This module contains a collection of YANG definitions for MACSEC protocol operational data. Copyright (c) 2019-2020 by Cisco Sys...
Version: 2021-03-01
module Cisco-IOS-XE-macsec-oper { yang-version 1; namespace "http://cisco.com/ns/yang/Cisco-IOS-XE-macsec-oper"; prefix macsec-ios-xe-oper; import cisco-semver { prefix cisco-semver; } organization "Cisco Systems, Inc."; contact "Cisco Systems, Inc. Customer Service Postal: 170 W Tasman Drive San Jose, CA 95134 Tel: +1 1800 553-NETS E-mail: cs-yang@cisco.com"; description "This module contains a collection of YANG definitions for MACSEC protocol operational data. Copyright (c) 2019-2020 by Cisco Systems, Inc. All rights reserved."; revision "2021-03-01" { description "Adding support for byte counters"; reference "1.1.0"; } revision "2020-07-01" { description "Initial revision"; reference "1.0.0"; } cisco-semver:module-version "1.1.0"; cisco-semver:module-version "1.0.0"; grouping macsec-txscsa-info { description "Transmit Secure Channel and Secure Association Information"; leaf sci { type string; description "Transmit Secure Channel Identifier. Every Transmit Channel is uniquely identified using this field."; } leaf sc-auth-only-pkts { type uint64; description "Transmit Secure Channel Authenticated only Packets counter. This counter accumulates the data of Secure Association authenticated only packets counter on every rekey."; } leaf sc-encrypt-pkts { type uint64; description "Transmit Secure Channel Encrypted Packets counter. This counter accumulates the data of Secure Association Encrypted (which are authenticated as well) packets counter on every rekey."; } leaf sa-auth-only-pkts { type uint64; description "Transmit Secure Association Authenticated Packets only counter. This counter gets incremented when the packet going out from the interface is authenticated only and not encrypted."; } leaf sa-encrypt-pkts { type uint64; description "Transmit Secure Association Encrypted Packets counter. This counter gets incremented when the packet going out from the interface is authenticated and encrypted."; } leaf sc-auth-only-bytes { type uint64; description "Transmit Secure Channel Authenticated only Bytes counter. This counter accumulates the data of Secure Association authenticated only bytes counter on every rekey."; } leaf sc-encrypted-bytes { type uint64; description "Transmit Secure Channel Encrypted Bytes counter. This counter accumulates the data of Secure Association Encrypted (which are authenticated as well) bytes counter on every rekey."; } leaf sa-auth-only-bytes { type uint64; description "Transmit Secure Association Authenticated only Bytes counter. This counter gets incremented when the byte going out from the interface is authenticated only and not encrypted."; } leaf sa-encrypted-bytes { type uint64; description "Transmit Secure Association Encrypted Bytes counter. This counter gets incremented when the byte going out from the interface is authenticated and encrypted."; } } // grouping macsec-txscsa-info grouping macsec-rxscsa-info { description "Receive Secure Channel and Secure Association Information"; leaf sci { type string; description "Receive Secure Channel Identifier. Every Receive Channel is uniquely identified using this field."; } leaf sc-notvalid-pkts { type uint64; description "Receive Secure Channel Not Valid Packets counter. This counter accumulates the data of Receive Secure Association Not Valid packets counter on every rekey."; } leaf sc-valid-pkts { type uint64; description "Receive Secure Channel Valid Packets counter. This counter accumulates the data of Receive Secure Association Valid packets counter on every rekey."; } leaf sc-late-pkts { type uint64; description "Receive Secure Channel Late Packets counter. This counter accumulates the late packets every rekey if replay protect is enabled."; } leaf sc-delay-pkts { type uint64; description "Receive Secure Channel Delayed Packets counter. This counter accumulates the delayed packets every rekey if replay protect is not enabled."; } leaf sa-notvalid-pkts { type uint64; description "Receive Secure Association Not Valid Packets counter. This counter gets incremented if the integrity check fails for incoming packet."; } leaf sa-valid-pkts { type uint64; description "Receive Secure Association Valid Packets counter. This counter gets incremented if the incoming packet is Valid."; } leaf sc-validated-bytes { type uint64; description "Receive Secure Channel Validated bytes counter. This counter accumulates the data of Receive Secure Association Validated bytes counter on every rekey."; } leaf sc-decrypted-bytes { type uint64; description "Receive Secure Channel decrypted bytes counter. This counter accumulates the data of Receive Secure Association decrypted bytes (which are validated also) counter on every rekey."; } leaf sa-validated-bytes { type uint64; description "Receive Secure Association Validated Bytes counter. This counter gets incremented if the incoming byte is Validated only."; } leaf sa-decrypted-bytes { type uint64; description "Receive Secure Association decrypted Bytes counter. This counter gets incremented if the incoming byte is both decrypted and Validated."; } } // grouping macsec-rxscsa-info grouping macsec-statistics { description "MACSEC Interface Statistics"; leaf if-name { type string; description "Interface Name"; } leaf tx-untag-pkts { type uint64; description "MACSEC interface level Transmit Untagged Packets counter. This counter will increment if MACSEC is enabled on interface and out going packet is not tagged with MACSEC header."; } leaf rx-notag-pkts { type uint64; description "MACSEC interface level Receive No Tag Packets counter. This counter will increment if MACSEC is enabled on interface and incoming packet does not have MACSEC tag."; } leaf rx-badtag-pkts { type uint64; description "MACSEC interface level Receive Bad Tag Packets counter. This counter will increment if MACSEC is enabled on interface and incoming packet has incorrect MACSEC tag."; } leaf rx-unknownsci-pkts { type uint64; description "MACSEC interface level Receive Unknown SCI Packets counter. This counter will increment if MACSEC is enabled on interface and SCI present in MACSEC tag of the incoming packet does not match any SCI present in ingress SCI table in switch."; } leaf rx-nosci-pkts { type uint64; description "MACSEC interface level Receive No SCI Packets counter. This counter will increment if MACSEC is enabled on interface and incoming packet does not have SCI field in MACSEC tag."; } list macsec-tx-scsa-info { key "sci"; description "Transmit Secure Channels and Secure Association Statistics"; uses macsec-ios-xe-oper:macsec-txscsa-info; } // list macsec-tx-scsa-info list macsec-rx-scsa-info { key "sci"; description "Receive Secure Channels and Secure Association Statistics"; uses macsec-ios-xe-oper:macsec-rxscsa-info; } // list macsec-rx-scsa-info } // grouping macsec-statistics container macsec-oper-data { config false; description "Operational state of MACSEC"; list macsec-statistics { key "if-name"; description "MACSEC Statistics"; uses macsec-ios-xe-oper:macsec-statistics; } // list macsec-statistics } // container macsec-oper-data } // module Cisco-IOS-XE-macsec-oper
© 2023 YumaWorks, Inc. All rights reserved.