Traffic Data - Service Chaining Definition

Service Chaining Definition define the matching conditions and Actions to configure Service Chaining

Diagram

Classes

data_policy (sdwan.centralized_policies.definitions)

Name	Type	Constraint	Mandatory	Default Value
traffic_data	List	[traffic_data]	No

traffic_data (sdwan.centralized_policies.definitions.data_policy)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: ^[A-Za-z0-9\-_]{1,127}$	Yes
description	String		Yes
default_action_type	Choice	accept, drop	Yes
sequences	List	[sequences]	No

sequences (sdwan.centralized_policies.definitions.data_policy.traffic_data)

Name	Type	Constraint	Mandatory	Default Value
base_action	Choice	accept, drop	Yes
id	Integer	min: 1, max: 65534	Yes
name	String		Yes
ip_type	Choice	ipv4, ipv6, both	Yes
type	String	equals: custom	Yes
match_criterias	Class	[match_criterias]	No
actions	Class	[actions]	No

match_criterias (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences)

Name	Type	Constraint	Mandatory	Default Value
application_list	String	Regex: ^[A-Za-z0-9\-_]{1,32}$	No
dns_application_list	String	Regex: ^[A-Za-z0-9\-_]{1,32}$	No
dns	Choice	request, response	No
dscp	Integer	min: 0, max: 63	No
packet_length	Integer	min: 0, max: 65535	No
plp	Choice	low, high	No
protocols	List	Integer[min: 0, max: 255]	No
source_data_prefix_list	String	Regex: ^[A-Za-z0-9\-_]{1,32}$	No
source_data_prefix	String		No
source_ports	List	Integer[min: 0, max: 65535]	No
source_port_ranges	List	[source_port_ranges]	No
destination_data_prefix_list	String	Regex: ^[A-Za-z0-9\-_]{1,32}$	No
destination_data_prefix	String		No
destination_ports	List	Integer[min: 0, max: 65535]	No
destination_port_ranges	List	[destination_port_ranges]	No
tcp	Choice	syn	No
traffic_to	Choice	access, core, service	No
destination_region	Choice	primary-region, secondary-region, other-region	No

actions (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences)

Name	Type	Constraint	Mandatory	Default Value
counter_name	String	Regex: ^[A-Za-z0-9\-_]{1,20}$	No
log	Boolean	true, false	No
cflowd	Boolean	true, false	No
sig	Class	[sig]	No
redirect_dns	Class	[redirect_dns]	No
loss_correction	Class	[loss_correction]	No
nat_pool	Integer	min: 1, max: 31	No
nat_vpn	Class	[nat_vpn]	No
appqoe_optimization	Class	[appqoe_optimization]	No
dscp	Integer	min: 0, max: 63	No
forwarding_class	String	min: 1, max: 32	No
local_tloc_list	Class	[local_tloc_list]	No
next_hop	Class	[next_hop]	No
preferred_color_group	String	Regex: ^[A-Za-z0-9\-_]{1,32}$	No
policer_list	String	Regex: ^[A-Za-z0-9\-_]{1,32}$	No
service	Class	[service]	No
tloc	Class	[tloc]	No
tloc_list	String	Regex: ^[A-Za-z0-9\-_]{1,32}$	No
vpn	Integer	min: 0, max: 65530	No

source_port_ranges (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.match_criterias)

Name	Type	Constraint	Mandatory	Default Value
from	Integer	min: 0, max: 65535	Yes
to	Integer	min: 0, max: 65535	Yes

destination_port_ranges (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.match_criterias)

Name	Type	Constraint	Mandatory	Default Value
from	Integer	min: 0, max: 65535	Yes
to	Integer	min: 0, max: 65535	Yes

sig (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
enabled	Boolean	true, false	Yes
fallback_to_routing	Boolean	true, false	No

redirect_dns (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
type	Choice	host, umbrella, ipAddress	Yes
ip_address	IP		No

loss_correction (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
type	Choice	fecAdaptive, fecAlways, packetDuplication	Yes
loss_threshold_percentage	Integer	min: 1, max: 5	No

nat_vpn (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
vpn_id	Integer	min: 0, max: 65530	No
nat_vpn_fallback	Boolean	true, false	No

appqoe_optimization (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
tcp	Boolean	true, false	No
dre	Boolean	true, false	No
service_node_group	String		No

local_tloc_list (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
colors	List	Choice[default, mpls, metro-ethernet, biz-internet, public-internet, lte, 3g, red, green, blue, gold, silver, bronze, custom1, custom2, custom3, private1, private2, private3, private4, private5, private6]	Yes
encaps	List	Choice[ipsec, gre]	Yes
restrict	Boolean	true, false	No

next_hop (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
ip_address	IP		Yes
when_next_hop_is_not_available	Choice	route_table_entry	No

service (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
type	Choice	appqoe, FW, IDP, IDS, netsvc1, netsvc2, netsvc3, netsvc4, netsvc5	Yes
vpn	Integer	min: 0, max: 65530	No
tloc	Class	[tloc]	No
tloc_list	String	Regex: ^[A-Za-z0-9\-_]{1,32}$	No
local	Boolean	true, false	No
restrict	Boolean	true, false	No

tloc (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)

Name	Type	Constraint	Mandatory	Default Value
ip	IP		Yes
color	Choice	default, mpls, metro-ethernet, biz-internet, public-internet, lte, 3g, red, green, blue, gold, silver, bronze, custom1, custom2, custom3, private1, private2, private3, private4, private5, private6	Yes
encap	Choice	ipsec, gre	Yes

Examples

sdwan:
  centralized_policies:
    definitions:
      data_policy:
        traffic_data:
          - name: Test_control_number1
            description: Test_control_number1
            default_action_type: accept
            sequences:
              - base_action: accept
                id: 2
                name: rule2
                ip_type: ipv4
                type: service_chaining
                match_criterias:
                  application_list: APP-LIST-TD-TEST2
                  dscp: 54
                  packet_length: 1150
                  plp: high
                  protocols:
                    - 89
                    - 90
                    - 91
                  source_data_prefix_list: PREFIX-LIST-TD-TEST2
                  source_data_prefix: 10.2.1.0/24
                  source_ports:
                    - 676
                    - 53
                  source_port_ranges:
                    - from: 1001
                      to: 2000
                    - from: 3001
                      to: 4000
                  destination_data_prefix_list: PREFIX-LIST-TD-TEST1
                  destination_data_prefix: 10.1.1.0/24
                  destination_ports:
                    - 676
                    - 53
                  destination_port_ranges:
                    - from: 1001
                      to: 2000
                    - from: 3001
                      to: 4000
                  tcp: 'syn'
                actions:
                  log: true
                  counter_name: LOGGER-TD-TEST2
                  service:
                    type: FW
                    vpn: 62
                    tloc:
                      ip: 10.59.160.1
                      color: custom1
                      encap: ipsec