Version: latest 1.1.0 1.0.1 0.9.3
L3out Node and Interface Profiles can either be auto-generated, one per L3out, or can be defined explicitly.
Note: Whether an interface is an svi, routed sub-interface, or routed depends on the following configuration:
svi - vlan: <not null>, svi: true, ip: <not null>
routed sub-interface - vlan: <not null>, svi: false, ip: <not null>
routed interface - vlan: <null>, svi: false, ip: <not null>
The following table maps the subnet flags of external endpoint groups to the corresponding GUI terminology:
Subnet Flag GUI Terminology import_securityExternal Subnets for External EPGshared_securityShared Security Import Subnetimport_route_controlImport Route Control Subnetexport_route_controlExport Route Control Subnetshared_route_controlShared Route Control Subnetaggregate_import_route_controlAggregate Importaggregate_export_route_controlAggregate Exportaggregate_shared_route_controlAggregate Shared Routes
L3out BGP Peering can be estabilished via Interface Profiles or Node Profiles. The infra tenant differentiates between BGP Infra Peers, which are configured in the Node Profile, and BGP Peers, which are configured in the Interface Profile. BGP Infra Peers are limited only to Node Profiles in infra Tenant. BGP Infra Peer Type and Source Interface Loopback cannot be modified. The following table maps the BGP Peer Type of BGP Infra Peer to the corresponding GUI terminology:
Peer Type GUI Terminology wanWAN Connectivity. By default every infra peer is a wan peer. Example use-case: Remote-Leaf or IPN.mdp-wanMDP Connectivity. IPN/ISN use-case with BGW to interconnect multiple ACI pods or sites.
Location in GUI:
Tenants » XXX » Networking » L3outsName Type Constraint Mandatory Default Value l3outs List [l3outs]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes ndo_managed Boolean true, falseNo falsealias String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No target_dscp Any Choice[CS0, CS1, AF11, AF12, AF13, CS2, AF21, AF22, AF23, CS3, AF31, AF32, AF33, CS4, AF41, AF42, AF43, CS5, VA, EF, CS6, CS7, unspecified] or Integer[min: 0, max: 63] No unspecifiedvrf String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes bgp Class [bgp]No ospf Class [ospf]No eigrp Class [eigrp]No bfd_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No bgp_peers List [bgp_peers]No bgp_infra_peers List [bgp_infra_peers]No nodes List [nodes]No node_profiles List [node_profiles]No external_endpoint_groups List [external_endpoint_groups]No import_route_map Class [import_route_map]No export_route_map Class [export_route_map]No interleak_route_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No default_route_leak_policy Class [default_route_leak_policy]No dampening_ipv4_route_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No dampening_ipv6_route_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No redistribution_route_maps List [redistribution_route_maps]No l3_multicast_ipv4 Boolean true, falseNo falsepim_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No igmp_interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No qos_class Choice level1, level2, level3, level4, level5, level6, unspecifiedNo unspecifiedcustom_qos_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No nd_interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ingress_data_plane_policing_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No egress_data_plane_policing_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No multipod Boolean true, falseNo trueremote_leaf Boolean true, falseNo falseimport_route_control_enforcement Boolean true, falseNo falseexport_route_control_enforcement Boolean true, falseNo truedhcp_labels List [dhcp_labels]No route_maps List [route_maps]No bfd_multihop_node_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No bfd_multihop_auth Class [bfd_multihop_auth]No netflow_monitor_policies List [netflow_monitor_policies]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No timer_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No as_path_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ospf_interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No area Any Integer[min: 0, max: 4294967295] or Choice[backbone] or IP Yes area_type Choice regular, stub, nssaNo regulararea_cost Integer min: 1, max: 16777215 No 1area_control_redistribute Boolean true, falseNo truearea_control_summary Boolean true, falseNo truearea_control_suppress_fa Boolean true, falseNo falseauth_type Choice none, simple, md5No noneauth_key String No auth_key_id Integer min: 1, max: 255 No 1policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No asn Integer min: 1, max: 65535 Yes interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes remote_as Integer min: 0, max: 4294967295 Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No allow_self_as Boolean true, falseNo falseas_override Boolean true, falseNo falsedisable_peer_as_check Boolean true, falseNo falsenext_hop_self Boolean true, falseNo falsesend_community Boolean true, falseNo falsesend_ext_community Boolean true, falseNo falsepassword String No allowed_self_as_count Integer min: 1, max: 10 No 3bfd Boolean true, falseNo falsedisable_connected_check Boolean true, falseNo falsettl Integer min: 1, max: 255 No 1weight Integer min: 0, max: 65535 No 0 remove_all_private_as Boolean true, falseNo falseremove_private_as Boolean true, falseNo falsereplace_private_as_with_local_as Boolean true, falseNo falseunicast_address_family Boolean true, falseNo truemulticast_address_family Boolean true, falseNo trueadmin_state Boolean true, falseNo truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonepeer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No remote_as Integer min: 0, max: 4294967295 Yes allow_self_as Boolean true, falseNo falsedisable_peer_as_check Boolean true, falseNo falseas_override Boolean true, falseNo falsenext_hop_self Boolean true, falseNo falsesend_community Boolean true, falseNo falsesend_ext_community Boolean true, falseNo falsettl Integer min: 1, max: 255 No 2bfd Boolean true, falseNo falsepassword String No peer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No peer_type Choice wan, mdp-wanNo wanadmin_state Boolean true, falseNo truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonesource_interface_type Choice l3out-loopback, routable-loopbackNo l3out-loopbackdata_plane_address IP No
Name Type Constraint Mandatory Default Value node_id Integer min: 1, max: 4000 Yes pod_id Integer min: 1, max: 255 No router_id IP Yes router_id_as_loopback Boolean true, falseNo trueloopbacks List IP No static_routes List [static_routes]No interfaces List [interfaces]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes bgp Class [bgp]No bgp_peers List [bgp_peers]No bgp_infra_peers List [bgp_infra_peers]No nodes List [nodes]No interface_profiles List [interface_profiles]No bfd_multihop_node_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No bfd_multihop_auth Class [bfd_multihop_auth]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes ndo_managed Boolean true, falseNo falsealias String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No preferred_group Boolean true, falseNo falseqos_class Choice level1, level2, level3, level4, level5, level6, unspecifiedNo unspecifiedtarget_dscp Any Choice[CS0, CS1, AF11, AF12, AF13, CS2, AF21, AF22, AF23, CS3, AF31, AF32, AF33, CS4, AF41, AF42, AF43, CS5, VA, EF, CS6, CS7, unspecified] or Integer[min: 0, max: 63] No unspecifiedsubnets List [subnets]No contracts Class [contracts]No route_control_profiles List [route_control_profiles]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No type Choice combinable, globalNo globalcontexts List [contexts]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No type Choice combinable, globalNo globalcontexts List [contexts]No
Name Type Constraint Mandatory Default Value always Boolean true, falseNo falsecriteria Choice only, in-additionNo onlycontext_scope Boolean true, falseNo falseoutside_scope Boolean true, falseNo true
Name Type Constraint Mandatory Default Value source Choice direct, attached-host, staticNo staticroute_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes
Name Type Constraint Mandatory Default Value dhcp_relay_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes dhcp_option_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No scope Choice infra, tenantNo infra
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No type Choice combinable, globalNo combinablecontexts List [contexts]No
Name Type Constraint Mandatory Default Value type Choice none, sha1No nonekey_id Integer min: 1, max: 255 No 1key String No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ip_filter_type Choice ipv4, ipv6, ce, unspecifiedNo ipv4
Name Type Constraint Mandatory Default Value description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No prefix IP Yes preference Integer min: 1, max: 255 No 1bfd Boolean true, falseNo falsenext_hops List [next_hops]No track_list String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No node_id Integer min: 1, max: 4000 No node2_id Integer min: 1, max: 4000 No port Integer min: 1, max: 127 No sub_port Integer min: 1, max: 16 No module Integer min: 1, max: 9 No 1channel String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ip IP No 0.0.0.0svi Boolean true, falseNo falsemultipod_direct Boolean true, falseNo falseautostate Boolean true, falseNo falsefloating_svi Boolean true, falseNo falsevlan Integer min: 1, max: 4096 No mac MAC No 00:22:BD:F8:19:FFmtu Any Choice[inherit] or Integer[min: 576, max: 9216] No inheritip_a IP No ip_b IP No ip_shared IP No ip_shared_dhcp_relay IP No falselink_local_address IP No bgp_peers List [bgp_peers]No paths List [paths]No mode Choice regular, native, untaggedNo regularstate Choice local, vrfNo micro_bfd Class [micro_bfd]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No timer_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No as_path_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes remote_as Integer min: 0, max: 4294967295 Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No allow_self_as Boolean true, falseNo falseas_override Boolean true, falseNo falsedisable_peer_as_check Boolean true, falseNo falsenext_hop_self Boolean true, falseNo falsesend_community Boolean true, falseNo falsesend_ext_community Boolean true, falseNo falsepassword String No allowed_self_as_count Integer min: 1, max: 10 No 3bfd Boolean true, falseNo falsedisable_connected_check Boolean true, falseNo falsettl Integer min: 1, max: 255 No 1weight Integer min: 0, max: 65535 No 0 remove_all_private_as Boolean true, falseNo falseremove_private_as Boolean true, falseNo falsereplace_private_as_with_local_as Boolean true, falseNo falseunicast_address_family Boolean true, falseNo truemulticast_address_family Boolean true, falseNo trueadmin_state Boolean true, falseNo truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonepeer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No remote_as Integer min: 0, max: 4294967295 Yes allow_self_as Boolean true, falseNo falsedisable_peer_as_check Boolean true, falseNo falseas_override Boolean true, falseNo falsenext_hop_self Boolean true, falseNo falsesend_community Boolean true, falseNo falsesend_ext_community Boolean true, falseNo falsettl Integer min: 1, max: 255 No 2bfd Boolean true, falseNo falsepassword String No peer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No peer_type Choice wan, mdp-wanNo wanadmin_state Boolean true, falseNo truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonesource_interface_type Choice l3out-loopback, routable-loopbackNo l3out-loopbackdata_plane_address IP No
Name Type Constraint Mandatory Default Value node_id Integer min: 1, max: 4000 Yes pod_id Integer min: 1, max: 255 No router_id IP Yes router_id_as_loopback Boolean true, falseNo trueloopbacks List IP No static_routes List [static_routes]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No bfd_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ospf Class [ospf]No eigrp Class [eigrp]No pim_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No igmp_interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No qos_class Choice level1, level2, level3, level4, level5, level6, unspecifiedNo unspecifiedcustom_qos_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No nd_interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ingress_data_plane_policing_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No egress_data_plane_policing_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No interfaces List [interfaces]No dhcp_labels List [dhcp_labels]No netflow_monitor_policies List [netflow_monitor_policies]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ndo_managed Boolean true, falseNo falsedescription String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No prefix IP Yes import_route_control Boolean true, falseNo falseexport_route_control Boolean true, falseNo falseshared_route_control Boolean true, falseNo falseimport_security Boolean true, falseNo trueshared_security Boolean true, falseNo falseaggregate_import_route_control Boolean true, falseNo falseaggregate_export_route_control Boolean true, falseNo falseaggregate_shared_route_control Boolean true, falseNo falsebgp_route_summarization Boolean true, falseNo falsebgp_route_summarization_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ospf_route_summarization Boolean true, falseNo falseospf_route_summarization_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No eigrp_route_summarization Boolean true, falseNo falseroute_control_profiles List [route_control_profiles]No
Name Type Constraint Mandatory Default Value consumers List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No providers List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No imported_consumers List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes direction Choice import, exportNo import
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No action Choice permit, denyNo permitorder Integer min: 0, max: 9 No 0 match_rules List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No set_rule String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No action Choice permit, denyNo permitorder Integer min: 0, max: 9 No 0 match_rules List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No set_rule String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No action Choice permit, denyNo permitorder Integer min: 0, max: 9 No 0 match_rules List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No set_rule String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No preference Integer min: 0, max: 255 No 1type Choice prefix, noneNo prefixip_sla_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No track_list String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes remote_as Integer min: 0, max: 4294967295 Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No allow_self_as Boolean true, falseNo falseas_override Boolean true, falseNo falsedisable_peer_as_check Boolean true, falseNo falsenext_hop_self Boolean true, falseNo falsesend_community Boolean true, falseNo falsesend_ext_community Boolean true, falseNo falsepassword String No allowed_self_as_count Integer min: 1, max: 10 No 3bfd Boolean true, falseNo falsedisable_connected_check Boolean true, falseNo falsettl Integer min: 1, max: 255 No 1weight Integer min: 0, max: 65535 No 0 remove_all_private_as Boolean true, falseNo falseremove_private_as Boolean true, falseNo falsereplace_private_as_with_local_as Boolean true, falseNo falseunicast_address_family Boolean true, falseNo truemulticast_address_family Boolean true, falseNo trueadmin_state Boolean true, falseNo truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonepeer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value physical_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No vmware_vmm_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No elag String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No floating_ip IP Yes vlan Integer min: 1, max: 4096 No
Name Type Constraint Mandatory Default Value destination_ip IP Yes start_timer Any Integer[min: 60, max: 3600] or Integer[min: 0, max: 0] No 0
Name Type Constraint Mandatory Default Value description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No prefix IP Yes preference Integer min: 1, max: 255 No 1bfd Boolean true, falseNo falsenext_hops List [next_hops]No track_list String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ospf_interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No auth_type Choice none, simple, md5No noneauth_key String No auth_key_id Integer min: 1, max: 255 No 1policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No keychain_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No node_id Integer min: 1, max: 4000 No node2_id Integer min: 1, max: 4000 No pod_id Integer min: 1, max: 255 No module Integer min: 1, max: 9 No 1port Integer min: 1, max: 127 No sub_port Integer min: 1, max: 16 No channel String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ip IP No 0.0.0.0multipod_direct Boolean true, falseNo falsesvi Boolean true, falseNo falseautostate Boolean true, falseNo falsefloating_svi Boolean true, falseNo falsevlan Integer min: 1, max: 4096 No mac MAC No 00:22:BD:F8:19:FFmtu Any Choice[inherit] or Integer[min: 576, max: 9216] No inheritip_a IP No ip_b IP No ip_shared IP No ip_shared_dhcp_relay Boolean true, falseNo falselink_local_address IP No bgp_peers List [bgp_peers]No paths List [paths]No mode Choice regular, native, untaggedNo regularscope Choice local, vrfNo local
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes direction Choice import, exportNo import
Name Type Constraint Mandatory Default Value ip IP Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No preference Integer min: 0, max: 255 No 1type Choice prefix, noneNo prefixip_sla_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No track_list String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes remote_as Integer min: 0, max: 4294967295 Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No allow_self_as Boolean true, falseNo falseas_override Boolean true, falseNo falsedisable_peer_as_check Boolean true, falseNo falsenext_hop_self Boolean true, falseNo falsesend_community Boolean true, falseNo falsesend_ext_community Boolean true, falseNo falsepassword String No allowed_self_as_count Integer min: 1, max: 10 No 3bfd Boolean true, falseNo falsedisable_connected_check Boolean true, falseNo falsettl Integer min: 1, max: 255 No 1weight Integer min: 0, max: 65535 No 0 remove_all_private_as Boolean true, falseNo falseremove_private_as Boolean true, falseNo falsereplace_private_as_with_local_as Boolean true, falseNo falseunicast_address_family Boolean true, falseNo truemulticast_address_family Boolean true, falseNo trueadmin_state Boolean true, falseNo truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonepeer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value physical_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No vmware_vmm_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No elag String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No floating_ip IP Yes vlan Integer min: 1, max: 4096 No
Simple example:
external_endpoint_groups :
SVI example:
Routed Sub-interface example:
Routed Interface example:
Example with explicit profiles:
as_path_policy : BGP_AS_PATH1
description : NODE_101 Description
ingress_data_plane_policing_policy : DPP1
egress_data_plane_policing_policy : DPP2
- dhcp_relay_policy : DHCP-RELAY1
dhcp_option_policy : DHCP-OPTION1
netflow_monitor_policies :
external_endpoint_groups :
Example with Node BGP Peering (BGP Infra Peers) for Remote Leaf use-case in infra Tenant. In case of Interface BGP Peering, bgp_peers instead of bgp_infra_peers must be used:
as_path_policy : BGP_AS_PATH1
disable_peer_as_check : true
peer_prefix_policy : BGP_PP1
external_endpoint_groups :
Example with BGP Peers for IPN
external_endpoint_groups :
Full example:
import_route_control_enforcement : true
export_route_control_enforcement : true
custom_qos_policy : QOS_POLICY
ingress_data_plane_policing_policy : DPP1
egress_data_plane_policing_policy : DPP2
- dhcp_relay_policy : DHCP-RELAY1
dhcp_option_policy : DHCP-OPTION1
netflow_monitor_policies :
as_path_policy : BGP_AS_PATH1
interleak_route_map : ROUTE_MAP1
default_route_leak_policy :
redistribution_route_maps :
dampening_ipv4_route_map : ROUTE_MAP3
dampening_ipv6_route_map : ROUTE_MAP4
bfd_multihop_node_policy : BFD-NODE1
router_id_as_loopback : true
description : My Next Hop Desc
ip_shared_dhcp_relay : true
link_local_address : fe80::ffff:ffff:ffff:ffff
disable_connected_check : true
remove_all_private_as : true
multicast_address_family : true
peer_prefix_policy : BGP_PP1
export_route_control : ROUTE_MAP1
import_route_control : ROUTE_MAP2
destination_ip : 24.24.24.2
name : example-import-name
name : example-export-name
external_endpoint_groups :
import_route_control : false
export_route_control : false
shared_route_control : false
example: This example shows how to configure an L3out with IPv4/IPv6 dual stack and a VIP on the SVI. The configuration includes static routes and external EPGs for the L3out, and is typically used when deploying a high-availability (HA) pair of firewalls with a NAT pool. The L3out is configured as SVI Vlan ‘100’ on Port ‘10’ of Node ‘1001’ and Node ‘1002’. Each node has its own IPv4, IPv6, and shared VIP addresses, and the shared VIP address is used as the gateway for APP1. Static routing is used as a routing protocol, and an External EPG is configured to permit communication from those routes.
description : Interface for APP1
router_id_as_loopback : false
- prefix : 2001:db8:1234:1000::/64
- ip : 2001:db8:1234:2000::10
router_id_as_loopback : false
- prefix : 2001:db8:1234:1000::/64
- ip : 2001:db8:1234:2000::10
- name : ' APP1-IPv6-IntProf '
description : IPv6 Interface Profile for APP1
ip : 2001:db8:1234:2000::1/64
ip_shared : 2001:db8:1234:2000::3/64
ip : 2001:db8:1234:2000::2/64
ip_shared : 2001:db8:1234:2000::3/64
- name : ' APP1-IPv4-IntProf '
description : IPv4 Interface Profile for APP1
ip_shared : 192.168.2.3/24
ip_shared : 192.168.2.3/24
external_endpoint_groups :
- prefix : 2001:db8:1234:1000::/64
example: In this example, BGP is used as dynamic routing protocol. The BGP parameters are configured as follows: BGP remote-as ‘65530’, IPv6 neighbor address ‘2001:db8:1234:2000::10’, IPv4 neighbor address ‘192.168.2.10’, bfd is enabled with the policy ‘BFD-Policy’. ACI advertises default route ’::/0’ and ‘0.0.0.0/0’ to the BGP neighbor and is assumed to receive ‘2001:db8:1234:1000::/64’ and ‘192.168.1.0/24’ from it.
description : Interface for APP1
router_id_as_loopback : false
router_id_as_loopback : false
- name : ' APP1-IPv6-IntProf '
description : IPv6 Interface Profile for APP1
ip : 2001:db8:1234:2000::1/64
- ip : 2001:db8:1234:2000::10
description : BGP Peer for APP1
multicast_address_family : false
ip : 2001:db8:1234:2000::2/64
- ip : 2001:db8:1234:2000::10
description : BGP Peer for APP1
multicast_address_family : false
- name : ' APP1-IPv4-IntProf '
description : IPv4 Interface Profile for APP1
description : BGP Peer for APP1
multicast_address_family : false
description : BGP Peer for APP1
multicast_address_family : false
external_endpoint_groups :
- prefix : 2001:db8:1234:1000::/64
export_route_control : true
export_route_control : true
L3out Node and Interface Profiles can either be auto-generated, one per L3out, or can be defined explicitly.
Note: Whether an interface is an svi, routed sub-interface, or routed depends on the following configuration:
svi - vlan: <not null>, svi: true, ip: <not null>
routed sub-interface - vlan: <not null>, svi: false, ip: <not null>
routed interface - vlan: <null>, svi: false, ip: <not null>
The following table maps the subnet flags of external endpoint groups to the corresponding GUI terminology:
Subnet Flag GUI Terminology import_securityExternal Subnets for External EPGshared_securityShared Security Import Subnetimport_route_controlImport Route Control Subnetexport_route_controlExport Route Control Subnetshared_route_controlShared Route Control Subnetaggregate_import_route_controlAggregate Importaggregate_export_route_controlAggregate Exportaggregate_shared_route_controlAggregate Shared Routes
Location in GUI:
Tenants » XXX » Networking » L3outsName Type Constraint Mandatory Default Value l3outs List [l3outs]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes ndo_managed Boolean true, falseNo falsealias String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No target_dscp Any Choice[CS0, CS1, AF11, AF12, AF13, CS2, AF21, AF22, AF23, CS3, AF31, AF32, AF33, CS4, AF41, AF42, AF43, CS5, VA, EF, CS6, CS7, unspecified] or Integer[min: 0, max: 63] No unspecifiedvrf String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes bgp Class [bgp]No ospf Class [ospf]No eigrp Class [eigrp]No bfd_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No bgp_peers List [bgp_peers]No nodes List [nodes]No node_profiles List [node_profiles]No external_endpoint_groups List [external_endpoint_groups]No import_route_map Class [import_route_map]No export_route_map Class [export_route_map]No interleak_route_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No default_route_leak_policy Class [default_route_leak_policy]No dampening_ipv4_route_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No dampening_ipv6_route_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No redistribution_route_maps List [redistribution_route_maps]No l3_multicast_ipv4 Boolean true, falseNo falsepim_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No igmp_interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No qos_class Choice level1, level2, level3, level4, level5, level6, unspecifiedNo unspecifiedcustom_qos_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No nd_interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No multipod Boolean true, falseNo trueremote_leaf Boolean true, falseNo falseimport_route_control_enforcement Boolean true, falseNo falseexport_route_control_enforcement Boolean true, falseNo truedhcp_labels List [dhcp_labels]No route_maps List [route_maps]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No timer_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No as_path_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ospf_interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No area Any Integer[min: 0, max: 4294967295] or Choice[backbone] or IP Yes area_type Choice regular, stub, nssaNo regulararea_cost Integer min: 1, max: 16777215 No 1area_control_redistribute Boolean true, falseNo truearea_control_summary Boolean true, falseNo truearea_control_suppress_fa Boolean true, falseNo falseauth_type Choice none, simple, md5No noneauth_key String No auth_key_id Integer min: 1, max: 255 No 1policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No asn Integer min: 1, max: 65535 Yes interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes remote_as Integer min: 0, max: 4294967295 Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No allow_self_as Boolean true, falseNo falseas_override Boolean true, falseNo falsedisable_peer_as_check Boolean true, falseNo falsenext_hop_self Boolean true, falseNo falsesend_community Boolean true, falseNo falsesend_ext_community Boolean true, falseNo falsepassword String No allowed_self_as_count Integer min: 1, max: 10 No 3bfd Boolean true, falseNo falsedisable_connected_check Boolean true, falseNo falsettl Integer min: 1, max: 255 No 1weight Integer min: 0, max: 65535 No 0 remove_all_private_as Boolean true, falseNo falseremove_private_as Boolean true, falseNo falsereplace_private_as_with_local_as Boolean true, falseNo falseunicast_address_family Boolean true, falseNo truemulticast_address_family Boolean true, falseNo trueadmin_state Boolean true, falseNo truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonepeer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value node_id Integer min: 1, max: 4000 Yes pod_id Integer min: 1, max: 255 No router_id IP Yes router_id_as_loopback Boolean true, falseNo trueloopbacks List IP No static_routes List [static_routes]No interfaces List [interfaces]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes bgp Class [bgp]No bgp_peers List [bgp_peers]No nodes List [nodes]No interface_profiles List [interface_profiles]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes ndo_managed Boolean true, falseNo falsealias String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No preferred_group Boolean true, falseNo falseqos_class Choice level1, level2, level3, level4, level5, level6, unspecifiedNo unspecifiedtarget_dscp Any Choice[CS0, CS1, AF11, AF12, AF13, CS2, AF21, AF22, AF23, CS3, AF31, AF32, AF33, CS4, AF41, AF42, AF43, CS5, VA, EF, CS6, CS7, unspecified] or Integer[min: 0, max: 63] No unspecifiedsubnets List [subnets]No contracts Class [contracts]No route_control_profiles List [route_control_profiles]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No type Choice combinable, globalNo globalcontexts List [contexts]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No type Choice combinable, globalNo globalcontexts List [contexts]No
Name Type Constraint Mandatory Default Value always Boolean true, falseNo falsecriteria Choice only, in-additionNo onlycontext_scope Boolean true, falseNo falseoutside_scope Boolean true, falseNo true
Name Type Constraint Mandatory Default Value source Choice direct, attached-host, staticNo staticroute_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes
Name Type Constraint Mandatory Default Value dhcp_relay_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes dhcp_option_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No scope Choice infra, tenantNo infra
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No type Choice combinable, globalNo combinablecontexts List [contexts]No
Name Type Constraint Mandatory Default Value description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No prefix IP Yes preference Integer min: 1, max: 255 No 1bfd Boolean true, falseNo falsenext_hops List [next_hops]No track_list String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No node_id Integer min: 1, max: 4000 No node2_id Integer min: 1, max: 4000 No port Integer min: 1, max: 127 No sub_port Integer min: 1, max: 16 No module Integer min: 1, max: 9 No 1channel String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ip IP No 0.0.0.0svi Boolean true, falseNo falsemultipod_direct Boolean true, falseNo falseautostate Boolean true, falseNo falsefloating_svi Boolean true, falseNo falsevlan Integer min: 1, max: 4096 No mac MAC No 00:22:BD:F8:19:FFmtu Any Choice[inherit] or Integer[min: 576, max: 9216] No inheritip_a IP No ip_b IP No ip_shared IP No ip_shared_dhcp_relay IP No falselink_local_address IP No bgp_peers List [bgp_peers]No paths List [paths]No mode Choice regular, native, untaggedNo regularstate Choice local, vrfNo micro_bfd Class [micro_bfd]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No timer_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No as_path_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes remote_as Integer min: 0, max: 4294967295 Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No allow_self_as Boolean true, falseNo falseas_override Boolean true, falseNo falsedisable_peer_as_check Boolean true, falseNo falsenext_hop_self Boolean true, falseNo falsesend_community Boolean true, falseNo falsesend_ext_community Boolean true, falseNo falsepassword String No allowed_self_as_count Integer min: 1, max: 10 No 3bfd Boolean true, falseNo falsedisable_connected_check Boolean true, falseNo falsettl Integer min: 1, max: 255 No 1weight Integer min: 0, max: 65535 No 0 remove_all_private_as Boolean true, falseNo falseremove_private_as Boolean true, falseNo falsereplace_private_as_with_local_as Boolean true, falseNo falseunicast_address_family Boolean true, falseNo truemulticast_address_family Boolean true, falseNo trueadmin_state Boolean true, falseNo truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonepeer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value node_id Integer min: 1, max: 4000 Yes pod_id Integer min: 1, max: 255 No router_id IP Yes router_id_as_loopback Boolean true, falseNo trueloopbacks List IP No static_routes List [static_routes]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No bfd_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ospf Class [ospf]No eigrp Class [eigrp]No pim_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No igmp_interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No qos_class Choice level1, level2, level3, level4, level5, level6, unspecifiedNo unspecifiedcustom_qos_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No nd_interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No interfaces List [interfaces]No dhcp_labels List [dhcp_labels]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ndo_managed Boolean true, falseNo falsedescription String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No prefix IP Yes import_route_control Boolean true, falseNo falseexport_route_control Boolean true, falseNo falseshared_route_control Boolean true, falseNo falseimport_security Boolean true, falseNo trueshared_security Boolean true, falseNo falseaggregate_import_route_control Boolean true, falseNo falseaggregate_export_route_control Boolean true, falseNo falseaggregate_shared_route_control Boolean true, falseNo falsebgp_route_summarization Boolean true, falseNo falsebgp_route_summarization_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ospf_route_summarization Boolean true, falseNo falseeigrp_route_summarization Boolean true, falseNo falseroute_control_profiles List [route_control_profiles]No
Name Type Constraint Mandatory Default Value consumers List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No providers List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No imported_consumers List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes direction Choice import, exportNo import
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No action Choice permit, denyNo permitorder Integer min: 0, max: 9 No 0 match_rules List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No set_rule String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No action Choice permit, denyNo permitorder Integer min: 0, max: 9 No 0 match_rules List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No set_rule String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No action Choice permit, denyNo permitorder Integer min: 0, max: 9 No 0 match_rules List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No set_rule String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No preference Integer min: 0, max: 255 No 1type Choice prefix, noneNo prefixip_sla_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No track_list String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes remote_as Integer min: 0, max: 4294967295 Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No allow_self_as Boolean true, falseNo falseas_override Boolean true, falseNo falsedisable_peer_as_check Boolean true, falseNo falsenext_hop_self Boolean true, falseNo falsesend_community Boolean true, falseNo falsesend_ext_community Boolean true, falseNo falsepassword String No allowed_self_as_count Integer min: 1, max: 10 No 3bfd Boolean true, falseNo falsedisable_connected_check Boolean true, falseNo falsettl Integer min: 1, max: 255 No 1weight Integer min: 0, max: 65535 No 0 remove_all_private_as Boolean true, falseNo falseremove_private_as Boolean true, falseNo falsereplace_private_as_with_local_as Boolean true, falseNo falseunicast_address_family Boolean true, falseNo truemulticast_address_family Boolean true, falseNo trueadmin_state Boolean true, falseNo truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonepeer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value physical_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No vmware_vmm_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No elag String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No floating_ip IP Yes vlan Integer min: 1, max: 4096 No
Name Type Constraint Mandatory Default Value destination_ip IP Yes start_timer Any Integer[min: 60, max: 3600] or Integer[min: 0, max: 0] No 0
Name Type Constraint Mandatory Default Value description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No prefix IP Yes preference Integer min: 1, max: 255 No 1bfd Boolean true, falseNo falsenext_hops List [next_hops]No track_list String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ospf_interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No auth_type Choice none, simple, md5No noneauth_key String No auth_key_id Integer min: 1, max: 255 No 1policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No keychain_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No node_id Integer min: 1, max: 4000 No node2_id Integer min: 1, max: 4000 No pod_id Integer min: 1, max: 255 No module Integer min: 1, max: 9 No 1port Integer min: 1, max: 127 No sub_port Integer min: 1, max: 16 No channel String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ip IP No 0.0.0.0multipod_direct Boolean true, falseNo falsesvi Boolean true, falseNo falseautostate Boolean true, falseNo falsefloating_svi Boolean true, falseNo falsevlan Integer min: 1, max: 4096 No mac MAC No 00:22:BD:F8:19:FFmtu Any Choice[inherit] or Integer[min: 576, max: 9216] No inheritip_a IP No ip_b IP No ip_shared IP No ip_shared_dhcp_relay IP No falselink_local_address IP No bgp_peers List [bgp_peers]No paths List [paths]No mode Choice regular, native, untaggedNo regularscope Choice local, vrfNo local
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes direction Choice import, exportNo import
Name Type Constraint Mandatory Default Value ip IP Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No preference Integer min: 0, max: 255 No 1type Choice prefix, noneNo prefixip_sla_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No track_list String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes remote_as Integer min: 0, max: 4294967295 Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No allow_self_as Boolean true, falseNo falseas_override Boolean true, falseNo falsedisable_peer_as_check Boolean true, falseNo falsenext_hop_self Boolean true, falseNo falsesend_community Boolean true, falseNo falsesend_ext_community Boolean true, falseNo falsepassword String No allowed_self_as_count Integer min: 1, max: 10 No 3bfd Boolean true, falseNo falsedisable_connected_check Boolean true, falseNo falsettl Integer min: 1, max: 255 No 1weight Integer min: 0, max: 65535 No 0 remove_all_private_as Boolean true, falseNo falseremove_private_as Boolean true, falseNo falsereplace_private_as_with_local_as Boolean true, falseNo falseunicast_address_family Boolean true, falseNo truemulticast_address_family Boolean true, falseNo trueadmin_state Boolean true, falseNo truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonepeer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value physical_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No vmware_vmm_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No elag String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No floating_ip IP Yes vlan Integer min: 1, max: 4096 No
Simple example:
external_endpoint_groups :
SVI example:
Routed Sub-interface example:
Routed Interface example:
Example with explicit profiles:
as_path_policy : BGP_AS_PATH1
description : NODE_101 Description
- dhcp_relay_policy : DHCP-RELAY1
dhcp_option_policy : DHCP-OPTION1
external_endpoint_groups :
Full example:
import_route_control_enforcement : true
export_route_control_enforcement : true
custom_qos_policy : QOS_POLICY
- dhcp_relay_policy : DHCP-RELAY1
dhcp_option_policy : DHCP-OPTION1
as_path_policy : BGP_AS_PATH1
interleak_route_map : ROUTE_MAP1
default_route_leak_policy :
redistribution_route_maps :
dampening_ipv4_route_map : ROUTE_MAP3
dampening_ipv6_route_map : ROUTE_MAP4
router_id_as_loopback : true
description : My Next Hop Desc
ip_shared_dhcp_relay : true
link_local_address : fe80::ffff:ffff:ffff:ffff
disable_connected_check : true
remove_all_private_as : true
multicast_address_family : true
peer_prefix_policy : BGP_PP1
export_route_control : ROUTE_MAP1
import_route_control : ROUTE_MAP2
destination_ip : 24.24.24.2
name : example-import-name
name : example-export-name
external_endpoint_groups :
import_route_control : false
export_route_control : false
shared_route_control : false
L3out Node and Interface Profiles can either be auto-generated, one per L3out, or can be defined explicitly.
Note: Whether an interface is an svi, routed sub-interface, or routed depends on the following configuration:
svi - vlan: <not null>, svi: true, ip: <not null>
routed sub-interface - vlan: <not null>, svi: false, ip: <not null>
routed interface - vlan: <null>, svi: false, ip: <not null>
The following table maps the subnet flags of external endpoint groups to the corresponding GUI terminology:
Subnet Flag GUI Terminology import_securityExternal Subnets for External EPGshared_securityShared Security Import Subnetimport_route_controlImport Route Control Subnetexport_route_controlExport Route Control Subnetshared_route_controlShared Route Control Subnetaggregate_import_route_controlAggregate Importaggregate_export_route_controlAggregate Exportaggregate_shared_route_controlAggregate Shared Routes
Location in GUI:
Tenants » XXX » Networking » L3outsName Type Constraint Mandatory Default Value l3outs List [l3outs]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes ndo_managed Boolean true, falseNo falsealias String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No target_dscp Any Choice[CS0, CS1, AF11, AF12, AF13, CS2, AF21, AF22, AF23, CS3, AF31, AF32, AF33, CS4, AF41, AF42, AF43, CS5, VA, EF, CS6, CS7, unspecified] or Integer[min: 0, max: 63] No unspecifiedvrf String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes bgp Class [bgp]No ospf Class [ospf]No eigrp Class [eigrp]No bfd_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No bgp_peers List [bgp_peers]No nodes List [nodes]No node_profiles List [node_profiles]No external_endpoint_groups List [external_endpoint_groups]No import_route_map Class [import_route_map]No export_route_map Class [export_route_map]No interleak_route_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No default_route_leak_policy Class [default_route_leak_policy]No dampening_ipv4_route_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No dampening_ipv6_route_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No redistribution_route_maps List [redistribution_route_maps]No l3_multicast_ipv4 Boolean true, falseNo falsepim_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No igmp_interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No qos_class Choice level1, level2, level3, level4, level5, level6, unspecifiedNo unspecifiedcustom_qos_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No nd_interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No multipod Boolean true, falseNo trueremote_leaf Boolean true, falseNo falseimport_route_control_enforcement Boolean true, falseNo falseexport_route_control_enforcement Boolean true, falseNo truedhcp_labels List [dhcp_labels]No route_maps List [route_maps]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No timer_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No as_path_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ospf_interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No area Any Integer[min: 0, max: 4294967295] or Choice[backbone] or IP Yes area_type Choice regular, stub, nssaNo regulararea_cost Integer min: 1, max: 16777215 No 1area_control_redistribute Boolean true, falseNo truearea_control_summary Boolean true, falseNo truearea_control_suppress_fa Boolean true, falseNo falseauth_type Choice none, simple, md5No noneauth_key String No auth_key_id Integer min: 1, max: 255 No 1policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No asn Integer min: 1, max: 65535 Yes interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes remote_as Integer min: 0, max: 4294967295 Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No allow_self_as Boolean true, falseNo falseas_override Boolean true, falseNo falsedisable_peer_as_check Boolean true, falseNo falsenext_hop_self Boolean true, falseNo falsesend_community Boolean true, falseNo falsesend_ext_community Boolean true, falseNo falsepassword String No allowed_self_as_count Integer min: 1, max: 10 No 3bfd Boolean true, falseNo falsedisable_connected_check Boolean true, falseNo falsettl Integer min: 1, max: 255 No 1weight Integer min: 0, max: 65535 No 0 remove_all_private_as Boolean true, falseNo falseremove_private_as Boolean true, falseNo falsereplace_private_as_with_local_as Boolean true, falseNo falseunicast_address_family Boolean true, falseNo truemulticast_address_family Boolean true, falseNo trueadmin_state Boolean true, falseNo truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonepeer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value node_id Integer min: 1, max: 4000 Yes pod_id Integer min: 1, max: 255 No router_id IP Yes router_id_as_loopback Boolean true, falseNo trueloopbacks List IP No static_routes List [static_routes]No interfaces List [interfaces]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes bgp Class [bgp]No bgp_peers List [bgp_peers]No nodes List [nodes]No interface_profiles List [interface_profiles]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes ndo_managed Boolean true, falseNo falsealias String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No preferred_group Boolean true, falseNo falseqos_class Choice level1, level2, level3, level4, level5, level6, unspecifiedNo unspecifiedtarget_dscp Any Choice[CS0, CS1, AF11, AF12, AF13, CS2, AF21, AF22, AF23, CS3, AF31, AF32, AF33, CS4, AF41, AF42, AF43, CS5, VA, EF, CS6, CS7, unspecified] or Integer[min: 0, max: 63] No unspecifiedsubnets List [subnets]No contracts Class [contracts]No route_control_profiles List [route_control_profiles]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No type Choice combinable, globalNo globalcontexts List [contexts]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No type Choice combinable, globalNo globalcontexts List [contexts]No
Name Type Constraint Mandatory Default Value always Boolean true, falseNo falsecriteria Choice only, in-additionNo onlycontext_scope Boolean true, falseNo falseoutside_scope Boolean true, falseNo true
Name Type Constraint Mandatory Default Value source Choice direct, attached-host, staticNo staticroute_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes
Name Type Constraint Mandatory Default Value dhcp_relay_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes dhcp_option_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No scope Choice infra, tenantNo infra
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No type Choice combinable, globalNo combinablecontexts List [contexts]No
Name Type Constraint Mandatory Default Value description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No prefix IP Yes preference Integer min: 1, max: 255 No 1bfd Boolean true, falseNo falsenext_hops List [next_hops]No track_list String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No node_id Integer min: 1, max: 4000 No node2_id Integer min: 1, max: 4000 No port Integer min: 1, max: 127 No sub_port Integer min: 1, max: 16 No module Integer min: 1, max: 9 No 1channel String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ip IP No 0.0.0.0svi Boolean true, falseNo falsemultipod_direct Boolean true, falseNo falseautostate Boolean true, falseNo falsefloating_svi Boolean true, falseNo falsevlan Integer min: 1, max: 4096 No mac MAC No 00:22:BD:F8:19:FFmtu Any Choice[inherit] or Integer[min: 576, max: 9216] No inheritip_a IP No ip_b IP No ip_shared IP No ip_shared_dhcp_relay IP No falselink_local_address IP No bgp_peers List [bgp_peers]No paths List [paths]No mode Choice regular, native, untaggedNo regularstate Choice local, vrfNo micro_bfd Class [micro_bfd]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No timer_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No as_path_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes remote_as Integer min: 0, max: 4294967295 Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No allow_self_as Boolean true, falseNo falseas_override Boolean true, falseNo falsedisable_peer_as_check Boolean true, falseNo falsenext_hop_self Boolean true, falseNo falsesend_community Boolean true, falseNo falsesend_ext_community Boolean true, falseNo falsepassword String No allowed_self_as_count Integer min: 1, max: 10 No 3bfd Boolean true, falseNo falsedisable_connected_check Boolean true, falseNo falsettl Integer min: 1, max: 255 No 1weight Integer min: 0, max: 65535 No 0 remove_all_private_as Boolean true, falseNo falseremove_private_as Boolean true, falseNo falsereplace_private_as_with_local_as Boolean true, falseNo falseunicast_address_family Boolean true, falseNo truemulticast_address_family Boolean true, falseNo trueadmin_state Boolean true, falseNo truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonepeer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value node_id Integer min: 1, max: 4000 Yes pod_id Integer min: 1, max: 255 No router_id IP Yes router_id_as_loopback Boolean true, falseNo trueloopbacks List IP No static_routes List [static_routes]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No bfd_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ospf Class [ospf]No eigrp Class [eigrp]No pim_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No igmp_interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No qos_class Choice level1, level2, level3, level4, level5, level6, unspecifiedNo unspecifiedcustom_qos_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No nd_interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No interfaces List [interfaces]No dhcp_labels List [dhcp_labels]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ndo_managed Boolean true, falseNo falsedescription String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No prefix IP Yes import_route_control Boolean true, falseNo falseexport_route_control Boolean true, falseNo falseshared_route_control Boolean true, falseNo falseimport_security Boolean true, falseNo trueshared_security Boolean true, falseNo falseaggregate_import_route_control Boolean true, falseNo falseaggregate_export_route_control Boolean true, falseNo falseaggregate_shared_route_control Boolean true, falseNo falsebgp_route_summarization Boolean true, falseNo falsebgp_route_summarization_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ospf_route_summarization Boolean true, falseNo falseeigrp_route_summarization Boolean true, falseNo falseroute_control_profiles List [route_control_profiles]No
Name Type Constraint Mandatory Default Value consumers List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No providers List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No imported_consumers List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes direction Choice import, exportNo import
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No action Choice permit, denyNo permitorder Integer min: 0, max: 9 No 0 match_rules List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No set_rule String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No action Choice permit, denyNo permitorder Integer min: 0, max: 9 No 0 match_rules List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No set_rule String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No action Choice permit, denyNo permitorder Integer min: 0, max: 9 No 0 match_rules List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No set_rule String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No preference Integer min: 0, max: 255 No 1type Choice prefix, noneNo prefix
Name Type Constraint Mandatory Default Value ip IP Yes remote_as Integer min: 0, max: 4294967295 Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No allow_self_as Boolean true, falseNo falseas_override Boolean true, falseNo falsedisable_peer_as_check Boolean true, falseNo falsenext_hop_self Boolean true, falseNo falsesend_community Boolean true, falseNo falsesend_ext_community Boolean true, falseNo falsepassword String No allowed_self_as_count Integer min: 1, max: 10 No 3bfd Boolean true, falseNo falsedisable_connected_check Boolean true, falseNo falsettl Integer min: 1, max: 255 No 1weight Integer min: 0, max: 65535 No 0 remove_all_private_as Boolean true, falseNo falseremove_private_as Boolean true, falseNo falsereplace_private_as_with_local_as Boolean true, falseNo falseunicast_address_family Boolean true, falseNo truemulticast_address_family Boolean true, falseNo trueadmin_state Boolean true, falseNo truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonepeer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value physical_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No vmware_vmm_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No elag String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No floating_ip IP Yes vlan Integer min: 1, max: 4096 No
Name Type Constraint Mandatory Default Value destination_ip IP Yes start_timer Any Integer[min: 60, max: 3600] or Integer[min: 0, max: 0] No 0
Name Type Constraint Mandatory Default Value description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No prefix IP Yes preference Integer min: 1, max: 255 No 1bfd Boolean true, falseNo falsenext_hops List [next_hops]No track_list String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ospf_interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No auth_type Choice none, simple, md5No noneauth_key String No auth_key_id Integer min: 1, max: 255 No 1policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No keychain_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No node_id Integer min: 1, max: 4000 No node2_id Integer min: 1, max: 4000 No pod_id Integer min: 1, max: 255 No module Integer min: 1, max: 9 No 1port Integer min: 1, max: 127 No sub_port Integer min: 1, max: 16 No channel String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ip IP No 0.0.0.0multipod_direct Boolean true, falseNo falsesvi Boolean true, falseNo falseautostate Boolean true, falseNo falsefloating_svi Boolean true, falseNo falsevlan Integer min: 1, max: 4096 No mac MAC No 00:22:BD:F8:19:FFmtu Any Choice[inherit] or Integer[min: 576, max: 9216] No inheritip_a IP No ip_b IP No ip_shared IP No ip_shared_dhcp_relay IP No falselink_local_address IP No bgp_peers List [bgp_peers]No paths List [paths]No mode Choice regular, native, untaggedNo regularscope Choice local, vrfNo local
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes direction Choice import, exportNo import
Name Type Constraint Mandatory Default Value ip IP Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No preference Integer min: 0, max: 255 No 1type Choice prefix, noneNo prefix
Name Type Constraint Mandatory Default Value ip IP Yes remote_as Integer min: 0, max: 4294967295 Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No allow_self_as Boolean true, falseNo falseas_override Boolean true, falseNo falsedisable_peer_as_check Boolean true, falseNo falsenext_hop_self Boolean true, falseNo falsesend_community Boolean true, falseNo falsesend_ext_community Boolean true, falseNo falsepassword String No allowed_self_as_count Integer min: 1, max: 10 No 3bfd Boolean true, falseNo falsedisable_connected_check Boolean true, falseNo falsettl Integer min: 1, max: 255 No 1weight Integer min: 0, max: 65535 No 0 remove_all_private_as Boolean true, falseNo falseremove_private_as Boolean true, falseNo falsereplace_private_as_with_local_as Boolean true, falseNo falseunicast_address_family Boolean true, falseNo truemulticast_address_family Boolean true, falseNo trueadmin_state Boolean true, falseNo truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonepeer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value physical_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No vmware_vmm_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No elag String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No floating_ip IP Yes vlan Integer min: 1, max: 4096 No
Simple example:
external_endpoint_groups :
SVI example:
Routed Sub-interface example:
Routed Interface example:
Example with explicit profiles:
as_path_policy : BGP_AS_PATH1
description : NODE_101 Description
- dhcp_relay_policy : DHCP-RELAY1
dhcp_option_policy : DHCP-OPTION1
external_endpoint_groups :
Full example:
import_route_control_enforcement : true
export_route_control_enforcement : true
custom_qos_policy : QOS_POLICY
- dhcp_relay_policy : DHCP-RELAY1
dhcp_option_policy : DHCP-OPTION1
as_path_policy : BGP_AS_PATH1
interleak_route_map : ROUTE_MAP1
default_route_leak_policy :
redistribution_route_maps :
dampening_ipv4_route_map : ROUTE_MAP3
dampening_ipv6_route_map : ROUTE_MAP4
router_id_as_loopback : true
description : My Next Hop Desc
ip_shared_dhcp_relay : true
link_local_address : fe80::ffff:ffff:ffff:ffff
disable_connected_check : true
remove_all_private_as : true
multicast_address_family : true
peer_prefix_policy : BGP_PP1
export_route_control : ROUTE_MAP1
import_route_control : ROUTE_MAP2
destination_ip : 24.24.24.2
name : example-import-name
name : example-export-name
external_endpoint_groups :
import_route_control : false
export_route_control : false
shared_route_control : false
L3out Node and Interface Profiles can either be auto-generated, one per L3out, or can be defined explicitly.
Note: Whether an interface is an svi, routed sub-interface, or routed depends on the following configuration:
svi - vlan: <not null>, svi: true, ip: <not null>
routed sub-interface - vlan: <not null>, svi: false, ip: <not null>
routed interface - vlan: <null>, svi: false, ip: <not null>
The following table maps the subnet flags of external endpoint groups to the corresponding GUI terminology:
Subnet Flag GUI Terminology import_securityExternal Subnets for External EPGshared_securityShared Security Import Subnetimport_route_controlImport Route Control Subnetexport_route_controlExport Route Control Subnetshared_route_controlShared Route Control Subnetaggregate_import_route_controlAggregate Exportaggregate_export_route_controlAggregate Importaggregate_shared_route_controlAggregate Shared Routes
Location in GUI:
Tenants » XXX » Networking » L3outsName Type Constraint Mandatory Default Value l3outs List [l3outs]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes ndo_managed Boolean true, falseNo falsealias String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No target_dscp Any Choice[CS0, CS1, AF11, AF12, AF13, CS2, AF21, AF22, AF23, CS3, AF31, AF32, AF33, CS4, AF41, AF42, AF43, CS5, VA, EF, CS6, CS7, unspecified] or Integer[min: 0, max: 63] No unspecifiedvrf String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes bgp Class [bgp]No ospf Class [ospf]No eigrp Class [eigrp]No bfd_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No bgp_peers List [bgp_peers]No nodes List [nodes]No node_profiles List [node_profiles]No external_endpoint_groups List [external_endpoint_groups]No import_route_map Class [import_route_map]No export_route_map Class [export_route_map]No interleak_route_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No default_route_leak_policy Class [default_route_leak_policy]No dampening_ipv4_route_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No dampening_ipv6_route_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No redistribution_route_maps List [redistribution_route_maps]No l3_multicast_ipv4 Boolean No falsepim_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No igmp_interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No qos_class Choice level1, level2, level3, level4, level5, level6, unspecifiedNo unspecifiedcustom_qos_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No multipod Boolean true, falseNo trueremote_leaf Boolean true, falseNo falseimport_route_control_enforcement Boolean true, falseNo falseexport_route_control_enforcement Boolean true, falseNo truedhcp_labels List [dhcp_labels]No
Name Type Constraint Mandatory Default Value timer_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No as_path_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ospf_interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No area Any Integer[min: 0, max: 4294967295] or Choice[backbone] or IP Yes area_type Choice regular, stub, nssaNo regulararea_cost Integer min: 1, max: 16777215 No 1area_control_redistribute Boolean No truearea_control_summary Boolean No truearea_control_suppress_fa Boolean No falseauth_type Choice none, simple, md5No noneauth_key String No auth_key_id Integer min: 1, max: 255 No 1policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No asn Integer min: 1, max: 65535 Yes interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes remote_as Integer min: 0, max: 4294967295 Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No allow_self_as Boolean No falseas_override Boolean No falsedisable_peer_as_check Boolean No falsenext_hop_self Boolean No falsesend_community Boolean No falsesend_ext_community Boolean No falsepassword String No allowed_self_as_count Integer min: 1, max: 10 No 3bfd Boolean No falsedisable_connected_check Boolean No falsettl Integer min: 1, max: 255 No 1weight Integer min: 0, max: 65535 No 0 remove_all_private_as Boolean No falseremove_private_as Boolean No falsereplace_private_as_with_local_as Boolean No falseunicast_address_family Boolean No truemulticast_address_family Boolean No trueadmin_state Boolean No truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonepeer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value node_id Integer min: 1, max: 4000 Yes pod_id Integer min: 1, max: 255 No router_id IP Yes router_id_as_loopback Boolean No trueloopback IP No static_routes List [static_routes]No interfaces List [interfaces]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes bgp Class [bgp]No bgp_peers List [bgp_peers]No nodes List [nodes]No interface_profiles List [interface_profiles]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes ndo_managed Boolean true, falseNo falsealias String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No preferred_group Boolean No falseqos_class Choice level1, level2, level3, level4, level5, level6, unspecifiedNo unspecifiedtarget_dscp Any Choice[CS0, CS1, AF11, AF12, AF13, CS2, AF21, AF22, AF23, CS3, AF31, AF32, AF33, CS4, AF41, AF42, AF43, CS5, VA, EF, CS6, CS7, unspecified] or Integer[min: 0, max: 63] No unspecifiedsubnets List [subnets]No contracts Class [contracts]No route_control_profiles List [route_control_profiles]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No type Choice combinable, globalNo globalcontexts List [contexts]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No type Choice combinable, globalNo globalcontexts List [contexts]No
Name Type Constraint Mandatory Default Value always Boolean No falsecriteria Choice only, in-additionNo onlycontext_scope Boolean No falseoutside_scope Boolean No true
Name Type Constraint Mandatory Default Value source Choice direct, attached-host, staticNo staticroute_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes
Name Type Constraint Mandatory Default Value dhcp_relay_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes dhcp_option_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No scope Choice infra, tenantNo infra
Name Type Constraint Mandatory Default Value description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No prefix IP Yes preference Integer min: 1, max: 255 No 1bfd Boolean No falsenext_hops List [next_hops]No track_list String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No node_id Integer min: 1, max: 4000 No node2_id Integer min: 1, max: 4000 No port Integer min: 1, max: 127 No sub_port Integer min: 1, max: 16 No module Integer min: 1, max: 9 No 1channel String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ip IP No 0.0.0.0svi Boolean No falsemultipod_direct Boolean true, falseNo falseautostate Boolean true, falseNo falsefloating_svi Boolean No falsevlan Integer min: 1, max: 4096 No mac MAC No 00:22:BD:F8:19:FFmtu Any Choice[inherit] or Integer[min: 576, max: 9216] No inheritip_a IP No ip_b IP No ip_shared IP No link_local_address IP No bgp_peers List [bgp_peers]No paths List [paths]No mode Choice regular, native, untaggedNo regularstate Choice local, vrfNo micro_bfd Class [micro_bfd]No
Name Type Constraint Mandatory Default Value timer_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No as_path_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes remote_as Integer min: 0, max: 4294967295 Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No allow_self_as Boolean No falseas_override Boolean No falsedisable_peer_as_check Boolean No falsenext_hop_self Boolean No falsesend_community Boolean No falsesend_ext_community Boolean No falsepassword String No allowed_self_as_count Integer min: 1, max: 10 No 3bfd Boolean No falsedisable_connected_check Boolean No falsettl Integer min: 1, max: 255 No 1weight Integer min: 0, max: 65535 No 0 remove_all_private_as Boolean No falseremove_private_as Boolean No falsereplace_private_as_with_local_as Boolean No falseunicast_address_family Boolean No truemulticast_address_family Boolean No trueadmin_state Boolean No truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonepeer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value node_id Integer min: 1, max: 4000 Yes pod_id Integer min: 1, max: 255 No router_id IP Yes router_id_as_loopback Boolean No trueloopback IP No static_routes List [static_routes]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No bfd_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ospf Class [ospf]No eigrp Class [eigrp]No pim_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No igmp_interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No qos_class Choice level1, level2, level3, level4, level5, level6, unspecifiedNo unspecifiedcustom_qos_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No interfaces List [interfaces]No dhcp_labels List [dhcp_labels]No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ndo_managed Boolean true, falseNo falsedescription String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No prefix IP Yes import_route_control Boolean No falseexport_route_control Boolean No falseshared_route_control Boolean No falseimport_security Boolean No trueshared_security Boolean No falseaggregate_import_route_control Boolean No falseaggregate_export_route_control Boolean No falseaggregate_shared_route_control Boolean No falsebgp_route_summarization Boolean No falsebgp_route_summarization_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ospf_route_summarization Boolean true, falseNo falseeigrp_route_summarization Boolean true, falseNo falseroute_control_profiles List [route_control_profiles]No
Name Type Constraint Mandatory Default Value consumers List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No providers List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No imported_consumers List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes direction Choice import, exportNo import
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No action Choice permit, denyNo permitorder Integer min: 0, max: 9 No 0 match_rules List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No set_rule String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No action Choice permit, denyNo permitorder Integer min: 0, max: 9 No 0 match_rules List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No set_rule String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ip IP Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No preference Integer min: 0, max: 255 No 1type Choice prefix, noneNo prefix
Name Type Constraint Mandatory Default Value ip IP Yes remote_as Integer min: 0, max: 4294967295 Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No allow_self_as Boolean No falseas_override Boolean No falsedisable_peer_as_check Boolean No falsenext_hop_self Boolean No falsesend_community Boolean No falsesend_ext_community Boolean No falsepassword String No allowed_self_as_count Integer min: 1, max: 10 No 3bfd Boolean No falsedisable_connected_check Boolean No falsettl Integer min: 1, max: 255 No 1weight Integer min: 0, max: 65535 No 0 remove_all_private_as Boolean No falseremove_private_as Boolean No falsereplace_private_as_with_local_as Boolean No falseunicast_address_family Boolean No truemulticast_address_family Boolean No trueadmin_state Boolean No truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonepeer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value physical_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No vmware_vmm_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No elag String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No floating_ip IP Yes
Name Type Constraint Mandatory Default Value destination_ip IP Yes start_timer Any Integer[min: 60, max: 3600] or Integer[min: 0, max: 0] No 0
Name Type Constraint Mandatory Default Value description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No prefix IP Yes preference Integer min: 1, max: 255 No 1bfd Boolean No falsenext_hops List [next_hops]No track_list String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value ospf_interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No auth_type Choice none, simple, md5No noneauth_key String No auth_key_id Integer min: 1, max: 255 No 1policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No keychain_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No node_id Integer min: 1, max: 4000 No node2_id Integer min: 1, max: 4000 No pod_id Integer min: 1, max: 255 No module Integer min: 1, max: 9 No 1port Integer min: 1, max: 127 No sub_port Integer min: 1, max: 16 No channel String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No ip IP No 0.0.0.0multipod_direct Boolean true, falseNo falsesvi Boolean No falseautostate Boolean true, falseNo falsefloating_svi Boolean No falsevlan Integer min: 1, max: 4096 No mac MAC No 00:22:BD:F8:19:FFmtu Any Choice[inherit] or Integer[min: 576, max: 9216] No inheritip_a IP No ip_b IP No ip_shared IP No link_local_address IP No bgp_peers List [bgp_peers]No paths List [paths]No mode Choice regular, native, untaggedNo regularscope Choice local, vrfNo local
Name Type Constraint Mandatory Default Value name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes direction Choice import, exportNo import
Name Type Constraint Mandatory Default Value ip IP Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No preference Integer min: 0, max: 255 No 1type Choice prefix, noneNo prefix
Name Type Constraint Mandatory Default Value ip IP Yes remote_as Integer min: 0, max: 4294967295 Yes description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No allow_self_as Boolean No falseas_override Boolean No falsedisable_peer_as_check Boolean No falsenext_hop_self Boolean No falsesend_community Boolean No falsesend_ext_community Boolean No falsepassword String No allowed_self_as_count Integer min: 1, max: 10 No 3bfd Boolean No falsedisable_connected_check Boolean No falsettl Integer min: 1, max: 255 No 1weight Integer min: 0, max: 65535 No 0 remove_all_private_as Boolean No falseremove_private_as Boolean No falsereplace_private_as_with_local_as Boolean No falseunicast_address_family Boolean No truemulticast_address_family Boolean No trueadmin_state Boolean No truelocal_as Integer min: 0, max: 4294967295 No as_propagate Choice none, no-prepend, replace-as, dual-asNo nonepeer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
Name Type Constraint Mandatory Default Value physical_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No vmware_vmm_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No elag String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No floating_ip IP Yes
Simple example:
external_endpoint_groups :
SVI example:
Routed Sub-interface example:
Routed Interface example:
Example with explicit profiles:
as_path_policy : BGP_AS_PATH1
description : NODE_101 Description
- dhcp_relay_policy : DHCP-RELAY1
dhcp_option_policy : DHCP-OPTION1
external_endpoint_groups :
Full example:
import_route_control_enforcement : true
export_route_control_enforcement : true
custom_qos_policy : QOS_POLICY
- dhcp_relay_policy : DHCP-RELAY1
dhcp_option_policy : DHCP-OPTION1
as_path_policy : BGP_AS_PATH1
interleak_route_map : ROUTE_MAP1
default_route_leak_policy :
redistribution_route_maps :
dampening_ipv4_route_map : ROUTE_MAP3
dampening_ipv6_route_map : ROUTE_MAP4
router_id_as_loopback : true
description : My Next Hop Desc
link_local_address : fe80::ffff:ffff:ffff:ffff
disable_connected_check : true
remove_all_private_as : true
multicast_address_family : true
peer_prefix_policy : BGP_PP1
export_route_control : ROUTE_MAP1
import_route_control : ROUTE_MAP2
destination_ip : 24.24.24.2
name : example-import-name
name : example-export-name
external_endpoint_groups :
import_route_control : false
export_route_control : false
shared_route_control : false
