Skip to content
Network as Code

System

Diagram

Diagram

Classes

configuration (iosxe.devices)

NameTypeConstraintMandatoryDefault Value
systemClass[system]No

system (iosxe.devices.configuration)

NameTypeConstraintMandatoryDefault Value
hostnameStringRegex: ^[^\s]*$No
ip_bgp_community_new_formatBooleantrue, falseNo
ip_routingBooleantrue, falseNo
ipv6_unicast_routingBooleantrue, falseNo
mtuIntegermin: 1500, max: 9198No
ip_source_routeBooleantrue, falseNo
ip_domain_lookupBooleantrue, falseNo
ip_domain_nameStringRegex: ^[^\s]*$No
login_delayIntegermin: 1, max: 10No
login_on_failureBooleantrue, falseNo
login_on_failure_logBooleantrue, falseNo
login_on_successBooleantrue, falseNo
login_on_success_logBooleantrue, falseNo
ip_multicast_routingBooleantrue, falseNo
multicast_routing_switchBooleantrue, falseNo
ip_multicast_routing_distributedBooleantrue, falseNo
multicast_routing_vrfsList[multicast_routing_vrfs]No
httpClass[http]No

multicast_routing_vrfs (iosxe.devices.configuration.system)

NameTypeConstraintMandatoryDefault Value
vrfStringRegex: ^[^\s]*$Yes
distributedBooleantrue, falseNo

http (iosxe.devices.configuration.system)

NameTypeConstraintMandatoryDefault Value
access_classIntegermin: 1, max: 99No
active_session_modulesStringRegex: ^[^\s]*$No
secure_active_session_modulesStringRegex: ^[^\s]*$No
max_connectionsIntegermin: 1, max: 50No
authentication_aaaBooleantrue, falseNo
authentication_aaa_exec_authorizationStringRegex: ^[^\s]*$No
authentication_aaa_login_authenticationStringRegex: ^[^\s]*$No
authentication_aaa_command_authorizationsList[authentication_aaa_command_authorizations]No
authentication_localBooleantrue, falseNo
serverBooleantrue, falseNo
secure_serverBooleantrue, falseNo
secure_trustpointStringRegex: ^[^\s]*$No
tls_versionChoiceTLSv1.0, TLSv1.1, TLSv1.2No
client_secure_trustpointStringRegex: ^[^\s]*$No
client_source_interfaceStringRegex: ^[^\s]*$No

authentication_aaa_command_authorizations (iosxe.devices.configuration.system.http)

NameTypeConstraintMandatoryDefault Value
levelIntegermin: 0, max: 15Yes
nameStringRegex: ^[^\s]*$No

Examples

Example-1 : In the below example, it uses local as the HTTP authentication method.

iosxe:
  devices:
    - name: Router1
      configuration:
        system:
          hostname: router1-xe
          ip_bgp_community_new_format: true
          ip_routing: true
          ipv6_unicast_routing: true
          ip_source_route: true
          ip_domain_lookup: true
          ip_domain_name: router1_domain
          login_delay: 2
          login_on_failure: true
          login_on_failure_log: true
          login_on_success: true
          login_on_success_log: true
          ip_multicast_routing: true
          ip_multicast_routing_distributed: true
          http:
            access_class: 10
            active_session_modules: restconf
            secure_active_session_modules: restconf
            max_connections: 25
            authentication_local: true
            server: true
            secure_server: true
            secure_trustpoint: router1_trustpoint
            tls_version: TLSv1.2
            client_secure_trustpoint: router1_trustpoint
            client_source_interface: Loopback0

Example-2 : In the below example, the router instead uses AAA for HTTP authentication.

iosxe:
  devices:
    - name: Router2
      configuration:
        system:
          hostname: router2-xe
          ip_bgp_community_new_format: true
          ip_routing: true
          ipv6_unicast_routing: true
          ip_source_route: true
          ip_domain_lookup: true
          ip_domain_name: router2_domain
          login_delay: 2
          login_on_failure: true
          login_on_failure_log: true
          login_on_success: true
          login_on_success_log: true
          ip_multicast_routing: true
          ip_multicast_routing_distributed: true
          http:
            access_class: 20
            active_session_modules: restconf
            secure_active_session_modules: restconf
            max_connections: 50
            authentication_aaa: true
            authentication_aaa_exec_authorization: test_author_group
            authentication_aaa_login_authentication: test_authen_group
            authentication_aaa_command_authorizations:
              - level: 15
                name:  test1
            server: true
            secure_server: true
            secure_trustpoint: router2_trustpoint
            tls_version: TLSv1.2
            client_secure_trustpoint: router2_trustpoint
            client_source_interface: Loopback1

Example-3 : In the below example, the device is a switch instead of a router. This is significant for the multicast_routing_switch and MTU configurations.

iosxe:
  devices:
    - name: Switch1
      configuration:
        system:
          hostname: switch1-xe
          ip_bgp_community_new_format: true
          ip_routing: true
          mtu: 1600
          ipv6_unicast_routing: true
          ip_source_route: true
          ip_domain_lookup: true
          ip_domain_name: switch1_domain
          login_delay: 2
          login_on_failure: true
          login_on_failure_log: true
          login_on_success: true
          login_on_success_log: true
          multicast_routing_switch: true
          http:
            access_class: 30
            active_session_modules: restconf
            secure_active_session_modules: restconf
            max_connections: 100
            authentication_local: true
            server: true
            secure_server: true
            secure_trustpoint: switch1_trustpoint
            tls_version: TLSv1.2
            client_secure_trustpoint: switch1_trustpoint
            client_source_interface: Loopback2