Traffic Data - Traffic Engineering Definition
Traffic Engineering Definition define the matching conditions and Actions to configure Traffic Engineering
Diagram
Section titled “Diagram”
Classes
Section titled “Classes”data_policy (sdwan.centralized_policies.definitions)
Section titled “data_policy (sdwan.centralized_policies.definitions)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| traffic_data | List | [traffic_data] | No |
traffic_data (sdwan.centralized_policies.definitions.data_policy)
Section titled “traffic_data (sdwan.centralized_policies.definitions.data_policy)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| name | String | Regex: ^[A-Za-z0-9\-_]{1,127}$ | Yes | |
| description | String | Yes | ||
| default_action_type | Choice | accept, drop | Yes | |
| sequences | List | [sequences] | No |
sequences (sdwan.centralized_policies.definitions.data_policy.traffic_data)
Section titled “sequences (sdwan.centralized_policies.definitions.data_policy.traffic_data)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| base_action | Choice | accept, drop | Yes | |
| id | Integer | min: 1, max: 65534 | Yes | |
| name | String | Yes | ||
| ip_type | Choice | ipv4, ipv6, all | No | ipv4 |
| type | Choice | custom, service_chaining, qos, application_firewall, traffic_engineering | No | custom |
| match_criterias | Class | [match_criterias] | No | |
| actions | Class | [actions] | No |
match_criterias (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences)
Section titled “match_criterias (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| application_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No | |
| dns_application_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No | |
| dns | Choice | request, response | No | |
| dscp | Integer | min: 0, max: 63 | No | |
| packet_length | Integer | min: 0, max: 65535 | No | |
| plp | Choice | low, high | No | |
| protocols | List | Integer[min: 0, max: 255] | No | |
| source_data_prefix_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No | |
| source_data_prefix | String | No | ||
| source_ports | List | Integer[min: 0, max: 65535] | No | |
| source_port_ranges | List | [source_port_ranges] | No | |
| destination_data_prefix_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No | |
| destination_data_prefix | String | No | ||
| destination_ports | List | Integer[min: 0, max: 65535] | No | |
| destination_port_ranges | List | [destination_port_ranges] | No | |
| tcp | Choice | syn | No | |
| traffic_to | Choice | access, core, service | No | |
| destination_region | Choice | primary-region, secondary-region, other-region | No |
actions (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences)
Section titled “actions (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| counter_name | String | Regex: ^[A-Za-z0-9\-_]{1,20}$ | No | |
| log | Boolean | true, false | No | |
| cflowd | Boolean | true, false | No | |
| sig | Class | [sig] | No | |
| redirect_dns | Class | [redirect_dns] | No | |
| loss_correction | Class | [loss_correction] | No | |
| nat_pool | Integer | min: 1, max: 31 | No | |
| nat_vpn | Class | [nat_vpn] | No | |
| appqoe_optimization | Class | [appqoe_optimization] | No | |
| dscp | Integer | min: 0, max: 63 | No | |
| forwarding_class | String | min: 1, max: 32 | No | |
| local_tloc_list | Class | [local_tloc_list] | No | |
| next_hop | Class | [next_hop] | No | |
| preferred_color_group | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No | |
| policer_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No | |
| service | Class | [service] | No | |
| tloc | Class | [tloc] | No | |
| tloc_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No | |
| vpn | Integer | min: 0, max: 65530 | No |
source_port_ranges (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.match_criterias)
Section titled “source_port_ranges (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.match_criterias)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| from | Integer | min: 0, max: 65535 | Yes | |
| to | Integer | min: 0, max: 65535 | Yes |
destination_port_ranges (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.match_criterias)
Section titled “destination_port_ranges (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.match_criterias)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| from | Integer | min: 0, max: 65535 | Yes | |
| to | Integer | min: 0, max: 65535 | Yes |
sig (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)
Section titled “sig (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| enabled | Boolean | true, false | Yes | |
| fallback_to_routing | Boolean | true, false | No |
redirect_dns (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)
Section titled “redirect_dns (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| type | Choice | host, umbrella, ipAddress | Yes | |
| ip_address | IP | No |
loss_correction (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)
Section titled “loss_correction (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| type | Choice | fecAdaptive, fecAlways, packetDuplication | Yes | |
| loss_threshold_percentage | Integer | min: 1, max: 5 | No |
nat_vpn (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)
Section titled “nat_vpn (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| vpn_id | Integer | min: 0, max: 65530 | No | |
| nat_vpn_fallback | Boolean | true, false | No |
appqoe_optimization (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)
Section titled “appqoe_optimization (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| tcp | Boolean | true, false | No | |
| dre | Boolean | true, false | No | |
| service_node_group | String | No |
local_tloc_list (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)
Section titled “local_tloc_list (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| colors | List | Choice[default, mpls, metro-ethernet, biz-internet, public-internet, lte, 3g, red, green, blue, gold, silver, bronze, custom1, custom2, custom3, private1, private2, private3, private4, private5, private6] | Yes | |
| encaps | List | Choice[ipsec, gre] | No | |
| restrict | Boolean | true, false | No |
next_hop (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)
Section titled “next_hop (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| ip_address | IP | Yes | ||
| when_next_hop_is_not_available | Choice | route_table_entry | No |
service (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)
Section titled “service (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| type | Choice | appqoe, FW, IDP, IDS, netsvc1, netsvc2, netsvc3, netsvc4, netsvc5 | Yes | |
| vpn | Integer | min: 0, max: 65530 | No | |
| tloc | Class | [tloc] | No | |
| tloc_list | String | Regex: ^[A-Za-z0-9\-_]{1,32}$ | No | |
| local | Boolean | true, false | No | |
| restrict | Boolean | true, false | No |
tloc (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)
Section titled “tloc (sdwan.centralized_policies.definitions.data_policy.traffic_data.sequences.actions)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| ip | IP | Yes | ||
| color | Choice | default, mpls, metro-ethernet, biz-internet, public-internet, lte, 3g, red, green, blue, gold, silver, bronze, custom1, custom2, custom3, private1, private2, private3, private4, private5, private6 | Yes | |
| encap | Choice | ipsec, gre | Yes |
Examples
Section titled “Examples”sdwan: centralized_policies: definitions: data_policy: traffic_data: - name: test_traffic_engineering1 description: test_traffic_engineering1 default_action_type: accept sequences: - base_action: accept id: 3 name: rule3 ip_type: ipv4 type: traffic_engineering match_criterias: application_list: APP-LIST-TD-TEST2 dscp: 54 packet_length: 1150 plp: high protocols: - 89 - 90 - 91 source_data_prefix_list: PREFIX-LIST-TD-TEST2 source_data_prefix: 10.2.1.0/24 source_ports: - 676 - 53 source_port_ranges: - from: 1001 to: 2000 - from: 3001 to: 4000 destination_data_prefix_list: PREFIX-LIST-TD-TEST1 destination_data_prefix: 10.1.1.0/24 destination_ports: - 676 - 53 destination_port_ranges: - from: 1001 to: 2000 - from: 3001 to: 4000 tcp: 'syn' actions: log: true counter_name: LOGGER-TD-TEST2 tloc_list: TLOC-LIST-TD-TEST1 tloc: ip: 10.10.54.97 color: custom2 encap: ipsec vpn: 6 local_tloc_list: restrict: true colors: - custom1 - custom2 encaps: - ipsec next_hop: ip_address: 10.10.10.4 when_next_hop_is_not_available: route_table_entry