Custom Control Definition
Custom Control Policy Definition define the matching conditions and Actions for Route and TLOC type filters
Diagram
Section titled “Diagram”
Classes
Section titled “Classes”control_policy (sdwan.centralized_policies.definitions)
Section titled “control_policy (sdwan.centralized_policies.definitions)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| custom_control_topology | List | [custom_control_topology] | No |
custom_control_topology (sdwan.centralized_policies.definitions.control_policy)
Section titled “custom_control_topology (sdwan.centralized_policies.definitions.control_policy)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[A-Za-z0-9\-_]{1,127}$ | Yes | |
| description | String | Yes | ||
| default_action_type | Choice | accept, reject | Yes | |
| sequences | List | [sequences] | Yes |
sequences (sdwan.centralized_policies.definitions.control_policy.custom_control_topology)
Section titled “sequences (sdwan.centralized_policies.definitions.control_policy.custom_control_topology)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| base_action | Choice | accept, reject | Yes | |
| id | Integer | min: 1, max: 65534 | Yes | |
| name | String | Yes | ||
| ip_type | Choice | ipv4, ipv6, all | No | ipv4 |
| type | Choice | tloc, route | Yes | |
| match_criterias | Class | [match_criterias] | No | |
| actions | Class | [actions] | No |
match_criterias (sdwan.centralized_policies.definitions.control_policy.custom_control_topology.sequences)
Section titled “match_criterias (sdwan.centralized_policies.definitions.control_policy.custom_control_topology.sequences)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| carrier | Choice | default, carrier1, carrier2, carrier3, carrier4, carrier5, carrier6, carrier7, carrier8 | No | |
| color_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No | |
| domain_id | Integer | min: 1, max: 4294967295 | No | |
| group_id | Integer | min: 0, max: 4294967295 | No | |
| omp_tag | Integer | min: 0, max: 4294967295 | No | |
| originator | IP | No | ||
| preference | Integer | min: 0, max: 4294967295 | No | |
| site_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No | |
| site_id | Integer | min: 0, max: 4294967295 | No | |
| region_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No | |
| region_id | Integer | min: 0, max: 63 | No | |
| tloc_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No | |
| tloc | Class | [tloc] | No | |
| community_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No | |
| expanded_community_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No | |
| origin | Choice | aggregrate, bgp, bgp-external, bgp-internal, connected, eigrp, ospf, ospf-inter-area, ospf-intra-area, ospf-external1, ospf-external2, rip, static, eigrp-summary, eigrp-internal, eigrp-external, lisp, nat-dia, natpool, isis, isis-level1, isis-level2 | No | |
| path_type | Choice | hierarchical-path, direct-path, transport-gateway-path | No | |
| vpn_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No | |
| vpn | Integer | min: 0, max: 65536 | No | |
| ipv4_prefix_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No |
actions (sdwan.centralized_policies.definitions.control_policy.custom_control_topology.sequences)
Section titled “actions (sdwan.centralized_policies.definitions.control_policy.custom_control_topology.sequences)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| omp_tag | Integer | min: 0, max: 4294967295 | No | |
| preference | Integer | min: 0, max: 4294967295 | No | |
| affinity | Integer | min: 0, max: 63 | No | |
| community | Any | String[Regex: ^[0-9]{1,5}(:)[0-9]{1,5}$] or Choice[internet, local-AS, no-export, no-advertise] | No | |
| community_additive | Boolean | true, false | No | |
| tloc | Class | [tloc] | No | |
| tloc_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No | |
| tloc_action | Choice | strict, primary, backup, ecmp | No | |
| service | Class | [service] | No | |
| export_to_vpn_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No |
tloc (sdwan.centralized_policies.definitions.control_policy.custom_control_topology.sequences.match_criterias)
Section titled “tloc (sdwan.centralized_policies.definitions.control_policy.custom_control_topology.sequences.match_criterias)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| ip | IP | Yes | ||
| color | Choice | default, mpls, metro-ethernet, biz-internet, public-internet, lte, 3g, red, green, blue, gold, silver, bronze, custom1, custom2, custom3, private1, private2, private3, private4, private5, private6 | Yes | |
| encap | Choice | ipsec, gre | Yes |
tloc (sdwan.centralized_policies.definitions.control_policy.custom_control_topology.sequences.actions)
Section titled “tloc (sdwan.centralized_policies.definitions.control_policy.custom_control_topology.sequences.actions)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| ip | IP | Yes | ||
| color | Choice | default, mpls, metro-ethernet, biz-internet, public-internet, lte, 3g, red, green, blue, gold, silver, bronze, custom1, custom2, custom3, private1, private2, private3, private4, private5, private6 | Yes | |
| encap | Choice | ipsec, gre | Yes |
service (sdwan.centralized_policies.definitions.control_policy.custom_control_topology.sequences.actions)
Section titled “service (sdwan.centralized_policies.definitions.control_policy.custom_control_topology.sequences.actions)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| type | Choice | IDP, IDS, FW, netsvc1, netsvc2, netsvc3, netsvc4, netsvc5, appqoe | Yes | |
| vpn | Integer | min: 0, max: 65530 | Yes | |
| tloc | Class | [tloc] | No | |
| tloc_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No |
Examples
Section titled “Examples”sdwan: centralized_policies: definitions: control_policy: custom_control_topology: - name: CCT_DEFINITION_TEST1 description: CCT_DEFINITION_TEST1 default_action_type: accept sequences: - id: 1 base_action: accept name: rule1 ip_type: ipv4 type: route match_criterias: color_list: COLOR-INTERNET-CCT-TEST community_list: COMMUNITY-REGION-CCT-TEST omp_tag: 65 expanded_community_list: EXP-COMMUNITY-CCT-TEST preference: 45 originator: 10.10.20.30 site_list: TEXAS-CCT-TEST path_type: direct-path vpn_list: VPN-LIST-CCT-TEST1 ipv4_prefix_list: PREFIX-LIST-CCT-TEST tloc: ip: 10.10.33.67 color: custom1 encap: ipsec actions: community: 100:1000 community_additive: true preference: 48 omp_tag: 88 tloc: ip: 1.2.5.9 color: custom2 encap: ipsec export_to_vpn_list: VPN-LIST-CCT-TEST2 - base_action: reject id: 2 name: rule2 ip_type: ipv4 type: tloc match_criterias: carrier: carrier1 color_list: COLOR-INTERNET-CCT-TEST2 domain_id: 567 group_id: 678 omp_tag: 77 originator: 12.13.14.15 preference: 88 site_list: TEXAS-CCT-TEST tloc: ip: 10.10.33.67 color: custom1 encap: ipsec actions: omp_tag: 89 preference: 49