Overview  Naming  Diagram  Containers  Contained  Inheritance  Events  Faults  FSMs  Properties Summary  Properties Detail 

Class infrasec:Entry (CONCRETE)

Class ID:16423
Class Label: infrasec policy entry
Encrypted: false - Exportable: false - Persistent: true - Configurable: false - Subject to Quota: Disabled - Abstraction Layer: Concrete Model - APIC NX Processing: Disabled
Write Access: [NON CONFIGURABLE]
Read Access: [access-qos, admin]
Creatable/Deletable: yes (see Container Mos for details)
Semantic Scope: Fabric
Semantic Scope Evaluation Rule: Parent
Monitoring Policy Source: Parent
Monitoring Flags : [ IsObservable: false, HasStats: false, HasFaults: false, HasHealth: false, HasEventRules: false ]

InfraSecPolicy Entry definition

Naming Rules 
RN FORMAT: entryId-{id}-entryinfo-{infraSecPolicyFlag}-proto-{ipProto}-src-{[srcAddr]}-dst-{[dstAddr]}-srcPortFrom-{srcPortFrom}-srcPortTo-{srcPortTo}-dstPortFrom-{dstPortFrom}-dstPortTo-{dstPortTo}-reserved-{reserved}

    [1] PREFIX=entryId- PROPERTY = id


    [2] PREFIX=-entryinfo- PROPERTY = infraSecPolicyFlag


    [3] PREFIX=-proto- PROPERTY = ipProto


    [4] PREFIX=-src- PROPERTY = srcAddr


    [5] PREFIX=-dst- PROPERTY = dstAddr


    [6] PREFIX=-srcPortFrom- PROPERTY = srcPortFrom


    [7] PREFIX=-srcPortTo- PROPERTY = srcPortTo


    [8] PREFIX=-dstPortFrom- PROPERTY = dstPortFrom


    [9] PREFIX=-dstPortTo- PROPERTY = dstPortTo


    [10] PREFIX=-reserved- PROPERTY = reserved




DN FORMAT: 

[0] topology/pod-{id}/node-{id}/sys/infrasec/policy-{id}/entryId-{id}-entryinfo-{infraSecPolicyFlag}-proto-{ipProto}-src-{[srcAddr]}-dst-{[dstAddr]}-srcPortFrom-{srcPortFrom}-srcPortTo-{srcPortTo}-dstPortFrom-{dstPortFrom}-dstPortTo-{dstPortTo}-reserved-{reserved}

[1] sys/infrasec/policy-{id}/entryId-{id}-entryinfo-{infraSecPolicyFlag}-proto-{ipProto}-src-{[srcAddr]}-dst-{[dstAddr]}-srcPortFrom-{srcPortFrom}-srcPortTo-{srcPortTo}-dstPortFrom-{dstPortFrom}-dstPortTo-{dstPortTo}-reserved-{reserved}


Diagram

Container Mos: infrasec:Policy (deletable:yes),


Containers Hierarchies
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
 		[V] fabric:Topology The root for IFC topology.
 
 		 ├
 		[V] fabric:Pod A pod.
 
 		 
 		 ├
 		[V] fabric:Node The root node for the APIC.
 
 		 
 		 
 		 ├
 		[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 		 
 		 
 		 
 		 ├
 		[V] infrasec:Entity  Holds vmmqos control plane entity information
 
 		 
 		 
 		 
 		 
 		 ├
 		[V] infrasec:Policy  InfraSecPolicy definitions
 
 		 
 		 
 		 
 		 
 		 
 		 ├
 		[V] infrasec:Entry  InfraSecPolicy Entry definition
[V] top:Root  This class represents the root element in the object hierarchy. All managed objects in the system are descendants of the Root element.
 ├
 		[V] top:System The APIC uses a policy model to combine data into a health score. Health scores can be aggregated for a variety of areas such as for the infrastructure, applications, or services. The category health score is calculated using a Lp -Norm formula. The health score penalty equals 100 minus the health score. The health score penalty represents the overall health score penalties of a set of MOs that belong to a given category and are children or direc...
 
 		 ├
 		[V] infrasec:Entity  Holds vmmqos control plane entity information
 
 		 
 		 ├
 		[V] infrasec:Policy  InfraSecPolicy definitions
 
 		 
 		 
 		 ├
 		[V] infrasec:Entry  InfraSecPolicy Entry definition


Contained Hierarchy
[V] infrasec:Entry  InfraSecPolicy Entry definition


Inheritance
[V] infrasec:Entry  InfraSecPolicy Entry definition


Events


Faults


Fsms


Properties Summary
Defined in: infrasec:Entry
address:Ip dstAddr  (infrasec:Entry:dstAddr)
           Destination IP
l4:Port
          scalar:Uint16 		dstPortFrom  (infrasec:Entry:dstPortFrom)
           Destination Port From
l4:Port
          scalar:Uint16 		dstPortTo  (infrasec:Entry:dstPortTo)
           Destination Port To
infrasec:EntryId
          scalar:Uint16 		id  (infrasec:Entry:id)
           An object identifier.
infrasec:Infrasecpolicyflag
          scalar:Bitmask8 		infraSecPolicyFlag  (infrasec:Entry:infraSecPolicyFlag)
           InfraSecPolicyEntry Group
l3:IpProt
          scalar:UByte 		ipProto  (infrasec:Entry:ipProto)
           The IP protocol.
infrasec:OperSt
          scalar:Enum8 		operSt  (infrasec:Entry:operSt)
           The runtime state of the object or policy.
infrasec:OperStQual
          scalar:Enum8 		operStQual  (infrasec:Entry:operStQual)
           The chassis operational status qualifier.
scalar:Bitmask64 qosmCfgFailedBmp  (infrasec:Entry:qosmCfgFailedBmp)
           A bitmap of configuration attributes that failed to be applied.
scalar:Time qosmCfgFailedTs  (infrasec:Entry:qosmCfgFailedTs)
           The timestamp of the last failed configuration.
scalar:UByte qosmCfgState  (infrasec:Entry:qosmCfgState)
           The status of a configuration. This property specifies if the rules have been programmed. If the value is set to 1, PE will retry after every 30 seconds.
infrasec:reservedBits
          scalar:Uint32 		reserved  (infrasec:Entry:reserved)
           A reserved byte.
address:Ip srcAddr  (infrasec:Entry:srcAddr)
           Source IP
l4:Port
          scalar:Uint16 		srcPortFrom  (infrasec:Entry:srcPortFrom)
           Source Port From
l4:Port
          scalar:Uint16 		srcPortTo  (infrasec:Entry:srcPortTo)
           Source Port To
Defined in: mo:Resolvable
mo:Owner
          scalar:Enum8 		lcOwn  (mo:Resolvable:lcOwn)
           A value that indicates how this object was created. For internal use only.
Defined in: mo:Modifiable
mo:TStamp
          scalar:Date 		modTs  (mo:Modifiable:modTs)
           The time when this object was last modified.
Defined in: mo:TopProps
mo:ModificationChildAction
          scalar:Bitmask32 		childAction  (mo:TopProps:childAction)
           Delete or ignore. For internal use only.
reference:BinRef dn  (mo:TopProps:dn)
           A tag or metadata is a non-hierarchical keyword or term assigned to the fabric module.
reference:BinRN rn  (mo:TopProps:rn)
           Identifies an object from its siblings within the context of its parent object. The distinguished name contains a sequence of relative names.
mo:ModificationStatus
          scalar:Bitmask32 		status  (mo:TopProps:status)
           The upgrade status. This property is for internal use only.
Properties Detail

childAction

Type: mo:ModificationChildAction
Primitive Type: scalar:Bitmask32

Units: null
Encrypted: false
Access: implicit
Category: TopLevelChildAction
    Comments:
Delete or ignore. For internal use only.
Constants
deleteAll 16384u deleteAll NO COMMENTS
ignore 4096u ignore NO COMMENTS
deleteNonPresent 8192u deleteNonPresent NO COMMENTS
DEFAULT 0 --- This type is used to




dn

Type: reference:BinRef

Units: null
Encrypted: false
Access: implicit
Category: TopLevelDn
    Comments:
A tag or metadata is a non-hierarchical keyword or term assigned to the fabric module.


dstAddr

Type: address:Ip

Units: null
Encrypted: false
Naming Property -- [NAMING RULES]
Access: naming
Category: TopLevelRegular
    Comments:
Destination IP


dstPortFrom

Type: l4:Port
Primitive Type: scalar:Uint16

Units: null
Encrypted: false
Naming Property -- [NAMING RULES]
Access: naming
Category: TopLevelRegular
    Comments:
Destination Port From
Constants
unspecified 0 Unspecified NO COMMENTS
ftpData 20 FTP data NO COMMENTS
smtp 25 SMTP NO COMMENTS
dns 53 DNS NO COMMENTS
http 80 HTTP NO COMMENTS
pop3 110 POP3 NO COMMENTS
https 443 HTTPS NO COMMENTS
rtsp 554 RTSP NO COMMENTS
DEFAULT unspecified(0) Unspecified NO COMMENTS




dstPortTo

Type: l4:Port
Primitive Type: scalar:Uint16

Units: null
Encrypted: false
Naming Property -- [NAMING RULES]
Access: naming
Category: TopLevelRegular
    Comments:
Destination Port To
Constants
unspecified 0 Unspecified NO COMMENTS
ftpData 20 FTP data NO COMMENTS
smtp 25 SMTP NO COMMENTS
dns 53 DNS NO COMMENTS
http 80 HTTP NO COMMENTS
pop3 110 POP3 NO COMMENTS
https 443 HTTPS NO COMMENTS
rtsp 554 RTSP NO COMMENTS
DEFAULT unspecified(0) Unspecified NO COMMENTS




id

Type: infrasec:EntryId
Primitive Type: scalar:Uint16

Units: null
Encrypted: false
Naming Property -- [NAMING RULES]
Access: naming
Category: TopLevelRegular
    Comments:
An object identifier.


infraSecPolicyFlag

Type: infrasec:Infrasecpolicyflag
Primitive Type: scalar:Bitmask8

Units: null
Encrypted: false
Naming Property -- [NAMING RULES]
Access: naming
Category: TopLevelRegular
    Comments:
InfraSecPolicyEntry Group
Constants
encap 1 Encapsulated encap
non-encap 2 No Encapsulation non-encap
front-panel 4 Front panel front-panel
fabric-port 8 Fabric port fabric-port
infra 16 Infra packet infra
DEFAULT 0 --- infra sec policy flag




ipProto

Type: l3:IpProt
Primitive Type: scalar:UByte

Units: null
Encrypted: false
Naming Property -- [NAMING RULES]
Access: naming
Category: TopLevelRegular
    Comments:
The IP protocol.
Constants
unspecified 0 Unspecified Unspecified
icmp 1 icmp NO COMMENTS
igmp 2 igmp NO COMMENTS
tcp 6 tcp NO COMMENTS
egp 8 egp NO COMMENTS
igp 9 igp NO COMMENTS
udp 17 udp NO COMMENTS
icmpv6 58 icmpv6 NO COMMENTS
eigrp 88 eigrp NO COMMENTS
ospfigp 89 ospf NO COMMENTS
pim 103 pim NO COMMENTS
l2tp 115 l2tp NO COMMENTS
DEFAULT unspecified(0) Unspecified Unspecified




lcOwn

Type: mo:Owner
Primitive Type: scalar:Enum8

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
A value that indicates how this object was created. For internal use only.
Constants
local 0 Local NO COMMENTS
policy 1 Policy NO COMMENTS
replica 2 Replica NO COMMENTS
resolveOnBehalf 3 ResolvedOnBehalf NO COMMENTS
implicit 4 Implicit NO COMMENTS
DEFAULT local(0) Local NO COMMENTS




modTs

Type: mo:TStamp
Primitive Type: scalar:Date

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRegular
    Comments:
The time when this object was last modified.
Constants
never 0ull never NO COMMENTS
DEFAULT never(0ull) never NO COMMENTS




operSt

Type: infrasec:OperSt
Primitive Type: scalar:Enum8

Units: null
Encrypted: false
Access: oper
Category: TopLevelRegular
    Comments:
The runtime state of the object or policy.
Constants
up 1 Up Up
down 2 Down Down
DEFAULT down(2) Down Down




operStQual

Type: infrasec:OperStQual
Primitive Type: scalar:Enum8

Units: null
Encrypted: false
Access: oper
Category: TopLevelRegular
    Comments:
The chassis operational status qualifier.
Constants
unspecified 0 unspecified No failure
hwprog-fail 1 hardware programming failed HW failure
port-range-no-proto-fail 2 port range programming failed, need protocol field Invalid input
programming-fail 3 programming failed Invalid input
DEFAULT unspecified(0) unspecified No failure




qosmCfgFailedBmp

Type: scalar:Bitmask64

Units: null
Encrypted: false
Access: oper
Category: TopLevelRegular
    Comments:
A bitmap of configuration attributes that failed to be applied.
Constants
infrasec:EntrylcOwn_failed_flag -9223372036854775808ull --- NO COMMENTS
infrasec:EntrymodTs_failed_flag 1152921504606846976ull --- NO COMMENTS
infrasec:EntrysrcPortTo_failed_flag 16384ull --- NO COMMENTS
infrasec:EntryinfraSecPolicyFlag_failed_flag 16ull --- NO COMMENTS
infrasec:EntrydstAddr_failed_flag 1ull --- NO COMMENTS
infrasec:Entryreserved_failed_flag 2048ull --- NO COMMENTS
infrasec:EntrydstPortFrom_failed_flag 2ull --- NO COMMENTS
infrasec:EntryipProto_failed_flag 32ull --- NO COMMENTS
infrasec:EntrysrcAddr_failed_flag 4096ull --- NO COMMENTS
infrasec:EntrydstPortTo_failed_flag 4ull --- NO COMMENTS
infrasec:EntrysrcPortFrom_failed_flag 8192ull --- NO COMMENTS
infrasec:Entryid_failed_flag 8ull --- NO COMMENTS
DEFAULT 0 --- NO COMMENTS




qosmCfgFailedTs

Type: scalar:Time

Units: null
Encrypted: false
Access: oper
Category: TopLevelRegular
    Comments:
The timestamp of the last failed configuration.


qosmCfgState

Type: scalar:UByte

Units: null
Encrypted: false
Access: oper
Category: TopLevelRegular
    Comments:
The status of a configuration. This property specifies if the rules have been programmed. If the value is set to 1, PE will retry after every 30 seconds.


reserved

Type: infrasec:reservedBits
Primitive Type: scalar:Uint32

Units: null
Encrypted: false
Naming Property -- [NAMING RULES]
Access: naming
Category: TopLevelRegular
    Comments:
A reserved byte.


rn

Type: reference:BinRN

Units: null
Encrypted: false
Access: implicit
Category: TopLevelRn
    Comments:
Identifies an object from its siblings within the context of its parent object. The distinguished name contains a sequence of relative names.


srcAddr

Type: address:Ip

Units: null
Encrypted: false
Naming Property -- [NAMING RULES]
Access: naming
Category: TopLevelRegular
    Comments:
Source IP


srcPortFrom

Type: l4:Port
Primitive Type: scalar:Uint16

Units: null
Encrypted: false
Naming Property -- [NAMING RULES]
Access: naming
Category: TopLevelRegular
    Comments:
Source Port From
Constants
unspecified 0 Unspecified NO COMMENTS
ftpData 20 FTP data NO COMMENTS
smtp 25 SMTP NO COMMENTS
dns 53 DNS NO COMMENTS
http 80 HTTP NO COMMENTS
pop3 110 POP3 NO COMMENTS
https 443 HTTPS NO COMMENTS
rtsp 554 RTSP NO COMMENTS
DEFAULT unspecified(0) Unspecified NO COMMENTS




srcPortTo

Type: l4:Port
Primitive Type: scalar:Uint16

Units: null
Encrypted: false
Naming Property -- [NAMING RULES]
Access: naming
Category: TopLevelRegular
    Comments:
Source Port To
Constants
unspecified 0 Unspecified NO COMMENTS
ftpData 20 FTP data NO COMMENTS
smtp 25 SMTP NO COMMENTS
dns 53 DNS NO COMMENTS
http 80 HTTP NO COMMENTS
pop3 110 POP3 NO COMMENTS
https 443 HTTPS NO COMMENTS
rtsp 554 RTSP NO COMMENTS
DEFAULT unspecified(0) Unspecified NO COMMENTS




status

Type: mo:ModificationStatus
Primitive Type: scalar:Bitmask32

Units: null
Encrypted: false
Access: implicit
Category: TopLevelStatus
    Comments:
The upgrade status. This property is for internal use only.
Constants
created 2u created In a setter method: specifies that an object should be created. An error is returned if the object already exists.
In the return value of a setter method: indicates that an object has been created.
modified 4u modified In a setter method: specifies that an object should be modified
In the return value of a setter method: indicates that an object has been modified.
deleted 8u deleted In a setter method: specifies that an object should be deleted.
In the return value of a setter method: indicates that an object has been deleted.
DEFAULT 0 --- This type controls the life cycle of objects passed in the XML API.

When used in a setter method (such as configConfMo), the ModificationStatus specifies whether an object should be created, modified, deleted or removed.
In the return value of a setter method, the ModificationStatus indicates the actual operation that was performed. For example, the ModificationStatus is set to "created" if the object was created. The ModificationStatus is not set if the object was neither created, modified, deleted or removed.

When invoking a setter method, the ModificationStatus is optional:
If a setter method such as configConfMo is invoked and the ModificationStatus is not set, the system automatically determines if the object should be created or modified.







Overview  Naming  Diagram  Containers  Contained  Inheritance  Events  Faults  FSMs  Properties Summary  Properties Detail