This submodule contains a collection of YANG definitions for Cisco IOS-XR crypto-macsec-pl package operational data. Copyright ...
Version: 2020-11-05
submodule Cisco-IOS-XR-crypto-macsec-pl-oper-sub1 { yang-version 1; belongs-to Cisco-IOS-XR-crypto-macsec-pl-oper { prefix Cisco-IOS-XR-crypto-macsec-pl-oper; } import ietf-yang-types { prefix yang; } import cisco-semver { prefix semver; } organization "Cisco Systems, Inc."; contact "Cisco Systems, Inc. Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 Tel: +1 800 553-NETS E-mail: cs-yang@cisco.com"; description "This submodule contains a collection of YANG definitions for Cisco IOS-XR crypto-macsec-pl package operational data. Copyright (c) 2013-2020 by Cisco Systems, Inc. All rights reserved."; revision "2020-11-05" { description "Revison Update doe macsec pl oper"; } revision "2019-12-05" { description "Revison Update doe macsec pl oper"; } revision "2019-04-05" { description "Establish semantic version baseline."; } revision "2015-11-09" { description "IOS XR 6.0 revision."; } semver:module-version "2.0.0"; semver:module-version "1.2.0"; semver:module-version "1.1.0"; typedef Macsec-phy-vendor { type enumeration { enum "msfpga" { value 0; description "msfpga"; } enum "xlmsfpga" { value 1; description "xlmsfpga"; } enum "apm-es200" { value 2; description "apm es200"; } enum "apm-x120" { value 3; description "apm x120"; } enum "mv88ec808" { value 4; description "mv88ec808"; } enum "vtss" { value 5; description "vtss"; } enum "meta-dx1" { value 6; description "meta dx1"; } enum "max-card-type" { value 7; description "max card type"; } enum "unknown" { value 8; description "unknown"; } enum "invalid" { value 9; description "invalid"; } enum "un-detected" { value 10; description "un detected"; } } description "Macsec phy vendor"; } grouping PL-METADX-FLOW-INFO { description "PL METADX FLOW INFO"; leaf isflow-valid { type boolean; description "is a valid flow"; } leaf is-pkt-type-any { type boolean; description "any packet flow "; } leaf is-pkt-type-other { type boolean; description "other packet flow "; } leaf is-pkt-type-mpls { type boolean; description "mpls packet flow "; } leaf is-pkt-type-pbb { type boolean; description "pbb packet flow"; } leaf is-drop-flow { type boolean; description "is drop flow"; } leaf is-control-packet { type boolean; description "is control pkt flow"; } leaf an-no { type uint8; description "AN Number"; } leaf no-of-tags-or-label { type uint8; description "no of vlan tags"; } leaf sa-no { type uint32; description "Sa Number"; } leaf flow-no { type uint32; description "Flow Number"; } leaf port-no { type uint32; description "Port Number"; } leaf other-ether-type { type uint32; description "ether type"; } leaf other-ether-type-mask { type uint32; description "ether type mask"; } leaf other-vlan-tag-1 { type uint32; description "first vlan tag"; } leaf other-vlan-tag-mask-1 { type uint32; description "first vlan mask"; } leaf other-vlan-tag-2 { type uint32; description "second vlan tag"; } leaf other-vlan-tag-mask-2 { type uint32; description "second vlan mask"; } leaf pbb-vlan-tag-val { type uint32; description "first vlan tag"; } leaf pbb-vlan-tag-mask { type uint32; description "first vlan mask"; } leaf pbb-service-instance-id-val { type uint32; description "service instances id val"; } leaf pbb-service-instance-id-mask { type uint32; description "service instances id mask"; } leaf mpls-label-1 { type uint32; description "first mpls lablel"; } leaf mpls-label-2 { type uint32; description "second mpls label"; } leaf mpls-mask-1 { type uint32; description "first mpls mask"; } leaf mpls-mask-2 { type uint32; description "second mpls mask"; } leaf sci { type uint64; description "SCI"; } leaf-list mac { type uint8; description "MAC SA"; } leaf-list mac-mask { type uint8; description "MAC MASK"; } } // grouping PL-METADX-FLOW-INFO grouping PL-METADX-FLOW { description "Flow Details"; container tx-flow { description "Tx Flow Details"; uses PL-METADX-FLOW-INFO; } // container tx-flow container rx-flow { description "Rx Flow Details"; uses PL-METADX-FLOW-INFO; } // container rx-flow } // grouping PL-METADX-FLOW grouping PL-X120-FLOW-INFO { description "Flow Information"; leaf flow-no { type uint32; description "Flow Number"; } leaf is-flow-enabled { type boolean; description "Is Flow Enabled"; } leaf ethertype { type uint16; description "Parsed EtherType to match could be 0 if Ethertype should'nt be matched can be 0x88E5 for MACSec tag"; } leaf outer-vlan-id { type uint16; description " VLAN ID for outer tag use this when only one tag should be matched"; } leaf outer-vlan-user-pri { type uint8; description "VLAN User Priority for outer tag use this when only one tag should be matched"; } leaf inner-vlan-id { type uint16; description "VLAN ID for inner tag used when two VLAN Tags should be matched"; } leaf inner-vlan-user-pri { type uint8; description " VLAN User priority for inner tag use when matching two VLAN tags"; } leaf psci { type uint64; description " SCI to be matched value required for ingress only, pass NULL for egress"; } leaf match-priority { type uint8; description "priority for match 0-15(highest) "; } leaf tci-v { type uint8; description "value of 'v' in TCI to match (1bit) "; } leaf tci-e-xr { type uint8; description "value of 'es' in TCI to match (1bit) "; } leaf tci-sc { type uint8; description "value of 'sc' in TCI to match (1bit) "; } leaf tci-scb { type uint8; description "value of 'scb' in TCI to match (1bit) "; } leaf tci { type uint8; description "value of 'e' in TCI to match (1bit )"; } leaf tci-c { type uint8; description "value of 'c' in TCI to match (1bit) "; } leaf tci-chk { type boolean; description "TCI bits will be checked only when this bit is enabled. All the values of TCI bits are mandatory when TCI check is used"; } leaf pkt-type { type string; description "Type of packet. See ethMscCfyEPktType_e"; } leaf tag-num { type string; description "No. of MPLS or VLAN tags See ethMscCfyETagNum_e "; } leaf inner-vlan-dei { type boolean; description "Dei to match for innner Vlan tag"; } leaf outer-vlan-dei { type boolean; description "Dei to match for outer Vlan tag"; } leaf pbb-sid { type uint32; description " Service Instance id "; } leaf pbb-bvid { type uint32; description " Backbone Vlan id "; } leaf pbb-pcp { type uint8; description " pcp "; } leaf pbb-dei { type uint8; description " dei "; } leaf mpls1-label { type uint32; description " label "; } leaf mpls1-exp { type uint8; description " exp "; } leaf mpls1-bos { type uint8; description " botton of stack "; } leaf mpls2-label { type uint32; description " label "; } leaf mpls2-exp { type uint8; description " exp "; } leaf mpls2-bos { type uint8; description " botton of stack "; } leaf plain-bits { type uint64; units "bit"; description "Plain bits to compare. Max values: untagged pkt - 40 bits after EthType 1 VLAN tag - 24 bits after parsed EthType 2 VLAN tags- 8 bits after parsed EthType 1 MPLS tag - 32 bits after 1st tag 2 MPLS tags- 8 bits following after 2nd or atmost 5th MPLS tag PBB - 16 bits after C-SA PBB with VLAN tag - 16 bits of VLAN tag "; } leaf plain-bits-size { type uint8; description "No. of bits used in plainBits"; } leaf force-ctrl { type boolean; description "Force the pkt as control pkt irrepective of the results of control packet detector"; } leaf drop { type boolean; description "Drop the packet"; } leaf mask-da { type uint64; description "DA mask"; } leaf mask-ethertype { type uint32; description "Parsed EtherType mask"; } leaf mask-plain-bits { type uint64; description "Plain Bits mask"; } leaf flow-hits { type uint64; description "Pkts matching the Flow"; } leaf-list macda { type uint8; description "MAC DA"; } } // grouping PL-X120-FLOW-INFO grouping PL-X120-FLOW { description "Flow Details"; container tx-flow { description "Tx Flow Details"; uses PL-X120-FLOW-INFO; } // container tx-flow container rx-flow { description "Rx Flow Details"; uses PL-X120-FLOW-INFO; } // container rx-flow } // grouping PL-X120-FLOW grouping PL-MV88EC808-FLOW-INFO { description "PL MV88EC808 FLOW INFO"; leaf an-no { type uint8; description "AN Number"; } leaf sa-no { type uint32; description "Sa Number"; } leaf flow-no { type uint32; description "Flow Number"; } leaf port-no { type uint32; description "Port Number"; } leaf is-flow-valid { type boolean; description "Valid Flow"; } leaf fmacsa-in-use { type boolean; description "If MAC SA in Use"; } leaf fmacda-in-use { type boolean; description "If MAC DA in Use"; } leaf ether-type { type uint16; description "Ether Type"; } leaf source-port { type uint32; description "Source Port"; } leaf source-port-chk { type boolean; description "Source Port ChkEn"; } leaf fsci-in-use { type boolean; description "If SCI in use"; } leaf sci { type uint64; description "SCI"; } leaf match-pri { type uint8; description "Match Priority"; } leaf is-cntl-pkt { type boolean; description "Is Control Pkt"; } leaf ctrl-pkt-chk { type boolean; description "Ctrl Pkt ChkEn"; } leaf match-untagged { type boolean; description "MatchUntagged"; } leaf match-tagged { type boolean; description "MatchTagged"; } leaf match-bad-tag { type boolean; description "Match Bad Tag"; } leaf match-ka-y-tag { type boolean; description "MatchKaYTag"; } leaf tci-v { type uint8; description "TCI V"; } leaf tci-e-xr { type uint8; description "TCI ES"; } leaf tci-sc { type uint8; description "TCI SC"; } leaf tci-scb { type uint8; description "TCI SCB"; } leaf tci { type uint8; description "TCI E"; } leaf tci-c { type uint8; description "TCI C"; } leaf tci-an { type uint8; description "TCI AN"; } leaf tci-an-chk { type boolean; description "TciAnChkEn"; } leaf tci-chk { type boolean; description "TciChkEn"; } leaf-list macsa { type uint8; description "MAC SA"; } leaf-list macda { type uint8; description "MAC DA"; } } // grouping PL-MV88EC808-FLOW-INFO grouping PL-MV88EC808-FLOW { description "Flow Details"; container tx-flow { description "Tx Flow Details"; uses PL-MV88EC808-FLOW-INFO; } // container tx-flow container rx-flow { description "Rx Flow Details"; uses PL-MV88EC808-FLOW-INFO; } // container rx-flow } // grouping PL-MV88EC808-FLOW grouping PL-ES200-FLOW-INFO { description "Flow Information"; leaf flow-no { type uint32; description "Flow Number"; } leaf is-flow-enabled { type boolean; description "Is Flow Enabled"; } leaf ethertype { type uint16; description "Parsed EtherType to match could be 0 if Ethertype should'nt be matched can be 0x88E5 for MACSec tag"; } leaf outer-vlan-id { type uint16; description " VLAN ID for outer tag use this when only one tag should be matched"; } leaf outer-vlan-user-pri { type uint8; description "VLAN User Priority for outer tag use this when only one tag should be matched"; } leaf inner-vlan-id { type uint16; description "VLAN ID for inner tag used when two VLAN Tags should be matched"; } leaf inner-vlan-user-pri { type uint8; description " VLAN User priority for inner tag use when matching two VLAN tags"; } leaf psci { type uint64; description " SCI to be matched value required for ingress only, pass NULL for egress"; } leaf match-priority { type uint8; description "priority for match 0-15(highest) "; } leaf tci-v { type uint8; description "value of 'v' in TCI to match (1bit) "; } leaf tci-e-xr { type uint8; description "value of 'es' in TCI to match (1bit) "; } leaf tci-sc { type uint8; description "value of 'sc' in TCI to match (1bit) "; } leaf tci-scb { type uint8; description "value of 'scb' in TCI to match (1bit) "; } leaf tci { type uint8; description "value of 'e' in TCI to match (1bit )"; } leaf tci-c { type uint8; description "value of 'c' in TCI to match (1bit) "; } leaf tci-chk { type boolean; description "TCI bits will be checked only when this bit is enabled. All the values of TCI bits are mandatory when TCI check is used"; } leaf pkt-type { type string; description "Type of packet. See ethMscCfyEPktType_e"; } leaf tag-num { type string; description "No. of MPLS or VLAN tags See ethMscCfyETagNum_e "; } leaf inner-vlan-dei { type boolean; description "Dei to match for innner Vlan tag"; } leaf outer-vlan-dei { type boolean; description "Dei to match for outer Vlan tag"; } leaf pbb-sid { type uint32; description " Service Instance id "; } leaf pbb-bvid { type uint32; description " Backbone Vlan id "; } leaf pbb-pcp { type uint8; description " pcp "; } leaf pbb-dei { type uint8; description " dei "; } leaf mpls1-label { type uint32; description " label "; } leaf mpls1-exp { type uint8; description " exp "; } leaf mpls1-bos { type uint8; description " botton of stack "; } leaf mpls2-label { type uint32; description " label "; } leaf mpls2-exp { type uint8; description " exp "; } leaf mpls2-bos { type uint8; description " botton of stack "; } leaf plain-bits { type uint64; units "bit"; description "Plain bits to compare. Max values: untagged pkt - 40 bits after EthType 1 VLAN tag - 24 bits after parsed EthType 2 VLAN tags- 8 bits after parsed EthType 1 MPLS tag - 32 bits after 1st tag 2 MPLS tags- 8 bits following after 2nd or atmost 5th MPLS tag PBB - 16 bits after C-SA PBB with VLAN tag - 16 bits of VLAN tag "; } leaf plain-bits-size { type uint8; description "No. of bits used in plainBits"; } leaf force-ctrl { type boolean; description "Force the pkt as control pkt irrepective of the results of control packet detector"; } leaf drop { type boolean; description "Drop the packet"; } leaf mask-da { type uint64; description "DA mask"; } leaf mask-ethertype { type uint32; description "Parsed EtherType mask"; } leaf mask-plain-bits { type uint64; description "Plain Bits mask"; } leaf flow-hits { type uint64; description "Pkts matching the Flow"; } leaf-list macda { type uint8; description "MAC DA"; } } // grouping PL-ES200-FLOW-INFO grouping PL-ES200-FLOW { description "Flow Details"; container tx-flow { description "Tx Flow Details"; uses PL-ES200-FLOW-INFO; } // container tx-flow container rx-flow { description "Rx Flow Details"; uses PL-ES200-FLOW-INFO; } // container rx-flow } // grouping PL-ES200-FLOW grouping PL-MACSEC-FLOW-EXT { description "PL MACSEC FLOW EXT"; container es200-flow { when "../type = 'apm-es200'" { description "../type = 'APM_ES200'"; } description "ES200 Flow Information"; uses PL-ES200-FLOW; } // container es200-flow container mv88ec808-flow { when "../type = 'mv88ec808'" { description "../type = 'MV88EC808'"; } description "MV88EC808 Flow Information"; uses PL-MV88EC808-FLOW; } // container mv88ec808-flow container x120-flow { when "../type = 'apm-x120'" { description "../type = 'APM_X120'"; } description "X120 Flow Information"; uses PL-X120-FLOW; } // container x120-flow container metadx-flow { when "../type = 'meta-dx1'" { description "../type = 'META_DX1'"; } description "META_DX1 Flow Information"; uses PL-METADX-FLOW; } // container metadx-flow leaf type { type Macsec-phy-vendor; description "type"; } } // grouping PL-MACSEC-FLOW-EXT grouping PL-MACSEC-FLOW { description "MACSec HW Flow Details"; container ext { description "ext"; uses PL-MACSEC-FLOW-EXT; } // container ext } // grouping PL-MACSEC-FLOW grouping PL-METADX-RX-SA-INFO { description "PL METADX RX SA INFO"; container xform-params { description "Xform Params"; uses PL-METADX-XFORM-PARAM-INFO; } // container xform-params leaf must-secure { type boolean; description "MustSecure"; } leaf xform-in-use { type boolean; description "In use flag"; } leaf replay-protect { type boolean; description "Replay Protect"; } leaf sa-in-use { type boolean; description "SA In Use"; } leaf is-egress { type boolean; description "Direction"; } leaf active-an { type uint8; description "Active an"; } leaf window-size { type uint32; description "replay windowsize"; } } // grouping PL-METADX-RX-SA-INFO grouping PL-METADX-XFORM-PARAM-INFO { description "PL METADX XFORM PARAM INFO"; leaf xpn-flag { type boolean; description "XPN flag"; } leaf sci { type string { length "0..24"; } description "SCI"; } leaf crypto-algo { type string; description "Crypto Algo"; } leaf key-len { type string; description "Key Len"; } leaf an { type uint8; description "AN"; } leaf auth-start { type uint8; description "Auth Start"; } leaf auth-length { type uint8; description "Auth Length"; } leaf conf-offset { type uint32; description "ConfOffset"; } leaf sa-id { type uint32; description "sa id"; } leaf seq-num { type uint64; description "Seq Num"; } } // grouping PL-METADX-XFORM-PARAM-INFO grouping PL-METADX-TX-SA-INFO { description "PL METADX TX SA INFO"; container xform-params { description "Xform Params"; uses PL-METADX-XFORM-PARAM-INFO; } // container xform-params leaf xform-in-use { type boolean; description "In use flag"; } leaf protect-frame { type boolean; description "Ingtegrity"; } leaf include-sci { type boolean; description "Include SCI"; } leaf use-es { type boolean; description "Use ES"; } leaf use-scb { type boolean; description "Use SCB"; } leaf conf-protect { type boolean; description "Encryption"; } leaf is-egress { type boolean; description "Direction"; } leaf sa-in-use { type boolean; description "SA In Use"; } } // grouping PL-METADX-TX-SA-INFO grouping PL-METADX-SA { description "PL METADX SA"; container tx-sa { description "Egress SA PARAMS"; uses PL-METADX-TX-SA-INFO; } // container tx-sa leaf port-no { type uint32; description "Port No"; } list rx-sa { description "Ingress SA Params"; uses PL-METADX-RX-SA-INFO; } // list rx-sa } // grouping PL-METADX-SA grouping PL-MV88EC808-RX-SA-INFO { description "PL MV88EC808 RX SA INFO"; container xform-params { description "Xform Params"; uses PL-MV88EC808-XFORM-PARAM-INFO; } // container xform-params leaf xform-in-use { type boolean; description "In use flag"; } leaf replay-protect { type boolean; description "Replay Protect"; } leaf action-type { type string; description "Action for SA"; } leaf drop-type { type uint8; description "Droptype "; } leaf is-egress { type boolean; description "Direction"; } leaf conf-offset { type uint32; description "ConfOffset"; } leaf sa-in-use { type boolean; description "SA In Use"; } leaf validate-frame { type string; description "Frame validation type"; } leaf low-pn { type uint64; description "lowPN"; } leaf nxt-pn { type uint64; description "nxtPN"; } } // grouping PL-MV88EC808-RX-SA-INFO grouping PL-MV88EC808-XFORM-PARAM-INFO { description "PL MV88EC808 XFORM PARAM INFO"; leaf sci { type string { length "0..24"; } description "SCI"; } leaf crypto-algo { type string; description "Crypto Algo"; } leaf seq-num { type uint64; description "Seq Num"; } leaf rwin { type uint32; description "Replay window"; } leaf is-egress { type boolean; description "Egress Flag"; } leaf key-len { type string; description "Key Len"; } leaf an { type uint8; description "AN"; } leaf xpn-flag { type boolean; description "XPN flag"; } } // grouping PL-MV88EC808-XFORM-PARAM-INFO grouping PL-MV88EC808-TX-SA-INFO { description "PL MV88EC808 TX SA INFO"; container xform-params { description "Xform Params"; uses PL-MV88EC808-XFORM-PARAM-INFO; } // container xform-params leaf xform-in-use { type boolean; description "In use flag"; } leaf protect-frame { type boolean; description "Ingtegrity"; } leaf include-sci { type boolean; description "Include SCI"; } leaf use-es { type boolean; description "Use ES"; } leaf use-scb { type boolean; description "Use SCB"; } leaf conf-protect { type boolean; description "Encryption"; } leaf action-type { type string; description "Action for SA"; } leaf drop-type { type uint8; description "Droptype "; } leaf is-egress { type boolean; description "Direction"; } leaf conf-offset { type uint32; description "ConfOffset"; } leaf sa-in-use { type boolean; description "SA In Use"; } } // grouping PL-MV88EC808-TX-SA-INFO grouping PL-MV88EC808-SA { description "PL MV88EC808 SA"; container tx-sa { description "Egress SA PARAMS"; uses PL-MV88EC808-TX-SA-INFO; } // container tx-sa list rx-sa { description "Ingress SA Params"; uses PL-MV88EC808-RX-SA-INFO; } // list rx-sa } // grouping PL-MV88EC808-SA grouping PL-X120-RX-SA-INFO { description "RX SA specific information"; container xform-params { description " Xform Params"; uses PL-X120-XFORM-PARAMS; } // container xform-params leaf is-valid { type boolean; description "Is structure valid"; } leaf sa-id { type uint8; description "SA Index"; } leaf confidentiality-offset { type uint8; units "byte"; description "bytes that are authenticated but not encrypted following the SecTAG in the encrypted packet."; } leaf is-egress { type boolean; description "true if SA is in egress direction"; } leaf fdrop-non-reserved { type uint8; description "Perform drop action if packet is not from the reserved port"; } leaf macsec-sa-action { type string; description "SA action type"; } leaf drop-type { type string; description "SA packet drop type"; } leaf dest-port-type { type string; description "destination port type"; } leaf replay-protect { type boolean; description "replay protection enabled"; } leaf frame-validation-type { type string; description "frame validation type"; } leaf in-pkts-unchecked { type uint8; description "frame not valid & validateFrames disabled"; } leaf in-pkts-delayed { type uint8; description "PN of packet outside replay window & validateFrames !strict"; } leaf in-pkts-late { type uint8; description "PN of packet outside replay window & validateFrames strict"; } leaf in-pkts-ok { type uint8; description "packets with no error"; } leaf in-pkts-invalid { type uint8; description "packet not valid & validateFrames !strict"; } leaf in-pkts-not-valid { type uint8; description "packet not valid & validateFrames strict"; } leaf in-pkts-not-using-sa { type uint8; description "packet assigned to SA not in use & validateFrames strict"; } leaf in-pkts-unused-sa { type uint8; description "packet assigned to SA not in use& validateFrames !strict"; } leaf in-pkts-untagged-hit { type uint8; description "packet assigned to SA but not tagged (non-standard)"; } leaf in-octets-decrypted-validated1 { type uint8; description "octets1 decrypted/validated"; } leaf in-octets-decrypted-validated2 { type uint8; description "octets2 decrypted/validated"; } } // grouping PL-X120-RX-SA-INFO grouping PL-X120-XFORM-PARAMS { description "SA Xform specific information"; leaf replay-win-size { type uint32; description "range of pkt nos considered valid"; } leaf crypt-algo { type string; description "Cryptographic algo used"; } leaf is-egress-tr { type boolean; description "APM_TRUE if this is Egress Transform record, APM_FALSE otherwise"; } leaf aes-key-len { type string; description "AES Key length"; } leaf assoc-num { type uint8; description "Association Number for egress"; } leaf is-seq-num64-bit { type boolean; description "TRUE if Seq Num is 64-bit, FALSE if it is 32-bit"; } } // grouping PL-X120-XFORM-PARAMS grouping PL-X120-TX-SA-INFO { description "TX SA specific information"; container xform-params { description " Xform Params"; uses PL-X120-XFORM-PARAMS; } // container xform-params leaf is-valid { type boolean; description "Is structure valid"; } leaf sa-id { type uint8; description "SA Index"; } leaf out-pkts-too-long { type uint8; description "packets exceeding egress MTU"; } leaf out-pkts-encrypted-protected { type uint8; description "packets encrypted/protected"; } leaf out-octets-encrypted-protected1 { type uint8; description "octets1 encrypted/protected"; } leaf initial-pkt-number { type uint8; description "Initial Packet Number"; } leaf current-pkt-number { type uint64; description "Current packet Number"; } leaf max-pkt-number { type uint64; description "Maximum packet Number"; } leaf confidentiality-offset { type uint8; units "byte"; description "bytes that are authenticated but not encrypted following the SecTAG in the encrypted packet."; } leaf is-egress { type boolean; description "true if SA is in egress direction"; } leaf macsec-sa-action { type string; description "SA action type"; } leaf drop-type { type string; description "SA packet drop type"; } leaf dest-port-type { type string; description "destination port type"; } leaf is-protect-frame { type boolean; description "is frame protection enabled"; } leaf is-include-sci { type boolean; description "true to insert explicit SCI in pkt false to use implicit SCI"; } leaf is-use-es { type boolean; description "set ES bit in generated SecTAG"; } leaf is-use-scb { type boolean; description "set SCB bit in generated SecTAG"; } leaf is-f-conf-protect { type boolean; description "enable confidentiality protection"; } } // grouping PL-X120-TX-SA-INFO grouping PL-X120-SA { description "SA details"; container tx-sa { description "Tx SA Details"; uses PL-X120-TX-SA-INFO; } // container tx-sa list rx-sa { description "Rx SA Details"; uses PL-X120-RX-SA-INFO; } // list rx-sa } // grouping PL-X120-SA grouping PL-ES200-RX-SA-INFO { description "RX SA specific information"; container xform-params { description " Xform Params"; uses PL-ES200-XFORM-PARAMS; } // container xform-params leaf is-valid { type boolean; description "Is structure valid"; } leaf sa-id { type uint8; description "SA Index"; } leaf sc-no { type uint32; description "SC Number"; } leaf in-pkts-unchecked { type uint8; description "frame not valid & validateFrames disabled"; } leaf in-pkts-delayed { type uint8; description "PN of packet outside replay window & validateFrames !strict"; } leaf in-pkts-late { type uint8; description "PN of packet outside replay window & validateFrames strict"; } leaf in-pkts-ok { type uint8; description "packets with no error"; } leaf in-pkts-invalid { type uint8; description "packet not valid & validateFrames !strict"; } leaf in-pkts-not-valid { type uint8; description "packet not valid & validateFrames strict"; } leaf in-pkts-not-using-sa { type uint8; description "packet assigned to SA not in use & validateFrames strict"; } leaf in-pkts-unused-sa { type uint8; description "packet assigned to SA not in use& validateFrames !strict"; } leaf in-octets-decrypted-validated1 { type uint8; description "octets1 decrypted/validated"; } leaf in-octets-validated { type uint8; description "octets validated"; } leaf conf-offset { type uint16; description "Confidentiality Offset"; } } // grouping PL-ES200-RX-SA-INFO grouping PL-ES200-XFORM-PARAMS { description "SA Xform specific information"; leaf replay-win-size { type uint32; description "range of pkt nos considered valid"; } leaf crypt-algo { type string; description "Cryptographic algo used"; } leaf is-egress-tr { type boolean; description "APM_TRUE if this is Egress Transform record, APM_FALSE otherwise"; } leaf aes-key-len { type string; description "AES Key length"; } leaf assoc-num { type uint8; description "Association Number for egress"; } leaf is-seq-num64-bit { type boolean; description "TRUE if Seq Num is 64-bit, FALSE if it is 32-bit"; } leaf bgen-auth-key { type boolean; description "TRUE to generate the authKey, so authKey in this struct not used APM_FALSE to use provided authKey"; } } // grouping PL-ES200-XFORM-PARAMS grouping PL-ES200-TX-SA-INFO { description "TX SA specific information"; container xform-params { description " Xform Params"; uses PL-ES200-XFORM-PARAMS; } // container xform-params leaf is-valid { type boolean; description "Is structure valid"; } leaf sa-id { type uint8; description "SA Index"; } leaf sc-no { type uint32; description "SC Number"; } leaf out-pkts-too-long { type uint8; description "packets exceeding egress MTU"; } leaf out-pkts-encrypted-protected { type uint8; description "packets encrypted/protected"; } leaf out-octets-encrypted-protected1 { type uint8; description "octets1 encrypted/protected"; } leaf initial-pkt-number { type uint8; description "Initial Packet Number"; } leaf current-pkt-number { type uint64; description "Current packet Number"; } leaf max-pkt-number { type uint64; description "Maximum packet Number"; } leaf conf-offset { type uint16; description "Confidentiality Offset"; } } // grouping PL-ES200-TX-SA-INFO grouping PL-ES200-SA { description "SA details"; container tx-sa { description "Tx SA Details"; uses PL-ES200-TX-SA-INFO; } // container tx-sa list rx-sa { description "Rx SA Details"; uses PL-ES200-RX-SA-INFO; } // list rx-sa } // grouping PL-ES200-SA grouping PL-XLFPGA-RX-SA-INFO { description "Rx SA specific information"; leaf protection-enable { type boolean; description "Protection Enabled"; } leaf secure-mode { type uint32; description "Secure Mode - Must/Should"; } leaf replay-protect-mode { type boolean; description "Replay Protect Mode"; } leaf validation-mode { type uint32; description "Validation Mode"; } leaf replay-window { type uint32; description "Replay Window "; } leaf secure-channel-id { type string { length "0..24"; } description "Secure Channel ID"; } leaf cipher-suite { type uint32; description "Cipher Suite Used"; } leaf confidentiality-offset { type uint8; description "Confidentiality Offset"; } leaf fcs-err-cfg { type uint32; description "FCS Error Config"; } leaf auth-err-cfg { type uint32; description "Auth Error Config"; } leaf max-packet-num { type uint64; description "Max Packet Number"; } leaf num-an-in-use { type uint32; description "Num of AN's in Use"; } leaf an { type yang:hex-string; description "Association Number"; } leaf recent-an { type uint8; description "Recent Association Num"; } leaf pkt-untagged-detected { type boolean; description "Untagged Pkts Detected"; } leaf pkt-tagged-detected { type boolean; description "Tagged Pkts Detected"; } leaf pkt-tagged-validated { type boolean; description "Tagged Pkts Validated"; } leaf current-packet-num { type uint64; description "Current Packet Number"; } leaf-list ssci { type uint32; max-elements 4; description "Short Secure Channel ID"; } leaf-list lowest-acceptable-packet-num { type uint64; max-elements 4; description "Lowest Acceptable Packet Number"; } leaf-list next-expected-packet-num { type uint64; max-elements 4; description "Next expected Packet Number"; } leaf-list crc-value { type uint32; max-elements 4; description "CRC Value"; } } // grouping PL-XLFPGA-RX-SA-INFO grouping PL-XLFPGA-TX-SA-INFO { description "Tx SA specific information"; leaf protection-enable { type boolean; description "Protection Enabled"; } leaf secure-mode { type uint8; description "Secure Mode - Must/Should"; } leaf secure-channel-id { type string { length "0..24"; } description "Secure Channel ID"; } leaf sectag-length { type uint32; units "byte"; description "Sec Tag Length(bytes) "; } leaf cipher-suite { type uint32; description "Cipher Suite Used"; } leaf confidentiality-offset { type uint8; description "Confidentiality Offset"; } leaf fcs-err-cfg { type uint8; description "FCS Error Config"; } leaf max-packet-num { type uint64; description "Max Packet Number"; } leaf an { type uint8; description "Association Number"; } leaf initial-packet-number { type uint64; description "Initial Packet Number"; } leaf ssci { type uint32; description "Short Secure Channel ID"; } leaf current-packet-num { type uint64; description "Current Packet Number"; } leaf crc-value { type uint32; description "CRC Value"; } } // grouping PL-XLFPGA-TX-SA-INFO grouping PL-XLFPGA-SA { description "Xilinx FPGA SA Detail"; container tx-sa { description "Tx SA Details"; uses PL-XLFPGA-TX-SA-INFO; } // container tx-sa container rx-sa { description "Rx SA Details"; uses PL-XLFPGA-RX-SA-INFO; } // container rx-sa } // grouping PL-XLFPGA-SA grouping PL-MACSEC-SA-EXT { description "PL MACSEC SA EXT"; container xlfpga-sa { when "../type = 'xlmsfpga'" { description "../type = 'XLMSFPGA'"; } description "XLFPGA SA Information"; uses PL-XLFPGA-SA; } // container xlfpga-sa container es200-sa { when "../type = 'apm-es200'" { description "../type = 'APM_ES200'"; } description "ES200 SA Information"; uses PL-ES200-SA; } // container es200-sa container x120-sa { when "../type = 'apm-x120'" { description "../type = 'APM_X120'"; } description "X120 SA Information"; uses PL-X120-SA; } // container x120-sa container mv88ec808-sa { when "../type = 'mv88ec808'" { description "../type = 'MV88EC808'"; } description "MV88EC808 SA Information"; uses PL-MV88EC808-SA; } // container mv88ec808-sa container metadx-sa { when "../type = 'meta-dx1'" { description "../type = 'META_DX1'"; } description "META_DX1 SA Information"; uses PL-METADX-SA; } // container metadx-sa leaf type { type Macsec-phy-vendor; description "type"; } } // grouping PL-MACSEC-SA-EXT grouping PL-MACSEC-SA { description "MACSec HW SA Details"; container ext { description "ext"; uses PL-MACSEC-SA-EXT; } // container ext } // grouping PL-MACSEC-SA grouping PL-METADX-GLBL-COMMON-STAT { description "PL METADX GLBL COMMON STAT"; leaf vport-no { type uint32; description "VPORT Number"; } leaf uc-pkts-uncontrolled { type uint64; description "No of Unicast pkts over uncontrolled port"; } leaf mc-pkts-uncontrolled { type uint64; description "No of Multicast pkts over uncontrolled port"; } leaf bc-pkts-uncontrolled { type uint64; description "No of Broadcast pkts over uncontrolled port"; } leaf rx-drop-pkts-uncontrolled { type uint64; description "No of rx_drop pkts over uncontrolled port"; } leaf rx-err-pkts-uncontrolled { type uint64; description "No of rx_err pkts over uncontrolled port"; } leaf uc-pkts-controlled { type uint64; description "No of Unicast pkts over controlled port"; } leaf mc-pkts-controlled { type uint64; description "No of Multicast pkts over controlled port"; } leaf bc-pkts-controlled { type uint64; description "No of Broadcast pkts over controlled port"; } leaf rx-drop-pkts-controlled { type uint64; description "No of rx_drop pkts over controlled port"; } leaf rx-err-pkts-controlled { type uint64; description "No of rx_err pkts over controlled port"; } leaf total-bytes-uncontrolled { type uint64; description "Sum of all the octets of MSDUs delivered to uncontrolled port"; } leaf total-bytes-controlled { type uint64; description "Sum of all the octets of MSDUs delivered to controlled port"; } } // grouping PL-METADX-GLBL-COMMON-STAT grouping PL-METADX-INTF-I { description "PL METADX INTF I"; leaf port-no { type uint32; description "front pannel PORT Number"; } leaf vport-no { type uint32; description "VPORT Number"; } leaf rule-no { type uint32; description " Rule Number"; } leaf pkts-xform-err { type uint64; description "No of pkts that encountered transform engine errors"; } leaf ctrl-pkts { type uint64; description "No of pkts processed as control pkts"; } leaf untagged-pkts { type uint64; description "No of pkts processed as untagged"; } leaf no-tag-pkts { type uint64; description "No of pkts processed as no tag"; } leaf bad-tag-pkts { type uint64; description "No of pkts processed as bad tagged pkts"; } leaf no-sci-match-pkts { type uint64; description "No of uncontrolled port pkts dropped as No Matching SCI"; } leaf unknwn-sci-match-pkts { type uint64; description "No of controlled port pkts processed as Unknown Matching SCI"; } leaf tagged-ctrl-pkts { type uint64; description "No of pkts processed as control packet and tagged (KaY pkts)"; } leaf multiple-rule-match { type uint64; description "No of pkts received with multiple matching classification rules"; } leaf header-parser-drop { type uint64; description "No of pkts dropped by the header parser as invalid"; } leaf rule-mis-match { type uint64; description "No of pkts that did not match any classification rules"; } leaf ctrl-pkt-match { type uint64; description "No of pkts forwarded as control pkts"; } leaf data-pkt-match { type uint64; description "No of pkts forwarded as data pkts"; } leaf dropped-pkts { type uint64; description "No of pkts dropped due to classification"; } leaf in-error-pkts { type uint64; description "No of pkts marked with error packet indication before classification"; } leaf rule-match { type uint64; description "Count of hits matching TCAM"; } } // grouping PL-METADX-INTF-I grouping PL-METADX-INTF-E { description "PL METADX INTF E"; leaf port-no { type uint32; description "front pannel PORT Number"; } leaf vport-no { type uint32; description "VPORT ID or Number"; } leaf rule-no { type uint32; description "Rule ID or Number"; } leaf pkts-xform-err { type uint64; description "No of pkts that encountered transform engine errors"; } leaf ctrl-pkts { type uint64; description "No of pkts processed as control pkts"; } leaf untagged-pkts { type uint64; description "No of pkts processed as untagged"; } leaf multiple-rule-match { type uint64; description "No of pkts received with multiple matching classification rules"; } leaf header-parser-drop { type uint64; description "No of pkts dropped by the header parser as invalid"; } leaf rule-mis-match { type uint64; description "No of pkts that did not match any classification rules"; } leaf ctrl-pkt-match { type uint64; description "No of pkts forwarded as control pkts"; } leaf data-pkt-match { type uint64; description "No of pkts forwarded as data pkts"; } leaf dropped-pkts { type uint64; description "No of pkts dropped due to classification"; } leaf in-error-pkts { type uint64; description "No of pkts marked with error packet indication before classification"; } leaf rule-match { type uint64; description "Count of hits matching TCAM"; } } // grouping PL-METADX-INTF-E grouping PL-METADX-SC-STAT-I { description "PL METADX SC STAT I"; leaf port-no { type uint32; description "Port Number"; } leaf pkts-unchecked { type uint64; description "No of pkts with invalid frame indication"; } leaf pkts-delayed { type uint64; description "No of pkts with PN below lowest PN"; } leaf pkts-late { type uint64; description "No of pkts with PN below lowest PN and replayProtect enabled"; } leaf pkts-ok { type uint64; description "No of valid pkts processed"; } leaf pkts-invalid { type uint64; description "No of pkts that were invalid frames for controlled port"; } leaf pkts-not-valid { type uint64; description "No of controlled port pkts received at uncontrolled port"; } leaf pkts-not-using-sa { type uint64; description "No of uncontrolled port pkts that reached not in use SA"; } leaf pkts-unused-sa { type uint64; description "No of controlled port pkts that reached upto SA"; } leaf octets-decrypted { type uint64; description "No of octets of User Data recovered from rx frames that were only encrypted or both integrity protected and encrypted"; } leaf octets-validated { type uint64; description "No of octets of User Data recovered from rx frames that were integrity protected but not encrypted"; } } // grouping PL-METADX-SC-STAT-I grouping PL-METADX-SC-STAT-E { description "PL METADX SC STAT E"; leaf port-no { type uint32; description "Port Number"; } leaf pkts-encrypted-protected { type uint64; description "No of packets encrypted by the SA"; } leaf pkts-too-long { type uint64; description "No of packets with packet length larger than max length configured"; } leaf pkts-sa-not-in-use { type uint64; description "No of packets that reached an unused SA"; } leaf octets-encrypted-protected { type uint64; description "No of octets of User Data encrypted"; } } // grouping PL-METADX-SC-STAT-E grouping PL-METADX-SA-STAT-I { description "PL METADX SA STAT I"; leaf an-no { type uint8; description "AN Number"; } leaf sa-no { type uint32; description "Sa Number"; } leaf port-no { type uint32; description "Port Number"; } leaf pkts-unchecked { type uint64; description "No of pkts with invalid frame indication"; } leaf pkts-delayed { type uint64; description "No of pkts with PN below lowest PN"; } leaf pkts-late { type uint64; description "No of pkts with PN below lowest PN and replayProtect enabled"; } leaf pkts-ok { type uint64; description "No of valid pkts processed"; } leaf pkts-invalid { type uint64; description "No of pkts that were invalid frames for controlled port"; } leaf pkts-not-valid { type uint64; description "No of controlled port pkts received at uncontrolled port"; } leaf pkts-not-using-sa { type uint64; description "No of uncontrolled port pkts that reached not in use SA"; } leaf pkts-unused-sa { type uint64; description "No of controlled port pkts that reached upto SA"; } leaf octets-decrypted { type uint64; description "No of octets of User Data recovered from rx frames that were only encrypted or both integrity protected and encrypted"; } leaf octets-validated { type uint64; description "No of octets of User Data recovered from rx frames that were integrity protected but not encrypted"; } } // grouping PL-METADX-SA-STAT-I grouping PL-METADX-SA-STAT-E { description "PL METADX SA STAT E"; leaf an-no { type uint8; description "AN Number"; } leaf sa-no { type uint32; description "Sa Number"; } leaf port-no { type uint32; description "Port Number"; } leaf pkts-encrypted-protected { type uint64; description "No of packets encrypted by the SA"; } leaf pkts-too-long { type uint64; description "No of packets with packet length larger than max length configured"; } leaf pkts-sa-not-in-use { type uint64; description "No of packets that reached an unused SA"; } leaf octets-encrypted-protected { type uint64; description "No of octets of User Data encrypted"; } } // grouping PL-METADX-SA-STAT-E grouping PL-METADX-STATS { description "PL METADX STATS"; container eg-sa-stat { description "Egress current SA Stats"; uses PL-METADX-SA-STAT-E; } // container eg-sa-stat container eg-sc-stat { description "Egress SC Stats "; uses PL-METADX-SC-STAT-E; } // container eg-sc-stat container ig-sc-stat { description "Igress SC Stats "; uses PL-METADX-SC-STAT-I; } // container ig-sc-stat container eg-int-stat { description "Egress Vport, channel and rule stats of SC"; uses PL-METADX-INTF-E; } // container eg-int-stat container ig-int-stat { description "Ingress Vport, channel and rule stats of SC"; uses PL-METADX-INTF-I; } // container ig-int-stat container eg-glb-stat { description "Egress Global common Stats"; uses PL-METADX-GLBL-COMMON-STAT; } // container eg-glb-stat container ig-glb-stat { description "Ingress Global common Stats"; uses PL-METADX-GLBL-COMMON-STAT; } // container ig-glb-stat list ig-sa-stat { description "Ingress current SA Stats"; uses PL-METADX-SA-STAT-I; } // list ig-sa-stat } // grouping PL-METADX-STATS grouping PL-X120-RX-INTERFACE-MACSEC-STATS { description "Per Interface Macsec Ingress Stats"; leaf transform-error-pkts { type uint64; description "counter to count internal errors in the MACSec core"; } leaf in-pkt-ctrl { type uint64; description "ingress packet that is classified as control packet"; } leaf in-pkt-no-tag { type uint64; description "ingress packet untagged & validateFrames is strict"; } leaf in-pkts-untagged { type uint64; description "ingress packet untagged & validateFrames is !strict"; } leaf in-pkt-bad-tag { type uint64; description "ingress frames received with an invalid MACSec tag or ICV added with next one gives InPktsSCIMiss"; } leaf in-pkt-no-sci { type uint64; description "correctly tagged ingress frames for which no valid SC found & validateFrames is strict"; } leaf in-pkts-unknown-sci { type uint64; description "correctly tagged ingress frames for which no valid SC found & validateFrames is !strict"; } leaf in-pkts-tagged { type uint64; description "ingress frames received with a valid MACSec tag - non Std"; } leaf in-pkts-untagged-miss { type uint64; description "untagged ingress frame that did not match any SA"; } leaf in-over-sized-pkts { type uint64; description "ingress packet with size greater than configured MTU"; } } // grouping PL-X120-RX-INTERFACE-MACSEC-STATS grouping PL-X120-TX-INTERFACE-MACSEC-STATS { description "Per Interface Macsec Egress Stats"; leaf transform-error-pkts { type uint64; description "counter to count internal errors in the MACSec core"; } leaf out-pkt-ctrl { type uint64; description "egress packet that is classified as control packet"; } leaf out-pkts-untagged { type uint64; description "egress packet to go out untagged when protectFrames not set"; } leaf out-pkts-unknown-sa { type uint64; description "egress packet not matching any SA"; } leaf out-over-sized-pkts { type uint64; description "egress packet with size greater than the configured MTU"; } } // grouping PL-X120-TX-INTERFACE-MACSEC-STATS grouping PL-X120-RX-SA-STATS { description "Per SA Ingress Stats"; leaf in-pkts-unchecked { type uint64; description "frame not valid & validateFrames disabled"; } leaf in-pkts-delayed { type uint64; description "PN of packet outside replay window & validateFrames !strict"; } leaf in-pkts-late { type uint64; description "PN of packet outside replay window & validateFrames strict"; } leaf in-pkts-ok { type uint64; description "packets with no error"; } leaf in-pkts-invalid { type uint64; description "packet not valid & validateFrames !strict"; } leaf in-pkts-not-valid { type uint64; description "packet not valid & validateFrames strict"; } leaf in-pkts-not-using-sa { type uint64; description "packet assigned to SA not in use & validateFrames strict"; } leaf in-pkts-unused-sa { type uint64; description "packet assigned to SA not in use & validateFrames !strict"; } leaf in-octets-decrypted-validated1 { type uint64; description "octets1 decrypted/validated"; } leaf in-octets-validated { type uint64; description "octets validated"; } leaf in-pkts-untagged-hit { type uint64; description "packet assigned to SA but not tagged (non-standard)"; } } // grouping PL-X120-RX-SA-STATS grouping PL-X120-TX-SA-STATS { description "Per SA Egress Stats"; leaf out-pkts-too-long { type uint64; description "packets exceeding egress MTU"; } leaf out-pkts-encrypted-protected { type uint64; description "packets encrypted/protected"; } leaf out-octets-encrypted-protected1 { type uint64; description "octets1 encrypted/protected ?"; } } // grouping PL-X120-TX-SA-STATS grouping PL-X120-STATS { description "Stats Details"; container tx-sa-stats { description "Tx SA Stats"; uses PL-X120-TX-SA-STATS; } // container tx-sa-stats container rx-sa-stats { description "Rx SA Stats"; uses PL-X120-RX-SA-STATS; } // container rx-sa-stats container tx-interface-macsec-stats { description "Tx interface Macsec Stats"; uses PL-X120-TX-INTERFACE-MACSEC-STATS; } // container tx-interface-macsec-stats container rx-interface-macsec-stats { description "Rx interface Macsec Stats"; uses PL-X120-RX-INTERFACE-MACSEC-STATS; } // container rx-interface-macsec-stats } // grouping PL-X120-STATS grouping PL-MV88EC808-GLOBAL-STAT-E { description "PL MV88EC808 GLOBAL STAT E"; leaf transform-error-pkts { type uint64; description "internal errors in the MACSec core"; } leaf out-pkt-ctrl { type uint64; description "control packet"; } leaf out-pkts-unknown-sa { type uint64; description "not matching any SA"; } leaf out-pkts-untagged { type uint64; description "untagged when protectFrames not set"; } leaf out-over-sized-pkts { type uint64; description "packet greater than the configured MTU"; } } // grouping PL-MV88EC808-GLOBAL-STAT-E grouping PL-MV88EC808-GLOBAL-STAT-I { description "PL MV88EC808 GLOBAL STAT I"; leaf transform-error-pkts { type uint64; description "internal errors in the MACSec core "; } leaf in-pkt-ctrl { type uint64; description "ingress control packet"; } leaf in-pkt-no-tag { type uint64; description "untagged & validateFrames is strict"; } leaf in-pkts-untagged { type uint64; description "untagged & validateFrames is !strict"; } leaf in-pkts-tagged { type uint64; description "valid MACSec tag - non Std"; } leaf in-pkt-bad-tag { type uint64; description "invalid MACSec tag or ICV"; } leaf in-pkts-untagged-miss { type uint64; description "untagged did not match any SA"; } leaf in-pkt-no-sci { type uint64; description "no valid SC & validateFrames is strict"; } leaf in-pkts-unknown-sci { type uint64; description "no valid SC found & validateFrames is !strict"; } leaf in-consist-check-controlled-not-pass { type uint64; description "ccfailed destined to controlled port"; } leaf in-consist-check-uncontrolled-not-pass { type uint64; description "ccfailed destined to uncontrolled port"; } leaf in-consist-check-controlled-pass { type uint64; description "ccpassed destined to controlled port"; } leaf in-consist-check-uncontrolled-pass { type uint64; description "ccpassed destined to uncontrolled port"; } leaf in-over-sized-pkts { type uint64; description " greater than configured MTU"; } } // grouping PL-MV88EC808-GLOBAL-STAT-I grouping PL-MV88EC808-SC-STAT-I { description "PL MV88EC808 SC STAT I"; leaf an-no { type uint8; description "AN Number"; } leaf sa-no { type uint32; description "Sa Number"; } leaf port-no { type uint32; description "Port Number"; } leaf in-pkts-unchecked { type uint64; description "frame not valid & validateFrames disabled"; } leaf in-pkts-delayed { type uint64; description "PN of packet outside replay window & validateFrames !strict"; } leaf in-pkts-late { type uint64; description "PN of packet outside replay window & validateFrames strict"; } leaf in-pkts-ok { type uint64; description "packets with no error"; } leaf in-pkts-invalid { type uint64; description "packet not valid & validateFrames !strict"; } leaf in-pkts-not-valid { type uint64; description "packet not valid & validateFrames strict "; } leaf in-pkts-not-using-sa { type uint64; description "packet assigned to SA not in use & validateFrames strict"; } leaf in-pkts-unused-sa { type uint64; description "packet assigned to SA not in use & validateFrames !strict"; } leaf in-pkts-untagged-hit { type uint64; description "packet assigned to SA but not tagged (non-standard)"; } leaf in-octets-decrypted-validated1 { type uint64; description "octets1 decrypted/validated"; } leaf in-octets-decrypted-validated2 { type uint64; description "octets2 decrypted/validated"; } } // grouping PL-MV88EC808-SC-STAT-I grouping PL-MV88EC808-SC-STAT-E { description "PL MV88EC808 SC STAT E"; leaf an-no { type uint8; description "AN Number"; } leaf sa-no { type uint32; description "Sa Number"; } leaf port-no { type uint32; description "Port Number"; } leaf out-pkts-too-long { type uint64; description "exceeding egress MTU"; } leaf out-pkts-encrypted-protected { type uint64; description "encrypted/protected"; } leaf out-octets-encrypted-protected1 { type uint64; description "octets1 encrypted/protected"; } leaf out-octets-encrypted-protected2 { type uint64; description "octets2 encrypted/protected"; } } // grouping PL-MV88EC808-SC-STAT-E grouping PL-MV88EC808-STATS { description "PL MV88EC808 STATS"; container eg-stat { description "Egress SA Stats of active SA"; uses PL-MV88EC808-SC-STAT-E; } // container eg-stat container glb-stat-i { description "Igress Global Stats"; uses PL-MV88EC808-GLOBAL-STAT-I; } // container glb-stat-i container glb-stat-e { description "Egress Global Stats"; uses PL-MV88EC808-GLOBAL-STAT-E; } // container glb-stat-e list ig-stat { description "Igress SA Stats of active SA"; uses PL-MV88EC808-SC-STAT-I; } // list ig-stat } // grouping PL-MV88EC808-STATS grouping PL-ES200-PORT-LEVEL-STATS { description "Port Level Stats"; leaf multi-flow-match { type uint64; description "Pkts matching multiple flow entries"; } leaf parser-dropped { type uint64; description "Pkts dropped by header parser as invalid"; } leaf flow-miss { type uint64; description "Pkts matching none of flow entries"; } leaf pkts-ctrl { type uint64; description "Control pkts forwarded"; } leaf pkts-data { type uint64; description "Data pkts forwarded"; } leaf pkts-dropped { type uint64; description "Pkts dropped by classifier"; } leaf pkts-err-in { type uint64; description "Pkts received with an error indication"; } } // grouping PL-ES200-PORT-LEVEL-STATS grouping PL-ES200-RX-INTERFACE-MACSEC-STATS { description "Per Interface Macsec Ingress Stats"; leaf transform-error-pkts { type uint64; description "counter to count internal errors in the MACSec core"; } leaf in-pkt-ctrl { type uint64; description "ingress packet that is classified as control packet"; } leaf in-pkt-no-tag { type uint64; description "ingress packet untagged & validateFrames is strict"; } leaf in-pkts-untagged { type uint64; description "ingress packet untagged & validateFrames is !strict"; } leaf in-pkt-bad-tag { type uint64; description "ingress frames received with an invalid MACSec tag or ICV added with next one gives InPktsSCIMiss"; } leaf in-pkt-no-sci { type uint64; description "correctly tagged ingress frames for which no valid SC found & validateFrames is strict"; } leaf in-pkts-unknown-sci { type uint64; description "correctly tagged ingress frames for which no valid SC found & validateFrames is !strict"; } leaf in-pkts-tagged-ctrl { type uint64; description "ingress packets that are control or KaY packets"; } leaf in-octets-unctrl { type uint64; description "Octets rx on uncontrolled port"; } leaf in-octets-ctrl { type uint64; description "Octets rx on controlled port"; } leaf in-ucast-pkts-unctrl { type uint64; description "Unicast pkts rx on uncontrolled port"; } leaf in-ucast-pkts-ctrl { type uint64; description "Unicast pkts rx on controlled port"; } leaf in-mcast-pkts-unctrl { type uint64; description "Multicast pkts rx on uncontrolled port"; } leaf in-mcast-pkts-ctrl { type uint64; description "Multicast pkts rx on controlled port"; } leaf in-bcast-pkts-unctrl { type uint64; description "Broadcast pkts rx on uncontrolled port"; } leaf in-bcast-pkts-ctrl { type uint64; description "Broadcast pkts rx on controlled port"; } leaf in-rx-drop-pkts-unctrl { type uint64; description "Control pkts dropped due to overrun"; } leaf in-rx-drop-pkts-ctrl { type uint64; description "Data pkts dropped due to overrun"; } leaf in-rx-error-pkts-unctrl { type uint64; description "Control pkts error-terminated due to overrun"; } leaf in-rx-error-pkts-ctrl { type uint64; description "Data pkts error-terminated due to overrun"; } leaf in-drop-pkts-class { type uint64; description "Packets dropped due to overflow in classification pipeline"; } leaf in-drop-pkts-data { type uint64; description "Packets dropped due to overflow in processing pipeline"; } } // grouping PL-ES200-RX-INTERFACE-MACSEC-STATS grouping PL-ES200-TX-INTERFACE-MACSEC-STATS { description "Per Interface Macsec Egress Stats"; leaf transform-error-pkts { type uint64; description "counter to count internal errors in the MACSec core"; } leaf out-pkt-ctrl { type uint64; description "egress packet that is classified as control packet"; } leaf out-pkts-untagged { type uint64; description "egress packet to go out untagged when protectFrames not set"; } leaf out-octets-unctrl { type uint64; description "Octets tx on uncontrolled port"; } leaf out-octets-ctrl { type uint64; description "Octets tx on controlled port"; } leaf out-octets-common { type uint64; description "Octets tx on common port"; } leaf out-ucast-pkts-unctrl { type uint64; description "Unicast pkts tx on uncontrolled port"; } leaf out-ucast-pkts-ctrl { type uint64; description "Unicast pkts tx on controlled port"; } leaf out-mcast-pkts-unctrl { type uint64; description "Multicast pkts tx on uncontrolled port"; } leaf out-mcast-pkts-ctrl { type uint64; description "Multicast pkts tx on controlled port"; } leaf out-bcast-pkts-unctrl { type uint64; description "Broadcast pkts tx on uncontrolled port"; } leaf out-bcast-pkts-ctrl { type uint64; description "Broadcast pkts tx on controlled port"; } leaf out-rx-drop-pkts-unctrl { type uint64; description "Control pkts dropped due to overrun"; } leaf out-rx-drop-pkts-ctrl { type uint64; description "Data pkts dropped due to overrun"; } leaf out-rx-err-pkts-unctrl { type uint64; description "Control pkts error-terminated due to overrun"; } leaf out-rx-err-pkts-ctrl { type uint64; description "Data pkts error-terminated due to overrun"; } leaf out-drop-pkts-class { type uint64; description "Packets dropped due to overflow in classification pipeline"; } leaf out-drop-pkts-data { type uint64; description "Packets dropped due to overflow in processing pipeline"; } } // grouping PL-ES200-TX-INTERFACE-MACSEC-STATS grouping PL-ES200-RX-SC-MACSEC-STATS { description "RX SC Stats"; leaf in-pkts-sa-not-in-use { type uint64; description "Packets received with SA not in use"; } } // grouping PL-ES200-RX-SC-MACSEC-STATS grouping PL-ES200-TX-SC-MACSEC-STATS { description "TX SC Stats"; leaf out-pkts-sa-not-in-use { type uint64; description "Packets received with SA not in use"; } } // grouping PL-ES200-TX-SC-MACSEC-STATS grouping PL-ES200-RX-SA-STATS { description "Per SA Ingress Stats"; leaf in-pkts-unchecked { type uint64; description "frame not valid & validateFrames disabled"; } leaf in-pkts-delayed { type uint64; description "PN of packet outside replay window & validateFrames !strict"; } leaf in-pkts-late { type uint64; description "PN of packet outside replay window & validateFrames strict"; } leaf in-pkts-ok { type uint64; description "packets with no error"; } leaf in-pkts-invalid { type uint64; description "packet not valid & validateFrames !strict"; } leaf in-pkts-not-valid { type uint64; description "packet not valid & validateFrames strict"; } leaf in-pkts-not-using-sa { type uint64; description "packet assigned to SA not in use & validateFrames strict"; } leaf in-pkts-unused-sa { type uint64; description "packet assigned to SA not in use & validateFrames !strict"; } leaf in-octets-decrypted-validated1 { type uint64; description "octets1 decrypted/validated"; } leaf in-octets-validated { type uint64; description "octets validated"; } } // grouping PL-ES200-RX-SA-STATS grouping PL-ES200-TX-SA-STATS { description "Per SA Egress Stats"; leaf out-pkts-too-long { type uint64; description "packets exceeding egress MTU"; } leaf out-pkts-encrypted-protected { type uint64; description "packets encrypted/protected"; } leaf out-octets-encrypted-protected1 { type uint64; description "octets1 encrypted/protected ?"; } } // grouping PL-ES200-TX-SA-STATS grouping PL-ES200-STATS { description "Stats Details"; container tx-sa-stats { description "Tx SA Stats"; uses PL-ES200-TX-SA-STATS; } // container tx-sa-stats container rx-sa-stats { description "Rx SA Stats"; uses PL-ES200-RX-SA-STATS; } // container rx-sa-stats container tx-sc-macsec-stats { description "Tx SC Macsec Stats"; uses PL-ES200-TX-SC-MACSEC-STATS; } // container tx-sc-macsec-stats container rx-sc-macsec-stats { description "Rx SC Macsec Stats"; uses PL-ES200-RX-SC-MACSEC-STATS; } // container rx-sc-macsec-stats container tx-interface-macsec-stats { description "Tx interface Macsec Stats"; uses PL-ES200-TX-INTERFACE-MACSEC-STATS; } // container tx-interface-macsec-stats container rx-interface-macsec-stats { description "Rx interface Macsec Stats"; uses PL-ES200-RX-INTERFACE-MACSEC-STATS; } // container rx-interface-macsec-stats container tx-port-stats { description "Port level TX Stats"; uses PL-ES200-PORT-LEVEL-STATS; } // container tx-port-stats container rx-port-stats { description "Port level RX Stats"; uses PL-ES200-PORT-LEVEL-STATS; } // container rx-port-stats } // grouping PL-ES200-STATS grouping PL-XLFPGA-MACSEC-RX-SA-STATS { description "Rx SA Level Stats"; leaf an { type uint64; description "Current Rx AN"; } leaf sa-ok-pkts { type uint64; description "Rx Ok Pkts for Current AN"; } leaf sa-not-using-pkts { type uint64; description "Rx Pkts not using SA for Current AN"; } leaf sa-unused-pkts { type uint64; description "Rx Pkts Unused Pkts for Current AN"; } leaf sa-not-valid-pkts { type uint64; description "Rx Not Valid Pkts for Current AN"; } leaf sa-invalid-pkts { type uint64; description "Rx Invalid Pkts for current AN"; } } // grouping PL-XLFPGA-MACSEC-RX-SA-STATS grouping PL-XLFPGA-MACSEC-RX-STATS { description "Per SC and SA Level Rx Stats"; leaf sc-decrypted-octets { type uint64; description "Rx Octets Decrypted"; } leaf sc-no-tag-pkts { type uint64; description "Rx No Tag Packets"; } leaf sc-untagged-pkts { type uint64; description "Rx Untagged Packets"; } leaf sc-bad-tag-pkts { type uint64; description "Rx Bad Tag Packets"; } leaf sc-late-pkts { type uint64; description "Rx Late Pkts"; } leaf sc-delayed-pkts { type uint64; description "Rx Delayed Pkts"; } leaf sc-unchecked-pkts { type uint64; description "Rx Unchecked Pkts"; } leaf sc-no-sci-pkts { type uint64; description "Rx No SCI Pkts"; } leaf sc-unknown-sci-pkts { type uint64; description "Rx Unknown SCI Pkts"; } leaf sc-ok-pkts { type uint64; description "Rx Pkts Ok"; } leaf sc-not-using-pkts { type uint64; description "Rx Pkts Not Using SA"; } leaf sc-unused-pkts { type uint64; description "Rx Pkts Unused SA"; } leaf sc-not-valid-pkts { type uint64; description "Rx Not Valid Pkts"; } leaf sc-invalid-pkts { type uint64; description "Rx Pkts Invalid"; } leaf sc-overrun-pkts { type uint64; description "Rx Overrun Pkts"; } leaf sc-bypass-pkts { type uint64; description "Rx Bypass Packets"; } leaf sc-eapol-pkts { type uint64; description "Rx Eapol Packets"; } leaf sc-dropped-pkts { type uint64; description "Rx Dropped Packets"; } list rx-sa-stat { description "Rx SA Level Stats"; uses PL-XLFPGA-MACSEC-RX-SA-STATS; } // list rx-sa-stat } // grouping PL-XLFPGA-MACSEC-RX-STATS grouping PL-XLFPGA-MACSEC-TX-STATS { description "Per SC and SA Level Tx Stats"; leaf sc-encrypted-octets { type uint64; description "Tx Octets Encrypted"; } leaf sc-toolong-pkts { type uint64; description "Tx Pkts Too Long"; } leaf sc-encrypted-pkts { type uint64; description "Tx packets Encrypted"; } leaf sc-untagged-pkts { type uint64; description "Tx Untagged Packets"; } leaf sc-overrun-pkts { type uint64; description "Tx Overrun Packets"; } leaf sc-bypass-pkts { type uint64; description "Tx Bypass Packets"; } leaf sc-eapol-pkts { type uint64; description "Tx Eapol Packets"; } leaf sc-dropped-pkts { type uint64; description "Tx Dropped Packets"; } leaf current-an { type uint64; description "Current Tx AN"; } leaf sa-encrypted-pkts { type uint64; description "Current Tx SA Encrypted Packets"; } } // grouping PL-XLFPGA-MACSEC-TX-STATS grouping PL-XLFPGA-STATS { description "XLFPGA Stats Details"; container macsec-tx-stats { description "Tx SC and SA Level Stats"; uses PL-XLFPGA-MACSEC-TX-STATS; } // container macsec-tx-stats container macsec-rx-stats { description "Rx SC and SA Level Stats"; uses PL-XLFPGA-MACSEC-RX-STATS; } // container macsec-rx-stats } // grouping PL-XLFPGA-STATS grouping PL-MACSEC-STATS-T-EXT { description "PL MACSEC STATS T EXT"; container xlfpga-stats { when "../type = 'xlmsfpga'" { description "../type = 'XLMSFPGA'"; } description "XLFPGA Stats"; uses PL-XLFPGA-STATS; } // container xlfpga-stats container es200-stats { when "../type = 'apm-es200'" { description "../type = 'APM_ES200'"; } description "ES200 Stats"; uses PL-ES200-STATS; } // container es200-stats container mv88ec808-stats { when "../type = 'mv88ec808'" { description "../type = 'MV88EC808'"; } description "MV88EC808 Stats"; uses PL-MV88EC808-STATS; } // container mv88ec808-stats container x120-stats { when "../type = 'apm-x120'" { description "../type = 'APM_X120'"; } description "X120 Stats"; uses PL-X120-STATS; } // container x120-stats container metadx-stats { when "../type = 'meta-dx1'" { description "../type = 'META_DX1'"; } description "META_DX1 Stats"; uses PL-METADX-STATS; } // container metadx-stats leaf type { type Macsec-phy-vendor; description "type"; } } // grouping PL-MACSEC-STATS-T-EXT grouping PL-MACSEC-STATS { description "Per SA Stats Counters"; container ext { description "ext"; uses PL-MACSEC-STATS-T-EXT; } // container ext } // grouping PL-MACSEC-STATS } // submodule Cisco-IOS-XR-crypto-macsec-pl-oper-sub1
© 2023 YumaWorks, Inc. All rights reserved.