L3out

L3out Node and Interface Profiles can either be auto-generated, one per L3out, or can be defined explicitly.

Note: Whether an interface is an svi, routed sub-interface, or routed depends on the following configuration:

svi - vlan: <not null>, svi: true, ip: <not null>

routed sub-interface - vlan: <not null>, svi: false, ip: <not null>

routed interface - vlan: <null>, svi: false, ip: <not null>

The following table maps the subnet flags of external endpoint groups to the corresponding GUI terminology:

Subnet Flag	GUI Terminology
`import_security`	`External Subnets for External EPG`
`shared_security`	`Shared Security Import Subnet`
`import_route_control`	`Import Route Control Subnet`
`export_route_control`	`Export Route Control Subnet`
`shared_route_control`	`Shared Route Control Subnet`
`aggregate_import_route_control`	`Aggregate Import`
`aggregate_export_route_control`	`Aggregate Export`
`aggregate_shared_route_control`	`Aggregate Shared Routes`

Location in GUI:

Tenants » XXX » Networking » L3outs

Diagram

Classes

tenants (apic)

Name	Type	Constraint	Mandatory	Default Value
l3outs	List	`[l3outs]`	No

l3outs (apic.tenants)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
ndo_managed	Boolean	`true`, `false`	No	`false`
alias	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
target_dscp	Any	Choice[`CS0`, `CS1`, `AF11`, `AF12`, `AF13`, `CS2`, `AF21`, `AF22`, `AF23`, `CS3`, `AF31`, `AF32`, `AF33`, `CS4`, `AF41`, `AF42`, `AF43`, `CS5`, `VA`, `EF`, `CS6`, `CS7`, `unspecified`] or Integer[min: `0`, max: `63`]	No	`unspecified`
vrf	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
domain	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
bgp	Class	`[bgp]`	No
ospf	Class	`[ospf]`	No
eigrp	Class	`[eigrp]`	No
bfd_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
bgp_peers	List	`[bgp_peers]`	No
nodes	List	`[nodes]`	No
node_profiles	List	`[node_profiles]`	No
external_endpoint_groups	List	`[external_endpoint_groups]`	No
import_route_map	Class	`[import_route_map]`	No
export_route_map	Class	`[export_route_map]`	No
interleak_route_map	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
default_route_leak_policy	Class	`[default_route_leak_policy]`	No
dampening_ipv4_route_map	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
dampening_ipv6_route_map	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
redistribution_route_maps	List	`[redistribution_route_maps]`	No
l3_multicast_ipv4	Boolean	`true`, `false`	No	`false`
pim_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
igmp_interface_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
qos_class	Choice	`level1`, `level2`, `level3`, `level4`, `level5`, `level6`, `unspecified`	No	`unspecified`
custom_qos_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
nd_interface_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
multipod	Boolean	`true`, `false`	No	`true`
remote_leaf	Boolean	`true`, `false`	No	`false`
import_route_control_enforcement	Boolean	`true`, `false`	No	`false`
export_route_control_enforcement	Boolean	`true`, `false`	No	`true`
dhcp_labels	List	`[dhcp_labels]`	No
route_maps	List	`[route_maps]`	No

bgp (apic.tenants.l3outs)

Name	Type	Constraint	Mandatory
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
timer_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
as_path_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

ospf (apic.tenants.l3outs)

Name	Type	Constraint	Mandatory	Default Value
ospf_interface_profile_name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
area	Any	Integer[min: `0`, max: `4294967295`] or Choice[`backbone`] or IP	Yes
area_type	Choice	`regular`, `stub`, `nssa`	No	`regular`
area_cost	Integer	min: `1`, max: `16777215`	No	`1`
area_control_redistribute	Boolean	`true`, `false`	No	`true`
area_control_summary	Boolean	`true`, `false`	No	`true`
area_control_suppress_fa	Boolean	`true`, `false`	No	`false`
auth_type	Choice	`none`, `simple`, `md5`	No	`none`
auth_key	String		No
auth_key_id	Integer	min: `1`, max: `255`	No	`1`
policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

eigrp (apic.tenants.l3outs)

Name	Type	Constraint	Mandatory
interface_profile_name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
asn	Integer	min: `1`, max: `65535`	Yes
interface_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

bgp_peers (apic.tenants.l3outs)

Name	Type	Constraint	Mandatory	Default Value
ip	IP		Yes
remote_as	Integer	min: `0`, max: `4294967295`	Yes
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
allow_self_as	Boolean	`true`, `false`	No	`false`
as_override	Boolean	`true`, `false`	No	`false`
disable_peer_as_check	Boolean	`true`, `false`	No	`false`
next_hop_self	Boolean	`true`, `false`	No	`false`
send_community	Boolean	`true`, `false`	No	`false`
send_ext_community	Boolean	`true`, `false`	No	`false`
password	String		No
allowed_self_as_count	Integer	min: `1`, max: `10`	No	`3`
bfd	Boolean	`true`, `false`	No	`false`
disable_connected_check	Boolean	`true`, `false`	No	`false`
ttl	Integer	min: `1`, max: `255`	No	`1`
weight	Integer	min: `0`, max: `65535`	No	0
remove_all_private_as	Boolean	`true`, `false`	No	`false`
remove_private_as	Boolean	`true`, `false`	No	`false`
replace_private_as_with_local_as	Boolean	`true`, `false`	No	`false`
unicast_address_family	Boolean	`true`, `false`	No	`true`
multicast_address_family	Boolean	`true`, `false`	No	`true`
admin_state	Boolean	`true`, `false`	No	`true`
local_as	Integer	min: `0`, max: `4294967295`	No
as_propagate	Choice	`none`, `no-prepend`, `replace-as`, `dual-as`	No	`none`
peer_prefix_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
export_route_control	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
import_route_control	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

nodes (apic.tenants.l3outs)

Name	Type	Constraint	Mandatory	Default Value
node_id	Integer	min: `1`, max: `4000`	Yes
pod_id	Integer	min: `1`, max: `255`	No
router_id	IP		Yes
router_id_as_loopback	Boolean	`true`, `false`	No	`true`
loopbacks	List	IP	No
static_routes	List	`[static_routes]`	No
interfaces	List	`[interfaces]`	No

node_profiles (apic.tenants.l3outs)

Name	Type	Constraint	Mandatory
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
bgp	Class	`[bgp]`	No
bgp_peers	List	`[bgp_peers]`	No
nodes	List	`[nodes]`	No
interface_profiles	List	`[interface_profiles]`	No

external_endpoint_groups (apic.tenants.l3outs)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
ndo_managed	Boolean	`true`, `false`	No	`false`
alias	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
preferred_group	Boolean	`true`, `false`	No	`false`
qos_class	Choice	`level1`, `level2`, `level3`, `level4`, `level5`, `level6`, `unspecified`	No	`unspecified`
target_dscp	Any	Choice[`CS0`, `CS1`, `AF11`, `AF12`, `AF13`, `CS2`, `AF21`, `AF22`, `AF23`, `CS3`, `AF31`, `AF32`, `AF33`, `CS4`, `AF41`, `AF42`, `AF43`, `CS5`, `VA`, `EF`, `CS6`, `CS7`, `unspecified`] or Integer[min: `0`, max: `63`]	No	`unspecified`
subnets	List	`[subnets]`	No
contracts	Class	`[contracts]`	No
route_control_profiles	List	`[route_control_profiles]`	No

import_route_map (apic.tenants.l3outs)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
type	Choice	`combinable`, `global`	No	`global`
contexts	List	`[contexts]`	No

export_route_map (apic.tenants.l3outs)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
type	Choice	`combinable`, `global`	No	`global`
contexts	List	`[contexts]`	No

default_route_leak_policy (apic.tenants.l3outs)

Name	Type	Constraint	Mandatory	Default Value
always	Boolean	`true`, `false`	No	`false`
criteria	Choice	`only`, `in-addition`	No	`only`
context_scope	Boolean	`true`, `false`	No	`false`
outside_scope	Boolean	`true`, `false`	No	`true`

redistribution_route_maps (apic.tenants.l3outs)

Name	Type	Constraint	Mandatory	Default Value
source	Choice	`direct`, `attached-host`, `static`	No	`static`
route_map	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes

dhcp_labels (apic.tenants.l3outs)

Name	Type	Constraint	Mandatory	Default Value
dhcp_relay_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
dhcp_option_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
scope	Choice	`infra`, `tenant`	No	`infra`

route_maps (apic.tenants.l3outs)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
type	Choice	`combinable`, `global`	No	`combinable`
contexts	List	`[contexts]`	No

static_routes (apic.tenants.l3outs.nodes)

Name	Type	Constraint	Mandatory	Default Value
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
prefix	IP		Yes
preference	Integer	min: `1`, max: `255`	No	`1`
bfd	Boolean	`true`, `false`	No	`false`
next_hops	List	`[next_hops]`	No
track_list	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

interfaces (apic.tenants.l3outs.nodes)

Name	Type	Constraint	Mandatory	Default Value
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
node_id	Integer	min: `1`, max: `4000`	No
node2_id	Integer	min: `1`, max: `4000`	No
port	Integer	min: `1`, max: `127`	No
sub_port	Integer	min: `1`, max: `16`	No
module	Integer	min: `1`, max: `9`	No	`1`
channel	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
ip	IP		No	`0.0.0.0`
svi	Boolean	`true`, `false`	No	`false`
multipod_direct	Boolean	`true`, `false`	No	`false`
autostate	Boolean	`true`, `false`	No	`false`
floating_svi	Boolean	`true`, `false`	No	`false`
vlan	Integer	min: `1`, max: `4096`	No
mac	MAC		No	`00:22:BD:F8:19:FF`
mtu	Any	Choice[`inherit`] or Integer[min: `576`, max: `9216`]	No	`inherit`
ip_a	IP		No
ip_b	IP		No
ip_shared	IP		No
ip_shared_dhcp_relay	IP		No	`false`
link_local_address	IP		No
bgp_peers	List	`[bgp_peers]`	No
paths	List	`[paths]`	No
mode	Choice	`regular`, `native`, `untagged`	No	`regular`
state	Choice	`local`, `vrf`	No
micro_bfd	Class	`[micro_bfd]`	No

bgp (apic.tenants.l3outs.node_profiles)

Name	Type	Constraint	Mandatory
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
timer_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
as_path_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

bgp_peers (apic.tenants.l3outs.node_profiles)

Name	Type	Constraint	Mandatory	Default Value
ip	IP		Yes
remote_as	Integer	min: `0`, max: `4294967295`	Yes
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
allow_self_as	Boolean	`true`, `false`	No	`false`
as_override	Boolean	`true`, `false`	No	`false`
disable_peer_as_check	Boolean	`true`, `false`	No	`false`
next_hop_self	Boolean	`true`, `false`	No	`false`
send_community	Boolean	`true`, `false`	No	`false`
send_ext_community	Boolean	`true`, `false`	No	`false`
password	String		No
allowed_self_as_count	Integer	min: `1`, max: `10`	No	`3`
bfd	Boolean	`true`, `false`	No	`false`
disable_connected_check	Boolean	`true`, `false`	No	`false`
ttl	Integer	min: `1`, max: `255`	No	`1`
weight	Integer	min: `0`, max: `65535`	No	0
remove_all_private_as	Boolean	`true`, `false`	No	`false`
remove_private_as	Boolean	`true`, `false`	No	`false`
replace_private_as_with_local_as	Boolean	`true`, `false`	No	`false`
unicast_address_family	Boolean	`true`, `false`	No	`true`
multicast_address_family	Boolean	`true`, `false`	No	`true`
admin_state	Boolean	`true`, `false`	No	`true`
local_as	Integer	min: `0`, max: `4294967295`	No
as_propagate	Choice	`none`, `no-prepend`, `replace-as`, `dual-as`	No	`none`
peer_prefix_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
export_route_control	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
import_route_control	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

nodes (apic.tenants.l3outs.node_profiles)

Name	Type	Constraint	Mandatory	Default Value
node_id	Integer	min: `1`, max: `4000`	Yes
pod_id	Integer	min: `1`, max: `255`	No
router_id	IP		Yes
router_id_as_loopback	Boolean	`true`, `false`	No	`true`
loopbacks	List	IP	No
static_routes	List	`[static_routes]`	No

interface_profiles (apic.tenants.l3outs.node_profiles)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
bfd_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
ospf	Class	`[ospf]`	No
eigrp	Class	`[eigrp]`	No
pim_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
igmp_interface_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
qos_class	Choice	`level1`, `level2`, `level3`, `level4`, `level5`, `level6`, `unspecified`	No	`unspecified`
custom_qos_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
nd_interface_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
interfaces	List	`[interfaces]`	No
dhcp_labels	List	`[dhcp_labels]`	No

subnets (apic.tenants.l3outs.external_endpoint_groups)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
ndo_managed	Boolean	`true`, `false`	No	`false`
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
prefix	IP		Yes
import_route_control	Boolean	`true`, `false`	No	`false`
export_route_control	Boolean	`true`, `false`	No	`false`
shared_route_control	Boolean	`true`, `false`	No	`false`
import_security	Boolean	`true`, `false`	No	`true`
shared_security	Boolean	`true`, `false`	No	`false`
aggregate_import_route_control	Boolean	`true`, `false`	No	`false`
aggregate_export_route_control	Boolean	`true`, `false`	No	`false`
aggregate_shared_route_control	Boolean	`true`, `false`	No	`false`
bgp_route_summarization	Boolean	`true`, `false`	No	`false`
bgp_route_summarization_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
ospf_route_summarization	Boolean	`true`, `false`	No	`false`
eigrp_route_summarization	Boolean	`true`, `false`	No	`false`
route_control_profiles	List	`[route_control_profiles]`	No

contracts (apic.tenants.l3outs.external_endpoint_groups)

Name	Type	Constraint	Mandatory
consumers	List	String[Regex: `^[a-zA-Z0-9_.:-]{1,64}$`]	No
providers	List	String[Regex: `^[a-zA-Z0-9_.:-]{1,64}$`]	No
imported_consumers	List	String[Regex: `^[a-zA-Z0-9_.:-]{1,64}$`]	No

route_control_profiles (apic.tenants.l3outs.external_endpoint_groups)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
direction	Choice	`import`, `export`	No	`import`

contexts (apic.tenants.l3outs.import_route_map)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
action	Choice	`permit`, `deny`	No	`permit`
order	Integer	min: `0`, max: `9`	No	0
match_rules	List	String[Regex: `^[a-zA-Z0-9_.:-]{1,64}$`]	No
set_rule	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

contexts (apic.tenants.l3outs.export_route_map)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
action	Choice	`permit`, `deny`	No	`permit`
order	Integer	min: `0`, max: `9`	No	0
match_rules	List	String[Regex: `^[a-zA-Z0-9_.:-]{1,64}$`]	No
set_rule	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

contexts (apic.tenants.l3outs.route_maps)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
action	Choice	`permit`, `deny`	No	`permit`
order	Integer	min: `0`, max: `9`	No	0
match_rules	List	String[Regex: `^[a-zA-Z0-9_.:-]{1,64}$`]	No
set_rule	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

next_hops (apic.tenants.l3outs.nodes.static_routes)

Name	Type	Constraint	Mandatory	Default Value
ip	IP		Yes
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
preference	Integer	min: `0`, max: `255`	No	`1`
type	Choice	`prefix`, `none`	No	`prefix`
ip_sla_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
track_list	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

bgp_peers (apic.tenants.l3outs.nodes.interfaces)

Name	Type	Constraint	Mandatory	Default Value
ip	IP		Yes
remote_as	Integer	min: `0`, max: `4294967295`	Yes
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
allow_self_as	Boolean	`true`, `false`	No	`false`
as_override	Boolean	`true`, `false`	No	`false`
disable_peer_as_check	Boolean	`true`, `false`	No	`false`
next_hop_self	Boolean	`true`, `false`	No	`false`
send_community	Boolean	`true`, `false`	No	`false`
send_ext_community	Boolean	`true`, `false`	No	`false`
password	String		No
allowed_self_as_count	Integer	min: `1`, max: `10`	No	`3`
bfd	Boolean	`true`, `false`	No	`false`
disable_connected_check	Boolean	`true`, `false`	No	`false`
ttl	Integer	min: `1`, max: `255`	No	`1`
weight	Integer	min: `0`, max: `65535`	No	0
remove_all_private_as	Boolean	`true`, `false`	No	`false`
remove_private_as	Boolean	`true`, `false`	No	`false`
replace_private_as_with_local_as	Boolean	`true`, `false`	No	`false`
unicast_address_family	Boolean	`true`, `false`	No	`true`
multicast_address_family	Boolean	`true`, `false`	No	`true`
admin_state	Boolean	`true`, `false`	No	`true`
local_as	Integer	min: `0`, max: `4294967295`	No
as_propagate	Choice	`none`, `no-prepend`, `replace-as`, `dual-as`	No	`none`
peer_prefix_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
export_route_control	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
import_route_control	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

paths (apic.tenants.l3outs.nodes.interfaces)

Name	Type	Constraint	Mandatory
physical_domain	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
vmware_vmm_domain	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
elag	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
floating_ip	IP		Yes
vlan	Integer	min: `1`, max: `4096`	No

micro_bfd (apic.tenants.l3outs.nodes.interfaces)

Name	Type	Constraint	Mandatory	Default Value
destination_ip	IP		Yes
start_timer	Any	Integer[min: `60`, max: `3600`] or Integer[min: `0`, max: `0`]	No	0

static_routes (apic.tenants.l3outs.node_profiles.nodes)

Name	Type	Constraint	Mandatory	Default Value
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
prefix	IP		Yes
preference	Integer	min: `1`, max: `255`	No	`1`
bfd	Boolean	`true`, `false`	No	`false`
next_hops	List	`[next_hops]`	No
track_list	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

ospf (apic.tenants.l3outs.node_profiles.interface_profiles)

Name	Type	Constraint	Mandatory	Default Value
ospf_interface_profile_name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
auth_type	Choice	`none`, `simple`, `md5`	No	`none`
auth_key	String		No
auth_key_id	Integer	min: `1`, max: `255`	No	`1`
policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

eigrp (apic.tenants.l3outs.node_profiles.interface_profiles)

Name	Type	Constraint	Mandatory
interface_profile_name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
interface_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
keychain_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

interfaces (apic.tenants.l3outs.node_profiles.interface_profiles)

Name	Type	Constraint	Mandatory	Default Value
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
node_id	Integer	min: `1`, max: `4000`	No
node2_id	Integer	min: `1`, max: `4000`	No
pod_id	Integer	min: `1`, max: `255`	No
module	Integer	min: `1`, max: `9`	No	`1`
port	Integer	min: `1`, max: `127`	No
sub_port	Integer	min: `1`, max: `16`	No
channel	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
ip	IP		No	`0.0.0.0`
multipod_direct	Boolean	`true`, `false`	No	`false`
svi	Boolean	`true`, `false`	No	`false`
autostate	Boolean	`true`, `false`	No	`false`
floating_svi	Boolean	`true`, `false`	No	`false`
vlan	Integer	min: `1`, max: `4096`	No
mac	MAC		No	`00:22:BD:F8:19:FF`
mtu	Any	Choice[`inherit`] or Integer[min: `576`, max: `9216`]	No	`inherit`
ip_a	IP		No
ip_b	IP		No
ip_shared	IP		No
ip_shared_dhcp_relay	IP		No	`false`
link_local_address	IP		No
bgp_peers	List	`[bgp_peers]`	No
paths	List	`[paths]`	No
mode	Choice	`regular`, `native`, `untagged`	No	`regular`
scope	Choice	`local`, `vrf`	No	`local`

route_control_profiles (apic.tenants.l3outs.external_endpoint_groups.subnets)

Name	Type	Constraint	Mandatory	Default Value
name	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	Yes
direction	Choice	`import`, `export`	No	`import`

next_hops (apic.tenants.l3outs.node_profiles.nodes.static_routes)

Name	Type	Constraint	Mandatory	Default Value
ip	IP		Yes
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
preference	Integer	min: `0`, max: `255`	No	`1`
type	Choice	`prefix`, `none`	No	`prefix`
ip_sla_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
track_list	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

bgp_peers (apic.tenants.l3outs.node_profiles.interface_profiles.interfaces)

Name	Type	Constraint	Mandatory	Default Value
ip	IP		Yes
remote_as	Integer	min: `0`, max: `4294967295`	Yes
description	String	Regex: `^[a-zA-Z0-9\\!#$%()*,-./:;@ _{\|}~?&+]{1,128}$`	No
allow_self_as	Boolean	`true`, `false`	No	`false`
as_override	Boolean	`true`, `false`	No	`false`
disable_peer_as_check	Boolean	`true`, `false`	No	`false`
next_hop_self	Boolean	`true`, `false`	No	`false`
send_community	Boolean	`true`, `false`	No	`false`
send_ext_community	Boolean	`true`, `false`	No	`false`
password	String		No
allowed_self_as_count	Integer	min: `1`, max: `10`	No	`3`
bfd	Boolean	`true`, `false`	No	`false`
disable_connected_check	Boolean	`true`, `false`	No	`false`
ttl	Integer	min: `1`, max: `255`	No	`1`
weight	Integer	min: `0`, max: `65535`	No	0
remove_all_private_as	Boolean	`true`, `false`	No	`false`
remove_private_as	Boolean	`true`, `false`	No	`false`
replace_private_as_with_local_as	Boolean	`true`, `false`	No	`false`
unicast_address_family	Boolean	`true`, `false`	No	`true`
multicast_address_family	Boolean	`true`, `false`	No	`true`
admin_state	Boolean	`true`, `false`	No	`true`
local_as	Integer	min: `0`, max: `4294967295`	No
as_propagate	Choice	`none`, `no-prepend`, `replace-as`, `dual-as`	No	`none`
peer_prefix_policy	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
export_route_control	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
import_route_control	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No

paths (apic.tenants.l3outs.node_profiles.interface_profiles.interfaces)

Name	Type	Constraint	Mandatory
physical_domain	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
vmware_vmm_domain	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
elag	String	Regex: `^[a-zA-Z0-9_.:-]{1,64}$`	No
floating_ip	IP		Yes
vlan	Integer	min: `1`, max: `4096`	No

Examples

Simple example:

apic:
  tenants:
    - name: ABC
      l3outs:
        - name: L3OUT1
          vrf: VRF1
          domain: ROUTED1
          nodes:
            - node_id: 101
              router_id: 5.5.5.5
              static_routes:
                - prefix: 2.2.2.0/24
                  description: My Desc
                  next_hops:
                    - ip: 6.6.6.6
                  track_list: TRACK_POL
              interfaces:
                - node_id: 101
                  port: 10
                  vlan: 301
                  ip: 14.14.14.1/24
                  bgp_peers:
                    - ip: 14.14.14.14
                      remote_as: 65010
          external_endpoint_groups:
            - name: EXT-EPG1
              subnets:
                - prefix: 0.0.0.0/0
              contracts:
                consumers:
                  - CON1

SVI example:

apic:
  tenants:
    - name: ABC
      l3outs:
        - name: L3OUT1
          vrf: VRF1
          domain: ROUTED1
          node_profiles:
            - name: NODE_101
              nodes:
                - node_id: 101
                  router_id: 5.5.5.5
                  static_routes:
                    - prefix: 2.2.2.0/24
                      description: My Desc
                      next_hops:
                        - ip: 6.6.6.6
              interface_profiles:
                - name: NODE_101
                  interfaces:
                    - node_id: 101
                      port: 10
                      vlan: 301
                      svi: true
                      ip: 14.14.14.1/24

Routed Sub-interface example:

apic:
  tenants:
    - name: ABC
      l3outs:
        - name: L3OUT1
          vrf: VRF1
          domain: ROUTED1
          node_profiles:
            - name: NODE_101
              nodes:
                - node_id: 101
                  router_id: 5.5.5.5
                  static_routes:
                    - prefix: 2.2.2.0/24
                      description: My Desc
                      next_hops:
                        - ip: 6.6.6.6
              interface_profiles:
                - name: NODE_101
                  interfaces:
                    - node_id: 101
                      port: 10
                      vlan: 301
                      svi: false
                      ip: 14.14.14.1/24

Routed Interface example:

apic:
  tenants:
    - name: ABC
      l3outs:
        - name: L3OUT1
          vrf: VRF1
          domain: ROUTED1
          node_profiles:
            - name: NODE_101
              nodes:
                - node_id: 101
                  router_id: 5.5.5.5
                  static_routes:
                    - prefix: 2.2.2.0/24
                      description: My Desc
                      next_hops:
                        - ip: 6.6.6.6
              interface_profiles:
                - name: NODE_101
                  interfaces:
                    - node_id: 101
                      port: 10
                      ip: 14.14.14.1/24

Example with explicit profiles:

apic:
  tenants:
    - name: ABC
      l3outs:
        - name: L3OUT1
          vrf: VRF1
          domain: ROUTED1
          node_profiles:
            - name: NODE_101
              bgp:
                name: BGP_PROT1
                timer_policy: BGP_TIMER1
                as_path_policy: BGP_AS_PATH1
              nodes:
                - node_id: 101
                  router_id: 5.5.5.5
                  static_routes:
                    - prefix: 2.2.2.0/24
                      description: My Desc
                      next_hops:
                        - ip: 6.6.6.6
                          track_list: TRACK_POL
              interface_profiles:
                - name: NODE_101
                  description: NODE_101 Description
                  dhcp_labels:
                    - dhcp_relay_policy: DHCP-RELAY1
                      dhcp_option_policy: DHCP-OPTION1
                      scope: tenant
                  interfaces:
                    - node_id: 101
                      port: 10
                      vlan: 301
                      ip: 14.14.14.1/24
                      bgp_peers:
                        - ip: 14.14.14.14
                          remote_as: 65010
          external_endpoint_groups:
            - name: EXT-EPG1
              subnets:
                - prefix: 0.0.0.0/0

Full example:

apic:
  tenants:
    - name: ABC
      l3outs:
        - name: L3OUT1
          alias: L3OUT1-ALIAS
          description: My Desc
          target_dscp: AF13
          qos_class: level3
          import_route_control_enforcement: true
          export_route_control_enforcement: true
          custom_qos_policy: QOS_POLICY
          vrf: VRF1
          domain: ROUTED1
          bfd_policy: BFD1
          dhcp_labels:
            - dhcp_relay_policy: DHCP-RELAY1
              dhcp_option_policy: DHCP-OPTION1
              scope: tenant
          bgp:
            timer_policy: BGP_TIMER1
            as_path_policy: BGP_AS_PATH1
          ospf:
            area: 0
            area_type: regular
            area_cost: 1
            auth_type: simple
            auth_key: cisco
            auth_key_id: 1
            policy: OIP1
          interleak_route_map: ROUTE_MAP1
          default_route_leak_policy:
            always: false
            criteria: 'in-addition'
            context_scope: false
            outside_scope: false
          redistribution_route_maps:
            - source: direct
              route_map: ROUTE_MAP2
          dampening_ipv4_route_map: ROUTE_MAP3
          dampening_ipv6_route_map: ROUTE_MAP4
          nodes:
            - node_id: 101
              router_id: 5.5.5.5
              router_id_as_loopback: true
              static_routes:
                - prefix: 2.2.2.0/24
                  description: My Desc
                  preference: 1
                  next_hops:
                    - ip: 6.6.6.6
                      description: My Next Hop Desc
                      ip_sla_policy: IP_SLA1
              interfaces:
                - channel: VPC1
                  svi: true
                  scope: local
                  vlan: 301
                  ip_a: 14.14.14.1/24
                  ip_b: 14.14.14.2/24
                  ip_shared: 14.14.14.3/24
                  ip_shared_dhcp_relay: true
                  link_local_address: fe80::ffff:ffff:ffff:ffff
                  mode: native
                  bgp_peers:
                    - ip: 14.14.14.14
                      remote_as: 65010
                      description: My Desc
                      allow_self_as: true
                      as_override: true
                      bfd: true
                      disable_connected_check: true
                      remove_private_as: true
                      remove_all_private_as: true
                      multicast_address_family: true
                      ttl: 1
                      weight: 0
                      password: C1sco123
                      local_as: 1234
                      as_propagate: dual-as
                      peer_prefix_policy: BGP_PP1
                      export_route_control: ROUTE_MAP1
                      import_route_control: ROUTE_MAP2
                - channel: PC1
                  vlan: 311
                  ip: 24.24.24.1/24
                  bgp_peers:
                    - ip: 24.24.24.2
                      remote_as: 65010
                  micro_bfd:
                    destination_ip: 24.24.24.2
                    start_timer: 120
          import_route_map:
            name: example-import-name
            description: desc
            type: global
            contexts:
              - name: CONTEXT1
                description: desc1
                action: deny
                order: 2
                match_rules:
                - MATCH1
                set_rule: SET1
          route_maps:
            - name: example-name
              description: desc
              type: global
              contexts:
              - name: CONTEXT1
                  description: desc1
                  action: deny
                  order: 2
                  match_rules:
                  - MATCH1
                  set_rule: SET1
          export_route_map:
            name: example-export-name
            contexts:
              - name: CONTEXT1
                match_rules:
                - MATCH2
                set_rule: SET2
          external_endpoint_groups:
            - name: EXT-EPG1
              alias: ABC-EXT-EPG1
              description: My Desc
              preferred_group: false
              qos_class: level4
              target_dscp: CS5
              route_control_profiles:
                - name: IMPORT-RCP1
                  direction: import
              subnets:
                - name: ALL
                  prefix: 0.0.0.0/0
                  import_route_control: false
                  export_route_control: false
                  shared_route_control: false
                  import_security: true
                  shared_security: false
                  route_control_profiles:
                    - name: EXPORT-RCP1
                      direction: export
              contracts:
                consumers:
                  - CON1
                providers:
                  - CON1
                imported_consumers:
                  - IMPORT-CON1