Policy
Diagram
Classes
configuration (iosxe.devices)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
policy | Class | [policy] | No |
policy (iosxe.devices.configuration)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
class_maps | List | [class_maps] | No | |
policy_maps | List | [policy_maps] | No |
class_maps (iosxe.devices.configuration.policy)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
name | String | Yes | ||
type | Choice | control , subscriber | No | |
subscriber | Boolean | true , false | No | |
prematch | Choice | match-all | No | |
match_authorization_status_authorized | Boolean | true , false | No | |
match_result_type_aaa_timeout | Boolean | true , false | No | |
match_authorization_status_unauthorized | Boolean | true , false | No | |
match_activated_service_templates | List | String | No | |
match_authorizing_method_priority_greater_than | Integer | No | ||
match_method_dot1x | Boolean | true , false | No | |
match_result_type_method_dot1x_authoritative | Boolean | true , false | No | |
match_result_type_method_dot1x_agent_not_found | Boolean | true , false | No | |
match_result_type_method_dot1x_method_timeout | Boolean | true , false | No | |
match_method_mab | Boolean | true , false | No | |
match_result_type_method_mab_authoritative | Boolean | true , false | No | |
match_dscp | Integer | No | ||
description | String | No |
policy_maps (iosxe.devices.configuration.policy)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
name | String | Yes | ||
type | Choice | access-control , appnav , control , epbr , inspect , packet-service , performance-monitor , queueing , service , service-chain , umbrella | No | |
subscriber | Boolean | true , false | No | |
description | String | No | ||
classes | List | [classes] | No | |
events | List | [events] | No |
classes (iosxe.devices.configuration.policy.policy_maps)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
name | String | Yes | ||
actions | List | [actions] | No |
events (iosxe.devices.configuration.policy.policy_maps)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
name | String | Yes | ||
event_type | Choice | aaa-available , absolute-timeout , agent-found , authentication-failure , authentication-success , authorization-failure , authorization-success , identity-update , inactivity-timeout , remote-authentication-failure , remote-authentication-success , remote-update , session-disconnected , session-started , tag-added , tag-removed , template-activated , template-activation-failed , template-deactivated , template-deactivation-failed , timer-expiry , violation | No | |
match_type | Choice | match-all , match-first | No | |
class_numbers | List | [class_numbers] | No | |
action_numbers | List | [action_numbers] | No |
actions (iosxe.devices.configuration.policy.policy_maps.classes)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
type | Choice | bandwidth , compression , dbl , drop , estimate , fair-queue , forward , netflow-sampler , police , priority , queue-buffers , queue-limit , random-detect , service-policy , set , shape , trust | No | |
bandwidth_bits | Integer | min: 1 , max: 100000000 | No | |
bandwidth_percent | Integer | min: 1 , max: 100 | No | |
bandwidth_remaining_option | Choice | percent , ratio | No | |
bandwidth_remaining_percent | Integer | min: 1 , max: 100 | No | |
bandwidth_remaining_ratio | Integer | min: 1 , max: 65536 | No | |
priority_level | Integer | min: 1 , max: 2 | No | |
priority_burst | Integer | min: 32 , max: 2000000 | No | |
queue_limit | Integer | min: 1 , max: 64000000 | No | |
queue_limit_type | Any | bytes , ms , packets , us | No | |
shape_average_bit_rate | Integer | min: 8000 , max: 100000000000 | No | |
shape_average_bits_per_interval_sustained | Integer | min: 256 , max: 154400000 | No | |
shape_average_bits_per_interval_excess | Integer | min: 0 , max: 154400000 | No | |
shape_average_percent | Integer | min: 0 , max: 100 | No | |
shape_average_burst_size_sustained | Integer | min: 10 , max: 2000 | No | |
shape_average_ms | Boolean | true , false | No |
class_numbers (iosxe.devices.configuration.policy.policy_maps.events)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
number | Integer | min: 1 , max: 254 | Yes | |
class | String | Yes | ||
execution_type | Choice | do-all , do-until-failure , do-until-success | No |
action_numbers (iosxe.devices.configuration.policy.policy_maps.events)
Name | Type | Constraint | Mandatory | Default Value |
---|---|---|---|---|
number | Integer | min: 1 , max: 254 | Yes | |
pause_reauthentication | Boolean | true , false | No | |
authorize | Boolean | true , false | No | |
terminate_config | Any | Choice[dot1x , mab , webauth ] or String[Regex: ^.*[\$\%]\{.*$ ] or String[Regex: ^.*[\$\%]\{.*$ ] | No | |
activate_service_template_config_service_template | String | No | ||
activate_service_template_config_aaa_list | String | No | ||
activate_service_template_config_precedence | Integer | min: 1 , max: 254 | No | |
activate_service_template_config_replace_all | Boolean | true , false | No | |
activate_interface_template | String | No | ||
activate_policy_type_control_subscriber | String | No | ||
deactivate_interface_template | String | No | ||
deactivate_service_template | String | No | ||
deactivate_policy_type_control_subscriber | String | No | ||
authenticate_using_method | Choice | dot1x , mab , webauth | No | |
authenticate_using_retries | Integer | min: 1 , max: 5 | No | |
authenticate_using_retry_time | Integer | min: 0 , max: 65535 | No | |
authenticate_using_priority | Integer | min: 1 , max: 254 | No | |
authenticate_using_aaa_authc_list | String | No | ||
authenticate_using_aaa_authz_list | String | No | ||
authenticate_using_both | Boolean | true , false | No | |
authenticate_using_parameter_map | String | No | ||
replace | Boolean | true , false | No | |
restrict | Boolean | true , false | No | |
clear_session | Boolean | true , false | No | |
clear_authenticated_data_hosts_on_port | Boolean | true , false | No | |
protect | Boolean | true , false | No | |
err_disable | Boolean | true , false | No | |
resume_reauthentication | Boolean | true , false | No | |
authentication_restart | Integer | min: 1 , max: 65535 | No | |
set_domain | Choice | data , switch , voice | No | |
unauthorize | Boolean | true , false | No | |
notify | Boolean | true , false | No | |
set_timer_name | String | No | ||
set_timer_value | Integer | min: 0 , max: 65535 | No | |
map_attribute_to_service_table | String | No |
Examples
iosxe: devices: - name: Device1 configuration: policy: