Interface templates are reusable configuration containers that define a standardized set of interface-level settings including switchport configuration, security policies, authentication parameters, QoS policies, and network access control attributes that can be consistently applied across multiple physical interfaces. They streamline network deployment and maintenance by enabling centralized definition of interface behaviors such as 802.1X authentication, MAB (MAC Authentication Bypass), port security, spanning tree settings, storm control, and device tracking policies. Interface templates are essential for maintaining configuration consistency, reducing deployment errors, and simplifying network operations in large-scale environments where standardized interface policies need to be applied across hundreds or thousands of switch ports.
Diagram Classes configuration (iosxe.devices) Name Type Constraint Mandatory Default Value templates List [templates]
No
templates (iosxe.devices.configuration) Name Type Constraint Mandatory Default Value name String Yes service_policy_type_control_subscriber String No service_policy_input String No service_policy_output String No source_template String No switchport Class [switchport]
No spanning_tree Class [spanning_tree]
No storm_control Class [storm_control]
No load_interval Integer min: 30
, max: 600
No ipv4 Class [ipv4]
No subscriber_aging_inactivity_timer_value Integer min: 1
, max: 65535
No subscriber_aging_inactivity_timer_probe Boolean true
, false
No subscriber_aging_probe Boolean true
, false
No device_tracking Boolean true
, false
No device_tracking_attached_policies List [device_tracking_attached_policies]
No device_tracking_vlan_range String No network_access_control Class [network_access_control]
No
switchport (iosxe.devices.configuration.templates) Name Type Constraint Mandatory Default Value mode Choice access
, trunk
No nonegotiate Boolean true
, false
No block_unicast Boolean true
, false
No port_security Boolean true
, false
No port_security_aging_static Boolean true
, false
No port_security_aging_time Integer min: 1
, max: 1440
No port_security_aging_type Boolean true
, false
No port_security_aging_type_inactivity Boolean true
, false
No port_security_maximum_ranges List [port_security_maximum_ranges]
No port_security_violation_protect Boolean true
, false
No port_security_violation_restrict Boolean true
, false
No port_security_violation_shutdown Boolean true
, false
No access_vlan Integer min: 1
, max: 4094
No voice_vlan Integer min: 1
, max: 4094
No private_vlan_host_association_primary_range Any Integer[min: 2
, max: 1001
] or Integer[min: 1006
, max: 4094
] or String[Regex: ^.*[\$\%]\{.*$
] No private_vlan_host_association_secondary_range Any Integer[min: 2
, max: 1001
] or Integer[min: 1006
, max: 4094
] or String[Regex: ^.*[\$\%]\{.*$
] No trunk_allowed_vlans Integer min: 1
, max: 4094
No trunk_allowed_vlans_none Boolean true
, false
No trunk_allowed_vlans_all Boolean true
, false
No trunk_native_vlan_tag Boolean true
, false
No trunk_native_vlan_id Integer min: 1
, max: 4094
No
spanning_tree (iosxe.devices.configuration.templates) Name Type Constraint Mandatory Default Value bpduguard Boolean true
, false
No service_policy Boolean true
, false
No portfast Boolean true
, false
No portfast_disable Boolean true
, false
No portfast_edge Boolean true
, false
No portfast_network Boolean true
, false
No
storm_control (iosxe.devices.configuration.templates) Name Type Constraint Mandatory Default Value broadcast_level_pps_threshold String No broadcast_level_bps_threshold Number min: 0
, max: 100000000000.0
No broadcast_level_threshold Number min: 0
, max: 10000
No multicast_level_pps_threshold String No multicast_level_bps_threshold Number min: 0
, max: 100000000000.0
No multicast_level_threshold Number min: 0
, max: 10000
No action_shutdown Boolean true
, false
No action_trap Boolean true
, false
No
ipv4 (iosxe.devices.configuration.templates) Name Type Constraint Mandatory Default Value dhcp_snooping_limit_rate Integer min: 1
, max: 2048
No dhcp_snooping_trust Boolean true
, false
No access_group_in String No access_group_out String No
device_tracking_attached_policies (iosxe.devices.configuration.templates) Name Type Constraint Mandatory Default Value name String No vlan_range String Yes
network_access_control (iosxe.devices.configuration.templates) Name Type Constraint Mandatory Default Value dot1x_pae Choice authenticator
, both
, supplicant
No dot1x_max_reauth_req Integer min: 1
, max: 10
No dot1x_max_req Integer min: 1
, max: 10
No dot1x_timeout_tx_period Integer min: 1
, max: 65535
No mab Boolean true
, false
No mab_eap Boolean true
, false
No access_session_closed Boolean true
, false
No access_session_monitor Boolean true
, false
No access_session_port_control Choice auto
, force-authorized
, force-unauthorized
No access_session_control_direction Choice both
, in
No access_session_host_mode Choice multi-auth
, multi-domain
, multi-host
, single-host
No access_session_interface_template_sticky Boolean true
, false
No access_session_interface_template_sticky_timer Integer min: 1
, max: 65535
No authentication_periodic Boolean true
, false
No authentication_timer_reauthenticate_server Boolean true
, false
No authentication_timer_reauthenticate_range Integer min: 1
, max: 65535
No cts_manual Boolean true
, false
No cts_manual_policy_static_sgt Integer min: 2
, max: 65519
No cts_manual_policy_static_trusted Boolean true
, false
No cts_manual_propagate_sgt Boolean true
, false
No cts_role_based_enforcement Boolean true
, false
No
port_security_maximum_ranges (iosxe.devices.configuration.templates.switchport) Name Type Constraint Mandatory Default Value range Integer min: 1
, max: 3072
Yes vlan Boolean true
, false
No vlan_access Boolean true
, false
No
Examples service_policy_input : input
service_policy_output : output
subscriber_aging_inactivity_timer_value : 600
trunk_native_vlan_id : 100
trunk_allowed_vlans : " 10-20,30 "
port_security_aging_static : true
port_security_aging_time : 600
port_security_aging_type_inactivity : true
port_security_maximum_ranges :
port_security_violation_protect : true
dot1x_timeout_tx_period : 600
access_session_closed : true
access_session_monitor : false
access_session_port_control : force-authorized
access_session_control_direction : in
access_session_host_mode : multi-domain
access_session_interface_template_sticky : true
access_session_interface_template_sticky_timer : 600
authentication_periodic : true
authentication_timer_reauthenticate_range : 600
cts_manual_policy_static_sgt : 100
cts_manual_policy_static_trusted : true
cts_manual_propagate_sgt : true
cts_role_based_enforcement : true
broadcast_level_threshold : 80
multicast_level_threshold : 70
dhcp_snooping_limit_rate : 1024
dhcp_snooping_trust : true
access_group_out : ACL_OUT