Skip to content

System

Diagram

Diagram

Classes

configuration (iosxe.devices)

NameTypeConstraintMandatoryDefault Value
systemClass[system]No

system (iosxe.devices.configuration)

NameTypeConstraintMandatoryDefault Value
hostnameStringRegex: ^[^\s]*$No
ip_bgp_community_new_formatBooleantrue, falseNo
ip_routingBooleantrue, falseNo
ipv6_unicast_routingBooleantrue, falseNo
mtuIntegermin: 1500, max: 9198No
ip_source_routeBooleantrue, falseNo
ip_domain_lookupBooleantrue, falseNo
ip_domain_nameStringRegex: ^[^\s]*$No
login_delayIntegermin: 1, max: 10No
login_on_failureBooleantrue, falseNo
login_on_failure_logBooleantrue, falseNo
login_on_successBooleantrue, falseNo
login_on_success_logBooleantrue, falseNo
ip_multicast_routingBooleantrue, falseNo
multicast_routing_switchBooleantrue, falseNo
ip_multicast_routing_distributedBooleantrue, falseNo
multicast_routing_vrfsList[multicast_routing_vrfs]No
httpClass[http]No

multicast_routing_vrfs (iosxe.devices.configuration.system)

NameTypeConstraintMandatoryDefault Value
vrfStringRegex: ^[^\s]*$Yes
distributedBooleantrue, falseNo

http (iosxe.devices.configuration.system)

NameTypeConstraintMandatoryDefault Value
access_classIntegermin: 1, max: 99No
active_session_modulesStringRegex: ^[^\s]*$No
secure_active_session_modulesStringRegex: ^[^\s]*$No
max_connectionsIntegermin: 1, max: 50No
authentication_aaaBooleantrue, falseNo
authentication_aaa_exec_authorizationStringRegex: ^[^\s]*$No
authentication_aaa_login_authenticationStringRegex: ^[^\s]*$No
authentication_aaa_command_authorizationsList[authentication_aaa_command_authorizations]No
authentication_localBooleantrue, falseNo
serverBooleantrue, falseNo
secure_serverBooleantrue, falseNo
secure_trustpointStringRegex: ^[^\s]*$No
tls_versionChoiceTLSv1.0, TLSv1.1, TLSv1.2No
client_secure_trustpointStringRegex: ^[^\s]*$No
client_source_interfaceStringRegex: ^[^\s]*$No

authentication_aaa_command_authorizations (iosxe.devices.configuration.system.http)

NameTypeConstraintMandatoryDefault Value
levelIntegermin: 0, max: 15Yes
nameStringRegex: ^[^\s]*$No

Examples

Example-1 : In the below example, it uses local as the HTTP authentication method.

iosxe:
devices:
- name: Router1
configuration:
system:
hostname: router1-xe
ip_bgp_community_new_format: true
ip_routing: true
ipv6_unicast_routing: true
ip_source_route: true
ip_domain_lookup: true
ip_domain_name: router1_domain
login_delay: 2
login_on_failure: true
login_on_failure_log: true
login_on_success: true
login_on_success_log: true
ip_multicast_routing: true
ip_multicast_routing_distributed: true
http:
access_class: 10
active_session_modules: restconf
secure_active_session_modules: restconf
max_connections: 25
authentication_local: true
server: true
secure_server: true
secure_trustpoint: router1_trustpoint
tls_version: TLSv1.2
client_secure_trustpoint: router1_trustpoint
client_source_interface: Loopback0

Example-2 : In the below example, the router instead uses AAA for HTTP authentication.

iosxe:
devices:
- name: Router2
configuration:
system:
hostname: router2-xe
ip_bgp_community_new_format: true
ip_routing: true
ipv6_unicast_routing: true
ip_source_route: true
ip_domain_lookup: true
ip_domain_name: router2_domain
login_delay: 2
login_on_failure: true
login_on_failure_log: true
login_on_success: true
login_on_success_log: true
ip_multicast_routing: true
ip_multicast_routing_distributed: true
http:
access_class: 20
active_session_modules: restconf
secure_active_session_modules: restconf
max_connections: 50
authentication_aaa: true
authentication_aaa_exec_authorization: test_author_group
authentication_aaa_login_authentication: test_authen_group
authentication_aaa_command_authorizations:
- level: 15
name: test1
server: true
secure_server: true
secure_trustpoint: router2_trustpoint
tls_version: TLSv1.2
client_secure_trustpoint: router2_trustpoint
client_source_interface: Loopback1

Example-3 : In the below example, the device is a switch instead of a router. This is significant for the multicast_routing_switch and MTU configurations.

iosxe:
devices:
- name: Switch1
configuration:
system:
hostname: switch1-xe
ip_bgp_community_new_format: true
ip_routing: true
mtu: 1600
ipv6_unicast_routing: true
ip_source_route: true
ip_domain_lookup: true
ip_domain_name: switch1_domain
login_delay: 2
login_on_failure: true
login_on_failure_log: true
login_on_success: true
login_on_success_log: true
multicast_routing_switch: true
http:
access_class: 30
active_session_modules: restconf
secure_active_session_modules: restconf
max_connections: 100
authentication_local: true
server: true
secure_server: true
secure_trustpoint: switch1_trustpoint
tls_version: TLSv1.2
client_secure_trustpoint: switch1_trustpoint
client_source_interface: Loopback2