openconfig-aaa-types

openconfig-version: 0.4.1

Description

This module defines shared types for data related to AAA (authentication, authorization, accounting).

Imports

openconfig-extensions

Defined types

crypt-password-type

description:
A password that is hashed based on the hash algorithm indicated by the prefix in the string. The string takes the following form, based on the Unix crypt function: $[$=(,=)*][$[$]] Common hash functions include: id | hash function ---+--------------- 1 | MD5 2a| Blowfish 2y| Blowfish (correct handling of 8-bit chars) 5 | SHA-256 6 | SHA-512 These may not all be supported by a target device.

type: string

Identities

base: AAA_SERVER_TYPE

description:
Base identity for types of AAA servers

base: SYSTEM_DEFINED_ROLES

description:
Base identity for system_defined roles that can be assigned to users.

SYSTEM_ROLE_ADMIN

description:
Built-in role that allows the equivalent of superuser permission for all configuration and operational commands on the device.

base identity: SYSTEM_DEFINED_ROLES

base: AAA_ACCOUNTING_EVENT_TYPE

description:
Base identity for specifying events types that should be sent to AAA server for accounting

AAA_ACCOUNTING_EVENT_COMMAND

description:
Specifies interactive command events for AAA accounting

base identity: AAA_ACCOUNTING_EVENT_TYPE

AAA_ACCOUNTING_EVENT_LOGIN

description:
Specifies login events for AAA accounting

base identity: AAA_ACCOUNTING_EVENT_TYPE

base: AAA_AUTHORIZATION_EVENT_TYPE

description:
Base identity for specifying activities that should be sent to AAA server for authorization

AAA_AUTHORIZATION_EVENT_COMMAND

description:
Specifies interactive command events for AAA authorization

base identity: AAA_AUTHORIZATION_EVENT_TYPE

AAA_AUTHORIZATION_EVENT_CONFIG

description:
Specifies configuration (e.g., EXEC) events for AAA authorization

base identity: AAA_AUTHORIZATION_EVENT_TYPE

base: AAA_METHOD_TYPE

description:
Base identity to define well-known methods for AAA operations

TACACS_ALL

description:
The group of all TACACS+ servers.

base identity: AAA_METHOD_TYPE

RADIUS_ALL

description:
The group of all RADIUS servers.

base identity: AAA_METHOD_TYPE

LOCAL

description:
Locally configured method for AAA operations.

base identity: AAA_METHOD_TYPE

Data elements

openconfig-alarm-types

openconfig-version: 0.2.1

Description

This module defines operational state data related to alarms that the device is reporting.

This model reuses some data items defined in the draft IETF YANG Alarm Module: https://tools.ietf.org/html/draft-vallin-netmod-alarm-module-02

Portions of this code were derived from the draft IETF YANG Alarm Module. Please reproduce this note if possible.

IETF code is subject to the following copyright and license: Copyright (c) IETF Trust and the persons identified as authors of the code. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info).

Imports

openconfig-extensions

Identities

base: OPENCONFIG_ALARM_TYPE_ID

description:
Base identity for alarm type ID profiles

AIS

description:
Defines an alarm indication signal type of alarm

base identity: OPENCONFIG_ALARM_TYPE_ID

EQPT

description:
Defines an equipment related type of alarm that is specific to the physical hardware

base identity: OPENCONFIG_ALARM_TYPE_ID

LOS

description:
Defines a loss of signal type of alarm

base identity: OPENCONFIG_ALARM_TYPE_ID

OTS

description:
Defines a optical transport signal type of alarm

base identity: OPENCONFIG_ALARM_TYPE_ID

base: OPENCONFIG_ALARM_SEVERITY

description:
Base identity for alarm severity profiles. Derived identities are based on contents of the draft IETF YANG Alarm Module

UNKNOWN

description:
Indicates that the severity level could not be determined. This level SHOULD be avoided.

base identity: OPENCONFIG_ALARM_SEVERITY

MINOR

description:
Indicates the existence of a non-service affecting fault condition and that corrective action should be taken in order to prevent a more serious (for example, service affecting) fault. Such a severity can be reported, for example, when the detected alarm condition is not currently degrading the capacity of the resource

base identity: OPENCONFIG_ALARM_SEVERITY

WARNING

description:
Indicates the detection of a potential or impending service affecting fault, before any significant effects have been felt. Action should be taken to further diagnose (if necessary) and correct the problem in order to prevent it from becoming a more serious service affecting fault.

base identity: OPENCONFIG_ALARM_SEVERITY

MAJOR

description:
Indicates that a service affecting condition has developed and an urgent corrective action is required. Such a severity can be reported, for example, when there is a severe degradation in the capability of the resource and its full capability must be restored.

base identity: OPENCONFIG_ALARM_SEVERITY

CRITICAL

description:
Indicates that a service affecting condition has occurred and an immediate corrective action is required. Such a severity can be reported, for example, when a resource becomes totally out of service and its capability must be restored.

base identity: OPENCONFIG_ALARM_SEVERITY

Data elements

openconfig-system

openconfig-version: 0.17.0

Description

Model for managing system-wide services and functions on network devices.

Portions of this code were derived from IETF RFC 7317. Please reproduce this note if possible.

IETF code is subject to the following copyright and license: Copyright (c) IETF Trust and the persons identified as authors of the code. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info).

Imports

openconfig-inet-types
openconfig-yang-types
openconfig-types
openconfig-extensions
openconfig-aaa
openconfig-system-logging
openconfig-system-terminal
openconfig-procmon
openconfig-platform
openconfig-alarms
openconfig-messages
openconfig-license
openconfig-network-instance

Defined types

timezone-name-type

description:
A time zone name as used by the Time Zone Database, sometimes referred to as the 'Olson Database'. The exact set of valid values is an implementation-specific matter. Client discovery of the exact set of time zone names for a particular server is out of scope.

type: string

Identities

base: NTP_AUTH_TYPE

description:
Base identity for encryption schemes supported for NTP authentication keys

NTP_AUTH_MD5

description:
MD5 encryption method

base identity: NTP_AUTH_TYPE

Data elements

/
system

description:
Enclosing container for system-related configuration and operational state data

nodetype: container (rw)

/system/
config

description:
Global configuration data for the system

nodetype: container (rw)

/system/config/
hostname

description:
The hostname of the device -- should be a single domain label, without the domain.

nodetype: leaf (rw)

type: oc-inet:domain-name

/system/config/
domain-name

description:
Specifies the domain name used to form fully qualified name for unqualified hostnames.

nodetype: leaf (rw)

type: oc-inet:domain-name

/system/config/
login-banner

description:
The console login message displayed before the login prompt, i.e., before a user logs into the system.

nodetype: leaf (rw)

type: string

/system/config/
motd-banner

description:
The console message displayed after a user logs into the system. They system may append additional standard information such as the current system date and time, uptime, last login timestamp, etc.

nodetype: leaf (rw)

type: string

/system/
state

description:
Global operational state data for the system

nodetype: container (ro)

/system/state/
hostname

description:
The hostname of the device -- should be a single domain label, without the domain.

nodetype: leaf (ro)

type: oc-inet:domain-name

/system/state/
domain-name

description:
Specifies the domain name used to form fully qualified name for unqualified hostnames.

nodetype: leaf (ro)

type: oc-inet:domain-name

/system/state/
login-banner

description:
The console login message displayed before the login prompt, i.e., before a user logs into the system.

nodetype: leaf (ro)

type: string

/system/state/
motd-banner

description:
The console message displayed after a user logs into the system. They system may append additional standard information such as the current system date and time, uptime, last login timestamp, etc.

nodetype: leaf (ro)

type: string

/system/state/
current-datetime

description:
The current system date and time.

nodetype: leaf (ro)

type: oc-yang:date-and-time

/system/state/
boot-time

description:
This timestamp indicates the time that the system was last restarted. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

units: nanoseconds

/system/state/
software-version

description:
Operating system version of the currently active controller of the device. It is required that this value matches the value of the state/software-version leaf in the component of type OPERATING_SYSTEM.

nodetype: leaf (ro)

type: string

/system/state/
last-configuration-timestamp

description:
Indicates the monotonically increasing timestamp at which the last configuration change was made. This may may be through CLI, gNMI or some other mechanism. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

units: nanoseconds

/system/
mount-points

description:
When a system has a set of filesystems that are attached to a directory (i.e., mounted on the system) they are expected to be present in this list. If the system has the concept of mounting physical or virtual resources to a mount point within the root filesystem (/) they should also be included in this list.

nodetype: container (ro)

/system/mount-points/
mount-point

description:
List of mount points in the system.

nodetype: list (ro)

list keys: [name]

/system/mount-points/mount-point/
name

description:
Reference to the key for list of mount points.

nodetype: leaf (list key) (ro)

type: leafref

  • path reference: ../state/name

/system/mount-points/mount-point/
state

description:
State of system mount point.

nodetype: container (ro)

/system/mount-points/mount-point/state/
name

description:
Mount point name.

nodetype: leaf (ro)

type: string

/system/mount-points/mount-point/state/
storage-component

description:
In the case that the filesystem that is mounted corresponds to a physical or logical component within the system, this leaf provides a reference to the hosting component within the /components hierarchy. The reference should be to the most specific component (e.g., if an entry for /dev/sda1 exists, then this should be referred to, otherwise a reference to /dev/sda may be provided.

nodetype: leaf (ro)

type: leafref

  • path reference: /components/component/name

/system/mount-points/mount-point/state/
size

description:
The total size of the initialised filesystem.

nodetype: leaf (ro)

type: uint64

units: megabytes

/system/mount-points/mount-point/state/
available

description:
The amount of unused space on the filesystem.

nodetype: leaf (ro)

type: uint64

units: megabytes

/system/mount-points/mount-point/state/
utilized

description:
The amount of space currently in use on the filesystem.

nodetype: leaf (ro)

type: uint64

units: megabytes

/system/
clock

description:
Top-level container for clock configuration data

nodetype: container (rw)

/system/clock/
config

description:
Configuration data for system clock

nodetype: container (rw)

/system/clock/config/
timezone-name

description:
The TZ database name to use for the system, such as 'Europe/Stockholm'.

nodetype: leaf (rw)

type: timezone-name-type

/system/clock/
state

description:
Operational state data for system clock

nodetype: container (ro)

/system/clock/state/
timezone-name

description:
The TZ database name to use for the system, such as 'Europe/Stockholm'.

nodetype: leaf (ro)

type: timezone-name-type

/system/
dns

description:
Enclosing container for DNS resolver data

nodetype: container (rw)

/system/dns/
config

description:
Configuration data for the DNS resolver

nodetype: container (rw)

description:
An ordered list of domains to search when resolving a host name.

nodetype: leaf-list (rw)

type: oc-inet:domain-name

/system/dns/
state

description:
Operational state data for the DNS resolver

nodetype: container (ro)

description:
An ordered list of domains to search when resolving a host name.

nodetype: leaf-list (ro)

type: oc-inet:domain-name

/system/dns/
servers

description:
Enclosing container for DNS resolver list

nodetype: container (rw)

/system/dns/servers/
server

description:
List of the DNS servers that the resolver should query. When the resolver is invoked by a calling application, it sends the query to the first name server in this list. If no response has been received within 'timeout' seconds, the resolver continues with the next server in the list. If no response is received from any server, the resolver continues with the first server again. When the resolver has traversed the list 'attempts' times without receiving any response, it gives up and returns an error to the calling application. Implementations MAY limit the number of entries in this list.

nodetype: list (rw)

list keys: [address]

/system/dns/servers/server/
address

description:
References the configured address of the DNS server

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/address

/system/dns/servers/server/
config

description:
Configuration data for each DNS resolver

nodetype: container (rw)

/system/dns/servers/server/config/
address

description:
The address of the DNS server, can be either IPv4 or IPv6.

nodetype: leaf (rw)

type: oc-inet:ip-address

/system/dns/servers/server/config/
port

description:
The port number of the DNS server.

nodetype: leaf (rw)

type: oc-inet:port-number

default: 53

/system/dns/servers/server/
state

description:
Operational state data for each DNS resolver

nodetype: container (ro)

/system/dns/servers/server/state/
address

description:
The address of the DNS server, can be either IPv4 or IPv6.

nodetype: leaf (ro)

type: oc-inet:ip-address

/system/dns/servers/server/state/
port

description:
The port number of the DNS server.

nodetype: leaf (ro)

type: oc-inet:port-number

default: 53

/system/dns/
host-entries

description:
Enclosing container for list of static host entries

nodetype: container (rw)

/system/dns/host-entries/
host-entry

description:
List of static host entries

nodetype: list (rw)

list keys: [hostname]

/system/dns/host-entries/host-entry/
hostname

description:
Reference to the hostname list key

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/hostname

/system/dns/host-entries/host-entry/
config

description:
Configuration data for static host entries

nodetype: container (rw)

/system/dns/host-entries/host-entry/config/
hostname

description:
Hostname for the static DNS entry

nodetype: leaf (rw)

type: string

/system/dns/host-entries/host-entry/config/
alias

description:
Additional aliases for the hostname

nodetype: leaf-list (rw)

type: string

/system/dns/host-entries/host-entry/config/
ipv4-address

description:
List of IPv4 addresses for the host entry

nodetype: leaf-list (rw)

type: oc-inet:ipv4-address

/system/dns/host-entries/host-entry/config/
ipv6-address

description:
List of IPv6 addresses for the host entry

nodetype: leaf-list (rw)

type: oc-inet:ipv6-address

/system/dns/host-entries/host-entry/
state

description:
Operational state data for static host entries

nodetype: container (ro)

/system/dns/host-entries/host-entry/state/
hostname

description:
Hostname for the static DNS entry

nodetype: leaf (ro)

type: string

/system/dns/host-entries/host-entry/state/
alias

description:
Additional aliases for the hostname

nodetype: leaf-list (ro)

type: string

/system/dns/host-entries/host-entry/state/
ipv4-address

description:
List of IPv4 addresses for the host entry

nodetype: leaf-list (ro)

type: oc-inet:ipv4-address

/system/dns/host-entries/host-entry/state/
ipv6-address

description:
List of IPv6 addresses for the host entry

nodetype: leaf-list (ro)

type: oc-inet:ipv6-address

/system/
ntp

description:
Top-level container for NTP configuration and state

nodetype: container (rw)

/system/ntp/
config

description:
Configuration data for NTP client.

nodetype: container (rw)

/system/ntp/config/
enabled

description:
Enables and disables the NTP protocol and indicates that the system should attempt to synchronize the system clock with an NTP server from the servers defined in the 'ntp/server' list.

nodetype: leaf (rw)

type: boolean

default: false

/system/ntp/config/
enable-ntp-auth

description:
Enable or disable NTP authentication -- when enabled, the system will only use packets containing a trusted authentication key to synchronize the time.

nodetype: leaf (rw)

type: boolean

default: false

/system/ntp/
state

description:
Operational state data for NTP services.

nodetype: container (ro)

/system/ntp/state/
enabled

description:
Enables and disables the NTP protocol and indicates that the system should attempt to synchronize the system clock with an NTP server from the servers defined in the 'ntp/server' list.

nodetype: leaf (ro)

type: boolean

default: false

/system/ntp/state/
enable-ntp-auth

description:
Enable or disable NTP authentication -- when enabled, the system will only use packets containing a trusted authentication key to synchronize the time.

nodetype: leaf (ro)

type: boolean

default: false

/system/ntp/state/
auth-mismatch

description:
Count of the number of NTP packets received that were not processed due to authentication mismatch.

nodetype: leaf (ro)

type: oc-yang:counter64

/system/ntp/
ntp-keys

description:
Enclosing container for list of NTP authentication keys

nodetype: container (rw)

/system/ntp/ntp-keys/
ntp-key

description:
List of NTP authentication keys

nodetype: list (rw)

list keys: [key-id]

/system/ntp/ntp-keys/ntp-key/
key-id

description:
Reference to auth key-id list key

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/key-id

/system/ntp/ntp-keys/ntp-key/
config

description:
Configuration data for NTP auth keys

nodetype: container (rw)

/system/ntp/ntp-keys/ntp-key/config/
key-id

description:
Integer identifier used by the client and server to designate a secret key. The client and server must use the same key id.

nodetype: leaf (rw)

type: uint16

/system/ntp/ntp-keys/ntp-key/config/
key-type

description:
Encryption type used for the NTP authentication key

nodetype: leaf (rw)

type: identityref

  • base: NTP_AUTH_TYPE

/system/ntp/ntp-keys/ntp-key/config/
key-value

description:
NTP authentication key value

nodetype: leaf (rw)

type: string

/system/ntp/ntp-keys/ntp-key/
state

description:
Operational state data for NTP auth keys

nodetype: container (ro)

/system/ntp/ntp-keys/ntp-key/state/
key-id

description:
Integer identifier used by the client and server to designate a secret key. The client and server must use the same key id.

nodetype: leaf (ro)

type: uint16

/system/ntp/ntp-keys/ntp-key/state/
key-type

description:
Encryption type used for the NTP authentication key

nodetype: leaf (ro)

type: identityref

  • base: NTP_AUTH_TYPE

/system/ntp/ntp-keys/ntp-key/state/
key-value

description:
NTP authentication key value

nodetype: leaf (ro)

type: string

/system/ntp/
servers

description:
Enclosing container for the list of NTP servers

nodetype: container (rw)

/system/ntp/servers/
server

description:
List of NTP servers to use for system clock synchronization. If '/system/ntp/enabled' is 'true', then the system will attempt to contact and utilize the specified NTP servers.

nodetype: list (rw)

list keys: [address]

/system/ntp/servers/server/
address

description:
References the configured address or hostname of the NTP server.

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/address

/system/ntp/servers/server/
config

description:
Configuration data for an NTP server.

nodetype: container (rw)

/system/ntp/servers/server/config/
address

description:
The address or hostname of the NTP server.

nodetype: leaf (rw)

type: oc-inet:host

/system/ntp/servers/server/config/
port

description:
The port number of the NTP server.

nodetype: leaf (rw)

type: oc-inet:port-number

default: 123

/system/ntp/servers/server/config/
version

description:
Version number to put in outgoing NTP packets

nodetype: leaf (rw)

type: uint8

  • range: 1..4

default: 4

/system/ntp/servers/server/config/
association-type

description:
The desired association type for this NTP server.

nodetype: leaf (rw)

type: enumeration

  • SERVER
    Use client association mode. This device will not provide synchronization to the configured NTP server.
  • PEER
    Use symmetric active association mode. This device may provide synchronization to the configured NTP server.
  • POOL
    Use client association mode with one or more of the NTP servers found by DNS resolution of the domain name given by the 'address' leaf. This device will not provide synchronization to the servers.

default: SERVER

/system/ntp/servers/server/config/
iburst

description:
Indicates whether this server should enable burst synchronization or not.

nodetype: leaf (rw)

type: boolean

default: false

/system/ntp/servers/server/config/
prefer

description:
Indicates whether this server should be preferred or not.

nodetype: leaf (rw)

type: boolean

default: false

/system/ntp/servers/server/config/
network-instance

description:
The network instance used to find this server.

nodetype: leaf (rw)

type: oc-ni:network-instance-ref

/system/ntp/servers/server/config/
source-address

description:
Source address to use on outgoing NTP packets

nodetype: leaf (rw)

type: oc-inet:ip-address

/system/ntp/servers/server/
state

description:
Operational state data for an NTP server.

nodetype: container (ro)

/system/ntp/servers/server/state/
address

description:
The address or hostname of the NTP server.

nodetype: leaf (ro)

type: oc-inet:host

/system/ntp/servers/server/state/
port

description:
The port number of the NTP server.

nodetype: leaf (ro)

type: oc-inet:port-number

default: 123

/system/ntp/servers/server/state/
version

description:
Version number to put in outgoing NTP packets

nodetype: leaf (ro)

type: uint8

  • range: 1..4

default: 4

/system/ntp/servers/server/state/
association-type

description:
The desired association type for this NTP server.

nodetype: leaf (ro)

type: enumeration

  • SERVER
    Use client association mode. This device will not provide synchronization to the configured NTP server.
  • PEER
    Use symmetric active association mode. This device may provide synchronization to the configured NTP server.
  • POOL
    Use client association mode with one or more of the NTP servers found by DNS resolution of the domain name given by the 'address' leaf. This device will not provide synchronization to the servers.

default: SERVER

/system/ntp/servers/server/state/
iburst

description:
Indicates whether this server should enable burst synchronization or not.

nodetype: leaf (ro)

type: boolean

default: false

/system/ntp/servers/server/state/
prefer

description:
Indicates whether this server should be preferred or not.

nodetype: leaf (ro)

type: boolean

default: false

/system/ntp/servers/server/state/
network-instance

description:
The network instance used to find this server.

nodetype: leaf (ro)

type: oc-ni:network-instance-ref

/system/ntp/servers/server/state/
source-address

description:
Source address to use on outgoing NTP packets

nodetype: leaf (ro)

type: oc-inet:ip-address

/system/ntp/servers/server/state/
stratum

description:
Indicates the level of the server in the NTP hierarchy. As stratum number increases, the accuracy is degraded. Primary servers are stratum while a maximum value of 16 indicates unsynchronized. The values have the following specific semantics: | 0 | unspecified or invalid | 1 | primary server (e.g., equipped with a GPS receiver) | 2-15 | secondary server (via NTP) | 16 | unsynchronized | 17-255 | reserved

nodetype: leaf (ro)

type: uint8

/system/ntp/servers/server/state/
root-delay

description:
The round-trip delay to the server, in milliseconds.

nodetype: leaf (ro)

type: uint32

units: milliseconds

/system/ntp/servers/server/state/
root-dispersion

description:
Dispersion (epsilon) represents the maximum error inherent in the measurement

nodetype: leaf (ro)

type: uint64

units: milliseconds

/system/ntp/servers/server/state/
offset

description:
Estimate of the current time offset from the peer. This is the time difference between the local and reference clock.

nodetype: leaf (ro)

type: uint64

units: milliseconds

/system/ntp/servers/server/state/
poll-interval

description:
Polling interval of the peer

nodetype: leaf (ro)

type: uint32

units: seconds

/system/
ssh-server

description:
Top-level container for ssh server

nodetype: container (rw)

/system/ssh-server/
config

description:
Configuration data for the system ssh server

nodetype: container (rw)

/system/ssh-server/config/
enable

description:
Enables the ssh server. The ssh server is enabled by default.

nodetype: leaf (rw)

type: boolean

default: true

/system/ssh-server/config/
protocol-version

description:
Set the protocol version for SSH connections to the system

nodetype: leaf (rw)

type: enumeration

  • V2
    Use SSH v2 only
  • V1
    Use SSH v1 only
  • V1_V2
    Use either SSH v1 or v2

default: V2

/system/ssh-server/config/
timeout

description:
Set the idle timeout in seconds on terminal connections to the system for the protocol.

nodetype: leaf (rw)

type: uint16

units: seconds

/system/ssh-server/config/
rate-limit

description:
Set a limit on the number of connection attempts per minute to the system for the protocol.

nodetype: leaf (rw)

type: uint16

units: conn/min

/system/ssh-server/config/
session-limit

description:
Set a limit on the number of simultaneous active terminal sessions to the system for the protocol (e.g., ssh, telnet, ...)

nodetype: leaf (rw)

type: uint16

/system/ssh-server/
state

description:
Operational state data for the system ssh server

nodetype: container (ro)

/system/ssh-server/state/
enable

description:
Enables the ssh server. The ssh server is enabled by default.

nodetype: leaf (ro)

type: boolean

default: true

/system/ssh-server/state/
protocol-version

description:
Set the protocol version for SSH connections to the system

nodetype: leaf (ro)

type: enumeration

  • V2
    Use SSH v2 only
  • V1
    Use SSH v1 only
  • V1_V2
    Use either SSH v1 or v2

default: V2

/system/ssh-server/state/
timeout

description:
Set the idle timeout in seconds on terminal connections to the system for the protocol.

nodetype: leaf (ro)

type: uint16

units: seconds

/system/ssh-server/state/
rate-limit

description:
Set a limit on the number of connection attempts per minute to the system for the protocol.

nodetype: leaf (ro)

type: uint16

units: conn/min

/system/ssh-server/state/
session-limit

description:
Set a limit on the number of simultaneous active terminal sessions to the system for the protocol (e.g., ssh, telnet, ...)

nodetype: leaf (ro)

type: uint16

/system/
telnet-server

description:
Top-level container for telnet terminal servers

nodetype: container (rw)

/system/telnet-server/
config

description:
Configuration data for telnet

nodetype: container (rw)

/system/telnet-server/config/
enable

description:
Enables the telnet server. Telnet is disabled by default

nodetype: leaf (rw)

type: boolean

default: false

/system/telnet-server/config/
timeout

description:
Set the idle timeout in seconds on terminal connections to the system for the protocol.

nodetype: leaf (rw)

type: uint16

units: seconds

/system/telnet-server/config/
rate-limit

description:
Set a limit on the number of connection attempts per minute to the system for the protocol.

nodetype: leaf (rw)

type: uint16

units: conn/min

/system/telnet-server/config/
session-limit

description:
Set a limit on the number of simultaneous active terminal sessions to the system for the protocol (e.g., ssh, telnet, ...)

nodetype: leaf (rw)

type: uint16

/system/telnet-server/
state

description:
Operational state data for telnet

nodetype: container (ro)

/system/telnet-server/state/
enable

description:
Enables the telnet server. Telnet is disabled by default

nodetype: leaf (ro)

type: boolean

default: false

/system/telnet-server/state/
timeout

description:
Set the idle timeout in seconds on terminal connections to the system for the protocol.

nodetype: leaf (ro)

type: uint16

units: seconds

/system/telnet-server/state/
rate-limit

description:
Set a limit on the number of connection attempts per minute to the system for the protocol.

nodetype: leaf (ro)

type: uint16

units: conn/min

/system/telnet-server/state/
session-limit

description:
Set a limit on the number of simultaneous active terminal sessions to the system for the protocol (e.g., ssh, telnet, ...)

nodetype: leaf (ro)

type: uint16

/system/
logging

description:
Top-level container for data related to logging / syslog

nodetype: container (rw)

/system/logging/
console

description:
Top-level container for data related to console-based logging

nodetype: container (rw)

/system/logging/console/
config

description:
Configuration data for console logging

nodetype: container (rw)

/system/logging/console/
state

description:
Operational state data for console logging

nodetype: container (ro)

/system/logging/console/
selectors

description:
Enclosing container

nodetype: container (rw)

/system/logging/console/selectors/
selector

description:
List of selectors for log messages

nodetype: list (rw)

list keys: [facility] [severity]

/system/logging/console/selectors/selector/
facility

description:
Reference to facility list key

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/facility

/system/logging/console/selectors/selector/
severity

description:
Reference to severity list key

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/severity

/system/logging/console/selectors/selector/
config

description:
Configuration data

nodetype: container (rw)

/system/logging/console/selectors/selector/config/
facility

description:
Specifies the facility, or class of messages to log

nodetype: leaf (rw)

type: identityref

  • base: SYSLOG_FACILITY

/system/logging/console/selectors/selector/config/
severity

description:
Specifies that only messages of the given severity (or greater severity) for the corresonding facility are logged

nodetype: leaf (rw)

type: syslog-severity

/system/logging/console/selectors/selector/
state

description:
Operational state data

nodetype: container (ro)

/system/logging/console/selectors/selector/state/
facility

description:
Specifies the facility, or class of messages to log

nodetype: leaf (ro)

type: identityref

  • base: SYSLOG_FACILITY

/system/logging/console/selectors/selector/state/
severity

description:
Specifies that only messages of the given severity (or greater severity) for the corresonding facility are logged

nodetype: leaf (ro)

type: syslog-severity

/system/logging/
remote-servers

description:
Enclosing container for the list of remote log servers

nodetype: container (rw)

/system/logging/remote-servers/
remote-server

description:
List of remote log servers

nodetype: list (rw)

list keys: [host]

/system/logging/remote-servers/remote-server/
host

description:
Reference to the host list key

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/host

/system/logging/remote-servers/remote-server/
config

description:
Configuration data for remote log servers

nodetype: container (rw)

/system/logging/remote-servers/remote-server/config/
host

description:
IP address or hostname of the remote log server

nodetype: leaf (rw)

type: oc-inet:host

/system/logging/remote-servers/remote-server/config/
source-address

description:
Source IP address for packets to the log server

nodetype: leaf (rw)

type: oc-inet:ip-address

/system/logging/remote-servers/remote-server/config/
network-instance

description:
The network instance used to reach the log server. If no instance is specified, DEFAULT_INSTANCE is used.

nodetype: leaf (rw)

type: oc-ni:network-instance-ref

/system/logging/remote-servers/remote-server/config/
remote-port

description:
Sets the destination port number for syslog UDP messages to the server. The default for syslog is 514.

nodetype: leaf (rw)

type: oc-inet:port-number

default: 514

/system/logging/remote-servers/remote-server/
state

description:
Operational state data for remote log servers

nodetype: container (ro)

/system/logging/remote-servers/remote-server/state/
host

description:
IP address or hostname of the remote log server

nodetype: leaf (ro)

type: oc-inet:host

/system/logging/remote-servers/remote-server/state/
source-address

description:
Source IP address for packets to the log server

nodetype: leaf (ro)

type: oc-inet:ip-address

/system/logging/remote-servers/remote-server/state/
network-instance

description:
The network instance used to reach the log server. If no instance is specified, DEFAULT_INSTANCE is used.

nodetype: leaf (ro)

type: oc-ni:network-instance-ref

/system/logging/remote-servers/remote-server/state/
remote-port

description:
Sets the destination port number for syslog UDP messages to the server. The default for syslog is 514.

nodetype: leaf (ro)

type: oc-inet:port-number

default: 514

/system/logging/remote-servers/remote-server/
selectors

description:
Enclosing container

nodetype: container (rw)

/system/logging/remote-servers/remote-server/selectors/
selector

description:
List of selectors for log messages

nodetype: list (rw)

list keys: [facility] [severity]

/system/logging/remote-servers/remote-server/selectors/selector/
facility

description:
Reference to facility list key

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/facility

/system/logging/remote-servers/remote-server/selectors/selector/
severity

description:
Reference to severity list key

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/severity

/system/logging/remote-servers/remote-server/selectors/selector/
config

description:
Configuration data

nodetype: container (rw)

/system/logging/remote-servers/remote-server/selectors/selector/config/
facility

description:
Specifies the facility, or class of messages to log

nodetype: leaf (rw)

type: identityref

  • base: SYSLOG_FACILITY

/system/logging/remote-servers/remote-server/selectors/selector/config/
severity

description:
Specifies that only messages of the given severity (or greater severity) for the corresonding facility are logged

nodetype: leaf (rw)

type: syslog-severity

/system/logging/remote-servers/remote-server/selectors/selector/
state

description:
Operational state data

nodetype: container (ro)

/system/logging/remote-servers/remote-server/selectors/selector/state/
facility

description:
Specifies the facility, or class of messages to log

nodetype: leaf (ro)

type: identityref

  • base: SYSLOG_FACILITY

/system/logging/remote-servers/remote-server/selectors/selector/state/
severity

description:
Specifies that only messages of the given severity (or greater severity) for the corresonding facility are logged

nodetype: leaf (ro)

type: syslog-severity

/system/
aaa

description:
Top-level container for AAA services

nodetype: container (rw)

/system/aaa/
config

description:
Configuration data for top level AAA services

nodetype: container (rw)

/system/aaa/
state

description:
Operational state data for top level AAA services

nodetype: container (ro)

/system/aaa/
authentication

description:
Top-level container for global authentication data

nodetype: container (rw)

/system/aaa/authentication/
config

description:
Configuration data for global authentication services

nodetype: container (rw)

/system/aaa/authentication/config/
authentication-method

description:
Ordered list of authentication methods for users. This can be either a reference to a server group, or a well- defined designation in the AAA_METHOD_TYPE identity. If authentication fails with one method, the next defined method is tried -- failure of all methods results in the user being denied access.

nodetype: leaf-list (rw)

type: union

    type: identityref

    • base: oc-aaa-types:AAA_METHOD_TYPE

    type: string

/system/aaa/authentication/
state

description:
Operational state data for global authentication services

nodetype: container (ro)

/system/aaa/authentication/state/
authentication-method

description:
Ordered list of authentication methods for users. This can be either a reference to a server group, or a well- defined designation in the AAA_METHOD_TYPE identity. If authentication fails with one method, the next defined method is tried -- failure of all methods results in the user being denied access.

nodetype: leaf-list (ro)

type: union

    type: identityref

    • base: oc-aaa-types:AAA_METHOD_TYPE

    type: string

/system/aaa/authentication/
admin-user

description:
Top-level container for the system root or admin user configuration and operational state

nodetype: container (rw)

/system/aaa/authentication/admin-user/
config

description:
Configuration data for the root user account

nodetype: container (rw)

/system/aaa/authentication/admin-user/config/
admin-password

description:
The admin/root password, supplied as a cleartext string. The system should hash and only store the password as a hashed value.

nodetype: leaf (rw)

type: string

/system/aaa/authentication/admin-user/config/
admin-password-hashed

description:
The admin/root password, supplied as a hashed value using the notation described in the definition of the crypt-password-type.

nodetype: leaf (rw)

type: oc-aaa-types:crypt-password-type

/system/aaa/authentication/admin-user/
state

description:
Operational state data for the root user account

nodetype: container (ro)

/system/aaa/authentication/admin-user/state/
admin-password

description:
The admin/root password, supplied as a cleartext string. The system should hash and only store the password as a hashed value.

nodetype: leaf (ro)

type: string

/system/aaa/authentication/admin-user/state/
admin-password-hashed

description:
The admin/root password, supplied as a hashed value using the notation described in the definition of the crypt-password-type.

nodetype: leaf (ro)

type: oc-aaa-types:crypt-password-type

/system/aaa/authentication/admin-user/state/
admin-username

description:
Name of the administrator user account, e.g., admin, root, etc.

nodetype: leaf (ro)

type: string

/system/aaa/authentication/
users

description:
Enclosing container list of local users

nodetype: container (rw)

/system/aaa/authentication/users/
user

description:
List of local users on the system

nodetype: list (rw)

list keys: [username]

/system/aaa/authentication/users/user/
username

description:
References the configured username for the user

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/username

/system/aaa/authentication/users/user/
config

description:
Configuration data for local users

nodetype: container (rw)

/system/aaa/authentication/users/user/config/
username

description:
Assigned username for this user

nodetype: leaf (rw)

type: string

/system/aaa/authentication/users/user/config/
password

description:
The user password, supplied as cleartext. The system must hash the value and only store the hashed value.

nodetype: leaf (rw)

type: string

/system/aaa/authentication/users/user/config/
password-hashed

description:
The user password, supplied as a hashed value using the notation described in the definition of the crypt-password-type.

nodetype: leaf (rw)

type: oc-aaa-types:crypt-password-type

/system/aaa/authentication/users/user/config/
ssh-key

description:
SSH public key for the user (RSA or DSA)

nodetype: leaf (rw)

type: string

/system/aaa/authentication/users/user/config/
role

description:
Role assigned to the user. The role must be supplied as a role defined by the SYSTEM_DEFINED_ROLES identity or a string that matches a user defined role.

nodetype: leaf (rw)

type: union

    type: string

    type: identityref

    • base: oc-aaa-types:SYSTEM_DEFINED_ROLES

/system/aaa/authentication/users/user/
state

description:
Operational state data for local users

nodetype: container (ro)

/system/aaa/authentication/users/user/state/
username

description:
Assigned username for this user

nodetype: leaf (ro)

type: string

/system/aaa/authentication/users/user/state/
password

description:
The user password, supplied as cleartext. The system must hash the value and only store the hashed value.

nodetype: leaf (ro)

type: string

/system/aaa/authentication/users/user/state/
password-hashed

description:
The user password, supplied as a hashed value using the notation described in the definition of the crypt-password-type.

nodetype: leaf (ro)

type: oc-aaa-types:crypt-password-type

/system/aaa/authentication/users/user/state/
ssh-key

description:
SSH public key for the user (RSA or DSA)

nodetype: leaf (ro)

type: string

/system/aaa/authentication/users/user/state/
role

description:
Role assigned to the user. The role must be supplied as a role defined by the SYSTEM_DEFINED_ROLES identity or a string that matches a user defined role.

nodetype: leaf (ro)

type: union

    type: string

    type: identityref

    • base: oc-aaa-types:SYSTEM_DEFINED_ROLES

/system/aaa/
authorization

description:
Top-level container for AAA authorization configuration and operational state data

nodetype: container (rw)

/system/aaa/authorization/
config

description:
Configuration data for authorization based on AAA methods

nodetype: container (rw)

/system/aaa/authorization/config/
authorization-method

description:
Ordered list of methods for authorizing commands. The first method that provides a response (positive or negative) should be used. The list may contain a well-defined method such as the set of all TACACS or RADIUS servers, or the name of a defined AAA server group. The system must validate that the named server group exists.

nodetype: leaf-list (rw)

type: union

    type: identityref

    • base: oc-aaa-types:AAA_METHOD_TYPE

    type: string

/system/aaa/authorization/
state

description:
Operational state data for authorization based on AAA

nodetype: container (ro)

/system/aaa/authorization/state/
authorization-method

description:
Ordered list of methods for authorizing commands. The first method that provides a response (positive or negative) should be used. The list may contain a well-defined method such as the set of all TACACS or RADIUS servers, or the name of a defined AAA server group. The system must validate that the named server group exists.

nodetype: leaf-list (ro)

type: union

    type: identityref

    • base: oc-aaa-types:AAA_METHOD_TYPE

    type: string

/system/aaa/authorization/
events

description:
Enclosing container for the set of events subject to authorization

nodetype: container (rw)

/system/aaa/authorization/events/
event

description:
List of events subject to AAA authorization

nodetype: list (rw)

list keys: [event-type]

/system/aaa/authorization/events/event/
event-type

description:
Reference to the event-type list key

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/event-type

/system/aaa/authorization/events/event/
config

description:
Configuration data for each authorized event

nodetype: container (rw)

/system/aaa/authorization/events/event/config/
event-type

description:
The type of event to record at the AAA authorization server

nodetype: leaf (rw)

type: identityref

  • base: oc-aaa-types:AAA_AUTHORIZATION_EVENT_TYPE

/system/aaa/authorization/events/event/
state

description:
Operational state data for each authorized activity

nodetype: container (ro)

/system/aaa/authorization/events/event/state/
event-type

description:
The type of event to record at the AAA authorization server

nodetype: leaf (ro)

type: identityref

  • base: oc-aaa-types:AAA_AUTHORIZATION_EVENT_TYPE

/system/aaa/
accounting

description:
Top-level container for AAA accounting

nodetype: container (rw)

/system/aaa/accounting/
config

description:
Configuration data for user activity accounting.

nodetype: container (rw)

/system/aaa/accounting/config/
accounting-method

description:
An ordered list of methods used for AAA accounting for this event type. The method is defined by the destination for accounting data, which may be specified as the group of all TACACS+/RADIUS servers, a defined server group, or the local system.

nodetype: leaf-list (rw)

type: union

    type: identityref

    • base: oc-aaa-types:AAA_METHOD_TYPE

    type: string

/system/aaa/accounting/
state

description:
Operational state data for user accounting.

nodetype: container (ro)

/system/aaa/accounting/state/
accounting-method

description:
An ordered list of methods used for AAA accounting for this event type. The method is defined by the destination for accounting data, which may be specified as the group of all TACACS+/RADIUS servers, a defined server group, or the local system.

nodetype: leaf-list (ro)

type: union

    type: identityref

    • base: oc-aaa-types:AAA_METHOD_TYPE

    type: string

/system/aaa/accounting/
events

description:
Enclosing container for defining handling of events for accounting

nodetype: container (rw)

/system/aaa/accounting/events/
event

description:
List of events subject to accounting

nodetype: list (rw)

list keys: [event-type]

/system/aaa/accounting/events/event/
event-type

description:
Reference to the event-type being logged at the accounting server

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/event-type

/system/aaa/accounting/events/event/
config

description:
Configuration data for accounting events

nodetype: container (rw)

/system/aaa/accounting/events/event/config/
event-type

description:
The type of activity to record at the AAA accounting server

nodetype: leaf (rw)

type: identityref

  • base: oc-aaa-types:AAA_ACCOUNTING_EVENT_TYPE

/system/aaa/accounting/events/event/config/
record

description:
Type of record to send to the accounting server for this activity type

nodetype: leaf (rw)

type: enumeration

  • START_STOP
    Send START record to the accounting server at the beginning of the activity, and STOP record at the end of the activity.
  • STOP
    Send STOP record to the accounting server when the user activity completes

/system/aaa/accounting/events/event/
state

description:
Operational state data for accounting events

nodetype: container (ro)

/system/aaa/accounting/events/event/state/
event-type

description:
The type of activity to record at the AAA accounting server

nodetype: leaf (ro)

type: identityref

  • base: oc-aaa-types:AAA_ACCOUNTING_EVENT_TYPE

/system/aaa/accounting/events/event/state/
record

description:
Type of record to send to the accounting server for this activity type

nodetype: leaf (ro)

type: enumeration

  • START_STOP
    Send START record to the accounting server at the beginning of the activity, and STOP record at the end of the activity.
  • STOP
    Send STOP record to the accounting server when the user activity completes

/system/aaa/
server-groups

description:
Enclosing container for AAA server groups

nodetype: container (rw)

/system/aaa/server-groups/
server-group

description:
List of AAA server groups. All servers in a group must have the same type as indicated by the server type.

nodetype: list (rw)

list keys: [name]

/system/aaa/server-groups/server-group/
name

description:
Reference to configured name of the server group

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/name

/system/aaa/server-groups/server-group/
config

description:
Configuration data for each server group

nodetype: container (rw)

/system/aaa/server-groups/server-group/config/
name

description:
Name for the server group

nodetype: leaf (rw)

type: string

/system/aaa/server-groups/server-group/config/
type

description:
AAA server type -- all servers in the group must be of this type

nodetype: leaf (rw)

type: identityref

  • base: oc-aaa-types:AAA_SERVER_TYPE

/system/aaa/server-groups/server-group/
state

description:
Operational state data for each server group

nodetype: container (ro)

/system/aaa/server-groups/server-group/state/
name

description:
Name for the server group

nodetype: leaf (ro)

type: string

/system/aaa/server-groups/server-group/state/
type

description:
AAA server type -- all servers in the group must be of this type

nodetype: leaf (ro)

type: identityref

  • base: oc-aaa-types:AAA_SERVER_TYPE

/system/aaa/server-groups/server-group/
servers

description:
Enclosing container the list of servers

nodetype: container (rw)

/system/aaa/server-groups/server-group/servers/
server

description:
List of AAA servers

nodetype: list (rw)

list keys: [address]

/system/aaa/server-groups/server-group/servers/server/
address

description:
Reference to the configured address of the AAA server

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/address

/system/aaa/server-groups/server-group/servers/server/
config

description:
Configuration data

nodetype: container (rw)

/system/aaa/server-groups/server-group/servers/server/config/
name

description:
Name assigned to the server

nodetype: leaf (rw)

type: string

/system/aaa/server-groups/server-group/servers/server/config/
address

description:
Address of the authentication server

nodetype: leaf (rw)

type: oc-inet:ip-address

/system/aaa/server-groups/server-group/servers/server/config/
timeout

description:
Set the timeout in seconds on responses from the AAA server

nodetype: leaf (rw)

type: uint16

units: seconds

/system/aaa/server-groups/server-group/servers/server/
state

description:
Operational state data

nodetype: container (ro)

/system/aaa/server-groups/server-group/servers/server/state/
name

description:
Name assigned to the server

nodetype: leaf (ro)

type: string

/system/aaa/server-groups/server-group/servers/server/state/
address

description:
Address of the authentication server

nodetype: leaf (ro)

type: oc-inet:ip-address

/system/aaa/server-groups/server-group/servers/server/state/
timeout

description:
Set the timeout in seconds on responses from the AAA server

nodetype: leaf (ro)

type: uint16

units: seconds

/system/aaa/server-groups/server-group/servers/server/state/
connection-opens

description:
Number of new connection requests sent to the server, e.g. socket open

nodetype: leaf (ro)

type: oc-yang:counter64

/system/aaa/server-groups/server-group/servers/server/state/
connection-closes

description:
Number of connection close requests sent to the server, e.g. socket close

nodetype: leaf (ro)

type: oc-yang:counter64

/system/aaa/server-groups/server-group/servers/server/state/
connection-aborts

description:
Number of aborted connections to the server. These do not include connections that are close gracefully.

nodetype: leaf (ro)

type: oc-yang:counter64

/system/aaa/server-groups/server-group/servers/server/state/
connection-failures

description:
Number of connection failures to the server

nodetype: leaf (ro)

type: oc-yang:counter64

/system/aaa/server-groups/server-group/servers/server/state/
connection-timeouts

description:
Number of connection timeouts to the server

nodetype: leaf (ro)

type: oc-yang:counter64

/system/aaa/server-groups/server-group/servers/server/state/
messages-sent

description:
Number of messages sent to the server

nodetype: leaf (ro)

type: oc-yang:counter64

/system/aaa/server-groups/server-group/servers/server/state/
messages-received

description:
Number of messages received by the server

nodetype: leaf (ro)

type: oc-yang:counter64

/system/aaa/server-groups/server-group/servers/server/state/
errors-received

description:
Number of error messages received from the server

nodetype: leaf (ro)

type: oc-yang:counter64

/system/aaa/server-groups/server-group/servers/server/
tacacs

description:
Top-level container for TACACS+ server data

nodetype: container (rw)

/system/aaa/server-groups/server-group/servers/server/tacacs/
config

description:
Configuration data for TACACS+ server

nodetype: container (rw)

/system/aaa/server-groups/server-group/servers/server/tacacs/config/
port

description:
The port number on which to contact the TACACS server

nodetype: leaf (rw)

type: oc-inet:port-number

default: 49

/system/aaa/server-groups/server-group/servers/server/tacacs/config/
secret-key

description:
The unencrypted shared key used between the authentication server and the device.

nodetype: leaf (rw)

type: oc-types:routing-password

/system/aaa/server-groups/server-group/servers/server/tacacs/config/
secret-key-hashed

description:
The hashed shared key used between the authentication server and the device.

nodetype: leaf (rw)

type: oc-aaa-types:crypt-password-type

/system/aaa/server-groups/server-group/servers/server/tacacs/config/
source-address

description:
Source IP address to use in messages to the TACACS server

nodetype: leaf (rw)

type: oc-inet:ip-address

/system/aaa/server-groups/server-group/servers/server/tacacs/
state

description:
Operational state data for TACACS+ server

nodetype: container (ro)

/system/aaa/server-groups/server-group/servers/server/tacacs/state/
port

description:
The port number on which to contact the TACACS server

nodetype: leaf (ro)

type: oc-inet:port-number

default: 49

/system/aaa/server-groups/server-group/servers/server/tacacs/state/
secret-key

description:
The unencrypted shared key used between the authentication server and the device.

nodetype: leaf (ro)

type: oc-types:routing-password

/system/aaa/server-groups/server-group/servers/server/tacacs/state/
secret-key-hashed

description:
The hashed shared key used between the authentication server and the device.

nodetype: leaf (ro)

type: oc-aaa-types:crypt-password-type

/system/aaa/server-groups/server-group/servers/server/tacacs/state/
source-address

description:
Source IP address to use in messages to the TACACS server

nodetype: leaf (ro)

type: oc-inet:ip-address

/system/aaa/server-groups/server-group/servers/server/
radius

description:
Top-level container for RADIUS server data

nodetype: container (rw)

/system/aaa/server-groups/server-group/servers/server/radius/
config

description:
Configuration data for RADIUS servers

nodetype: container (rw)

/system/aaa/server-groups/server-group/servers/server/radius/config/
auth-port

description:
Port number for authentication requests

nodetype: leaf (rw)

type: oc-inet:port-number

default: 1812

/system/aaa/server-groups/server-group/servers/server/radius/config/
acct-port

description:
Port number for accounting requests

nodetype: leaf (rw)

type: oc-inet:port-number

default: 1813

/system/aaa/server-groups/server-group/servers/server/radius/config/
secret-key

description:
The unencrypted shared key used between the authentication server and the device.

nodetype: leaf (rw)

type: oc-types:routing-password

/system/aaa/server-groups/server-group/servers/server/radius/config/
secret-key-hashed

description:
The hashed shared key used between the authentication server and the device.

nodetype: leaf (rw)

type: oc-aaa-types:crypt-password-type

/system/aaa/server-groups/server-group/servers/server/radius/config/
source-address

description:
Source IP address to use in messages to the RADIUS server

nodetype: leaf (rw)

type: oc-inet:ip-address

/system/aaa/server-groups/server-group/servers/server/radius/config/
retransmit-attempts

description:
Number of times the system may resend a request to the RADIUS server when it is unresponsive

nodetype: leaf (rw)

type: uint8

/system/aaa/server-groups/server-group/servers/server/radius/
state

description:
Operational state data for RADIUS servers

nodetype: container (ro)

/system/aaa/server-groups/server-group/servers/server/radius/state/
auth-port

description:
Port number for authentication requests

nodetype: leaf (ro)

type: oc-inet:port-number

default: 1812

/system/aaa/server-groups/server-group/servers/server/radius/state/
acct-port

description:
Port number for accounting requests

nodetype: leaf (ro)

type: oc-inet:port-number

default: 1813

/system/aaa/server-groups/server-group/servers/server/radius/state/
secret-key

description:
The unencrypted shared key used between the authentication server and the device.

nodetype: leaf (ro)

type: oc-types:routing-password

/system/aaa/server-groups/server-group/servers/server/radius/state/
secret-key-hashed

description:
The hashed shared key used between the authentication server and the device.

nodetype: leaf (ro)

type: oc-aaa-types:crypt-password-type

/system/aaa/server-groups/server-group/servers/server/radius/state/
source-address

description:
Source IP address to use in messages to the RADIUS server

nodetype: leaf (ro)

type: oc-inet:ip-address

/system/aaa/server-groups/server-group/servers/server/radius/state/
retransmit-attempts

description:
Number of times the system may resend a request to the RADIUS server when it is unresponsive

nodetype: leaf (ro)

type: uint8

/system/aaa/server-groups/server-group/servers/server/radius/state/
counters

description:
A collection of RADIUS related state objects.

nodetype: container (ro)

/system/aaa/server-groups/server-group/servers/server/radius/state/counters/
retried-access-requests

description:
Retransmitted Access-Request messages.

nodetype: leaf (ro)

type: oc-yang:counter64

/system/aaa/server-groups/server-group/servers/server/radius/state/counters/
access-accepts

description:
Received Access-Accept messages.

nodetype: leaf (ro)

type: oc-yang:counter64

/system/aaa/server-groups/server-group/servers/server/radius/state/counters/
access-rejects

description:
Received Access-Reject messages.

nodetype: leaf (ro)

type: oc-yang:counter64

/system/aaa/server-groups/server-group/servers/server/radius/state/counters/
timeout-access-requests

description:
Access-Request messages that have timed-out, requiring retransmission.

nodetype: leaf (ro)

type: oc-yang:counter64

/system/
memory

description:
Top-level container for system memory data

nodetype: container (rw)

/system/memory/
config

description:
Configuration data for system memory

nodetype: container (rw)

/system/memory/
state

description:
Operational state data for system memory

nodetype: container (ro)

/system/memory/state/
counters

description:
Counters for tracking system memory errors

nodetype: container (ro)

/system/memory/state/counters/
correctable-ecc-errors

description:
Count of correctable ECC errors. Systems with ECC memory are capable of correcting Single-bit ECC errors.

nodetype: leaf (ro)

type: uint64

/system/memory/state/counters/
uncorrectable-ecc-errors

description:
Count of uncorrectable ECC errors. Systems with ECC memory are capable of detecting multi-bit ECC errors, but cannot correct them.

nodetype: leaf (ro)

type: uint64

/system/memory/state/counters/
total-ecc-errors

description:
Count of total ECC errors, this includes both correctable and uncorrectable ECC errors.

nodetype: leaf (ro)

type: uint64

/system/memory/state/
physical

description:
Reports the total physical memory available on the system.

nodetype: leaf (ro)

type: uint64

units: bytes

/system/memory/state/
reserved

description:
Memory reserved for system use

nodetype: leaf (ro)

type: uint64

units: bytes

/system/memory/state/
used

description:
Memory that has been used and not available for allocation.

nodetype: leaf (ro)

type: uint64

units: bytes

/system/memory/state/
free

description:
Memory that is not used and is available for allocation.

nodetype: leaf (ro)

type: uint64

units: bytes

/system/
cpus

description:
Enclosing container for the list of CPU cores on the system

nodetype: container (ro)

/system/cpus/
cpu

description:
List of CPU cores on the system (including logical CPUs on hyperthreaded systems), keyed by either a numerical index, or the ALL value for an entry representing the aggregation across all CPUs.

nodetype: list (ro)

list keys: [index]

/system/cpus/cpu/
index

description:
Reference to list key

nodetype: leaf (list key) (ro)

type: leafref

  • path reference: ../state/index

/system/cpus/cpu/
state

description:
Operational state data for the system CPU(s)

nodetype: container (ro)

/system/cpus/cpu/state/
index

description:
The CPU index for each processor core on the system. On a single-core system, the index should be zero. The ALL index signifies an aggregation of the CPU utilization statistics over all cores in the system.

nodetype: leaf (ro)

type: union

    type: enumeration

    • ALL
      Index value indicating all CPUs in the system

    type: uint32

/system/cpus/cpu/state/
total

description:
Total CPU utilization.

nodetype: container (ro)

/system/cpus/cpu/state/total/
instant

description:
The instantaneous percentage value.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/total/
avg

description:
The arithmetic mean value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/total/
min

description:
The minimum value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/total/
max

description:
The maximum value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/total/
interval

description:
If supported by the system, this reports the time interval over which the min/max/average statistics are computed by the system.

nodetype: leaf (ro)

type: oc-types:stat-interval

/system/cpus/cpu/state/total/
min-time

description:
The absolute time at which the minimum value occurred. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/cpus/cpu/state/total/
max-time

description:
The absolute time at which the maximum value occurred. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/cpus/cpu/state/
user

description:
Percentage of CPU time spent running in user space.

nodetype: container (ro)

/system/cpus/cpu/state/user/
instant

description:
The instantaneous percentage value.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/user/
avg

description:
The arithmetic mean value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/user/
min

description:
The minimum value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/user/
max

description:
The maximum value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/user/
interval

description:
If supported by the system, this reports the time interval over which the min/max/average statistics are computed by the system.

nodetype: leaf (ro)

type: oc-types:stat-interval

/system/cpus/cpu/state/user/
min-time

description:
The absolute time at which the minimum value occurred. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/cpus/cpu/state/user/
max-time

description:
The absolute time at which the maximum value occurred. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/cpus/cpu/state/
kernel

description:
Percentage of CPU time spent running in kernel space.

nodetype: container (ro)

/system/cpus/cpu/state/kernel/
instant

description:
The instantaneous percentage value.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/kernel/
avg

description:
The arithmetic mean value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/kernel/
min

description:
The minimum value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/kernel/
max

description:
The maximum value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/kernel/
interval

description:
If supported by the system, this reports the time interval over which the min/max/average statistics are computed by the system.

nodetype: leaf (ro)

type: oc-types:stat-interval

/system/cpus/cpu/state/kernel/
min-time

description:
The absolute time at which the minimum value occurred. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/cpus/cpu/state/kernel/
max-time

description:
The absolute time at which the maximum value occurred. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/cpus/cpu/state/
nice

description:
Percentage of CPU time spent running low-priority (niced) user processes.

nodetype: container (ro)

/system/cpus/cpu/state/nice/
instant

description:
The instantaneous percentage value.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/nice/
avg

description:
The arithmetic mean value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/nice/
min

description:
The minimum value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/nice/
max

description:
The maximum value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/nice/
interval

description:
If supported by the system, this reports the time interval over which the min/max/average statistics are computed by the system.

nodetype: leaf (ro)

type: oc-types:stat-interval

/system/cpus/cpu/state/nice/
min-time

description:
The absolute time at which the minimum value occurred. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/cpus/cpu/state/nice/
max-time

description:
The absolute time at which the maximum value occurred. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/cpus/cpu/state/
idle

description:
Percentage of CPU time spent idle.

nodetype: container (ro)

/system/cpus/cpu/state/idle/
instant

description:
The instantaneous percentage value.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/idle/
avg

description:
The arithmetic mean value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/idle/
min

description:
The minimum value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/idle/
max

description:
The maximum value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/idle/
interval

description:
If supported by the system, this reports the time interval over which the min/max/average statistics are computed by the system.

nodetype: leaf (ro)

type: oc-types:stat-interval

/system/cpus/cpu/state/idle/
min-time

description:
The absolute time at which the minimum value occurred. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/cpus/cpu/state/idle/
max-time

description:
The absolute time at which the maximum value occurred. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/cpus/cpu/state/
wait

description:
Percentage of CPU time spent waiting for I/O.

nodetype: container (ro)

/system/cpus/cpu/state/wait/
instant

description:
The instantaneous percentage value.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/wait/
avg

description:
The arithmetic mean value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/wait/
min

description:
The minimum value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/wait/
max

description:
The maximum value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/wait/
interval

description:
If supported by the system, this reports the time interval over which the min/max/average statistics are computed by the system.

nodetype: leaf (ro)

type: oc-types:stat-interval

/system/cpus/cpu/state/wait/
min-time

description:
The absolute time at which the minimum value occurred. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/cpus/cpu/state/wait/
max-time

description:
The absolute time at which the maximum value occurred. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/cpus/cpu/state/
hardware-interrupt

description:
Percentage of CPU time spent servicing hardware interrupts.

nodetype: container (ro)

/system/cpus/cpu/state/hardware-interrupt/
instant

description:
The instantaneous percentage value.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/hardware-interrupt/
avg

description:
The arithmetic mean value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/hardware-interrupt/
min

description:
The minimum value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/hardware-interrupt/
max

description:
The maximum value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/hardware-interrupt/
interval

description:
If supported by the system, this reports the time interval over which the min/max/average statistics are computed by the system.

nodetype: leaf (ro)

type: oc-types:stat-interval

/system/cpus/cpu/state/hardware-interrupt/
min-time

description:
The absolute time at which the minimum value occurred. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/cpus/cpu/state/hardware-interrupt/
max-time

description:
The absolute time at which the maximum value occurred. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/cpus/cpu/state/
software-interrupt

description:
Percentage of CPU time spent servicing software interrupts

nodetype: container (ro)

/system/cpus/cpu/state/software-interrupt/
instant

description:
The instantaneous percentage value.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/software-interrupt/
avg

description:
The arithmetic mean value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/software-interrupt/
min

description:
The minimum value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/software-interrupt/
max

description:
The maximum value of the percentage measure of the statistic over the time interval.

nodetype: leaf (ro)

type: oc-types:percentage

/system/cpus/cpu/state/software-interrupt/
interval

description:
If supported by the system, this reports the time interval over which the min/max/average statistics are computed by the system.

nodetype: leaf (ro)

type: oc-types:stat-interval

/system/cpus/cpu/state/software-interrupt/
min-time

description:
The absolute time at which the minimum value occurred. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/cpus/cpu/state/software-interrupt/
max-time

description:
The absolute time at which the maximum value occurred. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/
processes

description:
Parameters related to all monitored processes

nodetype: container (rw)

/system/processes/
process

description:
List of monitored processes

nodetype: list (ro)

list keys: [pid]

/system/processes/process/
pid

description:
Reference to the process pid key

nodetype: leaf (list key) (ro)

type: leafref

  • path reference: ../state/pid

/system/processes/process/
state

description:
State parameters related to monitored processes

nodetype: container (ro)

/system/processes/process/state/
pid

description:
The process pid

nodetype: leaf (ro)

type: uint64

/system/processes/process/state/
name

description:
The process name

nodetype: leaf (ro)

type: string

/system/processes/process/state/
args

description:
Current process command line arguments. Arguments with a parameter (e.g., --option 10 or -option=10) should be represented as a single element of the list with the argument name and parameter together. Flag arguments, i.e., those without a parameter should also be in their own list element.

nodetype: leaf-list (ro)

type: string

/system/processes/process/state/
start-time

description:
The time at which this process started, relative to the UNIX epoch. The system must be synchronized such that the start-time can be reported accurately, otherwise it should not be reported.

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/processes/process/state/
cpu-usage-user

description:
CPU time consumed by this process in user mode in nanoseconds.

nodetype: leaf (ro)

type: oc-yang:counter64

units: nanoseconds

/system/processes/process/state/
cpu-usage-system

description:
CPU time consumed by this process in kernel mode.

nodetype: leaf (ro)

type: oc-yang:counter64

units: nanoseconds

/system/processes/process/state/
cpu-utilization

description:
The percentage of CPU that is being used by the process.

nodetype: leaf (ro)

type: oc-types:percentage

/system/processes/process/state/
memory-usage

description:
Bytes allocated and still in use by the process

nodetype: leaf (ro)

type: uint64

units: bytes

/system/processes/process/state/
memory-utilization

description:
The percentage of RAM that is being used by the process.

nodetype: leaf (ro)

type: oc-types:percentage

/system/
alarms

description:
Top-level container for device alarms

nodetype: container (ro)

/system/alarms/
alarm

description:
List of alarms, keyed by a unique id

nodetype: list (ro)

list keys: [id]

/system/alarms/alarm/
id

description:
References the unique alarm id

nodetype: leaf (list key) (ro)

type: leafref

  • path reference: ../state/id

/system/alarms/alarm/
config

description:
Configuration data for each alarm

nodetype: container (ro)

/system/alarms/alarm/
state

description:
Operational state data for a device alarm

nodetype: container (ro)

/system/alarms/alarm/state/
id

description:
Unique ID for the alarm -- this will not be a configurable parameter on many implementations

nodetype: leaf (ro)

type: string

/system/alarms/alarm/state/
resource

description:
The item that is under alarm within the device. The resource may be a reference to an item which is defined elsewhere in the model. For example, it may be a platform/component, interfaces/interface, terminal-device/logical-channels/channel, etc. In this case the system should match the name of the referenced item exactly. The referenced item could alternatively be the path of the item within the model.

nodetype: leaf (ro)

type: string

/system/alarms/alarm/state/
text

description:
The string used to inform operators about the alarm. This MUST contain enough information for an operator to be able to understand the problem. If this string contains structure, this format should be clearly documented for programs to be able to parse that information

nodetype: leaf (ro)

type: string

/system/alarms/alarm/state/
time-created

description:
The time at which the alarm was raised by the system. This value is expressed relative to the Unix Epoch.

nodetype: leaf (ro)

type: oc-types:timeticks64

/system/alarms/alarm/state/
severity

description:
The severity level indicating the criticality and impact of the alarm

nodetype: leaf (ro)

type: identityref

  • base: oc-alarm-types:OPENCONFIG_ALARM_SEVERITY

/system/alarms/alarm/state/
type-id

description:
The abbreviated name of the alarm, for example LOS, EQPT, or OTS. Also referred to in different systems as condition type, alarm identifier, or alarm mnemonic. It is recommended to use the OPENCONFIG_ALARM_TYPE_ID identities where possible and only use the string type when the desired identityref is not yet defined

nodetype: leaf (ro)

type: union

    type: string

    type: identityref

    • base: oc-alarm-types:OPENCONFIG_ALARM_TYPE_ID

/system/
messages

description:
Top-level container for Syslog messages.

nodetype: container (rw)

/system/messages/
config

description:
Configuration data for Syslog messages.

nodetype: container (rw)

/system/messages/config/
severity

description:
Specifies that only messages of the given severity (or greater severity) are sent over the RPC. This is analogous to differentiating which severity is to be sent to legacy Syslog servers, as opposed to local buffer or files.

nodetype: leaf (rw)

type: oc-log:syslog-severity

/system/messages/
state

description:
Operational state data for a Syslog messages.

nodetype: container (ro)

/system/messages/state/
severity

description:
Specifies that only messages of the given severity (or greater severity) are sent over the RPC. This is analogous to differentiating which severity is to be sent to legacy Syslog servers, as opposed to local buffer or files.

nodetype: leaf (ro)

type: oc-log:syslog-severity

/system/messages/state/
message

description:
Syslog messages the client is Subscribing to. This is all messages currently configured to be sent according to syslog-severity.

nodetype: container (ro)

/system/messages/state/message/
msg

description:
Message payload. If other leafs within this container not supported, this leaf MAY include the entire message, inclding pri, procid, app-name etc..

nodetype: leaf (ro)

type: string

/system/messages/state/message/
priority

description:
The Priority value (PRIVAL) represents both the Facility and Severity.

nodetype: leaf (ro)

type: uint8

/system/messages/state/message/
app-name

description:
The APP-NAME field SHOULD identify the device or application that originated the message.

nodetype: leaf (ro)

type: string

/system/messages/state/message/
procid

description:
PROCID is a value that is included in the message, having no interoperable meaning, except that a change in the value indicates there has been a discontinuity in syslog reporting.

nodetype: leaf (ro)

type: string

/system/messages/state/message/
msgid

description:
The MSGID SHOULD identify the type of message. For example, a firewall might use the MSGID 'TCPIN' for incoming TCP traffic and the MSGID 'TCPOUT' for outgoing TCP traffic.

nodetype: leaf (ro)

type: string

/system/messages/
debug-entries

description:
Enclosing container for list of debugs to enable.

nodetype: container (rw)

/system/messages/debug-entries/
debug-service

description:
List of debugging entries.

nodetype: list (rw)

list keys: [service]

/system/messages/debug-entries/debug-service/
service

description:
Reference to the debug-enable service key.

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/service

/system/messages/debug-entries/debug-service/
config

description:
Configuration data for debug service entries.

nodetype: container (rw)

/system/messages/debug-entries/debug-service/config/
service

description:
Enumeration of all services which can have debugging enabled. Vendors are to augment this base identity with their platform or OS specific debug options.

nodetype: leaf (rw)

type: identityref

  • base: DEBUG_SERVICE

/system/messages/debug-entries/debug-service/config/
enabled

description:
Enable and disable debugging.

nodetype: leaf (rw)

type: boolean

default: false

/system/messages/debug-entries/debug-service/
state

description:
Operational state data for enabled debugs.

nodetype: container (ro)

/system/messages/debug-entries/debug-service/state/
service

description:
Enumeration of all services which can have debugging enabled. Vendors are to augment this base identity with their platform or OS specific debug options.

nodetype: leaf (ro)

type: identityref

  • base: DEBUG_SERVICE

/system/messages/debug-entries/debug-service/state/
enabled

description:
Enable and disable debugging.

nodetype: leaf (ro)

type: boolean

default: false

/system/
license

description:
Container for license model

nodetype: container (rw)

/system/license/
licenses

description:
Enclosing container for list of licenses

nodetype: container (rw)

/system/license/licenses/
license

description:
List of licenses.

nodetype: list (rw)

list keys: [license-id]

/system/license/licenses/license/
license-id

description:
Reference to license id list key

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/license-id

/system/license/licenses/license/
config

description:
Configuration data for license

nodetype: container (rw)

/system/license/licenses/license/config/
license-id

description:
License ID. A string that uniquelly identifies the license. The platform should list all the licenses it supports being activated.

nodetype: leaf (rw)

type: string

/system/license/licenses/license/config/
license-data

description:
The contents of the licence (if required) - which may be supplied as a binary blob, or a simple string value. If this value is considered sensitive, it may be read as an empty value.

nodetype: leaf (rw)

type: union

    type: binary

    type: string

/system/license/licenses/license/config/
active

description:
The activation state of the license.

nodetype: leaf (rw)

type: boolean

default: false

/system/license/licenses/license/
state

description:
Operational state data for license.

nodetype: container (ro)

/system/license/licenses/license/state/
license-id

description:
License ID. A string that uniquelly identifies the license. The platform should list all the licenses it supports being activated.

nodetype: leaf (ro)

type: string

/system/license/licenses/license/state/
license-data

description:
The contents of the licence (if required) - which may be supplied as a binary blob, or a simple string value. If this value is considered sensitive, it may be read as an empty value.

nodetype: leaf (ro)

type: union

    type: binary

    type: string

/system/license/licenses/license/state/
active

description:
The activation state of the license.

nodetype: leaf (ro)

type: boolean

default: false

/system/license/licenses/license/state/
description

description:
The license description.

nodetype: leaf (ro)

type: string

/system/license/licenses/license/state/
issue-date

description:
The date and time at which the license was issued, expressed as the number of nanoseconds since the Unix Epoch (January 1, 1970, 00:00 UTC).

nodetype: leaf (ro)

type: uint64

/system/license/licenses/license/state/
expiration-date

description:
The date and time at which the license will expire, expressed as the number of nanoseconds since the Unix Epoch (January 1, 1970, 00:00 UTC). Zero if it does not expire.

nodetype: leaf (ro)

type: uint64

/system/license/licenses/license/state/
in-use

description:
The license is in use. Different from active. This states that the license is effectively being used in addition to being active. If license for feature X was activated but feature X is not being used, then this should be false.

nodetype: leaf (ro)

type: boolean

/system/license/licenses/license/state/
expired

description:
The license has expired.

nodetype: leaf (ro)

type: boolean

/system/license/licenses/license/state/
valid

description:
The license is valid. Can be activated in the system or platform.

nodetype: leaf (ro)

type: boolean

/system/
mac-address

description:
Top-level container for system's MAC address configuration and state

nodetype: container (rw)

/system/mac-address/
config

description:
Configuration data for routing MAC address.

nodetype: container (rw)

/system/mac-address/config/
routing-mac

description:
Any packets destined to this MAC address must be sent through the routing pipeline by the system. This MAC address is used to identify routed packets in addition to any other MAC addresses that the system may already have been using to perform routing. It is not expected that this MAC address will be used as the source MAC address of any routed packet, as the source MAC address of any packets generated by the system, or a MAC address used in ARP response. This MAC address may not be allocated from the block of MAC address that system owns. For instance, it's allocation could be managed by an external controller.

nodetype: leaf (rw)

type: oc-yang:mac-address

/system/mac-address/
state

description:
Operational state data for routing MAC address.

nodetype: container (ro)

/system/mac-address/state/
routing-mac

description:
Any packets destined to this MAC address must be sent through the routing pipeline by the system. This MAC address is used to identify routed packets in addition to any other MAC addresses that the system may already have been using to perform routing. It is not expected that this MAC address will be used as the source MAC address of any routed packet, as the source MAC address of any packets generated by the system, or a MAC address used in ARP response. This MAC address may not be allocated from the block of MAC address that system owns. For instance, it's allocation could be managed by an external controller.

nodetype: leaf (ro)

type: oc-yang:mac-address

/system/
openflow

description:
Container for Openflow model

nodetype: container (rw)

/system/openflow/
controllers

description:
Container for the Openflow controllers model

nodetype: container (rw)

/system/openflow/controllers/
controller

description:
The Openflow Switch connects to all Openflow controllers configured

nodetype: list (rw)

list keys: [name]

/system/openflow/controllers/controller/
name

description:
The name identifies the controller.

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/name

/system/openflow/controllers/controller/
config

description:
Container for the Openflow controller config.

nodetype: container (rw)

/system/openflow/controllers/controller/config/
name

description:
Name of this Openflow controller. All connections for the same controller need to have the same name.

nodetype: leaf (rw)

type: string

/system/openflow/controllers/controller/
state

description:
Container for the Openflow controller state.

nodetype: container (ro)

/system/openflow/controllers/controller/state/
name

description:
Name of this Openflow controller. All connections for the same controller need to have the same name.

nodetype: leaf (ro)

type: string

/system/openflow/controllers/controller/
connections

description:
Enclosing container for list of controller connections

nodetype: container (rw)

/system/openflow/controllers/controller/connections/
connection

description:
List of connections to the OpenFlow controller. The Openflow switch always connects to configured Openflow controllers. Each controller can have more than one connection, called auxiliary Openflow connections.

nodetype: list (rw)

list keys: [aux-id]

/system/openflow/controllers/controller/connections/connection/
aux-id

description:
Reference to auxiliary id list key

nodetype: leaf (list key) (rw)

type: leafref

  • path reference: ../config/aux-id

/system/openflow/controllers/controller/connections/connection/
config

description:
Configuration data for OpenFlow controller connections

nodetype: container (rw)

/system/openflow/controllers/controller/connections/connection/config/
aux-id

description:
Controller auxiliary ID. Must be 0 for the main controller. One controller may have multiple auxiliary connections as specified by the Openflow protocol. Besides configuring the main controller, it is also possible to configure auxiliary connections. The main controller must have the aux-id set to zero. All others must have an aux-id different from 0.

nodetype: leaf (rw)

type: of-types:auxiliary-id

/system/openflow/controllers/controller/connections/connection/config/
priority

description:
Optional value for servicing auxiliary connections with different priorities.

nodetype: leaf (rw)

type: uint8

/system/openflow/controllers/controller/connections/connection/config/
address

description:
The IP address of the controller.

nodetype: leaf (rw)

type: oc-inet:ip-address

/system/openflow/controllers/controller/connections/connection/config/
port

description:
Controller port to use.

nodetype: leaf (rw)

type: oc-inet:port-number

default: 6653

/system/openflow/controllers/controller/connections/connection/config/
transport

description:
Controller transport protocol used.

nodetype: leaf (rw)

type: of-types:transport

default: TCP

/system/openflow/controllers/controller/connections/connection/config/
certificate-id

description:
Certificate ID is used for TLS connections. When installed, certificates are associated with an ID. This ID specifies the certificate to use in a TLS connection.

nodetype: leaf (rw)

type: string

/system/openflow/controllers/controller/connections/connection/config/
source-interface

description:
Optionally specify the source interface for the controller connection.

nodetype: leaf (rw)

type: oc-if:base-interface-ref

/system/openflow/controllers/controller/connections/connection/
state

description:
Operational state data for OpenFlow controller connections

nodetype: container (ro)

/system/openflow/controllers/controller/connections/connection/state/
aux-id

description:
Controller auxiliary ID. Must be 0 for the main controller. One controller may have multiple auxiliary connections as specified by the Openflow protocol. Besides configuring the main controller, it is also possible to configure auxiliary connections. The main controller must have the aux-id set to zero. All others must have an aux-id different from 0.

nodetype: leaf (ro)

type: of-types:auxiliary-id

/system/openflow/controllers/controller/connections/connection/state/
priority

description:
Optional value for servicing auxiliary connections with different priorities.

nodetype: leaf (ro)

type: uint8

/system/openflow/controllers/controller/connections/connection/state/
address

description:
The IP address of the controller.

nodetype: leaf (ro)

type: oc-inet:ip-address

/system/openflow/controllers/controller/connections/connection/state/
port

description:
Controller port to use.

nodetype: leaf (ro)

type: oc-inet:port-number

default: 6653

/system/openflow/controllers/controller/connections/connection/state/
transport

description:
Controller transport protocol used.

nodetype: leaf (ro)

type: of-types:transport

default: TCP

/system/openflow/controllers/controller/connections/connection/state/
certificate-id

description:
Certificate ID is used for TLS connections. When installed, certificates are associated with an ID. This ID specifies the certificate to use in a TLS connection.

nodetype: leaf (ro)

type: string

/system/openflow/controllers/controller/connections/connection/state/
source-interface

description:
Optionally specify the source interface for the controller connection.

nodetype: leaf (ro)

type: oc-if:base-interface-ref

/system/openflow/controllers/controller/connections/connection/state/
connected

description:
When set to true, indicates the connection between the switch and controller is established.

nodetype: leaf (ro)

type: boolean

/system/openflow/
agent

description:
Container for the Openflow agent model.

nodetype: container (rw)

/system/openflow/agent/
config

description:
Container for the Openflow agent config.

nodetype: container (rw)

/system/openflow/agent/config/
datapath-id

description:
Datapath unique ID. The lower 48-bits are for a MAC address, while the upper 16-bits are implementer-defined.

nodetype: leaf (rw)

type: of-types:datapath-id

/system/openflow/agent/config/
failure-mode

description:
Failure mode for Openflow.

nodetype: leaf (rw)

type: of-types:failure-mode

/system/openflow/agent/config/
backoff-interval

description:
Openflow agent connection backoff interval.

nodetype: leaf (rw)

type: uint32

units: seconds

/system/openflow/agent/config/
max-backoff

description:
Openflow agent max backoff time.

nodetype: leaf (rw)

type: uint32

units: seconds

/system/openflow/agent/config/
inactivity-probe

description:
Openflow agent inactivity probe period.

nodetype: leaf (rw)

type: uint32

units: seconds

/system/openflow/agent/
state

description:
Container for the Openflow agent state.

nodetype: container (ro)

/system/openflow/agent/state/
datapath-id

description:
Datapath unique ID. The lower 48-bits are for a MAC address, while the upper 16-bits are implementer-defined.

nodetype: leaf (ro)

type: of-types:datapath-id

/system/openflow/agent/state/
failure-mode

description:
Failure mode for Openflow.

nodetype: leaf (ro)

type: of-types:failure-mode

/system/openflow/agent/state/
backoff-interval

description:
Openflow agent connection backoff interval.

nodetype: leaf (ro)

type: uint32

units: seconds

/system/openflow/agent/state/
max-backoff

description:
Openflow agent max backoff time.

nodetype: leaf (ro)

type: uint32

units: seconds

/system/openflow/agent/state/
inactivity-probe

description:
Openflow agent inactivity probe period.

nodetype: leaf (ro)

type: uint32

units: seconds

openconfig-system-terminal

openconfig-version: 0.3.1

Description

This module defines configuration and operational state data related to remote terminal services such as ssh and telnet.

Imports

openconfig-extensions

Data elements

openconfig-system-logging

openconfig-version: 0.4.1

Description

This module defines configuration and operational state data for common logging facilities on network systems.

Imports

openconfig-extensions
openconfig-inet-types
openconfig-network-instance

Defined types

syslog-severity

description:
Syslog message severities

type: enumeration

  • EMERGENCY
    Emergency: system is unusable (0)
  • ALERT
    Alert: action must be taken immediately (1)
  • CRITICAL
    Critical: critical conditions (2)
  • ERROR
    Error: error conditions (3)
  • WARNING
    Warning: warning conditions (4)
  • NOTICE
    Notice: normal but significant condition(5)
  • INFORMATIONAL
    Informational: informational messages (6)
  • DEBUG
    Debug: debug-level messages (7)

Identities

base: SYSLOG_FACILITY

description:
Base identity for Syslog message facilities.

ALL

description:
All supported facilities

base identity: SYSLOG_FACILITY

KERNEL

description:
The facility for kernel messages

base identity: SYSLOG_FACILITY

USER

description:
The facility for user-level messages.

base identity: SYSLOG_FACILITY

MAIL

description:
The facility for the mail system.

base identity: SYSLOG_FACILITY

SYSTEM_DAEMON

description:
The facility for the system daemons.

base identity: SYSLOG_FACILITY

AUTH

description:
The facility for security/authorization messages.

base identity: SYSLOG_FACILITY

SYSLOG

description:
The facility for messages generated internally by syslogd facility.

base identity: SYSLOG_FACILITY

AUTHPRIV

description:
The facility for privileged security/authorization messages.

base identity: SYSLOG_FACILITY

NTP

description:
The facility for the NTP subsystem.

base identity: SYSLOG_FACILITY

AUDIT

description:
The facility for log audit messages.

base identity: SYSLOG_FACILITY

CONSOLE

description:
The facility for log alert messages.

base identity: SYSLOG_FACILITY

LOCAL0

description:
The facility for local use 0 messages.

base identity: SYSLOG_FACILITY

LOCAL1

description:
The facility for local use 1 messages.

base identity: SYSLOG_FACILITY

LOCAL2

description:
The facility for local use 2 messages.

base identity: SYSLOG_FACILITY

LOCAL3

description:
The facility for local use 3 messages.

base identity: SYSLOG_FACILITY

LOCAL4

description:
The facility for local use 4 messages.

base identity: SYSLOG_FACILITY

LOCAL5

description:
The facility for local use 5 messages.

base identity: SYSLOG_FACILITY

LOCAL6

description:
The facility for local use 6 messages.

base identity: SYSLOG_FACILITY

LOCAL7

description:
The facility for local use 7 messages.

base identity: SYSLOG_FACILITY

base: LOG_DESTINATION_TYPE

description:
Base identity for destination for logging messages

DEST_CONSOLE

description:
Directs log messages to the console

base identity: LOG_DESTINATION_TYPE

DEST_BUFFER

description:
Directs log messages to and in-memory circular buffer

base identity: LOG_DESTINATION_TYPE

DEST_FILE

description:
Directs log messages to a local file

base identity: LOG_DESTINATION_TYPE

DEST_REMOTE

description:
Directs log messages to a remote syslog server

base identity: LOG_DESTINATION_TYPE

Data elements

openconfig-procmon

openconfig-version: 0.4.0

Description

This module provides data definitions for process health monitoring of one or more processes running on the system.

Imports

openconfig-extensions
openconfig-types
openconfig-yang-types

Data elements

openconfig-aaa

openconfig-version: 1.0.0

Description

This module defines configuration and operational state data related to authorization, authentication, and accounting (AAA) management.

Portions of this model reuse data definitions or structure from RFC 7317 - A YANG Data Model for System Management

Imports

openconfig-extensions
openconfig-inet-types
openconfig-yang-types
openconfig-aaa-types

Identities

Identities

Identities

Data elements

openconfig-alarms

openconfig-version: 0.3.2

Description

This module defines operational state data related to alarms that the device is reporting.

This model reuses some data items defined in the draft IETF YANG Alarm Module: https://tools.ietf.org/html/draft-vallin-netmod-alarm-module-02

Portions of this code were derived from the draft IETF YANG Alarm Module. Please reproduce this note if possible.

IETF code is subject to the following copyright and license: Copyright (c) IETF Trust and the persons identified as authors of the code. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, is permitted pursuant to, and subject to the license terms contained in, the Simplified BSD License set forth in Section 4.c of the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info).

Imports

openconfig-alarm-types
openconfig-extensions
openconfig-types
openconfig-platform

Data elements

openconfig-license

openconfig-version: 0.2.0

Description

This module defines configuration and operational state data for licenses.

Imports

openconfig-extensions

Data elements

openconfig-openflow

openconfig-version: 0.1.2

Description

This module defines configuration and operational state data for Openflow.

Imports

openconfig-extensions
openconfig-inet-types
openconfig-interfaces
openconfig-openflow-types
openconfig-system

Data elements