and is applied to both vPC peer devices, the vPC peer keepalive link, the vPC peer link, and all the PortChannels in the vPC domain connected to the downstream device. You can have only one vPC domain ID on each device. |
|
|
|
|
|
├
|
|
bgp:InstPol The BGP Instance level policy is used to configure MP-BGP policies inside the fabric. |
|
|
|
|
|
├
|
|
dhcp:ARelayP The abstract DHCP Relay profile, which is used for configuring relay parameters per bridge domain (BD). |
|
|
|
|
|
|
├
|
|
dhcp:RelayP The DHCP relay profile, with one or more helper addresses in it, configures a DHCP relay agent for forwarding DHCP packets to a remote server. |
|
|
|
|
|
├
|
|
psu:InstPol The power redundancy policy is for all power supply units on the fabric nodes (leaves and spines) that are consuming the power supply policy through their respective selector profile policy. |
|
|
|
├
|
|
lbp:Pol The load balancing policy options for balancing traffic among the available uplink ports. Static hash load balancing is the traditional load balancing mechanism used in networks where each flow is allocated to an uplink based on a hash of its 5-tuple. This load balancing gives a distribution of flows across the available links that is roughly even. Usually, with a large number of flows, the even distribution of flows results in an even distributi... |
|
|
|
├
|
|
fc:AllocEncapCont Represents the container object used for managing Fibre Channel Encap Block |
|
|
├
|
|
fc:APinningLbl Fiber Channel Pinning Label. Its used for pinning host interfaces to uplink interfaces. This label should match with the name of a fc:PinningP configured this tenant or tenant-commmon. Once this label is configured under a fv:RsFcPathAtt, that host interface will get pinned to the uplink interfaces specified in the Pinning profile. |
|
|
├
|
|
fc:APinningP Abstract Fiber Channel Pinning Profile. Its used for pinning host interfaces to uplink interfaces. |
|
|
|
├
|
|
fc:PinningP Fiber Channel Pinning Profile. Its used for pinning host interfaces to uplink interfaces. |
|
|
|
├
|
|
fc:PinningPDef Fiber Channel Pinning Profile Definition. Its used for pinning host interfaces to uplink interfaces. |
|
|
├
|
|
fc:ResPolCont Container for resolved Fiber Channel policies in node |
|
|
├
|
|
firmware:AFwP The firmware policy specifies the desired firmware version. |
|
|
|
├
|
|
firmware:FwP The firmware specification policy for a node. |
|
|
├
|
|
firmware:RepoP The firmware repository population and maintenance information. |
|
|
├
|
|
fmcast:SystemGIPoPol Used for enabling usage of configured system GIPo in the fabric (includes all the PODs).
@@@ In previous releases system GIPo was hardcoded and was not usable for Multipod scenarios.
@@@ In Congo, PE/APIC changes were done for configuring new system GIPo value but NXOS changes
@@@ were slipped out of Congo. Now we are introducing this knob to start using configured system
@@@ ... |
|
|
|
├
|
|
fv:FabricExtConnPDef Site Connectivity Profile Definition
@@@ PE will pull FabricExtConnPDef. An Outside pushed to spine will pull it. |
|
|
├
|
|
fv:AIntersiteConnP Abstract Class Container for Connectivity Information for MultiSite deployments |
|
|
|
├
|
|
fv:IntersiteConnP Container for Unicast Connectivity Information for MultiSite deployments |
|
|
├
|
|
fv:AIntersiteConnPDef Abstract Class Container Def for Connectivity Information for MultiSite deployments |
|
|
├
|
|
fv:APathAtt An abstraction of the path the endpoint group configuration will be deployed on. |
|
|
|
├
|
|
fv:ExtStPathAtt The path the endpoint group configuration will be deployed on. |
|
|
|
├
|
|
fv:StPathAtt The path the endpoint group configuration is deployed on. |
|
|
|
├
|
|
fv:VNodeAtt Represent a Path on whom the EPG configuration
will be deployed.
It represents Virtual Node Attachment. If only this type of attachement is
present under an EpP then the EpP will not get instrumented on that node.
But together with VNodeAtt if any other type of PathAtt is present then EpP
will get instrumented as usual |
|
|
|
├
|
|
fv:PathEpDef The node and interface, or a group of interfaces, that the endpoint group is deployed on. This is an internal object used for tracking static endpoint group deployment. |
|
|
├
|
|
fv:AVip Abstraction of Virtual IP address |
|
|
├
|
|
fv:AccP The bridge domain (BD) access profile. When created over a BD, contracts are not enforced for the BD, and the encap will be applied to all endpoint groups on this BD. |
|
|
├
|
|
fv:BDHolder The bridge domain (BD) holder contains bridge domain related information. For example, in a same shared service scenario, when a context is
deployed on a node, the PE needs to get all subnets of all the associated BDs. In this case, the private Layer 3 network context contains DNs of all associated BDs,
and with that info, the node pulls down the corresponding bridge domain holders of each of the associated BDs. The bridge domain holder contai... |
|
|
├
|
|
fv:ConnInstrPol Every endpoint group should have a relation set to its bridge domain. If not set by the user, then the relation is set to the default Bridge Domain and the Connectivity Instrumentation Policy determines whether or not traffic will be allowed to flow to/from that EPG. This applies to all EPGs regardless of use (VMM, baremetal, L2ext, L3ext). There is also a relation from the Bridge Domain to the VRF. If this is not set by the user, then the defaul... |
|
|
├
|
|
fv:EPgCont An endpoint group container is an internal object that represents endpoint groups. |
|
|
|
├
|
|
fv:AEPgCont An abstract container class for endpoint groups. This is an abstract class and cannot be instantiated |
|
|
|
├
|
|
fv:EPgDef An internal object that represents endpoint groups is used for deployment. |
|
|
|
|
├
|
|
fv:AEPgDef Abstract representation of an endpoint group definition. |
|
|
|
|
|
├
|
|
dhcp:ProvDhcp Internal object that points to the provider details of a DHCP relay profile. |
|
|
|
|
|
├
|
|
fv:AEpP Abstract representation of an endpoint profile. |
|
|
|
|
|
|
├
|
|
fv:AREpP Abstract representation of the resolvable endpoint profile. This is an abstract class and cannot be instantiated. |
|
|
|
|
|
|
|
├
|
|
fv:AMgmtEpP Abstract representation of the management endpoint policy for a fabric node management endpoint group. This is an abstract class and cannot be instantiated. |
|
|
|
|
|
|
|
|
├
|
|
fv:InBEpP An in-band management endpoint profile for a fabric node management endpoint group. |
|
|
|
|
|
|
|
|
├
|
|
fv:InstPEpP Instance Profile Management EpP for the Fabric Node Management EPG. This EpP is created per external management entity instance profile (InstP EPg). |
|
|
|
|
|
|
|
|
├
|
|
fv:OoBEpP An out-of-band management endpoint profile for a fabric node management endpoint group. |
|
|
|
|
|
|
|
├
|
|
fv:ExtEpP Abstraction of a profile created for an endpoint connected to an external router or switch. |
|
|
|
|
|
|
|
|
├
|
|
fv:BrEpP The bridge endpoint profile represents L2 outside present under a tenant. |
|
|
|
|
|
|
|
|
├
|
|
fv:RtdEpP A target relation to an L3 routed outside present under a tenant. |
|
|
|
|
|
|
|
├
|
|
fv:SvcEpP Abstract representation of a service endpoint profile, such as an endpoint profile created per node in the service graph. |
|
|
|
|
|
├
|
|
span:ADestSummary The abstraction of a SPAN destination information summary, which is used for configuring the SPAN destination information summary. |
|
|
|
|
|
|
├
|
|
span:AEpgSummary The abstraction of a SPAN destination endpoint group (EPG) summary, which stores EPG information for SPAN. |
|
|
|
|
|
├
|
|
vz:ACtrctEpgDef An endpoint group associated with a contract can be provider or consumer. |
|
|
|
|
|
|
├
|
|
vz:ToEPg The destination endpoint group. |
|
|
|
|
├
|
|
fv:ProtEPg An endpoint group associated with a taboo policy in a given context. This is an internal object. |
|
|
|
|
├
|
|
vz:FromEPg The endpoint group that traffic originates from. |
|
|
├
|
|
fv:EpCP A container to hold criterion definition objects for an endpoint group. |
|
|
├
|
|
fv:PolDeliveryStatus Status of policy deployment indicates if APIC has delivered/is delivering policy to node - Policy to node cannot be delivered (node is a spine). |
|
|
├
|
|
fv:PolMod A bridge domain policy modifier that can override the desired state of the bridge domain. |
|
|
├
|
|
fv:RemotePolHolder A container existing on each node to efficiently download policies to the node. For example: filters, bridge domain, and taboo policies. This is an internal object. |
|
|
├
|
|
fv:RtdEpPInfoCont A container for target relations that point to a Layer 3 routed outside and present under a tenant. |
|
|
├
|
|
fv:RtdEpPInfoHolder A container for target relations to a Layer 3 routed outside and present under a tenant. |
|
|
├
|
|
fv:SlaDef IPSLA Policy Definition
@@@ PE will pull IPSLA Def Mo |
|
|
├
|
|
fv:UnkMacUcastActMod This is the bridge domain (BD) Policy Modifier for UnkMacUcastAct. In special cases, the BD Policy Modifier can override the desired state of BD. |
|
|
├
|
|
geo:Site The geographical site of the fabric node. |
|
|
├
|
|
health:EvalP The health score evaluation policy indicates the severity of the fault in percentages. |
|
|
├
|
|
health:LevelsP The severity of a health score, such as healthy, fair, or poor. |
|
|
├
|
|
iacl:AProfile Abstract class for all the profiles for CoPP Prefilters that can be applied at the node level |
|
|
├
|
|
infrazone:ZoneP Infrastructure Zoning Profile: This profile can be used for carving out policy deployment zones in the fabric. With zones, user can push policies to different zones at different times to prevent or minimize fabric downtime |
|
|
├
|
|
l3ext:RtdOutDefRef Reference to the Routed Out Definition associated with this RtdEpP.
Existence of this mo under RtdEpP is also used as an indicator that
the RtdEpP is version 2 (i.e. pruned) RtdEpP.
|
|
|
├
|
|
mock:Counter This is generated and used only by internal processes |
|
|
├
|
|
mock:MockRoot This is generated and used only by internal processes |
|
|
├
|
|
mock:Stats This is generated and used only by internal processes |
|
|
├
|
|
mon:Pol The base monitoring policy model. |
|
|
|
├
|
|
mon:CommonPol The monitoring policy model for the common semantic scope, which is used when there is no corresponding policy under the more specific infra or tenant scopes. In such cases, these policies are used throughout the fabric except for objects attached to their own specific policies. |
|
|
|
├
|
|
mon:EPGPol Creates a container for monitoring policies associated with the tenant. This allows you to apply tenant-specific policies related to Stats Collection, Stats Export, Callhome/SNMP/Syslog, Event Severities, Fault Severities, and Fault Lifecycles. |
|
|
|
├
|
|
mon:FabricPol Creates a policy which acts as a container for associated fabric monitoring policies. These can include policies related to Event/Fault severity, the Fault lifecycle, and other such monitoring policies. |
|
|
|
├
|
|
mon:InfraPol Creates a policy which acts as a container for associated fabric monitoring policies. These can include policies related to Event/Fault severity, the Fault lifecycle, and other such monitoring policies. |
|
|
├
|
|
netflow:ExporterPolHolder Mo that will be attached to retrieve the DN of the
NetflowExporterPolDef that should be downloaded on the leaf in
order to program the leaf |
|
|
├
|
|
netflow:MonitorPolHolder Mo that will be attached to retrieve the DN of the
NetflowMonitorPolDef that should be downloaded on the leaf in
order to program the leaf |
|
|
├
|
|
pki:Definition This is an abstract class and cannot be instantiated. |
|
|
|
├
|
|
pki:CsyncElement The file pattern, the type of pattern (include or exclude), and the symbolic name of the pattern. |
|
|
|
├
|
|
pki:Ep The PKI configuration, which includes key rings and certificate authority (CA) credentials. Components of the PKI are used to establish secure communications between two devices. |
|
|
|
├
|
|
pki:FabricIssuedSSLCertificate
Object representing x509 certificates issued by the APIC for a node in the Fabric
This object is implicitly created and cannot be deleted or exported in the configuration
|
|
|
|
├
|
|
pki:FabricNodeSSLCertificate
Object representing a Cisco issued x509 certificate for a node in the Fabric
This object is implicitly created and cannot be deleted or exported in the configuration
|
|
|
|
├
|
|
pki:Item This is an abstract class and cannot be instantiated. |
|
|
|
|
├
|
|
pki:KeyRing A keyring to create and hold an SSL certificate. The SSL certificate contains the public RSA key and signed identity information of a PKI device. The PKI device holds a pair of RSA encryption keys, one kept private and one made public, stored in an internal key ring. The keyring certificate merges into the PKI device keyring to create a trusted relationship. |
|
|
|
|
├
|
|
pki:TP A trustpoint (certificate authority/CA), which issues and validates (signs) digital certificates. When participating in secure communications using the public key infrastructure (PKI), a participant can verify the identity of the other party through the CA that signed the other party's public key. |
|
|
|
├
|
|
pki:WebTokenData The cryptographic data used for generating and verifying web tokens. |
|
|
|
|
|
├
|
|
infra:ProfileIssues Infrastructure Profile Configuration Issues. The delegatable class is infra:Profile, which should be a super
class of all infra profiles such as Attachable Profile, Node Profile, Port Profile, Function Profile, etc. |
|
|
|
|
├
|
|
fabric:OosPathIssues An object used for reporting configuration issues related to port out-of-service policy. |
|
|
|
├
|
|
fv:AConfIssues The configuration issues found during the endpoint profile instrumentation in the node. This is an abstract class and cannot be instantiated. |
|
|
|
|
|
├
|
|
fv:CompIssues The compute configuration issues for each endpoint profile. |
|
|
|
|
|
├
|
|
fv:NwIssues The network configuration issues for each endpoint profile. |
|
|
|
|
|
├
|
|
fv:StorageIssues Represents the storage configuration issues for each endpoint profile. |
|
|
├
|
|
pol:ConsElem Represents a policy consumption qualifier element. |
|
|
|
├
|
|
pol:If Represents an interface exposed or consumed by a policy. |
|
|
|
|
├
|
|
pol:ProvIf Represents a function or service provider interface. |
|
|
|
|
├
|
|
vz:AIf The abstraction of an interface. A contract interface and bundle interface inherits from this class. |
|
|
|
|
|
├
|
|
vz:CPIf A contract interface is used as a contract consumption interface when
a consumer consumes the contract by associating it to a consumption interface
provided by the provider in the consumer's domain. A consumer can associate
with the contract consumption interface when it is provided by the provider in the consumer's
domain.
Note that a contract consumption interface represents one or more subjects defined under the
contract. By associating... |
|
|
|
├
|
|
pol:Lbl Represents a policy label. |
|
|
|
|
├
|
|
dhcp:ALbl The identification of the DHCP provider. If the owner is the tenant, then the label is matched with the
DHCP label present under the bridge domain (BD). If the owner is the infra, then the label is matched with the DHCP label
present under the infra (and associated with the node). If n providers match the label, then all of them get configured as relay. |
|
|
|
|
|
├
|
|
dhcp:Lbl A DHCP relay label contains a name for the label, the scope, and a DHCP option policy. The scope is the owner of the relay server and the DHCP option policy supplies DHCP clients with configuration parameters such as domain, nameserver, and subnet router addresses. |
|
|
|
|
|
├
|
|
dns:Lbl The network domain name label. Labels enable classifying which objects can and cannot communicate with one another. |
|
|
|
|
├
|
|
extnw:ALIfP An abstract logical interface profile. This object defines the characteristics that will be applied to resources that match with the profile name. |
|
|
|
|
|
├
|
|
l2ext:AIfP The abstraction of an interface profile. |
|
|
|
|
|
|
├
|
|
l2ext:LIfP The logical interface profile defines a common configuration that can be applied to one or more interfaces. |
|
|
|
|
|
|
├
|
|
l2ext:LIfPDef The interface identifiers attached to the node profile. |
|
|
|
|
|
├
|
|
l3ext:AIfP An abstract interface profile. This encapsulates common behavior / configuration that will apply to one or more L3 external interfaces. |
|
|
|
|
|
|
├
|
|
l3ext:LIfP The logical interface profile, which defines a common configuration that can be applied to one or more interfaces. |
|
|
|
|
|
|
├
|
|
l3ext:LIfPDef The interface identifiers attached to the node profile. |
|
|
|
|
|
├
|
|
l2ext:ALNodeP An abstract logical node profile. This defines the characteristics to be applied to resources that match with the profile name. |
|
|
|
|
|
|
├
|
|
l2ext:LNodeP The logical node profile defines a common configuration that can be applied to one or more leaf nodes. |
|
|
|
|
|
|
├
|
|
l2ext:LNodePDef The logical node profile definition. This defines the characteristics to be applied to resources that match with the profile name. |
|
|
|
|
|
├
|
|
l3ext:AConsLbl Represents Abstraction of Logical Outside Profile Consumer Label. Defines the characteristics that
will be applied to Layer3 Outside that matches with the label name |
|
|
|
|
|
|
├
|
|
l3ext:ConsLbl Represents Logical Outside Profile Consumer Label. Defines the characteristics that
will be applied to Layer3 Outside that matches with the label name |
|
|
|
|
|
|
├
|
|
l3ext:ConsLblDef Represents Logical Outside Profile Consumer Label Definition. Defines the characteristics that
will be applied to Layer3 Outside that matches with the label name |
|
|
|
|
|
├
|
|
l3ext:ALNodeP An abstract logical node profile. This defines the characteristics to be applied to resources that match with the profile name. |
|
|
|
|
|
|
├
|
|
l3ext:LNodeP The logical node profile defines a common configuration that can be applied to one or more leaf nodes. |
|
|
|
|
|
|
├
|
|
l3ext:LNodePDef The logical node profile definition. This defines the characteristics to be applied to resources that match with the profile name. |
|
|
|
|
|
├
|
|
rtctrl:LNodeP The node classification criteria for the route control context. |
|
|
|
|
├
|
|
infra:Lbl The tenant or provider characteristics of the port. |
|
|
|
|
|
├
|
|
infra:IfLblDef The tenant/provider's external connection characteristics of the port. |
|
|
|
|
|
├
|
|
infra:NodeLblDef The tenant or provider's external connection characteristics of the port. |
|
|
|
|
├
|
|
l3ext:AProvLbl Represents Abstraction of Logical Outside Profile Provider Label. Defines the characteristics that
will be applied to Layer3 Outside that matches with the label name |
|
|
|
|
|
├
|
|
l3ext:ProvLbl Represents Logical Outside Profile Provider Label. Defines the characteristics that
will be applied to Layer3 Outside that matches with the label name |
|
|
|
|
|
├
|
|
l3ext:ProvLblDef Represents Logical Outside Profile Label Definition. Defines the characteristics that
will be applied to Layer3 Outside that matches with the label name |
|
|
|
|
|
├
|
|
vsvc:AConsLbl This is generated and used only by internal processes. |
|
|
|
|
├
|
|
pol:ProvLbl Represents a function or service provider label. |
|
|
|
|
|
├
|
|
span:SpanLbl The SPAN label is used for SPAN label parameters. |
|
|
|
|
├
|
|
vz:ALbl The labels for filtering subjects. |
|
|
|
|
|
|
|
├
|
|
vz:ProvSubjLblDef A provider subject label definition. A subject label is used as a classification criteria for subjects being consumed/provided by the endpoint groups (EPGs) participating in the contract. The label identifies a subject being consumed by a consumer. It can be parented by 2 different methods. The first method is the relation between the consumer EPG and the contract that is used for filtering the subjects. A label should match either the subject na... |
|
|
|
|
|
|
├
|
|
vz:ConsSubjLbl A consumer subject label. In general, a subject label is used as a classification criteria for subjects being consumed/provided by the endpoint groups (EPGs) participating in the contract. The label identifies a subject being consumed by a consumer. It can be parented by 2 different methods. The first method is the relation between the consumer EPG and the contract that is used for filtering the subjects. A label should match either the subject n... |
|
|
|
|
|
|
├
|
|
vz:ProvLbl A label used by a provider for specifying its identity. The parent can be either the provider endpoint group or the relation between the provider endpoint group and a contract. A consumer with no label will consume from all the providers of the contract regardless of the provider label. A consumer with a specific label can only consume from providers matching the label. |
|
|
|
|
|
|
├
|
|
vz:ProvSubjLbl A subject label is used as classification criteria for subjects being consumed/provided by the endpoint groups (EPGs) participating in the contract. The label identifies a subject being provided by a provider. It can be parented by 2 different methods. The first method is the relation between the provider EPG and the contract that is used for filtering the subjects. A label should match either the subject name or the label present under the subje... |
|
|
|
|
|
├
|
|
vz:ALblDef An abstraction of a label definition. |
|
|
|
|
|
├
|
|
vz:ConsCtrctLbl A consumer contract label. A contract label can be parented by the relation between an endpoint group (EPG) and security group. The EPG is associated with a group and lists all contracts it provides out of the group, as well as, optionally, contracts that it chooses to consume. If no consumption contracts are indicated, all contracts are consumed. If no provider contracts are identified, the EPG provides no contracts out of this group. |
|
|
|
|
|
├
|
|
vz:ConsLbl A label used by consumers to filter the providers. The label can be parented as follows:
By the consumer endpoint group.
By the relation between the consumer endpoint group and contract.
By the relation between the contract interface and contract.
By the relation between the consumer endpoint group and contract interface.
A consumer with no label will consume from all the providers of the contract with no labels. A consumer with a specific label... |
|
|
|
|
|
├
|
|
vz:ProvCtrctLbl A label identifying a contract. A contract label can be parented by the relation between an endpoint group (EPG) and security group. The EPG is associated with a group and lists all contracts it provides out of the group, as well as, optionally, contracts that it chooses to consume. If no consumption contracts are indicated, all contracts are consumed. If no provider contracts are identified, the EPG provides no contracts out of this group. |
|
|
├
|
|
pol:DefRoot Represents the policy definition's subtree root. |
|
|
|
├
|
|
fv:Def An abstraction of the fabric virtualization policy definition. |
|
|
|
|
|
|
├
|
|
fv:AACrtrn Abstraction of Classifier used for Virtual Devices |
|
|
|
|
|
|
|
├
|
|
fv:ACrtrn An abstraction of the classifier used for virtual devices. |
|
|
|
|
├
|
|
fv:Attr The attributes in the criterion. |
|
|
|
|
|
|
|
├
|
|
fv:ProtoAttr The Layer 4 protocol attributes in the criterion. |
|
|
|
|
|
|
├
|
|
fv:AVmAttr The virtual attributes in the criterion. |
|
|
|
|
|
|
|
├
|
|
fv:VmAttr The virtual attributes in the criterion. |
|
|
|
|
├
|
|
fv:Dom A virtual fabric domain. |
|
|
|
|
|
|
├
|
|
fv:ABD An abstract representation of a private layer 2 network context that belongs to a specific tenant or context, or is shared. This is an abstract class and cannot be instantiated. |
|
|
|
|
|
|
|
├
|
|
fv:ABDPol Abstract representation of a bridge domain policy. |
|
|
|
|
|
|
|
|
├
|
|
fv:BD A bridge domain is a unique layer 2 forwarding domain that contains one or more subnets. Each bridge domain must be linked to a context. |
|
|
|
|
|
|
|
├
|
|
fv:BDDef A private layer 2 network context that belongs to a specific tenant or context, or is shared. |
|
|
|
|
|
|
├
|
|
fv:ACtx A private L3 network context belonging to a specific tenant. |
|
|
|
|
|
|
|
├
|
|
fv:Ctx The private layer 3 network context that belongs to a specific tenant or is shared. |
|
|
|
|
|
|
|
├
|
|
fv:CtxDef A private L3 network context belonging to a specific tenant. This is an internal representation of the context. |
|
|
|
|
├
|
|
fv:Np An abstraction representing a set of requirements a group of entities has on the virtualizable fabric. |
|
|
|
|
|
├
|
|
extnw:Out An abstraction of a policy controlling connectivity to outside such as another fabric or WAN. |
|
|
|
|
|
|
├
|
|
l2ext:Out The L2 outside policy controls connectivity to the outside. |
|
|
|
|
|
|
├
|
|
l3ext:Out The L3 outside policy controls connectivity to the outside. |
|
|
|
|
|
├
|
|
fv:Ap The application profile is a set of requirements that an application instance has on the virtualizable fabric. The policy regulates connectivity and visibility among endpoints within the scope of the policy. |
|
|
|
|
|
├
|
|
fv:Up A set of requirements for datacenter utility functions on virtualized fabric. |
|
|
|
|
|
|
|
├
|
|
fabric:InfrP An abstraction of the fabric infrastructure-level policy for either fabric internal or external behaviors |
|
|
|
|
|
|
|
|
├
|
|
fabric:InfrExP An abstraction of the set of rules pertaining to external fabric behavior |
|
|
|
|
|
|
|
|
|
├
|
|
infra:ExP An abstraction of an external profile. |
|
|
|
|
|
|
|
|
|
|
├
|
|
infra:ClP The infrastructure client profile object. |
|
|
|
|
|
|
|
|
├
|
|
fabric:InfrFP A set of rules pertaining to internal fabric behavior. |
|
|
|
|
|
|
|
|
├
|
|
mgmt:MgmtP The in-band and out-of-band management endpoint groups consists of switches (leaves/spines) and APICs.
Each node in the group is assigned an IP address that is dynamically allocated from the address pool associated with the corresponding
in-band or out-of-band management zone. |
|
|
|
|
|
├
|
|
infra:AIpP An abstraction of a resolvable infrastructure profile. |
|
|
|
|
|
|
├
|
|
infra:IpP A resolvable hypervisor infrastructure profile. |
|
|
|
|
|
├
|
|
mgmt:ExtMgmtEntity The external entity management. The external entities (hosts) can communicate with nodes that are part of the out-of-band (OOB)
management endpoint group. To enable this communication, hosts are connected to the OOB management port of the nodes. |
|
|
|
├
|
|
test:Rule An abstract class for a test rule. |
|
|
├
|
|
pol:Ns Represents a policy namespace. |
|
|
|
|
├
|
|
fvns:AddrInst The IP address namespace/IP address range contains unicast and multicast address blocks. |
|
|
|
|
├
|
|
fvns:McastAddrInstP The multicast address namespace policy defines the multicast IP address ranges.
These addresses can be used for various purposes, such as VxLAN encapsulation. |
|
|
|
├
|
|
fvns:AInstP The namespace policy is used for managing the Encap (VXLAN, NVGRE, VLAN) ranges. |
|
|
|
|
|
├
|
|
fvns:VlanInstP The VLAN range namespace policy defines for ID ranges used for VLAN encapsulation. |
|
|
|
|
|
├
|
|
fvns:VxlanInstP The VxLAN range namespace policy defines for ID ranges used for VLAN encapsulation |
|
|
|
|
├
|
|
stp:EncapInstDef The spanning-tree protocol encap instance profile definition. The segment IDs calculated using this profile are for spanning tree BPDU flooding within the fabric. It is implicitly managed by the IFC. |
|
|
├
|
|
pool:Pool An abstraction of a shared resource pool. |
|
|
├
|
|
qos:ADppPolHolder Mo that will be attached to retrieve the DN of the
qosDppPolDef that should be downloaded on the leaf in
order to program the leaf |
|
|
├
|
|
qos:Class The QoS classification traffic descriptor and specifications are used to categorize a packet within a specific group and making the packet accessible for QoS handling in the network. |
|
|
├
|
|
qos:CustomPol The custom QoS policy enables different levels of service to be assigned to network traffic, including specifications for the Differentiated Services Code Point (DSCP) value(s), and the 802.1p Dot1p priority. |
|
|
├
|
|
qos:CustomPolDef The definition class for a custom QOS policy. Note that this is an internal object. |
|
|
├
|
|
qos:DppPolDefCont Container for all the qos:DppPolDef, under top, to
have them neatly organized |
|
|
├
|
|
qos:InstPol A QOS instance policy, which is a container for QOS class objects. |
|
|
├
|
|
rtctrl:Profile The route control profile specifies policies for external networks. The layer 3 networks outside the fabric, and reachable by a Tenant's applications, route to external networks. |
|
|
├
|
|
snmp:APol An abstract representation of a policy. A profile contains site info and general protocol config parameters
(such as version and traps vs. informs). |
|
|
|
├
|
|
snmp:Inst A container for each SNMP instance. |
|
|
|
├
|
|
snmp:Pol The SNMP policy enables you to monitor client group, v3 user, and/or community SNMP policies.
SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network. |
|
|
├
|
|
span:ASrc The abstraction of an SPAN source. The SPAN source is where traffic is sampled. A source can be an endpoint group (EPG), one or more ports, or port traffic filtered by an EPG (Access SPAN), a Layer 2 bridge domain, or a Layer 3 context (Fabric SPAN). When you create a traffic monitoring session, you must select a SPAN source and a SPAN destination. The type of session (Tenant, Access or fabric) determines the allowed types of SPAN sources and de... |
|
|
|
├
|
|
span:AVSrc The abstraction of a VSPAN source. The VSPAN source is where traffic is sampled. A VSPAN source can an endpoint group (EPG), one or more ports, or port traffic filtered by an EPG (Access VSPAN), a Layer 2 bridge domain, or a Layer 3 context (Fabric VSPAN). When you create a traffic monitoring session, you must select a VSPAN source and a VSPAN destination. The type of session (Tenant, Access or fabric) determines the allowed types of span sources... |
|
|
|
|
├
|
|
span:VSrc The VSPAN source, which is where traffic is sampled. A VSPAN source can be an endpoint group (EPG), one or more ports, or port traffic filtered by an EPG (Access VSPAN), a Layer 2 bridge domain, or a Layer 3 context (Fabric VSPAN). When you create a traffic monitoring session, you must select a VSPAN source and a VSPAN destination. The type of session (Tenant, Access, or Fabric) determines the allowed types of VSPAN sources and destinations. The ... |
|
|
|
|
├
|
|
span:VSrcDef The VSPAN VSrcDef is used for VSPAN source definitions. |
|
|
|
├
|
|
span:Src The SPAN or ERSPAN source is where traffic is sampled. A source can be an endpoint group (EPG), one or more ports, or port traffic filtered by an EPG (access SPAN), a Layer 2 bridge domain, or a Layer 3 context (fabric SPAN). When you create a traffic monitoring session, you must select a source and a destination. The type of session (tenant, access, or fabric) determines the allowed types of sources and destinations. The destination can be eithe... |
|
|
|
├
|
|
span:SrcDef The SPAN source definitions. The SPAN source is where traffic is sampled. A SPAN source can be an endpoint group (EPG), one or more ports, or port traffic filtered by an EPG (Access SPAN), a Layer 2 bridge domain, or a Layer 3 context (Fabric SPAN). When you create a traffic monitoring session, you must select a SPAN source and a SPAN destination. The type of session (tenant, access or fabric) determines the allowed types of SPAN sources and dest... |
|
|
|
├
|
|
stp:AllocEncapBlkDef The spanning-tree protocol encap block definition for allocated IDs and the base segment ID used for the range. These segment IDs are used for spanning tree BPDU flooding within the fabric. It is implicitly managed by the IFC. |
|
|
|
├
|
|
stp:UnAllocEncapBlkDef The spanning-tree protocol encap block definition for un-allocated IDs and the base Segment ID used for the range. These segment IDs are used for spanning tree BPDU flooding within the fabric. It is implicitly managed by the IFC. |
|
|
├
|
|
stp:AEncapCont An abstraction of a container for managing the spanning tree flooding segment ID range. |
|
|
|
├
|
|
stp:AllocEncapCont A container for managing the spanning tree flooding segment ID range. |
|
|
|
├
|
|
svccore:NodePol The core collection policy contains the system or component failure information. You can configure the policy to export a copy of the core file to a location on an external TFTP server as soon as the core file is created. |
|
|
├
|
|
sysmgrp:Def Abstract class for all QoS policy definitions. |
|
|
|
|
|
├
|
|
cloud:EPSelectorDef Cloud Endpoint Selector, to decide which endpointss belong
to the EPGs based on several parameters, different
selectors will be considered as OR |
|
|
|
|
|
├
|
|
cloud:ExtEPSelectorDef Cloud Endpoint Selector, to decide which endpointss belong
to the EPGs based on several parameters, different
selectors will be considered as OR |
|
|
|
|
├
|
|
cloud:EPSelector Cloud Endpoint Selector, to decide which endpointss belong
to the EPGs based on several parameters, different
selectors will be considered as OR |
|
|
|
|
├
|
|
cloud:ExtEPSelector Cloud Endpoint Selector, to decide which endpointss belong
to the EPGs based on several parameters, different
selectors will be considered as OR |
|
|
|
├
|
|
cloud:AEPgSelector EPG Selector to correlate the cloudEPg with the corresponding fvAEPg from which it can inherit all the security policies. This is optional |
|
|
|
├
|
|
traceroutep:TrEp The traceroute source is the endpoint source information of the traceroute connected to ToR. |
|
|
|
├
|
|
traceroutep:TrExtEp Traceroute an External IP address from an End Point learned as being connected to ToR |
|
|
|
├
|
|
traceroutep:TrNode The traceroute for a ToR node allows you to determine the path a packet takes to get to a destination from a given source by returning the sequence of hops the packet traversed. |
|
|
├
|
|
trig:Inst An abstraction of a generalized system trigger. |
|
|
├
|
|
trig:SchedP The scheduler policy enables you to schedule a recurring or one-time window for the execution of a task. Multiple scheduler policies can be created for the same time period. |
|
|
|
├
|
|
trig:SingleTriggerable A triggerable object that can be triggered only once for each instance of a scheduler window. |
|
|
|
|
├
|
|
callhome:InvTrig When you manually trigger an inventory alert group message and do not specify a destination profile name, a message is sent to all active profiles that have either a normal or periodic subscription to the specified alert group. |
|
|
|
|
├
|
|
dbgexp:TechSupTrig This object is managed internally and should not be modified by the user. |
|
|
|
|
├
|
|
maint:MaintTrig Triggerable object on which the scheduler triggers a callback for maintenance. |
|
|
|
├
|
|
trig:Test An internal object for testing if an object can be triggered. |
|
|
|
|
├
|
|
vns:AbsFuncConn An abstract function node connector is used to map a service graph interface with the device interface. |
|
|
|
├
|
|
vns:AbsConnection An abstract connection connects two abstract connectors. These connections can either be between two abstract nodes or between an abstract node and an abstract terminal node. |
|
|
├
|
|
vns:AGraph A service graph is an ordered set of function nodes between a set of terminals, which identifies a set of network service functions that are required by an application. Service functions within a graph are automatically provisioned on a service device that is based on an application's requirements. |
|
|
|
├
|
|
vns:AbsGraph The abstract graph is made up of abstract nodes and used to define the traffic flow through a service function such as load balancing, SSL offload, and firewall. Abstract nodes are comprised of service nodes such as a service node balancer (SLB) or firewall (FW), abstract term nodes (the nodes that are connected to endpoint groups), and connections. |
|
|
|
├
|
|
vns:GraphInst The instance of a service graph. All instance objects are implicit. |
|
|
|
|
|
├
|
|
vns:NodeInst An instance of a function node. A service graph consists of multiple function nodes.. |
|
|
|
|
|
├
|
|
vns:NodeInstDef An instance of the service node. This is an internal object. |
|
|
|
|
├
|
|
vns:AbsNode An abstract node represents a service node such as a server load balancer (SLB) or firewall (FW). An abstract node is contained in an abstract graph. |
|
|
|
|
├
|
|
vns:AbsTermNode An abstract terminal node. Abstract terminal nodes are typically attached to the endpoint groups, and are connected to the abstract graph (AbsGraph) through an abstract connection (AbsConnection). |
|
|
|
├
|
|
vns:StsVNode A VNode. Holds the resources allocated to render a node instance on a specific Cdev. |
|
|
|
├
|
|
vns:VNodeDef The virtual node definition. This object is used internally. |
|
|
├
|
|
vns:AbsDevCfg A shared configuration for a logical device in the L4-L7 device cluster. This configuration can be shared across multiple logical devices. |
|
|
├
|
|
vns:AbsFuncCfg The configuration for a function. This configuration can be shared across multiple functions. |
|
|
├
|
|
vns:AbsFuncProf An abstract function profile includes the abstract device configuration, the abstract group configuration, and the abstract function configuration. These are analogous to the function configuration, group configuration, and device configuration within a device. |
|
|
├
|
|
vns:AbsGrpCfg The shared configuration for a function group. This configuration can be shared across multiple logical groups. |
|
|
├
|
|
vns:BDDef A bridge domain definition for tracking allocated bridge domains. This is an internally used object. |
|
|
├
|
|
vns:CfgDef GraphInst contains a copy of the per logical device shared configuration. |
|
|
|
├
|
|
vns:DevCfgInst GraphInst contains a copy of the per logical device shared configuration. |
|
|
├
|
|
vns:EPgDef An object used to track allocated endpoint groups. This object is used internally. |
|
|
├
|
|
vns:SvcGraphVersion The version of the entire service graph model. This is validated against the device script APIC model version. This number is of the form x.y, where x represents the major version number and y represents the minor version number of the service graph model. Guidelines: 1. The minor version is increased whenever a backward compatible change is made. This could include adding new properties or managed objects in the service graph model. It is expect... |
|
|
├
|
|
vz:ACollection The abstraction of a contract collection. A collection can be a single contract, a collection of all contracts associated with a bundle, or a collection of all contracts associated with a group. |
|
|
|
├
|
|
vz:ACtrct An abstraction of a resolvable contract. |
|
|
|
|
├
|
|
vz:ABrCP An abstraction of a binary contract profile. |
|
|
|
|
|
├
|
|
vz:BrCP A contract is a logical container for the subjects which relate to the filters that govern the rules for communication between endpoint groups (EPGs). Without a contract, the default forwarding policy is to not allow any communication between EPGs but all communication within an EPG is allowed. |
|
|
|
|
|
├
|
|
vz:OOBBrCP An out-of-band binary contract profile can only be provided by an out-of-band endpoint group and can only be consumed by the external prefix set. A regular endpoint group cannot provide or consume an out-of-band contract profile. |
|
|
|
|
├
|
|
vz:Taboo A Taboo contract provides a way for an endpoint group to specify the subjects on which communication is not allowed. |
|
|
├
|
|
vz:ACollectionDef An abstraction of a collection definition. A collection is a contract |
|
|
├
|
|
vz:AContDef An abstraction of a container definition. |
|
|
|
├
|
|
vz:DirAssDef A direct association definition for a collection. A collection is a contract. |
|
|
├
|
|
vz:AFilterable An abstraction of a filter object. The filter object is a filter. |
|
|
|
|
├
|
|
actrl:Flt The filter rules identifying a group of filter entries. |
|
|
|
|
├
|
|
vz:AFilter An abstraction of a filter. A filter is a group of resolvable filter entries. Each filter entry is a combination of network traffic classification properties. Note that this relation is an internal object. |
|
|
|
|
|
├
|
|
vz:Filter A filter policy is a group of resolvable filter entries. Each filter entry is a combination of network traffic classification properties. |
|
├
|
|
pol:Instr Represents a policy control instrumentation object. |
|
|
├
|
|
acl:ACL Abstract representation of access control-list |
|
|
├
|
|
bfd:AuthP This object holds authentication policy information |
|
|
|
├
|
|
bgp:RtP Route policy holds all route targets and route controls |
|
|
├
|
|
bgp:Gr The per-domain graceful restart information. |
|
|
├
|
|
bgp:MaxPfxP The maximum prefix policy specifies the action to be taken when the number of prefixes advertised by the peer crosses a specified maximum limit. This policy is used as a defensive mechanism to protect resources on the router. |
|
|
├
|
|
coop:AuthP This object holds authentication policy information |
|
|
├
|
|
coop:RepP All the repository policies information. |
|
|
├
|
|
dpp:Policer Holder for policer class policy, each class describes a set of rules describing the policer rate policy |
|
|
|
├
|
|
dpp:Class Holder for dpp class policy, each class describes a set of rules describing the policer rates |
|
|
├
|
|
eigrp:AuthP This object holds authentication policy information |
|
|
|
├
|
|
hcbgp:RtP Route policy holds all route targets and route controls |
|
|
├
|
|
ip:Route The static route definitions. |
|
|
├
|
|
isis:Gr Per- graceful restart information. |
|
|
├
|
|
l1:EeeP An energy efficient Ethernet policy. |
|
|
├
|
|
l2:EpRetPol An endpoint retention policy identifying the duration of how long information is kept about the remote endpoint. This is expressed through a set of triggering and ageing control parameters. |
|
|
|
├
|
|
ipmc:QuerierP This objects hold per IP Multicast Querier information |
|
|
|
|
├
|
|
igmp:QuerierP This object holds querier information per interface |
|
|
|
|
├
|
|
igmpsnoop:QuerierP When an IGMP snooping querier is enabled on a leaf, it sends out periodic IGMP queries on front panel ports of a BD on that leaf. |
|
|
├
|
|
mcast:AResP This object holds resource (router state) limit policy
to limit amount of multicast routing state on the router |
|
|
|
├
|
|
igmp:ResP This object holds resource (router state) limit policy
to limit amount of multicast routing state on the router |
|
|
|
├
|
|
pim6:ResP This object holds resource (router state) limit policy
to limit amount of multicast routing state on the router |
|
|
|
├
|
|
pim:ResP Resource (router state) limit policy. |
|
|
|
├
|
|
ac:Rule Represents an ordered set of rules specifing atomic counter policies.
Atomic counter policies specify a set of match criteria for counting packets.
These policies are used for debugging packet drops inside the fabric.
This is an abstract class and cannot be instantiated. |
|
|
|
|
├
|
|
ac:RuleArp Represents an ARP-based rule for the atomic counters. |
|
|
|
|
├
|
|
ac:RuleMac Represents media access control (MAC) address-based rules for the atomic counters. |
|
|
|
├
|
|
actrl:ARule An ordered set of rules specifying access control policies based on src/dst policy tag and filter ID. |
|
|
|
|
├
|
|
actrl:Rule The zoning rules for tenant endpoint groups. |
|
|
|
├
|
|
rtflt:Rule A container for a list of entries that are matched against the route to apply the route control policies. |
|
|
|
|
├
|
|
rtcom:Rule A route control rule for community lists. |
|
|
|
|
|
├
|
|
rtextcom:Rule A route control rule for extended community lists. |
|
|
|
|
|
├
|
|
rtregcom:Rule A route control rule for regular community lists. |
|
|
|
|
├
|
|
rtpfx:Rule A route control rule for prefix lists. |
|
|
├
|
|
ospf:AGr An abstraction of the per domain graceful restart information. |
|
|
|
├
|
|
ospf:Gr The OSPF domain related statistics. |
|
|
|
├
|
|
ospfv3:Gr The OSPF domain related statistics. |
|
|
├
|
|
ospf:ALsaCtrl This object holds lsa related frequency controls, none of these need to be exposed to the user. |
|
|
|
├
|
|
ospf:LsaCtrl The LSA-related frequency control information. |
|
|
├
|
|
ospf:AMaxLsaP An abstraction of the maximum link-state advertisement (database overflow) feature. |
|
|
|
├
|
|
ospf:MaxLsaP The maximum link-state advertisement (database overflow) feature. |
|
|
├
|
|
ospf:ASpfComp An abstraction of spf computation frequency controls, none of these need to be exposed to the user |
|
|
|
├
|
|
ospf:SpfComp The SPF computation frequency controls information. |
|
|
├
|
|
ospf:AuthP The OSPF authentication policy information. |
|
|
|
├
|
|
copp:Class Represents a control plane policing (COPP) policy class, which contains
a set of rules describing policer rates. |
|
|
|
├
|
|
copp:Match Specifies a set of match conditions for a COPP policer. |
|
|
├
|
|
qosp:Class A container for the QoS fabric class policy. Each class describes QoS attributes such as MTU. |
|
|
|
├
|
|
qosp:DscpRule The QoS classification rules based on DSCP values. |
|
|
|
├
|
|
qosp:IpRule The QoS classification rules based on IP values. |
|
|
|
├
|
|
bgp:PfxLeakCtrlP This object holds route control policy for all networks
defined by PfxLeakP in that domain |
|
|
|
├
|
|
bgp:RtCtrlMapP Route control map policy for routes imported/exported
into an AF. Control is through route maps. |
|
|
|
├
|
|
bgp:RtExpP Route export policy to control whether to export routes
into a different address family. Destination address
family is specified in the object.
Object may be nested within peer Address family (AF) to
subject only those peer's particular AF routes to export.
Object can also be under a domain Address family in
which case it is applicable to all pe... |
|
|
|
├
|
|
rtctrl:RtCtrlP Route control policy for routes. There are few ways to apply this policy, controlling through route maps or prefix lists. The direction specifies whether to apply this policy in the incoming or outgoing direction |
|
|
|
|
├
|
|
bgp:RtCtrlP The route control policy for routes coming/going to peers. There are few ways to apply this policy. |
|
|
|
|
├
|
|
eigrp:RtCtrlP The route control policy for routes coming/going over interfaces.
There are few ways to apply this policy, controlling
through route maps or prefix lists.
The direction specifies whether to apply this policy
in the incoming or outgoing direction |
|
|
|
|
├
|
|
eigrp:RtMetricAlterP Metric Alteration policy for EIGRP routes.
Selection of routes for which metric has to be adjusted,
can be done through route maps or prefix lists.
The direction specifies whether to apply this policy
for incoming or outgoing routes |
|
|
|
|
├
|
|
hcbgp:RtCtrlP Route control policy for routes coming/going to peers.
There are few ways to apply this policy, controlling
through route maps or prefix lists.
If both are specified, the order is implicit. Prefix
lists are applied before route maps.
The direction specifies whether to apply this policy
in the incoming or outgoing direction |
|
|
|
|
├
|
|
ipmcsnoop:ACtrlP Access control policy for multicast snoop. The policy can be applied either through prefix-list or route-map. Either prefix-list or route-map is applied |
|
|
├
|
|
rtctrl:RtOverload Route overload entry to control advertised
routes on specified node events |
|
|
├
|
|
rtdmc:ACandFilterP This object holds generic policy to filter messages from router candidates hosting RPs/RP discovery protocols |
|
|
|
├
|
|
rtdmc:ABSRFilterP This object holds policy for choosing BSRs from among BSR candidates |
|
|
|
|
├
|
|
pim6:BSRFilterP This object holds policy for
choosing BSRs from among BSR candidates |
|
|
|
├
|
|
rtdmc:AMAFilterP This object holds policy for choosing Mapping Agent from among the candidates |
|
|
|
|
├
|
|
pim6:MAFilterP This object holds policy for
choosing Mapping Agent from among the candidates |
|
|
|
├
|
|
rtdmc:ARPFilterP This object holds policy for choosing RPs from among RP candidates |
|
|
|
|
├
|
|
pim6:RPFilterP End Child MOs This object holds policy for
choosing RPs from among RP candidates |
|
|
├
|
|
rtdmc:AFuncP This object holds policy for a generic function policy |
|
|
|
|
├
|
|
pim6:AcastRPFuncP This object holds policy for Anycast RP Function
Specifies the anycast and local interface for the anycast RP
and all the peer's local info Anycast RP is not supported for BSR and Auto-RP |
|
|
|
|
├
|
|
pim:AcastRPFuncP The Anycast RP function policy. Specifies the Anycast and local interface for the Anycast RP and all the peer's local info. |
|
|
|
|
├
|
|
pim6:BSRFuncP This object holds policy for
Bootstrap Router Function |
|
|
|
├
|
|
rtdmc:AMAFuncP This object holds policy for Auto-RP Mapping Agent Function |
|
|
|
|
├
|
|
pim6:MAFuncP This object holds policy for
Auto-RP Mapping Agent Function |
|
|
|
|
├
|
|
pim:MAFuncP Auto-RP mapping agent (MA) function policy. |
|
|
├
|
|
rtdmc:AMcPatP This object holds policy for a generic multicast pattern |
|
|
|
├
|
|
rtdmc:AASMPatP This object holds policy for Any Source Multicast (ASM) pattern |
|
|
|
|
├
|
|
pim6:ASMPatP This object holds policy for
Any Source Multicast (ASM) pattern |
|
|
|
├
|
|
rtdmc:ABidirPatP This object holds policy for Bidirectional Multicast (BiDir) pattern |
|
|
|
|
├
|
|
pim6:BidirPatP This object holds policy for
Bidirectional Multicast (BiDir) pattern |
|
|
|
├
|
|
rtdmc:ASSMPatP This object holds policy for Source Specific Multicast (SSM) pattern |
|
|
|
|
├
|
|
pim6:SSMPatP This object holds policy for
Source Specific Multicast (SSM) pattern |
|
|
├
|
|
rtdmc:ARPDiscP This object holds policy for a generic Rendezvous Point discovery policy |
|
|
|
├
|
|
rtdmc:AAutoRPP This object holds policy for Auto-RP method of RP discovery |
|
|
|
|
├
|
|
pim6:AutoRPP This object holds policy for
Auto-RP method of RP discovery |
|
|
|
├
|
|
rtdmc:ABSRP This object holds policy for Bootstrap Router method of RP discovery |
|
|
|
|
├
|
|
pim6:BSRP This object holds policy for
Bootstrap Router method of RP discovery |
|
|
|
|
├
|
|
pim:BSRP The Bootstrap Router (BSR) policy. |
|
|
|
├
|
|
rtdmc:AInterVRFP This object holds policy for Static RP Config If static RP IP matches one of the local
interfaces, router automatically designates
itself as an RP using below config |
|
|
├
|
|
rtdmc:ATrP This object holds routed multicast control traffic policy |
|
|
|
├
|
|
rtdmc:AJPTrP This object holds the join-prune traffic policy |
|
|
|
|
├
|
|
pim6:JPTrP This object holds the join-prune traffic policy |
|
|
|
|
├
|
|
pim6:RegTrP This object holds the register traffic policy |
|
|
├
|
|
rtleak:LeakCtrlP The leak control policy, which defines the different knobs to control redistribution of routes. |
|
|
|
├
|
|
isis:LeakCtrlP The leak controls related to the number of routes leaked. |
|
|
|
├
|
|
ospf:ALeakCtrlP An abstraction of the leak controls related to the number of routes leaked. |
|
|
|
|
├
|
|
ospf:LeakCtrlP The leak controls that determine the number of routes leaked. |
|
|
|
|
├
|
|
ospfv3:LeakCtrlP The leak controls that determine the number of routes leaked. |
|
|
├
|
|
rtleak:LeakP A container for the leak policy. Leak policies are categorized into intra protocol, inter protocol, and default route leak policies. These policies describe the routes to be injected into a given destination protocol domain. The destination domain where the routes are injected contains this leak policy. |
|
|
|
├
|
|
ospf:ALsaLeakP An abstraction of the link-state advertisement (LSA) leak policy. |
|
|
|
|
├
|
|
bgp:HostLeakP COOP/L2RIB to BGP host route leak policy. This defines
policy to control the distribution of host routes from
COOP/L2RIB to BGP |
|
|
|
├
|
|
rtleak:InterLeakP The inter protocol route leak policy, which defines the distribution of routes from one protocol to another. |
|
|
|
|
├
|
|
bgp:InterLeakP A policy that defines distribution of routes from one protocol to another protocol. |
|
|
|
|
├
|
|
eigrp:InterLeakP The inter protocol route leak policy, which defines the distribution of routes from one protocol to another. |
|
|
|
|
├
|
|
isis:InterLeakP The inter protocol route leak policy defines distribution of routes from other protocols to IS-IS. |
|
|
|
|
├
|
|
ospf:AInterLeakP An abstraction of the inter protocol route leak policy defines the distribution of routes from other protocols to OSPF. |
|
|
|
|
|
├
|
|
ospf:InterLeakP Inter protocol route leak policy defines the distribution of routes from other protocols to OSPF. |
|
|
|
|
|
├
|
|
ospfv3:InterLeakP The inter protocol route leak policy, which defines the distribution of routes from other protocols to OSPF. |
|
|
|
├
|
|
rtleak:IntraLeakP The intra protocol leak policy, which defines the distribution of routes from one domain to another in a given protocol. |
|
|
|
|
├
|
|
isis:IntraLeakP Intra protocol leak policy defines distribution of routes from one level to another. |
|
|
|
|
├
|
|
bgp:PfxLeakP This objects holds route leak policy for a given network |
|
|
|
|
├
|
|
hcbgp:PfxLeakP This objects holds route leak policy for a given network |
|
|
|
├
|
|
isis:RtSum This object holds summarization address. Any address that maps to this prefix will be summarized through this address |
|
|
|
|
├
|
|
ospf:AExtRtSum An abstraction of the external route summarization is specific to external routes that are injected into OSPF using route leak. Configure external route summarization on ASBRs that are leaking routes into OSPF. |
|
|
|
|
|
├
|
|
ospf:ExtRtSum An external route summarization is specific to external routes that are injected into OSPF using route leak. Configure external route summarization on ASBRs that are leaking routes into OSPF. |
|
|
|
|
|
├
|
|
ospfv3:ExtRtSum The external route summarization, which is specific to external routes that are injected into OSPF using route leak. Configure external route summarization on ASBRs that are leaking routes into OSPF. |
|
|
|
|
|
├
|
|
ospf:InterAreaRtSum The inter-area route summarization. This is configured on ABRs, summarizing routes between areas in the autonomous system. |
|
|
|
|
|
├
|
|
ospfv3:InterAreaRtSum The inter-area route summarization, which is configured on ABRs, summarizing routes between areas in the autonomous system. |
|
|
├
|
|
topoctrl:HashP user defined hash policy for load balancing in the fabric |
|
|
├
|
|
topoctrl:LoopProtectP The endpoint loop protection policy, which specifies how loops detected by frequent mac moves are handled. |
|
|
|
├
|
|
tunnel:CtrlPfxEntry Conversational tunnels discovered matching
these external prefixes are marked untrusted or
trusted based on whether the sclass can be trusted or
not |
|
|
|
├
|
|
tunnel:PfxEntry Tunnel prefix white list. The tunnels are formed
through conversation. Only the tunnels that are
part of the whitelist are allowed to form |
|
|
├
|
|
tunnel:Ctx Tunnel container for all tunnel related information
for a given layer 3 domain |
|
|
├
|
|
tunnel:EpRetPol End-Point retention policy identifying the duration
of how long information is kept about remote end-point.
This is expressed through a set of triggering and
aging control parameters |
|
|
├
|
|
aaa:SecRelnHolder This object is managed internally and should not be modified by the user. |
|
|
├
|
|
pki:ExportEncryptionKeyRelnHolder
This Relation Holder will allow subscriptions from all shards in all DMEs to the export
encryption key to be used to encrypt/decrypt the secure properties fields
|
|
├
|
|
shareident:Allocator Object representing the location of the centralized allocator. Not instantiated. |
|
├
|
|
snmp:ACtxP An abstract class for an SNMP context information. |
|
|
├
|
|
snmp:CtxDef A definition object for the SNMP context profile. |
|
|
├
|
|
snmp:CtxP The SNMP context profile enables you to specify a context to monitor with a community profile.
SNMP is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network. |
|
├
|
|
tag:Obj The base class for tag objects. |
|
|
├
|
|
tag:AInst The label instance, which is contained by the taggable object. |
|
|
|
├
|
|
tag:AliasInst An alias allows you to refer to an object by a descriptive name instead of by its DN. |
|
|
|
├
|
|
tag:ExtMngdInst tag inst for external orchestrators to tag objects
that are managed by them |
|
|
|
├
|
|
tag:Inst A tag allows you to group multiple objects by a descriptive name. You can assign the same tag
name to multiple objects and you can assign one or more tag names to an object. |
|
|
├
|
|
tag:Def Tags define the label parameters and enables the classifying of the objects that can and cannot communicate with one another. |
|
├
|
|
topoctrl:SecurityToken Concrete Mo to Holds the internal fabric security token
(for various protocols - coop, isis)
Parallel to uni/fabric/SecurityToken |
|
├
|
|
vns:VConn A virtual connector defines connectivity for a function on a service device such as a firewall, load balancer, or SSL offload. |
|
├
|
|
vz:CreatedBy A container that captures information about the creator of an object. |
|