Junos bridge-domains configuration module
Version: 2019-01-01
module junos-qfx-conf-bridge-domains { yang-version 1; namespace "http://yang.juniper.net/junos-qfx/conf/bridge-domains"; prefix jc-bridge-domains; import junos-common-ddl-extensions { prefix junos; revision-date "2019-01-01"; } import junos-common-types { prefix jt; revision-date "2019-01-01"; } import junos-qfx-conf-root { prefix jc; revision-date "2019-01-01"; } organization "Juniper Networks, Inc."; contact "yang-support@juniper.net"; description "Junos bridge-domains configuration module"; revision "2019-01-01" { description "Junos: 21.3R1.9"; } augment /jc:configuration { uses bridge-domains-group; } augment /jc:configuration/jc:groups { uses bridge-domains-group; } grouping bridge-domains-group { container bridge-domains { junos:must "(!("vlans"))"; junos:must-message "BDs cannot be configured when VLANs are configured"; description "Bridge domain configuration"; uses apply-advanced; list domain { key "name"; uses juniper-bridge-domains; } // list domain } // container bridge-domains } // grouping bridge-domains-group grouping apply-advanced { description "Apply advanced configuration logic"; leaf-list apply-groups { type string; ordered-by user; description "Groups from which to inherit configuration data"; } leaf-list apply-groups-except { type string; ordered-by user; description "Don't inherit configuration data from these groups"; } list apply-macro { key "name"; ordered-by user; description "Macro and parameters for commit script expansion"; uses apply-macro-type; } // list apply-macro } // grouping apply-advanced grouping apply-macro-type { description "Macro data for commit-script expansion"; leaf name { type string; description "Name of the macro to be expanded"; } list data { key "name"; uses macro-data-type; } // list data } // grouping apply-macro-type grouping juniper-bridge-domains { description "Bridge domains"; leaf name { type string { junos:posix-pattern "!^((__.*__)|(.{129,})|(.*[+].*))$"; junos:pattern-message "Must be a non-reserved string of 128 characters or less"; } description "Bridge domain name"; } uses apply-advanced; leaf description { type string { junos:posix-pattern "^.{1,255}$"; junos:pattern-message "Must be a string of 255 characters or less"; } description "Text description of bridge domain"; } leaf domain-type { type enumeration { enum "bridge" { value 0; description "Forwarding instance"; } } description "Type of bridge domain"; } choice vlan_choice { leaf vlan-id { type string; description "IEEE 802.1q VLAN identifier for bridging domain"; } container vlan-tags { presence "enable vlan-tags"; description "IEEE 802.1q VLAN tags for bridging domain"; leaf outer { type string { junos:posix-pattern "^(0[Xx][0-9A-Fa-f]{4}.([0-9]{1,3}|1[0-9]{3}|2[0-9]{3}|3[0-9]{3}|40[0-8][0-9]|409[0-4]))$|^([0-9]{1,3}|1[0-9]{3}|2[0-9]{3}|3[0-9]{3}|40[0-8][0-9]|409[0-4])$"; junos:pattern-message "vlan-id in vlan-tag (0xNNNN.vlan-id) must be 0 to 4094"; } description "[tpid.]vlan-id, tpid format is 0xNNNN and is optional"; } leaf inner { type string { junos:posix-pattern "^(0[Xx][0-9A-Fa-f]{4}.([0-9]{1,3}|1[0-9]{3}|2[0-9]{3}|3[0-9]{3}|40[0-8][0-9]|409[0-4]))$|^([0-9]{1,3}|1[0-9]{3}|2[0-9]{3}|3[0-9]{3}|40[0-8][0-9]|409[0-4])$"; junos:pattern-message "vlan-id in vlan-tag (0xNNNN.vlan-id) must be 0 to 4094"; } description "[tpid.]vlan-id, tpid format is 0xNNNN and is optional"; } } // container vlan-tags leaf-list vlan-id-list { junos:must "(!(" .. .. .. pbb-options"))"; junos:must-message "vlan-id-list is not supported for i-comp routing-instance"; junos:must "((!(".. isolated-vlan") && !(".. community-vlans")))"; junos:must-message "PVLAN related configuration cannot be specified with vlan-id-list"; junos:must "(!(" .. vxlan"))"; junos:must-message "vxlan can not be specified under vlan-id-list"; junos:must "(!(" .. multicast-snooping-options"))"; junos:must-message "multicast-snooping-options can not be specified under vlan-id-list"; junos:must "(!(" .. protocols"))"; junos:must-message "protocols can not be specified under vlan-id-list"; junos:must "(!(" .. no-local-switching"))"; junos:must-message "no-local-switching can not be specified under vlan-id-list"; junos:must "(!(" .. domain-type"))"; junos:must-message "domain-type can not be specified under vlan-id-list"; junos:must "(!(".. interface"))"; junos:must-message "interface can not be specified under vlan-id-list"; junos:must "(!(any ".. bridge-options interface <*> static-mac"))"; junos:must-message "static mac can not be specified under vlan-id-list"; type jt:vlan-range; description "Create bridge-domain for each of the vlan-id specified in the vlan-id-list"; } } // choice vlan_choice leaf-list isid-list { junos:must "(".. vlan-id")"; junos:must-message "isid-list can be configured only under container with 'vlan-id'"; junos:must "(!(" .. .. .. pbb-options"))"; junos:must-message "isid-list and pbb-options can not co-exist for same routing-instance"; junos:must "(!(" .. vxlan"))"; junos:must-message "vxlan can not be specified under isid-list"; junos:must "(!(".. vlan-id inner-all"))"; junos:must-message "vlan-id inner-all can not be specified with isid-list"; junos:must "(!(" .. vlan-id none"))"; junos:must-message "vlan-id none can not be specified with isid-list"; junos:must "(!(" .. vlan-id all"))"; junos:must-message "vlan-id all can not be specified with isid-list"; type string; ordered-by user; description "Create bridge-domain for isid (Valid isid:256..16777214)"; } leaf vlan-id-scope-local { junos:must "(".. .. .. protocols evpn")"; junos:must-message "scope-local can be configured only when routing-instance protocol type is evpn"; junos:must "(".. isid-list")"; junos:must-message "scope-local can be configured only when bridge-domain has isid-list configured"; junos:must "(".. vlan-id")"; junos:must-message "scope-local can be configured only under container with 'vlan-id'"; type empty; description "Enable the scope of vlan-id local to avoid transmitting vlan tagged packets"; } leaf no-local-switching { type empty; description "Disable local switching within CE-facing interfaces"; } list interface { key "name"; ordered-by user; description "Interface name for this bridge domain"; leaf name { junos:must "(!("interfaces $$-IFL encapsulation ethernet"))"; junos:must-message "encapsulation ethernet is not allowed on l2 interface"; junos:must "((!("interfaces $$-IFL etree-ac-role") || "routing-instances ${instance} protocols evpn evpn-etree"))"; junos:must-message "etree must be enabled under routing-instance"; junos:must "((!("interfaces $$-IFL family") || "interfaces $$-IFL family bridge"))"; junos:must-message "only family bridge can be configured on this interface"; junos:must "((!(("interfaces $$-IFL vlan-id-list" || "interfaces $$-IFL vlan-tags inner-list")) || !((".. .. vlan-id" || ".. .. vlan-tags"))))"; junos:must-message "interface with vlan-id-list/inner-list cannot be added to bridge-domain with a vlan-id/vlan-tags configured"; junos:must "(!("irb"))"; junos:must-message "IRB interface is not supported as interface in bridge-domain"; junos:must "(!("interfaces $$-IFL family bridge interface-mode"))"; junos:must-message "Interface with 'interface-mode' is not allowed in a bridge-domain"; junos:must "(!(".. .. .. interfaces $$"))"; junos:must-message "This interface is already defined at the routing-instance level"; junos:must "(((!("interfaces $$-IFL vlan-id-range") || ".. .. vlan-id all") || (".. .. no-normalization" || ".. .. bridge-options no-normalization")))"; junos:must-message "vlan-id-range is specified for this logical interface; 'vlan-id all' should also be enabled"; junos:must "(((".. .. vlan-id all" && "interfaces $$-IFL input-vlan-map pop") || (".. .. vlan-id inner-all" || (!((".. .. vlan-id" || ".. .. vlan-tags")) || (!(("interfaces $$-IFL input-vlan-map" || "interfaces $$-IFL output-vlan-map")) || (".. .. no-normalization" || ".. .. bridge-options no-normalization"))))))"; junos:must-message "interface with input/output vlan-maps cannot be added to a routing-instance with a vlan-id/vlan-tags configured"; junos:must "((!("interfaces $$-IFL vlan-tags inner-range") || ((".. .. vlan-id all" || ".. .. vlan-id inner-all") || (".. .. no-normalization" || ".. .. bridge-options no-normalization"))))"; junos:must-message "vlan-tags inner-range is specified for this logical interface; 'vlan-id all' or 'vlan-id inner-all' should also be enabled"; type string; } uses apply-advanced; leaf protect-interface { junos:must "("interfaces $$")"; junos:must-message "Interface must be part of this routing instance"; junos:must "(!("interfaces ${inter_name} esi"))"; junos:must-message "ESI can not be configured for protect interface"; junos:must "("routing-instances ${instance} protocols evpn")"; junos:must-message "Protocol EVPN must be configured in the evpn instance"; type union { type jt:interface-name; type string { pattern "<.*>|$.*"; } } description "Name of protect interface"; } } // list interface leaf routing-interface { junos:must "(!((".. .. .. protocols evpn mclag" && !(".. no-arp-suppression"))))"; junos:must-message "no-arp-suppression needs to be configured, when evpn is configured with mclag."; junos:must "(!((".. mcae-mac-synchronize" && "interfaces $$-IFL mac")))"; junos:must-message "irb-ifl mac and bridge mcae-mac-synchronize cannot coexist"; junos:must "((!("interfaces $$-IFL virtual-gateway-esi") || "routing-instances ${instance} protocols evpn encapsulation vxlan"))"; junos:must-message "irb-ifl with virtual-gateway-esi only for instance with encapsulation type vxlan"; junos:must "(!(any ".. interface <ps*>"))"; junos:must-message "IRB cannot be added to bridge-domain with PS interface"; junos:must "((!("interfaces $$-IFL family mpls") || !(("routing-instances ${instance} instance-type virtual-switch" && ("routing-instances ${instance} protocols vpls" && "routing-instances ${instance} route-distinguisher")))))"; junos:must-message "routing-interface with family mpls cannot be added to virtual-switch with protocol VPLS"; junos:must "((!(".. vlan-tags") || !("interfaces $$-IFL family mpls")))"; junos:must-message "routing-interface with family mpls cannot be added to bridge-domain with 'vlan-tags'"; junos:must "(!("routing-instances ${instance} service-type vlan-bundle"))"; junos:must-message "routing-interface not valid for vlan-bundle service type"; junos:must "((!(".. vlan-id all") && !(".. vlan-id inner-all")))"; junos:must-message "routing-interface cannot be configured under bridge-domain with 'vlan-id all' or 'vlan-id inner-all'"; junos:must "((".. vlan-id" || ".. vlan-tags"))"; junos:must-message "routing-interface can be configured only under bridge-domain with 'vlan-id' or 'vlan-tags'"; type union { type jt:interface-unit; type string { pattern "<.*>|$.*"; } } description "Routing interface name for this bridge-domain"; } container forwarding-options { description "Forwarding options configuration"; uses juniper-bridge-forwarding-options; } // container forwarding-options container bridge-options { description "Bridge domain configuration"; uses juniper-protocols-bd; } // container bridge-options container protocols { presence "enable protocols"; uses apply-advanced; container igmp-snooping { presence "enable igmp-snooping"; description "IGMP snooping configuration"; uses juniper-bd-protocols-igmp-snooping; } // container igmp-snooping container mld-snooping { presence "enable mld-snooping"; description "MLD snooping configuration"; uses juniper-bd-protocols-mld-snooping; } // container mld-snooping } // container protocols container vxlan { junos:must "((". ovsdb-managed" || (". multicast-group" || (". multicast-v6-group" || ("routing-instances ${instance} protocols evpn encapsulation vxlan" || (". ingress-node-replication" || ".. .. .. switch-options ovsdb-managed"))))))"; junos:must-message "multicast-group or ovsdb-managed or ingress-node-replication or protocols evpn encapsulation vxlan should be enabled"; junos:must "((". ovsdb-managed" || (".. .. .. switch-options ovsdb-managed" || ("routing-instances ${instance} protocols evpn encapsulation vxlan" || (". multicast-group" || (". multicast-v6-group" || ("routing-instances ${instance} remote-vtep-list" || ("routing-instances ${instance} remote-vtep-v6-list" || (".. .. .. switch-options remote-vtep-v6-list" || ".. .. .. switch-options remote-vtep-list")))))))))"; junos:must-message "One of multicast-group or ovsdb-managed or protocols evpn encapsulation vxlan or remote-vtep-list should be enabled. ingress-node-replication must be configured when remote-vtep-list is configured"; junos:must "((!(".. vlan-id all") && !(".. vlan-id inner-all")))"; junos:must-message "vxlan does not support bridge domain with 'vlan-id all' or 'vlan-id inner-all'"; junos:must "(("routing-instances ${instance} vtep-source-interface" || ".. .. .. switch-options vtep-source-interface"))"; junos:must-message "vtep-source-interface is required for VXLAN configuration"; description "VXLAN options"; uses apply-advanced; leaf ovsdb-managed { junos:must "(!("routing-instances ${instance} protocols evpn encapsulation vxlan"))"; junos:must-message "Not valid with protocols evpn encapsulation vxlan"; junos:must "(!(("routing-instances ${instance} remote-vtep-list" || (".. .. .. .. switch-options remote-vtep-list" || ".. multicast-group"))))"; junos:must-message "ovsdb-managed not valid with remote-vtep-list or multicast-group"; type empty; description "Bridge-domain is managed remotely via VXLAN OVSDB Controller"; } leaf vni { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "0 .. 16777214"; } } description "VXLAN identifier"; } leaf translation-vni { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 16777214"; } } description "Translated VXLAN identifier"; } leaf multicast-group { junos:must "(!("routing-instances ${instance} protocols evpn encapsulation vxlan"))"; junos:must-message "Not valid with protocols evpn encapsulation vxlan"; junos:must "(!(("routing-instances ${instance} remote-vtep-list" || (".. .. .. .. switch-options remote-vtep-list" || (".. ovsdb-managed" || (".. .. .. .. switch-options ovsdb-managed" || ("routing-instances ${instance} switch-options ovsdb-managed" || ".. multicast-v6-group")))))))"; junos:must-message "multicast-group not valid with remote-vtep-list or ovsdb-managed"; type jt:ipv4addr; description "Multicast group registered for VXLAN segment"; } leaf encapsulate-inner-vlan { junos:must "(!(".. .. vlan-id none"))"; junos:must-message "encapsulate inner vlan not valid with vlan-id none"; type empty; description "Retain inner VLAN in the packet"; } leaf decapsulate-accept-inner-vlan { junos:must "(!(".. .. vlan-id none"))"; junos:must-message "accept inner vlan not valid with vlan-id none"; type empty; description "Accept VXLAN packets with inner VLAN"; } leaf unreachable-vtep-aging-timer { type union { type string { pattern "<.*>|$.*"; } type uint16 { range "300 .. 1800"; } } units "seconds"; description "Unreachable VXLAN tunnel endpoint removal timer"; } leaf ingress-node-replication { junos:must "(!(".. .. .. .. protocols evpn assisted-replication"))"; junos:must-message "ingress-node-replication cannot be configured with assisted-replication"; junos:must "((".. ovsdb-managed" || (".. .. .. .. switch-options ovsdb-managed" || ("routing-instances ${instance} protocols evpn encapsulation vxlan" || ("routing-instances ${instance} remote-vtep-list" || ("routing-instances ${instance} remote-vtep-v6-list" || (".. .. .. .. switch-options remote-vtep-v6-list" || ".. .. .. .. switch-options remote-vtep-list")))))))"; junos:must-message "Valid for ovsdb-managed instance or with remote-vtep-list or remote-vtep-v6-list or evpn vxlan"; type empty; description "Enable ingress node replication"; } leaf-list static-remote-vtep-list { type jt:ipaddr; max-elements 1024; description "Configure bridge domain specific static remote VXLAN tunnel endpoints"; } } // container vxlan leaf isolated-vlan { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 4094"; } } description "Isolated VLAN ID for private vlan bridge domain"; } leaf-list community-vlans { type jt:vlan-range; description "List of Community VLANs for private vlan bridge domain"; } container multicast-snooping-options { description "Multicast snooping option configuration"; uses juniper-multicast-snooping-options; } // container multicast-snooping-options } // grouping juniper-bridge-domains grouping juniper-bd-protocols-igmp-snooping { description "IGMP snooping options"; uses apply-advanced; container traceoptions { description "Trace options for IGMP Snooping"; uses apply-advanced; container file { description "Trace file options"; leaf filename { type string { junos:posix-pattern "![/ %]"; junos:pattern-message "Must not contain '/', % or a space"; length "1 .. 1024"; } description "Name of file in which to write trace information"; } leaf replace { type empty; status deprecated; description "Replace trace file rather than appending to it"; } leaf size { type string; description "Maximum trace file size"; } leaf files { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "2 .. 1000"; } } default "10"; description "Maximum number of trace files"; } leaf no-stamp { type empty; status deprecated; description "Do not timestamp trace file"; } choice world-readable-choice { leaf world-readable { type empty; description "Allow any user to read the log file"; } leaf no-world-readable { type empty; description "Don't allow any user to read the log file"; } } // choice world-readable-choice } // container file list flag { key "name"; ordered-by user; description "Tracing parameters"; leaf name { type enumeration { enum "packets" { value 0; description "Trace all IGMP packets"; } enum "query" { value 1; description "Trace IGMP membership query messages"; } enum "report" { value 2; description "Trace membership report messages"; } enum "leave" { value 3; description "Trace leave group messages (IGMPv2 only)"; } enum "group" { value 4; description "Trace group operations"; } enum "client-notification" { value 5; description "Trace notifications"; } enum "host-notification" { value 6; description "Trace host notifications"; } enum "route" { value 7; description "Trace routing information"; } enum "normal" { value 8; description "Trace normal events"; } enum "general" { value 9; description "Trace general events"; } enum "state" { value 10; description "Trace state transitions"; } enum "policy" { value 11; description "Trace policy processing"; } enum "task" { value 12; description "Trace routing protocol task processing"; } enum "timer" { value 13; description "Trace routing protocol timer processing"; } enum "all" { value 14; description "Trace everything"; } } } leaf send { type empty; description "Trace transmitted packets"; } leaf receive { type empty; description "Trace received packets"; } leaf detail { type empty; description "Trace detailed information"; } leaf disable { type empty; description "Disable this trace flag"; } } // list flag } // container traceoptions leaf query-interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 1024"; } } units "seconds"; default "125"; description "When to send host query messages"; } container l2-querier { description "Enable L2 querier mode"; uses apply-advanced; leaf source-address { type jt:ipv4addr; description "Source IP address to use for L2 querier"; } } // container l2-querier leaf query-response-interval { type string { junos:posix-pattern "^[0-9]{1,4}(.[0-9])?$"; junos:pattern-message "Up to 1 digit to right of decimal point"; } units "seconds"; default "10"; description "How long to wait for a host query response"; } leaf query-last-member-interval { type string { junos:posix-pattern "^[0-9]{1,4}(.[0-9])?$"; junos:pattern-message "Up to 1 digit to right of decimal point"; } units "seconds"; default "1"; description "When to send group query messages"; } leaf robust-count { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "2 .. 10"; } } default "2"; description "Expected packet loss on a subnet"; } leaf learn-pim-router { type empty; description "Learn PIM router interfaces from PIM hellos"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } leaf evpn-ssm-reports-only { type empty; description "Accept and process only <s,g> reports of SSM groups"; } container proxy { presence "enable proxy"; description "Enable proxy mode"; uses apply-advanced; leaf source-address { junos:must "(!(".. .. .. .. vlan-id all"))"; junos:must-message "With qualified-learning source-address should be configured under Vlan options"; type jt:ipv4addr; description "Source IP address to use for proxy"; } leaf irb { type empty; description "Proxy IGMP reports to IRB"; } } // container proxy list interface { key "name"; ordered-by user; description "Interface options for IGMP"; leaf name { junos:must "(!("interfaces $$-IFL vlan-tags inner-range"))"; junos:must-message "interface with vlan-tags inner-range should be specified in a learning-domain only"; junos:must "(!("interfaces $$-IFL vlan-id-range"))"; junos:must-message "interface with vlan-id-range should be specified in a learning-domain only"; junos:must "(((".. .. .. .. interface $$" || ".. .. .. .. .. .. interface $$") || (!(".. .. .. .. .. .. .. .. routing-instances") && ("interfaces $$-IFL family bridge interface-mode" && !(any "routing-instances <*> interface $$")))))"; junos:must-message "interface options can be specified for the interfaces in the routing-instance"; junos:must "(!(".. .. .. .. vlan-id all"))"; junos:must-message "When 'vlan-id all' is configured, interface should be configured only under vlan"; type union { type jt:interface-name; type string { pattern "<.*>|$.*"; } } description "Interface name"; } uses apply-advanced; leaf multicast-router-interface { type empty; description "Enabling multicast-router-interface on the interface"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } leaf host-only-interface { junos:must "(!(".. multicast-router-interface"))"; junos:must-message "interface cannot be both host-only and multicast-router"; type empty; description "Enable interfaces to be treated as host-side interfaces"; } leaf group-limit { type union { type string { pattern "<.*>|$.*"; } type uint16 { range "1 .. 65535"; } } description "Maximum number of (source,group) per interface"; } container static { description "Static group or source membership"; uses apply-advanced; list group { key "name"; ordered-by user; description "IP multicast group address"; leaf name { type jt:ipv4addr; description "IP multicast group address"; } uses apply-advanced; list source { key "name"; ordered-by user; description "IP multicast source address"; leaf name { type jt:ipv4addr; description "Source address of IP multicast data"; } uses apply-advanced; } // list source } // list group } // container static } // list interface list pseudowire-remote-address { junos:must "((" .. .. .. igmp-snooping-options snoop-pseudowires" || " .. .. .. .. igmp-snooping-options snoop-pseudowires"))"; junos:must-message "Configure pseudowire-remote-address only with snoop-pseudowires instance config"; key "name"; ordered-by user; description "Pseudowire interface options for IGMP"; leaf name { junos:must "(!(".. .. .. .. vlan-id all"))"; junos:must-message "When 'vlan-id all' is configured, pseudowire-remote-address should be configured only under vlan"; type jt:ipv4addr; description "Pseudowire endpoint address"; } uses apply-advanced; leaf multicast-router-interface { type empty; description "Enabling multicast-router-interface on the interface"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } } // list pseudowire-remote-address list vlan { key "name"; ordered-by user; description "Vlan options"; leaf name { type string { length "1 .. 64"; } description "VLAN name"; } uses apply-advanced; leaf query-interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 1024"; } } units "seconds"; description "When to send host query messages"; } leaf query-response-interval { type string { junos:posix-pattern "^[0-9]{1,4}(.[0-9])?$"; junos:pattern-message "Up to 1 digit to right of decimal point"; } units "seconds"; description "How long to wait for a host query response"; } leaf query-last-member-interval { type string { junos:posix-pattern "^[0-9]{1,4}(.[0-9])?$"; junos:pattern-message "Up to 1 digit to right of decimal point"; } units "seconds"; description "When to send group query messages"; } leaf robust-count { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "2 .. 10"; } } description "Expected packet loss on a subnet"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } container proxy { presence "enable proxy"; description "Enable proxy mode"; uses apply-advanced; leaf source-address { type jt:ipv4addr; description "Source IP address to use for proxy"; } } // container proxy leaf evpn-ssm-reports-only { type empty; description "Accept and process only <s,g> reports of SSM groups"; } list interface { key "name"; ordered-by user; description "Interface options for IGMP"; leaf name { type union { type jt:interface-name; type string { pattern "<.*>|$.*"; } } description "Interface name"; } uses apply-advanced; leaf multicast-router-interface { type empty; description "Enabling multicast-router-interface on the interface"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } leaf host-only-interface { junos:must "(!(".. multicast-router-interface"))"; junos:must-message "interface cannot be both host-only and multicast-router"; type empty; description "Enable interfaces to be treated as host-side interfaces"; } leaf group-limit { type union { type string { pattern "<.*>|$.*"; } type uint16 { range "1 .. 65535"; } } description "Maximum number of (source,group) per interface"; } container static { description "Static group or source membership"; uses apply-advanced; list group { key "name"; ordered-by user; description "IP multicast group address"; leaf name { type jt:ipv4addr; description "IP multicast group address"; } uses apply-advanced; list source { key "name"; ordered-by user; description "IP multicast source address"; leaf name { type jt:ipv4addr; description "Source address of IP multicast data"; } uses apply-advanced; } // list source } // list group } // container static } // list interface list pseudowire-remote-address { junos:must "((" .. .. .. igmp-snooping-options snoop-pseudowires" || " .. .. .. .. igmp-snooping-options snoop-pseudowires"))"; junos:must-message "Configure pseudowire-remote-address only with snoop-pseudowires instance config"; key "name"; ordered-by user; description "Pseudowire interface options for IGMP"; leaf name { type jt:ipv4addr; description "Pseudowire endpoint address"; } uses apply-advanced; leaf multicast-router-interface { type empty; description "Enabling multicast-router-interface on the interface"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } } // list pseudowire-remote-address list qualified-vlan { key "name"; ordered-by user; description "VLAN options for qualified-learning"; leaf name { junos:must "(".. .. .. .. .. vlans ${vlan} vlan-id all")"; junos:must-message "vlan specific configuration is allowed with qualified-learning only"; type union { type string { pattern "<.*>|$.*"; } type uint32 { range "0 .. 1023"; } } description "VLAN ID of the learning-domain"; } uses apply-advanced; leaf query-interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 1024"; } } units "seconds"; description "When to send host query messages"; } leaf query-response-interval { type string { junos:posix-pattern "^[0-9]{1,4}(.[0-9])?$"; junos:pattern-message "Up to 1 digit to right of decimal point"; } units "seconds"; description "How long to wait for a host query response"; } leaf query-last-member-interval { type string { junos:posix-pattern "^[0-9]{1,4}(.[0-9])?$"; junos:pattern-message "Up to 1 digit to right of decimal point"; } units "seconds"; description "When to send group query messages"; } leaf robust-count { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "2 .. 10"; } } description "Expected packet loss on a subnet"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } container proxy { presence "enable proxy"; description "Enable proxy mode"; uses apply-advanced; leaf source-address { type jt:ipv4addr; description "Source IP address to use for proxy"; } } // container proxy leaf evpn-ssm-reports-only { type empty; description "Accept and process only <s,g> reports of SSM groups"; } list interface { key "name"; ordered-by user; description "Interface options for IGMP"; leaf name { junos:must "(".. .. .. .. .. .. vlans ${vlan} interface $$")"; junos:must-message "interface options can be specified for the interfaces in the routing-instance"; type union { type jt:interface-name; type string { pattern "<.*>|$.*"; } } description "Interface name"; } uses apply-advanced; leaf multicast-router-interface { type empty; description "Enabling multicast-router-interface on the interface"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } leaf host-only-interface { junos:must "(!(".. multicast-router-interface"))"; junos:must-message "interface cannot be both host-only and multicast-router"; type empty; description "Enable interfaces to be treated as host-side interfaces"; } leaf group-limit { type union { type string { pattern "<.*>|$.*"; } type uint16 { range "1 .. 65535"; } } description "Maximum number of (source,group) per interface"; } container static { description "Static group or source membership"; uses apply-advanced; list group { key "name"; ordered-by user; description "IP multicast group address"; leaf name { type jt:ipv4addr; description "IP multicast group address"; } uses apply-advanced; list source { key "name"; ordered-by user; description "IP multicast source address"; leaf name { type jt:ipv4addr; description "Source address of IP multicast data"; } uses apply-advanced; } // list source } // list group } // container static } // list interface list pseudowire-remote-address { junos:must "((" .. .. .. igmp-snooping-options snoop-pseudowires" || " .. .. .. .. igmp-snooping-options snoop-pseudowires"))"; junos:must-message "Configure pseudowire-remote-address only with snoop-pseudowires instance config"; key "name"; ordered-by user; description "Pseudowire interface options for IGMP"; leaf name { type jt:ipv4addr; description "Pseudowire endpoint address"; } uses apply-advanced; leaf multicast-router-interface { type empty; description "Enabling multicast-router-interface on the interface"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } } // list pseudowire-remote-address } // list qualified-vlan } // list vlan } // grouping juniper-bd-protocols-igmp-snooping grouping juniper-bd-protocols-mld-snooping { description "MLD snooping options"; uses apply-advanced; container traceoptions { description "Trace options for MLD Snooping"; uses apply-advanced; container file { description "Trace file options"; leaf filename { type string { junos:posix-pattern "![/ %]"; junos:pattern-message "Must not contain '/', % or a space"; length "1 .. 1024"; } description "Name of file in which to write trace information"; } leaf replace { type empty; status deprecated; description "Replace trace file rather than appending to it"; } leaf size { type string; description "Maximum trace file size"; } leaf files { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "2 .. 1000"; } } default "10"; description "Maximum number of trace files"; } leaf no-stamp { type empty; status deprecated; description "Do not timestamp trace file"; } choice world-readable-choice { leaf world-readable { type empty; description "Allow any user to read the log file"; } leaf no-world-readable { type empty; description "Don't allow any user to read the log file"; } } // choice world-readable-choice } // container file list flag { key "name"; ordered-by user; description "Tracing parameters"; leaf name { type enumeration { enum "packets" { value 0; description "Trace all MLD packets"; } enum "query" { value 1; description "Trace MLD membership query messages"; } enum "report" { value 2; description "Trace membership report messages"; } enum "leave" { value 3; description "Trace leave group messages (MLDv2 only)"; } enum "group" { value 4; description "Trace group operations"; } enum "client-notification" { value 5; description "Trace notifications"; } enum "host-notification" { value 6; description "Trace host notifications"; } enum "route" { value 7; description "Trace routing information"; } enum "normal" { value 8; description "Trace normal events"; } enum "general" { value 9; description "Trace general events"; } enum "state" { value 10; description "Trace state transitions"; } enum "policy" { value 11; description "Trace policy processing"; } enum "task" { value 12; description "Trace routing protocol task processing"; } enum "timer" { value 13; description "Trace routing protocol timer processing"; } enum "all" { value 14; description "Trace everything"; } } } leaf send { type empty; description "Trace transmitted packets"; } leaf receive { type empty; description "Trace received packets"; } leaf detail { type empty; description "Trace detailed information"; } leaf disable { type empty; description "Disable this trace flag"; } } // list flag } // container traceoptions leaf query-interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 1024"; } } units "seconds"; default "125"; description "When to send host query messages"; } container l2-querier { description "Enable L2 querier mode"; uses apply-advanced; leaf source-address { type jt:ipv6addr; description "Source IP address to use for L2 querier"; } } // container l2-querier leaf query-response-interval { type string { junos:posix-pattern "^[0-9]{1,4}(.[0-9])?$"; junos:pattern-message "Up to 1 digit to right of decimal point"; } units "seconds"; default "10"; description "How long to wait for a host query response"; } leaf query-last-member-interval { type string { junos:posix-pattern "^[0-9]{1,4}(.[0-9])?$"; junos:pattern-message "Up to 1 digit to right of decimal point"; } units "seconds"; default "1"; description "When to send group query messages"; } leaf robust-count { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "2 .. 10"; } } default "2"; description "Expected packet loss on a subnet"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } leaf evpn-ssm-reports-only { type empty; description "Accept and process only <s,g> reports of SSM groups"; } container proxy { presence "enable proxy"; description "Enable proxy mode"; uses apply-advanced; leaf source-address { junos:must "(!(".. .. .. .. vlan-id all"))"; junos:must-message "With qualified-learning source-address should be configured under Vlan options"; type jt:ipv6addr; description "Source IP address to use for proxy"; } leaf irb { type empty; description "Proxy IGMP reports to IRB"; } } // container proxy list interface { key "name"; ordered-by user; description "Interface options for MLD"; leaf name { junos:must "(!("interfaces $$-IFL vlan-tags inner-range"))"; junos:must-message "interface with vlan-tags inner-range should be specified in a learning-domain only"; junos:must "(!("interfaces $$-IFL vlan-id-range"))"; junos:must-message "interface with vlan-id-range should be specified in a learning-domain only"; junos:must "(((".. .. .. .. interface $$" || ".. .. .. .. .. .. interface $$") || (!(".. .. .. .. .. .. .. .. routing-instances") && ("interfaces $$-IFL family bridge interface-mode" && !(any "routing-instances <*> interface $$")))))"; junos:must-message "interface options can be specified for the interfaces in the routing-instance"; junos:must "(!(".. .. .. .. vlan-id all"))"; junos:must-message "When 'vlan-id all' is configured, interface should be configured only under vlan"; type union { type jt:interface-name; type string { pattern "<.*>|$.*"; } } description "Interface name"; } uses apply-advanced; leaf multicast-router-interface { type empty; description "Enabling multicast-router-interface on the interface"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } leaf host-only-interface { junos:must "(!(".. multicast-router-interface"))"; junos:must-message "interface cannot be both host-only and multicast-router"; type empty; description "Enable interfaces to be treated as host-side interfaces"; } leaf group-limit { type union { type string { pattern "<.*>|$.*"; } type uint16 { range "1 .. 65535"; } } description "Maximum number of (source,group) per interface"; } container static { description "Static group or source membership"; uses apply-advanced; list group { key "name"; ordered-by user; description "IP multicast group address"; leaf name { type jt:ipv6addr; description "IP multicast group address"; } uses apply-advanced; list source { key "name"; ordered-by user; description "IP multicast source address"; leaf name { type jt:ipv6addr; description "Source address of IP multicast data"; } uses apply-advanced; } // list source } // list group } // container static } // list interface list pseudowire-remote-address { junos:must "((" .. .. .. mld-snooping-options snoop-pseudowires" || " .. .. .. .. mld-snooping-options snoop-pseudowires"))"; junos:must-message "Configure pseudowire-remote-address only with snoop-pseudowires instance config"; key "name"; ordered-by user; description "Pseudowire interface options for MLD"; leaf name { junos:must "(!(".. .. .. .. vlan-id all"))"; junos:must-message "When 'vlan-id all' is configured, pseudowire-remote-address should be configured only under vlan"; type jt:ipv4addr; description "Pseudowire endpoint address"; } uses apply-advanced; leaf multicast-router-interface { type empty; description "Enabling multicast-router-interface on the interface"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } } // list pseudowire-remote-address list vlan { key "name"; ordered-by user; description "Vlan options"; leaf name { type string { length "1 .. 64"; } description "Vlan of the bridge-domain"; } uses apply-advanced; leaf query-interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 1024"; } } units "seconds"; description "When to send host query messages"; } leaf query-response-interval { type string { junos:posix-pattern "^[0-9]{1,4}(.[0-9])?$"; junos:pattern-message "Up to 1 digit to right of decimal point"; } units "seconds"; description "How long to wait for a host query response"; } leaf query-last-member-interval { type string { junos:posix-pattern "^[0-9]{1,4}(.[0-9])?$"; junos:pattern-message "Up to 1 digit to right of decimal point"; } units "seconds"; description "When to send group query messages"; } leaf robust-count { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "2 .. 10"; } } description "Expected packet loss on a subnet"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } container proxy { presence "enable proxy"; description "Enable proxy mode"; uses apply-advanced; leaf source-address { type jt:ipv6addr; description "Source IP address to use for proxy"; } } // container proxy leaf evpn-ssm-reports-only { type empty; description "Accept and process only <s,g> reports of SSM groups"; } list interface { key "name"; ordered-by user; description "Interface options for MLD"; leaf name { type union { type jt:interface-name; type string { pattern "<.*>|$.*"; } } description "Interface name"; } uses apply-advanced; leaf multicast-router-interface { type empty; description "Enabling multicast-router-interface on the interface"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } leaf host-only-interface { junos:must "(!(".. multicast-router-interface"))"; junos:must-message "interface cannot be both host-only and multicast-router"; type empty; description "Enable interfaces to be treated as host-side interfaces"; } leaf group-limit { type union { type string { pattern "<.*>|$.*"; } type uint16 { range "1 .. 65535"; } } description "Maximum number of (source,group) per interface"; } container static { description "Static group or source membership"; uses apply-advanced; list group { key "name"; ordered-by user; description "IP multicast group address"; leaf name { type jt:ipv6addr; description "IP multicast group address"; } uses apply-advanced; list source { key "name"; ordered-by user; description "IP multicast source address"; leaf name { type jt:ipv6addr; description "Source address of IP multicast data"; } uses apply-advanced; } // list source } // list group } // container static } // list interface list pseudowire-remote-address { junos:must "((" .. .. .. mld-snooping-options snoop-pseudowires" || " .. .. .. .. mld-snooping-options snoop-pseudowires"))"; junos:must-message "Configure pseudowire-remote-address only with snoop-pseudowires instance config"; key "name"; ordered-by user; description "Pseudowire interface options for MLD"; leaf name { type jt:ipv4addr; description "Pseudowire endpoint address"; } uses apply-advanced; leaf multicast-router-interface { type empty; description "Enabling multicast-router-interface on the interface"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } } // list pseudowire-remote-address list qualified-vlan { key "name"; ordered-by user; description "VLAN options for qualified-learning"; leaf name { junos:must "(".. .. .. .. .. vlans ${vlan} vlan-id all")"; junos:must-message "vlan specific configuration is allowed with qualified-learning only"; type union { type string { pattern "<.*>|$.*"; } type uint32 { range "0 .. 1023"; } } description "VLAN ID of the learning-domain"; } uses apply-advanced; leaf query-interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 1024"; } } units "seconds"; description "When to send host query messages"; } leaf query-response-interval { type string { junos:posix-pattern "^[0-9]{1,4}(.[0-9])?$"; junos:pattern-message "Up to 1 digit to right of decimal point"; } units "seconds"; description "How long to wait for a host query response"; } leaf query-last-member-interval { type string { junos:posix-pattern "^[0-9]{1,4}(.[0-9])?$"; junos:pattern-message "Up to 1 digit to right of decimal point"; } units "seconds"; description "When to send group query messages"; } leaf robust-count { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "2 .. 10"; } } description "Expected packet loss on a subnet"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } container proxy { presence "enable proxy"; description "Enable proxy mode"; uses apply-advanced; leaf source-address { type jt:ipv6addr; description "Source IP address to use for proxy"; } } // container proxy leaf evpn-ssm-reports-only { type empty; description "Accept and process only <s,g> reports of SSM groups"; } list interface { key "name"; ordered-by user; description "Interface options for MLD"; leaf name { junos:must "(".. .. .. .. .. .. vlans ${vlan} interface $$")"; junos:must-message "interface options can be specified for the interfaces in the routing-instance"; type union { type jt:interface-name; type string { pattern "<.*>|$.*"; } } description "Interface name"; } uses apply-advanced; leaf multicast-router-interface { type empty; description "Enabling multicast-router-interface on the interface"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } leaf host-only-interface { junos:must "(!(".. multicast-router-interface"))"; junos:must-message "interface cannot be both host-only and multicast-router"; type empty; description "Enable interfaces to be treated as host-side interfaces"; } leaf group-limit { type union { type string { pattern "<.*>|$.*"; } type uint16 { range "1 .. 65535"; } } description "Maximum number of (source,group) per interface"; } container static { description "Static group or source membership"; uses apply-advanced; list group { key "name"; ordered-by user; description "IP multicast group address"; leaf name { type jt:ipv6addr; description "IP multicast group address"; } uses apply-advanced; list source { key "name"; ordered-by user; description "IP multicast source address"; leaf name { type jt:ipv6addr; description "Source address of IP multicast data"; } uses apply-advanced; } // list source } // list group } // container static } // list interface list pseudowire-remote-address { junos:must "((" .. .. .. mld-snooping-options snoop-pseudowires" || " .. .. .. .. mld-snooping-options snoop-pseudowires"))"; junos:must-message "Configure pseudowire-remote-address only with snoop-pseudowires instance config"; key "name"; ordered-by user; description "Pseudowire interface options for MLD"; leaf name { type jt:ipv4addr; description "Pseudowire endpoint address"; } uses apply-advanced; leaf multicast-router-interface { type empty; description "Enabling multicast-router-interface on the interface"; } leaf immediate-leave { type empty; description "Enable immediate group leave on interfaces"; } } // list pseudowire-remote-address } // list qualified-vlan } // list vlan } // grouping juniper-bd-protocols-mld-snooping grouping juniper-bridge-forwarding-options { uses apply-advanced; container filter { description "Filtering for bridge forwarding table"; uses apply-advanced; leaf input { type string; description "Name of input filter to apply for forwarded packets"; } leaf output { type string; description "Name of output filter to apply for forwarded packets"; } } // container filter container flood { description "Filtering for bridge flood table"; uses apply-advanced; leaf input { type string; description "Name of input filter to apply for bridge flood packets"; } } // container flood container dhcp-relay { status deprecated; description "Dynamic Host Configuration Protocol relay configuration"; uses jdhcp-relay-type; } // container dhcp-relay container dhcp-security { presence "enable dhcp-security"; description "Dynamic ARP Inspection configuration"; uses jdhcp-security-type; } // container dhcp-security } // grouping juniper-bridge-forwarding-options grouping jdhcp-relay-type { description "Dynamic Host Configuration Protocol relay configuration"; uses apply-advanced; container traceoptions { junos:must "(!("forwarding-options helpers bootp"))"; junos:must-message "Incompatible with 'forwarding-options helpers bootp'"; junos:must "(!("system services dhcp"))"; junos:must-message "Incompatible with 'set system services dhcp'"; status deprecated; description "DHCP relay trace options"; uses jdhcp-traceoptions-type; } // container traceoptions container persistent-storage { description "Trigger to enable flat file storage"; leaf automatic { type empty; description "Trigger automatically"; } } // container persistent-storage leaf duplicate-clients-on-interface { type empty; status deprecated; description "Allow duplicate clients on different interfaces in a subnet"; } container duplicate-clients-in-subnet { junos:must "(!(".. duplicate-clients-on-interface"))"; junos:must-message "Cannot specify duplicate-clients-in-subnet with duplicate-clients-on-interface"; description "Allow duplicate clients in a subnet"; uses jdhcp-duplicate-clients-in-subnet-type; } // container duplicate-clients-in-subnet container interface-traceoptions { status deprecated; description "DHCP relay interface trace options"; uses jdhcp-interface-traceoptions-type; } // container interface-traceoptions container dhcpv6 { description "DHCPv6 configuration"; uses dhcpv6-relay-type; } // container dhcpv6 leaf arp-inspection { type empty; description "Enable Dynamic ARP Inspection"; } container forward-snooped-clients { junos:must "((!(".. forward-only") && (!(".. forward-only-replies") && !(any ".. group <*> forward-only"))))"; junos:must-message "forward-only and forward-only-replies cannot be configured when forward-snooped-clients is configured"; description "Forward snooped (unicast) packets"; choice interface-type { leaf configured-interfaces { type empty; description "Forward snooped (unicast) packets on configured interfaces"; } leaf non-configured-interfaces { type empty; description "Forward snooped (unicast) packets on non-configured interfaces"; } leaf all-interfaces { type empty; description "Forward snooped (unicast) packets on configured and non-configured interfaces"; } } // choice interface-type } // container forward-snooped-clients container authentication { junos:must "(!("forwarding-options helpers bootp"))"; junos:must-message "'authentication' statement cannot be included along with 'forwarding-options helpers bootp' statement"; description "DHCP authentication"; uses authentication-type; } // container authentication container liveness-detection { junos:must "(!("forwarding-options helpers bootp"))"; junos:must-message "'liveness-detection' statement cannot be included along with 'forwarding-options helpers bootp' statement"; description "DHCP client liveness detection processing"; uses dhcp-liveness-detection-type; } // container liveness-detection container dynamic-profile { junos:must "(!("forwarding-options helpers bootp"))"; junos:must-message "'dynamic-profile' statement cannot be included along with 'forwarding-options helpers bootp' statement"; description "Dynamic profile to use"; uses dynamic-profile-type; } // container dynamic-profile leaf service-profile { type string { length "1 .. 128"; } description "Dynamic profile to use for default service activation"; } leaf access-profile { junos:must "("access profile $$")"; junos:must-message "Matching access profile must be defined"; junos:must "(!("forwarding-options helpers bootp"))"; junos:must-message "'access-profile' statement cannot be included along with 'forwarding-options helpers bootp' statement"; type string { length "1 .. 128"; } description "Access profile to use for AAA services"; } container short-cycle-protection { description "Short cycle lockout configuration"; leaf lockout-min-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 86400"; } } description "Short cycle lockout time in seconds"; } leaf lockout-max-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 86400"; } } description "Short cycle lockout time in seconds"; } } // container short-cycle-protection container overrides { junos:must "(!("forwarding-options helpers bootp"))"; junos:must-message "'overrides' statement cannot be included along with 'forwarding-options helpers bootp' statement"; presence "enable overrides"; description "DHCP override processing"; uses override-type; } // container overrides container relay-option { junos:must "((!(".. relay-option-60") && !(any ".. group <*> relay-option-60")))"; junos:must-message "Cannot specify relay-option-60 with relay-option"; presence "enable relay-option"; description "DHCP option processing"; uses dhcp-generic-v4-option; } // container relay-option container server-match { description "Server match processing"; uses apply-advanced; container default-action { presence "enable default-action"; description "Server match default action"; uses server-match-action-choice; } // container default-action list address { key "name"; ordered-by user; description "Server address"; leaf name { type jt:ipv4prefix; description "Server address for matching"; } uses apply-advanced; choice server-match-action-choice { leaf forward-only { type empty; description "Forward without subscriber services when a match is made"; } leaf create-relay-entry { type empty; description "Create relay entry and allow subscriber services"; } } // choice server-match-action-choice } // list address } // container server-match container relay-option-60 { junos:must "(!("forwarding-options helpers bootp"))"; junos:must-message "'relay-option-60' statement cannot be included along with 'forwarding-options helpers bootp' statement"; junos:must "((!(".. relay-option") && !(any ".. group <*> relay-option")))"; junos:must-message "Cannot specify relay-option with relay-option-60 "; presence "enable relay-option-60"; status deprecated; description "DHCP option-60 processing"; uses relay-option-60-type-top; } // container relay-option-60 container relay-option-82 { junos:must "(!("forwarding-options helpers bootp"))"; junos:must-message "'relay-option-82' statement cannot be included along with 'forwarding-options helpers bootp' statement"; presence "enable relay-option-82"; description "DHCP option-82 processing"; uses relay-option-82-type; } // container relay-option-82 container forward-only { junos:must "(!("forwarding-options helpers bootp"))"; junos:must-message "'forward-only' statement cannot be included along with 'forwarding-options helpers bootp' statement"; presence "enable forward-only"; description "Forward DHCP packets without creating binding"; uses forward-only-to-rc-type; } // container forward-only leaf description { type string; description "Text description of servers"; } leaf maximum-hop-count { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 16"; } } description "Maximum number of hops per packet"; } leaf minimum-wait-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "0 .. 30000"; } } description "Minimum number of seconds before requests are forwarded"; } leaf client-response-ttl { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 255"; } } description "IP time-to-live value to set in responses to client"; } leaf source-ip-change { type empty; description "Use address of egress interface as source ip"; } leaf forward-only-replies { type empty; description "Forward-only replies from server to appropriate logical-system:routing-instance based on options"; } container server-group { junos:must "(!("forwarding-options helpers bootp"))"; junos:must-message "'server-group' statement cannot be included along with 'forwarding-options helpers bootp' statement"; description "Define a DHCP server group"; uses server-group-type; } // container server-group container active-server-group { description "Name of DHCP server group"; uses dhcpv4-gbl-active-sg-type; } // container active-server-group container route-suppression { junos:must "(!(".. liveness-detection method layer2-liveness-detection"))"; junos:must-message "Cannot specify route-suppression with liveness-detection method layer2-liveness-detection"; junos:must "(!(".. overrides no-arp"))"; junos:must-message "Cannot specify route-suppression with overrides no-arp"; description "Suppress access-internal and/or destination route addition"; uses dhcp-route-suppression-type; } // container route-suppression list group { junos:must "(!("forwarding-options helpers bootp"))"; junos:must-message "'group' statement cannot be included along with 'forwarding-options helpers bootp' statement"; key "name"; ordered-by user; description "Define a DHCP group"; uses dhcp-group; } // list group list dual-stack-group { key "name"; description "Define a DHCP dual stack group"; uses dhcp-dual-stack-group; } // list dual-stack-group leaf no-snoop { junos:must "(!("legacy-snooping"))"; junos:must-message "'no-snoop' statement cannot be included along with 'legacy-snooping' statement"; type empty; description "Do not snoop DHCP packets"; } leaf server-response-time { type union { type uint32; type string { pattern "<.*>|$.*"; } } default "0"; description "Number of seconds in a period of activity between the last server response and an unaswered request"; } container lease-time-validation { presence "enable lease-time-validation"; description "Configure lease time violation validation"; uses apply-advanced; leaf lease-time-threshold { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "60 .. 2147483647"; } } units "seconds"; description "Threshold for lease time violation in seconds"; } container violation-action { description "Lease time validation violation action"; leaf drop { type empty; description "Drop dhcpv4 offer and ack packets"; } } // container violation-action } // container lease-time-validation container leasequery { junos:must "(".. overrides always-write-option-82")"; junos:must-message "Must configure [overrides always-write-option-82] to overwrite circuit-id"; junos:must "((".. relay-option-82 circuit-id" && (!(".. relay-option-82 circuit-id use-interface-description") && !(".. relay-option-82 circuit-id require-interface-description"))))"; junos:must-message "Must configure [relay-option-82 circuit-id] without description to insert circuit-id"; presence "enable leasequery"; description "DHCP leasequery configuration"; uses relay-leasequery-type; } // container leasequery container bulk-leasequery { presence "enable bulk-leasequery"; description "DHCP bulk leasequery configuration"; uses relay-bulk-leasequery-v4-type; } // container bulk-leasequery container active-leasequery { junos:must "(".. bulk-leasequery")"; junos:must-message "Must configure bulk-leasequery"; presence "enable active-leasequery"; description "DHCPv4 active leasequery configuration"; uses relay-active-leasequery-v4-type; } // container active-leasequery container remote-id-mismatch { presence "enable remote-id-mismatch"; description "DHCP client remote-id mismatch"; uses dhcp-remote-id-mismatch-type; } // container remote-id-mismatch } // grouping jdhcp-relay-type grouping authentication-type { description "DHCP authentication"; uses apply-advanced; leaf password { type string { length "1 .. 64"; } description "Username password to use"; } container username-include { description "Add username options"; uses apply-advanced; leaf delimiter { type string { length "1"; } description "Change delimiter/separator character"; } leaf domain-name { type string { length "1 .. 64"; } description "Add domain name"; } leaf user-prefix { type string { length "1 .. 64"; } description "Add user defined prefix"; } leaf mac-address { type empty; description "Include MAC address"; } container option-82 { presence "enable option-82"; description "Include option 82"; leaf circuit-id { type empty; description "Include option 82 circuit-id (sub option 1)"; } leaf remote-id { type empty; description "Include option 82 remote-id (sub option 2)"; } } // container option-82 leaf logical-system-name { type empty; description "Include logical system name"; } leaf routing-instance-name { type empty; description "Include routing instance name"; } container client-id { presence "enable client-id"; description "Include client ID"; leaf exclude-headers { type empty; description "Exclude all the headers"; } leaf use-automatic-ascii-hex-encoding { type empty; description "Use automatic ascii hex username encoding"; } } // container client-id leaf option-60 { type empty; description "Include option 60"; } leaf circuit-type { type empty; description "Include circuit type"; } leaf interface-name { type empty; description "Include interface name"; } leaf interface-description { type enumeration { enum "device" { value 0; description "Add the device interface description"; } enum "logical" { value 1; description "Add the logical interface description"; } } description "Include interface description"; } leaf vlan-tags { type empty; description "Include the vlan tag(s)"; } } // container username-include } // grouping authentication-type grouping dhcp-dual-stack-group { description "DHCP dual stack groups"; leaf name { type string { junos:posix-pattern "^[A-Za-z0-9][_0-9A-Za-z-]*$"; junos:pattern-message "Must be a non-reserved string of 64 characters or less"; length "1 .. 64"; } description "Dual stack group name"; } uses apply-advanced; container authentication { description "DHCP authentication"; uses dual-stack-authentication-type; } // container authentication leaf service-profile { type string { length "1 .. 128"; } description "Dynamic profile to use for default service activation"; } leaf access-profile { type string { length "1 .. 128"; } description "Access profile to be used for jdhcpd"; } container dynamic-profile { description "Dynamic profile to use"; uses dynamic-profile-type; } // container dynamic-profile container liveness-detection { description "DHCP client liveness detection processing"; uses dhcp-liveness-detection-dualstack-type; } // container liveness-detection container relay-agent-interface-id { presence "enable relay-agent-interface-id"; description "Interface-id option processing"; uses v6-relay-option-interface-id-type; } // container relay-agent-interface-id container relay-agent-remote-id { presence "enable relay-agent-remote-id"; description "Remote-id option processing"; uses v6-relay-option-remote-id-type; } // container relay-agent-remote-id container classification-key { junos:must "(".. dynamic-profile")"; junos:must-message "dynamic profile configuration in dual-stack-group is must for configuring classification-type"; description "Classification key for identifying dual stack household"; uses classification-types; } // container classification-key leaf dual-stack-interface-client-limit { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 500000"; } } description "Limit the number of client allowed on an interface"; } container protocol-master { description "Select family as protocol master"; uses jdhcp-dual-stack-protocol-mstr-type; } // container protocol-master container short-cycle-protection { description "Short cycle lockout configuration"; leaf lockout-min-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 86400"; } } description "Short cycle lockout time in seconds"; } leaf lockout-max-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 86400"; } } description "Short cycle lockout time in seconds"; } } // container short-cycle-protection } // grouping dhcp-dual-stack-group grouping classification-types { description "Different mechanisms to identify a single household"; uses apply-advanced; leaf mac-address { type empty; description "MAC address of client"; } leaf circuit-id { type empty; description "Circuit-id as key"; } leaf remote-id { type empty; description "Remote-id as key"; } } // grouping classification-types grouping dhcp-generic-v4-option { description "Generic DHCP options processing"; uses apply-advanced; leaf option-number { type enumeration { enum "60" { value 0; status deprecated; description "Option 60"; } enum "77" { value 1; status deprecated; description "Option 77"; } } status deprecated; description "Option number"; } container equals { status deprecated; description "Generic option equals"; uses relay-v4-option-ascii-hex; } // container equals container default-action { status deprecated; description "Generic option default action"; uses dhcp-v4-option-default-action; } // container default-action container starts-with { status deprecated; description "Generic option starts with"; uses relay-v4-option-ascii-hex; } // container starts-with container option-60 { junos:must "(!("option-number"))"; junos:must-message "Cannot specify option-60 with option-number"; presence "enable option-60"; description "Add option 60 processing"; uses dhcp-generic-v4-option-type; } // container option-60 container option-77 { junos:must "(!("option-number"))"; junos:must-message "Cannot specify option-77 with option-number"; presence "enable option-77"; description "Add option 77 processing"; uses dhcp-generic-v4-option-type; } // container option-77 list option-order { junos:must "(!("option-number"))"; junos:must-message "Cannot specify option-order with option-number"; key "name"; ordered-by user; description "Options precedence order"; leaf name { type enumeration { enum "60" { value 0; description "Option 60"; } enum "77" { value 1; description "Option 77"; } } description "Option number"; } uses apply-advanced; } // list option-order } // grouping dhcp-generic-v4-option grouping dhcp-generic-v4-option-type { uses apply-advanced; container equals { description "Generic option equals"; uses relay-v4-option-ascii-hex; } // container equals container default-action { description "Generic option default action"; uses dhcp-v4-option-default-action; } // container default-action container starts-with { description "Generic option starts with"; uses relay-v4-option-ascii-hex; } // container starts-with } // grouping dhcp-generic-v4-option-type grouping dhcp-group { description "DHCP groups"; leaf name { type string { junos:posix-pattern "^[A-Za-z0-9][_0-9A-Za-z-]*$"; junos:pattern-message "Must be a non-reserved string of 64 characters or less"; length "1 .. 64"; } description "Group name"; } uses apply-advanced; container active-server-group { description "Name of DHCP server group"; uses dhcpv4-gp-active-sg-type; } // container active-server-group container authentication { description "DHCP authentication"; uses authentication-type; } // container authentication container liveness-detection { description "DHCP client liveness detection processing"; uses dhcp-liveness-detection-type; } // container liveness-detection container dynamic-profile { description "Dynamic profile to use"; uses dynamic-profile-type; } // container dynamic-profile leaf service-profile { type string { length "1 .. 128"; } description "Dynamic profile to use for default service activation"; } leaf access-profile { junos:must "("access profile $$")"; junos:must-message "Matching access profile must be defined"; type string { length "1 .. 128"; } description "Access profile to use for AAA services"; } container overrides { presence "enable overrides"; description "DHCP override processing"; uses override-type; } // container overrides container short-cycle-protection { description "Short cycle lockout configuration"; leaf lockout-min-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 86400"; } } description "Short cycle lockout time in seconds"; } leaf lockout-max-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 86400"; } } description "Short cycle lockout time in seconds"; } } // container short-cycle-protection container server-match { description "Server match processing"; uses apply-advanced; container default-action { presence "enable default-action"; description "Server match default action"; uses server-match-action-choice; } // container default-action list address { key "name"; ordered-by user; description "Server address"; leaf name { type jt:ipv4prefix; description "Server address for matching"; } uses apply-advanced; choice server-match-action-choice { leaf forward-only { type empty; description "Forward without subscriber services when a match is made"; } leaf create-relay-entry { type empty; description "Create relay entry and allow subscriber services"; } } // choice server-match-action-choice } // list address } // container server-match container relay-option { junos:must "((!(".. relay-option-60") && !(".. .. relay-option-60")))"; junos:must-message "Cannot specify relay-option-60 with relay-option"; presence "enable relay-option"; description "DHCP option processing"; uses dhcp-generic-v4-option; } // container relay-option container relay-option-60 { junos:must "((!(".. relay-option") && !(".. .. relay-option")))"; junos:must-message "Cannot specify relay-option with relay-option-60"; presence "enable relay-option-60"; status deprecated; description "DHCP option-60 processing"; uses relay-option-60-type-group; } // container relay-option-60 container relay-option-82 { presence "enable relay-option-82"; description "DHCP option-82 processing"; uses relay-option-82-type; } // container relay-option-82 container forward-only { presence "enable forward-only"; description "Forward DHCP packets without creating binding"; uses forward-only-to-rc-type; } // container forward-only container route-suppression { junos:must "(!(".. liveness-detection method layer2-liveness-detection"))"; junos:must-message "Cannot specify route-suppression with liveness-detection method layer2-liveness-detection"; junos:must "((!(".. overrides no-arp") && !(".. .. overrides no-arp")))"; junos:must-message "Cannot specify route-suppression with overrides no-arp"; description "Suppress access-internal and/or destination route addition"; uses dhcp-route-suppression-type; } // container route-suppression leaf description { type string; description "Text description of servers"; } leaf maximum-hop-count { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 16"; } } description "Maximum number of hops per packet"; } leaf minimum-wait-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "0 .. 30000"; } } description "Minimum number of seconds before requests are forwarded"; } leaf client-response-ttl { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 255"; } } description "IP time-to-live value to set in responses to client"; } leaf source-ip-change { type empty; description "Use address of egress interface as source ip"; } list interface { key "name"; description "One or more interfaces"; leaf name { type union { type jt:interface-name; type string { pattern "<.*>|$.*"; } } description "Interface name"; } uses apply-advanced; leaf upto { type union { type jt:interface-name; type string { pattern "<.*>|$.*"; } } description "Interface up to"; } leaf exclude { type empty; description "Exclude this interface range"; } leaf trace { junos:must "(!(".. exclude"))"; junos:must-message "Cannot specify tracing with exclude"; type empty; description "Enable tracing for this interface"; } container overrides { junos:must "(!(".. exclude"))"; junos:must-message "Cannot specify overrides with exclude"; description "DHCP override processing"; uses override-type; } // container overrides container dynamic-profile { junos:must "(!(".. exclude"))"; junos:must-message "Cannot specify overrides with exclude"; description "Dynamic profile to use"; uses dynamic-profile-type; } // container dynamic-profile leaf service-profile { type string { length "1 .. 128"; } description "Dynamic profile to use for default service activation"; } leaf access-profile { junos:must "("access profile $$")"; junos:must-message "Matching access profile must be defined"; junos:must "(!(".. exclude"))"; junos:must-message "Cannot specify overrides with exclude"; type string { length "1 .. 128"; } description "Access profile to use for AAA services"; } container short-cycle-protection { description "Short cycle lockout configuration"; leaf lockout-min-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 86400"; } } description "Short cycle lockout time in seconds"; } leaf lockout-max-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 86400"; } } description "Short cycle lockout time in seconds"; } } // container short-cycle-protection } // list interface container remote-id-mismatch { presence "enable remote-id-mismatch"; description "DHCP client remote-id mismatch"; uses dhcp-remote-id-mismatch-type; } // container remote-id-mismatch container lease-time-validation { presence "enable lease-time-validation"; description "Configure lease time violation validation"; uses apply-advanced; leaf lease-time-threshold { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "60 .. 2147483647"; } } units "seconds"; description "Threshold for lease time violation in seconds"; } container violation-action { description "Lease time validation violation action"; leaf drop { type empty; description "Drop dhcpv4 offer and ack packets"; } } // container violation-action } // container lease-time-validation } // grouping dhcp-group grouping dhcp-liveness-detection-dualstack-type { description "DHCP client liveness detection processing"; uses apply-advanced; container failure-action { description "Liveness detection failure action options"; uses dhcp-liveness-detection-failure-action-type; } // container failure-action container method { description "Liveness detection method options"; uses apply-advanced; choice method-choice { container layer2-liveness-detection { junos:must "((!(".. .. route-suppression") && (!(".. .. .. route-suppression") && !(".. .. .. .. route-suppression"))))"; junos:must-message "Method not allowed with route-suppression enabled"; description "Address resolution options"; uses dhcp-arp-nud-liveness-detection-type; } // container layer2-liveness-detection } // choice method-choice } // container method } // grouping dhcp-liveness-detection-dualstack-type grouping dhcp-arp-nud-liveness-detection-type { description "Address Resolution detection options"; uses apply-advanced; leaf transmit-interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "300 .. 1800"; } } units "seconds"; default "300"; description "Transmit interval for address resolution"; } leaf max-consecutive-retries { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "3 .. 6"; } } default "3"; description "Retry attempts"; } } // grouping dhcp-arp-nud-liveness-detection-type grouping dhcp-liveness-detection-failure-action-type { description "Liveness detection failure action options"; uses apply-advanced; choice failure-action-type { leaf clear-binding { type empty; description "Clear the client binding"; } leaf clear-binding-if-interface-up { type empty; description "Clear the client binding only if the incoming interface is up"; } leaf log-only { type empty; description "Maintain the client binding and log the failure event"; } } // choice failure-action-type } // grouping dhcp-liveness-detection-failure-action-type grouping dhcp-liveness-detection-type { description "DHCP client liveness detection processing"; uses apply-advanced; container failure-action { description "Liveness detection failure action options"; uses dhcp-liveness-detection-failure-action-type; } // container failure-action container method { description "Liveness detection method options"; uses apply-advanced; choice method-choice { container bfd { description "Bidirectional Forwarding Detection (BFD) options"; uses dhcp-bfd-liveness-detection-type; } // container bfd container layer2-liveness-detection { junos:must "((!(".. .. route-suppression") && (!(".. .. .. route-suppression") && !(".. .. .. .. route-suppression"))))"; junos:must-message "Method not allowed with route-suppression enabled"; description "Address resolution options"; uses dhcp-arp-nud-liveness-detection-type; } // container layer2-liveness-detection } // choice method-choice } // container method } // grouping dhcp-liveness-detection-type grouping dhcp-bfd-liveness-detection-type { description "Bidirectional Forwarding Detection (BFD) options"; uses apply-advanced; leaf version { type enumeration { enum "0" { value 0; description "BFD version 0 (deprecated)"; } enum "1" { value 1; description "BFD version 1"; } enum "automatic" { value 2; description "Choose BFD version automatically"; } } default "automatic"; description "BFD protocol version number"; } leaf minimum-interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "30000 .. 255000"; } } units "milliseconds"; description "Minimum transmit and receive interval"; } leaf minimum-transmit-interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "30000 .. 255000"; } } units "milliseconds"; status deprecated; description "Minimum transmit interval"; } leaf minimum-receive-interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "30000 .. 255000"; } } units "milliseconds"; description "Minimum receive interval"; } leaf multiplier { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 255"; } } default "3"; description "Detection time multiplier"; } choice adaptation-choice { leaf no-adaptation { type empty; description "Disable adaptation"; } } // choice adaptation-choice container transmit-interval { description "Transmit-interval options"; uses apply-advanced; leaf minimum-interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "30000 .. 255000"; } } units "milliseconds"; description "Minimum transmit interval"; } leaf threshold { type union { type uint32; type string { pattern "<.*>|$.*"; } } units "milliseconds"; description "High transmit interval triggering a trap"; } } // container transmit-interval container detection-time { description "Detection-time options"; uses apply-advanced; leaf threshold { type union { type uint32; type string { pattern "<.*>|$.*"; } } units "milliseconds"; description "High detection-time triggering a trap"; } } // container detection-time leaf session-mode { type enumeration { enum "automatic" { value 0; description "Choose session-mode automatically"; } enum "single-hop" { value 1; description "Use single-hop"; } enum "multihop" { value 2; description "Use multihop"; } } default "automatic"; description "BFD single-hop or multihop session-mode"; } leaf holddown-interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "0 .. 255000"; } } units "milliseconds"; default "0"; description "Time to hold the session-UP notification to the client"; } } // grouping dhcp-bfd-liveness-detection-type grouping dhcp-remote-id-mismatch-type { description "DHCP client remote-id-mismatch processing"; uses apply-advanced; leaf disconnect { type empty; description "Disconnect session on remote-id mismatch"; } } // grouping dhcp-remote-id-mismatch-type grouping dhcp-route-suppression-type { uses apply-advanced; choice dhcp-route-suppression-choice { leaf access-internal { type empty; description "Suppress access-internal and destination route addition"; } leaf destination { type empty; description "Suppress destination route addition"; } } // choice dhcp-route-suppression-choice } // grouping dhcp-route-suppression-type grouping dhcp-v4-option-default-action { description "Default action"; uses apply-advanced; choice server-group-choice { leaf relay-server-group { junos:must "((".. .. .. .. .. .. server-group $$" || (".. .. .. .. .. server-group $$" || (".. .. .. .. server-group $$" || ".. .. .. server-group $$"))))"; junos:must-message "Referenced group must be defined under [edit forwarding dhcp-relay server-group]"; type string { length "1 .. 64"; } description "Name of DHCP relay server group when match is made"; } leaf local-server-group { junos:must "((".. .. .. .. .. .. .. .. system services dhcp-local-server group $$" || (".. .. .. .. .. .. .. system services dhcp-local-server group $$" || (".. .. .. .. .. .. system services dhcp-local-server group $$" || ".. .. .. .. .. system services dhcp-local-server group $$"))))"; junos:must-message "Referenced group must be defined under [edit system services dhcp-local-server group]"; type string { length "1 .. 64"; } description "Name of DHCP local server group when match is made"; } leaf drop { type empty; description "Discard when a match is made"; } leaf forward-only { type empty; description "Forward without subscriber services when a match is made"; } } // choice server-group-choice } // grouping dhcp-v4-option-default-action grouping dhcpv4-gbl-active-sg-type { leaf active-server-group { junos:must "(".. .. server-group $$")"; junos:must-message "Referenced group must be defined under [edit forwarding-options dhcp-relay server-group]"; type string { length "1 .. 64"; } description "Name of DHCP server group"; } leaf allow-server-change { type empty; description "Accept DHCP-ACK from any server in this group"; } } // grouping dhcpv4-gbl-active-sg-type grouping dhcpv4-gp-active-sg-type { leaf active-server-group { junos:must "(".. .. .. server-group $$")"; junos:must-message "Referenced group must be defined under [edit forwarding-options dhcp-relay server-group]"; type string { length "1 .. 64"; } description "Name of DHCP server group"; } leaf allow-server-change { type empty; description "Accept DHCP-ACK from any server in this group"; } } // grouping dhcpv4-gp-active-sg-type grouping dhcpv6-relay-type { description "DHCPv6 relay configuration"; uses apply-advanced; container authentication { description "DHCPv6 authentication"; uses dhcpv6-authentication-type; } // container authentication container persistent-storage { description "Trigger to enable flat file storage"; leaf automatic { type empty; description "Trigger automatically"; } } // container persistent-storage container liveness-detection { description "DHCPv6 client liveness detection processing"; uses dhcpv6-liveness-detection-type; } // container liveness-detection container dynamic-profile { description "Dynamic profile to use"; uses dynamic-profile-type; } // container dynamic-profile leaf service-profile { type string { length "1 .. 128"; } description "Dynamic profile to use for default service activation"; } leaf access-profile { junos:must "("access profile $$")"; junos:must-message "Matching access profile must be defined"; type string { length "1 .. 128"; } description "Access profile to use for AAA services"; } container short-cycle-protection { description "Short cycle lockout configuration"; leaf lockout-min-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 86400"; } } description "Short cycle lockout time in seconds"; } leaf lockout-max-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 86400"; } } description "Short cycle lockout time in seconds"; } } // container short-cycle-protection container overrides { presence "enable overrides"; description "DHCPv6 override processing"; uses dhcpv6-override-relay-type; } // container overrides container relay-option { presence "enable relay-option"; description "DHCPv6 option processing"; uses dhcp-generic-v6-option; } // container relay-option leaf exclude-relay-agent-identifier { type empty; description "Exclude relay agent identifier from packets to server"; } container server-match { description "Server match processing"; uses apply-advanced; container default-action { description "Server match default action"; uses server-match-action-choice; } // container default-action container duid { description "Match duid processing"; uses apply-advanced; container equals { description "Duid equals"; uses server-match-v6-ascii-hex; } // container equals container starts-with { description "Duid starts with"; uses server-match-v6-ascii-hex; } // container starts-with } // container duid list address { key "name"; ordered-by user; description "Server ipv6 address"; leaf name { type jt:ipv6prefix; description "Server ipv6 address for matching"; } uses apply-advanced; choice server-match-action-choice { leaf forward-only { type empty; description "Forward without subscriber services when a match is made"; } leaf create-relay-entry { type empty; description "Create relay entry and allow subscriber services"; } } // choice server-match-action-choice } // list address } // container server-match leaf relay-agent-option-79 { type empty; description "Add the client MAC address to the Relay Forward header."; } container vendor-specific-information { description "DHCPv6 option 17 vendor-specific processing"; uses jdhcp-vendor-specific-type; } // container vendor-specific-information container forward-only { presence "enable forward-only"; description "Forward DHCPv6 packets without creating binding"; uses forward-only-to-rc-type; } // container forward-only leaf forward-only-replies { type empty; description "Forward-only replies from server to appropriate logical-system:routing-instance based on options"; } container forward-snooped-clients { junos:must "((!(".. forward-only") && (!(".. forward-only-replies") && !(any ".. group <*> forward-only"))))"; junos:must-message "forward-only and forward-only-replies cannot be configured when forward-snooped-clients is configured"; description "Forward snooped (unicast) packets"; choice interface-type { leaf configured-interfaces { type empty; description "Forward snooped (unicast) packets on configured interfaces"; } leaf non-configured-interfaces { type empty; description "Forward snooped (unicast) packets on non-configured interfaces"; } leaf all-interfaces { type empty; description "Forward snooped (unicast) packets on configured and non-configured interfaces"; } } // choice interface-type } // container forward-snooped-clients container route-suppression { description "Suppress access-internal and/or access route addition"; uses dhcpv6-route-suppression-type; } // container route-suppression list group { key "name"; ordered-by user; description "Define a DHCPv6 relay group"; uses dhcpv6-relay-group; } // list group container relay-agent-interface-id { presence "enable relay-agent-interface-id"; description "DHCPv6 interface-id option processing"; uses v6-relay-option-interface-id-type; } // container relay-agent-interface-id container relay-agent-remote-id { presence "enable relay-agent-remote-id"; description "DHCPv6 remote-id option processing"; uses v6-relay-option-remote-id-type; } // container relay-agent-remote-id container server-group { description "Define a DHCPv6 server group"; uses v6-server-group-type; } // container server-group container active-server-group { description "Name of DHCPv6 server group"; uses dhcpv6-gbl-active-sg-type; } // container active-server-group leaf server-response-time { type union { type uint32; type string { pattern "<.*>|$.*"; } } default "0"; description "Number of seconds in a period of activity between the last server response and an unaswered request"; } container lease-time-validation { presence "enable lease-time-validation"; description "Configure lease time violation validation"; uses apply-advanced; leaf lease-time-threshold { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "60 .. 2147483647"; } } units "seconds"; description "Threshold for lease time violation in seconds"; } container violation-action { description "Lease time validation violation action"; leaf drop { type empty; description "Drop dhcpv6 advertise and reply packets"; } } // container violation-action } // container lease-time-validation leaf no-snoop { junos:must "(!("legacy-snooping"))"; junos:must-message "'no-snoop' statement cannot be included along with 'legacy-snooping' statement"; type empty; description "Do not snoop DHCPV6 packets"; } container leasequery { junos:must "(".. relay-agent-interface-id")"; junos:must-message "Must configure [relay-agent-interface-id] to insert interface-id"; presence "enable leasequery"; description "DHCPv6 leasequery configuration"; uses relay-leasequery-type; } // container leasequery container bulk-leasequery { junos:must "(".. relay-agent-interface-id")"; junos:must-message "Must configure [relay-agent-interface-id] to insert interface-id"; presence "enable bulk-leasequery"; description "DHCPv6 bulk leasequery configuration"; uses relay-bulk-leasequery-v6-type; } // container bulk-leasequery container active-leasequery { junos:must "(".. bulk-leasequery")"; junos:must-message "Must configure bulk-leasequery"; presence "enable active-leasequery"; description "DHCPv6 active leasequery configuration"; uses relay-active-leasequery-v6-type; } // container active-leasequery container remote-id-mismatch { presence "enable remote-id-mismatch"; description "DHCP client remote-id mismatch"; uses dhcp-remote-id-mismatch-type; } // container remote-id-mismatch container duplicate-clients { description "Allow duplicate clients"; uses dhcpv6-duplicate-clients-type; } // container duplicate-clients } // grouping dhcpv6-relay-type grouping dhcp-generic-v6-option { description "Generic DHCPv6 options processing"; uses apply-advanced; leaf option-number { type enumeration { enum "15" { value 0; status deprecated; description "Option 15"; } enum "16" { value 1; status deprecated; description "Option 16"; } } status deprecated; description "Option number"; } container equals { status deprecated; description "Generic option equals"; uses relay-v6-option-ascii-hex; } // container equals container default-action { status deprecated; description "Generic option default action"; uses dhcp-v6-option-default-action; } // container default-action container starts-with { status deprecated; description "Generic option starts with"; uses relay-v6-option-ascii-hex; } // container starts-with container option-15 { junos:must "(!("option-number"))"; junos:must-message "Cannot specify option-15 with option-number"; presence "enable option-15"; description "Add option 15 processing"; uses dhcp-generic-v6-option-type; } // container option-15 container option-16 { junos:must "(!("option-number"))"; junos:must-message "Cannot specify option-16 with option-number"; presence "enable option-16"; description "Add option 16 processing"; uses dhcp-generic-v6-option-type; } // container option-16 list option-order { junos:must "(!("option-number"))"; junos:must-message "Cannot specify option-order with option-number"; key "name"; ordered-by user; description "Options precedence order"; leaf name { type enumeration { enum "15" { value 0; description "Option 15"; } enum "16" { value 1; description "Option 16"; } } description "Option number"; } uses apply-advanced; } // list option-order } // grouping dhcp-generic-v6-option grouping dhcp-generic-v6-option-type { uses apply-advanced; container equals { description "Generic option equals"; uses relay-v6-option-ascii-hex; } // container equals container default-action { description "Generic option default action"; uses dhcp-v6-option-default-action; } // container default-action container starts-with { description "Generic option starts with"; uses relay-v6-option-ascii-hex; } // container starts-with } // grouping dhcp-generic-v6-option-type grouping dhcp-v6-option-default-action { description "Default action"; uses apply-advanced; choice server-group-choice { leaf relay-server-group { junos:must "((".. .. .. .. .. .. server-group $$" || (".. .. .. .. .. server-group $$" || (".. .. .. .. server-group $$" || ".. .. .. server-group $$"))))"; junos:must-message "Referenced group must be defined under [edit forwarding options dhcp-relay dhcpv6 server-group]"; type string { length "1 .. 64"; } description "Name of DHCP relay server group when match is made"; } leaf drop { type empty; description "Discard when a match is made"; } leaf forward-only { type empty; description "Forward without subscriber services when a match is made"; } } // choice server-group-choice } // grouping dhcp-v6-option-default-action grouping dhcpv6-authentication-type { description "DHCPv6 authentication"; uses apply-advanced; leaf password { type string { length "1 .. 64"; } description "Username password to use"; } container username-include { description "Add username options"; uses apply-advanced; leaf delimiter { type string { length "1"; } description "Change delimiter/separator character"; } leaf domain-name { type string { length "1 .. 64"; } description "Add domain name"; } leaf user-prefix { type string { length "1 .. 64"; } description "Add user defined prefix"; } leaf mac-address { type empty; description "Include MAC address"; } container client-id { presence "enable client-id"; description "Include client ID"; leaf exclude-headers { type empty; description "Exclude all the headers"; } leaf use-automatic-ascii-hex-encoding { type empty; description "Use automatic ascii hex username encoding"; } } // container client-id container relay-agent-remote-id { presence "enable relay-agent-remote-id"; description "Include the relay agent remote ID"; uses apply-advanced; choice relay-agent-remote-id-choice { leaf enterprise-id { type empty; status deprecated; description "Only use enterprise-id portion of option-37"; } leaf remote-id { type empty; status deprecated; description "Only use remote-id portion of option-37"; } } // choice relay-agent-remote-id-choice } // container relay-agent-remote-id leaf logical-system-name { type empty; description "Include logical system name"; } leaf routing-instance-name { type empty; description "Include routing instance name"; } leaf relay-agent-subscriber-id { type empty; description "Include the relay agent subscriber ID"; } leaf relay-agent-interface-id { type empty; description "Include the relay agent interface ID"; } leaf circuit-type { type empty; description "Include circuit type"; } leaf interface-name { type empty; description "Include interface name"; } leaf interface-description { type enumeration { enum "device" { value 0; description "Add the device interface description"; } enum "logical" { value 1; description "Add the logical interface description"; } } description "Include interface description"; } leaf vlan-tags { type empty; description "Include the vlan tag(s)"; } } // container username-include } // grouping dhcpv6-authentication-type grouping dhcpv6-duplicate-clients-type { description "Allow duplicate clients"; choice distinguish-with { leaf incoming-interface { type empty; description "Allow duplicate clients on different underlying interfaces"; } } // choice distinguish-with } // grouping dhcpv6-duplicate-clients-type grouping dhcpv6-gbl-active-sg-type { uses apply-advanced; leaf active-server-group { junos:must "(".. .. server-group $$")"; junos:must-message "Referenced group must be defined under [edit forwarding-options dhcp-relay dhcpv6 server-group]"; type string { length "1 .. 64"; } description "Name of DHCPv6 server group"; } } // grouping dhcpv6-gbl-active-sg-type grouping dhcpv6-liveness-detection-type { description "DHCPv6 client liveness detection processing"; uses apply-advanced; container failure-action { description "Liveness detection failure action options"; uses dhcp-liveness-detection-failure-action-type; } // container failure-action container method { description "Liveness detection method options"; uses apply-advanced; choice method-choice { container bfd { description "Bidirectional Forwarding Detection (BFD) options"; uses dhcp-bfd-liveness-detection-type; } // container bfd container layer2-liveness-detection { description "Neighbor discovery options"; uses dhcp-arp-nud-liveness-detection-type; } // container layer2-liveness-detection } // choice method-choice } // container method } // grouping dhcpv6-liveness-detection-type grouping dhcpv6-override-relay-type { description "DHCPv6 relay override processing"; uses apply-advanced; choice allow-snooped-clients-choice { leaf allow-snooped-clients { type empty; description "Allow client creation from snooped PDUs"; } leaf no-allow-snooped-clients { type empty; description "Don't allow client creation from snooped PDUs"; } } // choice allow-snooped-clients-choice leaf delay-authentication { type empty; description "Delay subscriber authentication in DHCP protocol processing until request packet"; } leaf interface-client-limit { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 500000"; } } description "Limit the number of clients allowed on an interface"; } leaf dual-stack { type string { length "1 .. 64"; } description "Dual stack group to use."; } leaf no-bind-on-request { type empty; description "Do not bind if stray DHCPv6 RENEW, REBIND is received"; } container client-negotiation-match { description "Use secondary match criteria for SOLICIT PDU"; choice match-with { leaf incoming-interface { type empty; description "Use incoming interface"; } } // choice match-with } // container client-negotiation-match leaf send-release-on-delete { type empty; description "Always send RELEASE to the server when a binding is deleted"; } leaf always-process-option-request-option { type empty; description "Always process option even after address allocation failure"; } leaf relay-source { type union { type jt:interface-name; type string { pattern "<.*>|$.*"; } } description "Interface for relay source"; } leaf delete-binding-on-renegotiation { type empty; description "Delete binding on renegotiation"; } leaf asymmetric-lease-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "600 .. 86400"; } } units "seconds"; description "Use a reduced lease time for the client. In seconds"; } leaf asymmetric-prefix-lease-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "600 .. 86400"; } } units "seconds"; description "Use a reduced prefix lease time for the client. In seconds"; } } // grouping dhcpv6-override-relay-type grouping dhcpv6-relay-group { description "DHCPv6 groups"; leaf name { type string { junos:posix-pattern "^[A-Za-z0-9][_0-9A-Za-z-]*$"; junos:pattern-message "Must be a non-reserved string of 64 characters or less"; length "1 .. 64"; } description "Group name"; } uses apply-advanced; container active-server-group { description "Name of DHCPv6 server group"; uses dhcpv6-gp-active-sg-type; } // container active-server-group list dual-stack-group { key "name"; description "Define a DHCP dual stack group"; uses dhcp-dual-stack-group; } // list dual-stack-group container authentication { description "DHCPv6 authentication"; uses dhcpv6-authentication-type; } // container authentication container liveness-detection { description "DHCPv6 client liveness detection processing"; uses dhcpv6-liveness-detection-type; } // container liveness-detection container dynamic-profile { description "Dynamic profile to use"; uses dynamic-profile-type; } // container dynamic-profile leaf service-profile { type string { length "1 .. 128"; } description "Dynamic profile to use for default service activation"; } leaf access-profile { junos:must "("access profile $$")"; junos:must-message "Matching access profile must be defined"; type string { length "1 .. 128"; } description "Access profile to use for AAA services"; } container short-cycle-protection { description "Short cycle lockout configuration"; leaf lockout-min-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 86400"; } } description "Short cycle lockout time in seconds"; } leaf lockout-max-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 86400"; } } description "Short cycle lockout time in seconds"; } } // container short-cycle-protection container overrides { presence "enable overrides"; description "DHCPv6 override processing"; uses dhcpv6-override-relay-type; } // container overrides container relay-option { presence "enable relay-option"; description "DHCPv6 option processing"; uses dhcp-generic-v6-option; } // container relay-option container vendor-specific-information { description "DHCPv6 option 17 vendor-specific processing"; uses jdhcp-vendor-specific-type; } // container vendor-specific-information container forward-only { presence "enable forward-only"; description "Forward DHCPv6 packets without creating binding"; uses forward-only-to-rc-type; } // container forward-only container relay-agent-interface-id { presence "enable relay-agent-interface-id"; description "DHCPv6 interface-id option processing"; uses v6-relay-option-interface-id-type; } // container relay-agent-interface-id container relay-agent-remote-id { presence "enable relay-agent-remote-id"; description "DHCPv6 remote-id option processing"; uses v6-relay-option-remote-id-type; } // container relay-agent-remote-id container route-suppression { description "Suppress access-internal and/or access route addition"; uses dhcpv6-route-suppression-type; } // container route-suppression leaf relay-agent-option-79 { type empty; description "Add the client MAC address to the Relay Forward header."; } list interface { key "name"; description "One or more interfaces"; leaf name { junos:must "((unique "forwarding-options dhcp-relay dhcpv6 group <*> interface $$" && !(any "system services dhcp-local-server dhcpv6 group <*> interface $$")))"; junos:must-message "Interface used in other relay or server group"; type union { type jt:interface-name; type string { pattern "<.*>|$.*"; } } description "Interface name"; } uses apply-advanced; leaf upto { junos:must "(!(".. .. interface $$"))"; junos:must-message "Range end point must not equal start"; type union { type jt:interface-name; type string { pattern "<.*>|$.*"; } } description "Interface up to"; } leaf exclude { type empty; description "Exclude this interface range"; } leaf trace { junos:must "(!(".. exclude"))"; junos:must-message "Cannot specify tracing with exclude"; type empty; description "Enable tracing for this interface"; } container overrides { junos:must "(!(".. exclude"))"; junos:must-message "Cannot specify overrides with exclude"; description "DHCPv6 override processing"; uses dhcpv6-override-relay-type; } // container overrides container dynamic-profile { junos:must "(!(".. exclude"))"; junos:must-message "Cannot specify dynamic-profile with exclude"; description "Dynamic profile to use"; uses dynamic-profile-type; } // container dynamic-profile leaf service-profile { type string { length "1 .. 128"; } description "Dynamic profile to use for default service activation"; } leaf access-profile { junos:must "("access profile $$")"; junos:must-message "Matching access profile must be defined"; junos:must "(!(".. exclude"))"; junos:must-message "Cannot specify overrides with exclude"; type string { length "1 .. 128"; } description "Access profile to use for AAA services"; } container short-cycle-protection { description "Short cycle lockout configuration"; leaf lockout-min-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 86400"; } } description "Short cycle lockout time in seconds"; } leaf lockout-max-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 86400"; } } description "Short cycle lockout time in seconds"; } } // container short-cycle-protection } // list interface container lease-time-validation { presence "enable lease-time-validation"; description "Configure lease time violation validation"; uses apply-advanced; leaf lease-time-threshold { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "60 .. 2147483647"; } } units "seconds"; description "Threshold for lease time violation in seconds"; } container violation-action { description "Lease time validation violation action"; leaf drop { type empty; description "Drop dhcpv6 advertise and reply packets"; } } // container violation-action } // container lease-time-validation container remote-id-mismatch { presence "enable remote-id-mismatch"; description "DHCP client remote-id mismatch"; uses dhcp-remote-id-mismatch-type; } // container remote-id-mismatch container server-match { description "Server match processing"; uses apply-advanced; container default-action { description "Server match default action"; uses server-match-action-choice; } // container default-action container duid { description "Match duid processing"; uses apply-advanced; container equals { description "Duid equals"; uses server-match-v6-ascii-hex; } // container equals container starts-with { description "Duid starts with"; uses server-match-v6-ascii-hex; } // container starts-with } // container duid list address { key "name"; ordered-by user; description "Server ipv6 address"; leaf name { type jt:ipv6prefix; description "Server ipv6 address for matching"; } uses apply-advanced; choice server-match-action-choice { leaf forward-only { type empty; description "Forward without subscriber services when a match is made"; } leaf create-relay-entry { type empty; description "Create relay entry and allow subscriber services"; } } // choice server-match-action-choice } // list address } // container server-match } // grouping dhcpv6-relay-group grouping dhcpv6-gp-active-sg-type { uses apply-advanced; leaf active-server-group { junos:must "(".. .. .. server-group $$")"; junos:must-message "Referenced group must be defined under [edit forwarding-options dhcp-relay dhcpv6 server-group]"; type string { length "1 .. 64"; } description "Name of DHCPv6 server group"; } } // grouping dhcpv6-gp-active-sg-type grouping dhcpv6-route-suppression-type { description "Suppress access-internal and/or access route addition"; leaf access { type empty; description "Suppress access route addition"; } leaf access-internal { type empty; description "Suppress access-internal route addition"; } } // grouping dhcpv6-route-suppression-type grouping dual-stack-authentication-type { description "DHCP dual stack authentication"; uses apply-advanced; leaf password { type string { length "1 .. 64"; } description "Username password to use"; } container username-include { description "Add username options"; uses apply-advanced; leaf delimiter { type string { length "1"; } description "Change delimiter/separator character"; } leaf domain-name { type string { length "1 .. 64"; } description "Add domain name"; } leaf user-prefix { type string { length "1 .. 64"; } description "Add user defined prefix"; } leaf mac-address { type empty; description "Include MAC address"; } container client-id { presence "enable client-id"; description "Include client ID"; leaf exclude-headers { type empty; description "Exclude all the headers"; } leaf use-automatic-ascii-hex-encoding { type empty; description "Use automatic ascii hex username encoding"; } } // container client-id leaf relay-agent-remote-id { type empty; description "Include the relay agent remote ID"; } leaf logical-system-name { type empty; description "Include logical system name"; } leaf routing-instance-name { type empty; description "Include routing instance name"; } leaf relay-agent-interface-id { type empty; description "Include the relay agent interface ID"; } leaf interface-name { type empty; description "Include interface name"; } leaf interface-description { type enumeration { enum "device" { value 0; description "Add the device interface description"; } enum "logical" { value 1; description "Add the logical interface description"; } } description "Include interface description"; } leaf circuit-type { type empty; description "Include circuit type"; } leaf vlan-tags { type empty; description "Include the vlan tag(s)"; } } // container username-include } // grouping dual-stack-authentication-type grouping dynamic-profile-type { description "Dynamic profile to use"; uses apply-advanced; leaf dynamic-profile { junos:must "("dynamic-profiles $$")"; junos:must-message "Dynamic profile must be defined"; type string { length "1 .. 80"; } description "Dynamic profile to use"; } choice dynamic-profile-type-choice { leaf use-primary { junos:must "("dynamic-profiles $$")"; junos:must-message "Dynamic profile must be defined"; type string { length "1 .. 80"; } description "Dynamic profile to use on the primary interface"; } container aggregate-clients { presence "enable aggregate-clients"; description "Aggregate client profiles"; uses apply-advanced; choice aggregate-type { leaf merge { type empty; description "Merge the client dynamic profiles"; } leaf replace { type empty; description "Replace client dynamic profiles"; } } // choice aggregate-type } // container aggregate-clients } // choice dynamic-profile-type-choice } // grouping dynamic-profile-type grouping forward-only-to-rc-type { description "Forward DHCP packets without creating binding"; uses apply-advanced; leaf logical-system { type string; default "current"; } leaf routing-instance { type string; default "current"; } } // grouping forward-only-to-rc-type grouping jdhcp-dual-stack-protocol-mstr-type { description "Select family as protocol master"; choice addr-fam { leaf inet { type empty; description "INET family has protocol master behavior"; } leaf inet6 { type empty; description "INET6 family has protocol master behavior"; } } // choice addr-fam } // grouping jdhcp-dual-stack-protocol-mstr-type grouping jdhcp-duplicate-clients-in-subnet-type { description "Allow duplicate clients in a subnet"; choice distinguish-with { leaf incoming-interface { type empty; description "Allow duplicate clients on different interfaces in a subnet"; } leaf option-82 { type empty; description "Allow duplicate clients using different option-82 options in a subnet"; } } // choice distinguish-with } // grouping jdhcp-duplicate-clients-in-subnet-type grouping jdhcp-interface-traceoptions-type { description "Interface trace options for DHCP"; uses apply-advanced; leaf no-remote-trace { junos:must "("system tracing")"; junos:must-message "'no-remote-trace' is valid only when [system tracing] is configured"; type empty; description "Disable remote tracing"; } container file { description "Trace file information"; leaf filename { type string { junos:posix-pattern "![/ %]"; junos:pattern-message "Must not contain '/', % or a space"; length "1 .. 1024"; } description "Name of file in which to write trace information"; } leaf size { type string; description "Maximum trace file size"; } leaf files { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "2 .. 1000"; } } default "3"; description "Maximum number of trace files"; } choice world-readable-choice { leaf world-readable { type empty; description "Allow any user to read the log file"; } leaf no-world-readable { type empty; description "Don't allow any user to read the log file"; } } // choice world-readable-choice leaf match { type jt:regular-expression; description "Regular expression for lines to be logged"; } } // container file list flag { key "name"; ordered-by user; description "Interface trace categories"; leaf name { type enumeration { enum "state" { value 0; description "State-transition operations"; } enum "packet" { value 1; description "Packet-decoding operations"; } enum "flow" { value 2; description "Flow-decoding operations"; } enum "packet-option" { value 3; description "DHCP option-decoding operations"; } enum "dhcpv6-state" { value 4; description "State-transition operations for dhcpv6"; } enum "dhcpv6-packet" { value 5; description "Packet-decoding operations for dhcpv6"; } enum "dhcpv6-packet-option" { value 6; description "DHCP option-decoding operations for dhcpv6"; } enum "all" { value 7; description "All operations"; } } } } // list flag } // grouping jdhcp-interface-traceoptions-type grouping jdhcp-security-type { description "DHCP access security configuration"; uses apply-advanced; leaf no-dhcp-snooping { junos:must "(!("switch-options no-arp-trap "))"; junos:must-message "Cannot enable ARP inspection with no-arp-trap"; type empty; description "Disable dhcp snooping"; } leaf arp-inspection { type empty; description "Enable dynamic ARP inspection"; } leaf ip-source-guard { junos:must "(!(any ".. group <*> overrides untrusted"))"; junos:must-message "Ip-source-guard and dhcp-security overrides untrusted cannot be configured together"; type empty; description "Enable IP source guard"; } leaf no-dhcpv6-snooping { type empty; description "Disable DHCPv6 snooping"; } leaf neighbor-discovery-inspection { type empty; description "Enable neighbor discovery inspection"; } leaf ipv6-source-guard { junos:must "(!(any ".. group <*> overrides untrusted"))"; junos:must-message "Ipv6-source-guard and dhcp-security overrides untrusted cannot be configured together"; type empty; description "Enable IPv6 source guard"; } leaf light-weight-dhcpv6-relay { type empty; description "Enable light weight dhcpv6 relay"; } list group { key "name"; ordered-by user; description "Define a DHCP security group for overriding defaults"; uses ds-group; } // list group container option-82 { presence "enable option-82"; description "DHCP option-82 processing for snooped packets"; uses security-option-82-type; } // container option-82 container dhcpv6-options { presence "enable dhcpv6-options"; description "DHCPv6 option processing for snooped packets"; uses security-dhcpv6-options-type; } // container dhcpv6-options } // grouping jdhcp-security-type grouping ds-group { description "DHCP security groups"; leaf name { type string { junos:posix-pattern "^[A-Za-z0-9][_0-9A-Za-z-]*$"; junos:pattern-message "Must be a non-reserved string of 64 characters or less"; length "1 .. 64"; } description "Group name"; } uses apply-advanced; container overrides { presence "enable overrides"; description "DHCP override processing"; uses ds-override-type; } // container overrides list interface { key "name"; description "One or more interfaces"; leaf name { type union { type jt:interface-name; type string { pattern "<.*>|$.*"; } } description "Interface name"; } uses apply-advanced; list static-ip { key "name"; ordered-by user; description "Static IP address configuration"; uses ip-mac-static; } // list static-ip list static-ipv6 { key "name"; ordered-by user; description "Static IPv6 address configuration"; uses ipv6-mac-static; } // list static-ipv6 } // list interface } // grouping ds-group grouping ds-override-type { description "Dynamic ARP Inspection override processing"; uses apply-advanced; leaf trusted { junos:must "(!(".. untrusted"))"; junos:must-message "Trusted and untrusted cannot be configured together"; type empty; description "Make this trusted group of interfaces"; } leaf untrusted { junos:must "(!(".. trusted"))"; junos:must-message "Trusted and untrusted cannot be configured together"; type empty; description "Make this untrusted group of interfaces"; } leaf no-option82 { type empty; description "Make this group of interfaces not to add option82"; } leaf no-option37 { type empty; description "Make this group of interfaces not to add option37"; } leaf no-option18 { type empty; description "Make this group of interfaces not to add option18"; } leaf no-option16 { type empty; description "Make this group of interfaces not to add option16"; } leaf no-option79 { type empty; description "Make this group of interfaces not to add option79"; } leaf no-dhcpv6-options { type empty; description "Make this group of interfaces not to add any DHCPv6 options"; } } // grouping ds-override-type grouping ip-mac-static { leaf name { type jt:ipaddr; description "IP address"; } leaf mac { type jt:mac-addr; description "MAC address"; } } // grouping ip-mac-static grouping ipv6-mac-static { leaf name { type jt:ipv6addr; description "IP address"; } leaf mac { type jt:mac-addr; description "MAC address"; } } // grouping ipv6-mac-static grouping jdhcp-traceoptions-type { description "Trace options for DHCP"; uses apply-advanced; leaf no-remote-trace { junos:must "("system tracing")"; junos:must-message "'no-remote-trace' is valid only when [system tracing] is configured"; type empty; description "Disable remote tracing"; } container file { description "Trace file information"; leaf filename { type string { junos:posix-pattern "![/ %]"; junos:pattern-message "Must not contain '/', % or a space"; length "1 .. 1024"; } description "Name of file in which to write trace information"; } leaf size { type string; description "Maximum trace file size"; } leaf files { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "2 .. 1000"; } } default "3"; description "Maximum number of trace files"; } choice world-readable-choice { leaf world-readable { type empty; description "Allow any user to read the log file"; } leaf no-world-readable { type empty; description "Don't allow any user to read the log file"; } } // choice world-readable-choice leaf match { type jt:regular-expression; description "Regular expression for lines to be logged"; } } // container file list flag { key "name"; ordered-by user; description "DHCP operations to include in debugging trace"; leaf name { type enumeration { enum "state" { value 0; description "State-transition operations"; } enum "packet" { value 1; description "Packet-decoding operations"; } enum "flow" { value 2; description "Flow-decoding operations"; } enum "packet-option" { value 3; description "DHCP option-decoding operations"; } enum "dhcpv6-state" { value 4; description "State-transition operations for dhcpv6"; } enum "dhcpv6-packet" { value 5; description "Packet-decoding operations for dhcpv6"; } enum "dhcpv6-packet-option" { value 6; description "DHCP option-decoding operations for dhcpv6"; } enum "all" { value 7; description "All operations"; } enum "database" { value 8; description "Database operations"; } enum "persistent" { value 9; description "Persitent file operations"; } enum "lockout-db" { value 10; description "Lockout database operations"; } enum "interface" { value 11; description "Interface operations"; } enum "rtsock" { value 12; description "Routing socket operations"; } enum "flow-notify" { value 13; description "Flow notification operations"; } enum "io" { value 14; description "I/O operations"; } enum "ha" { value 15; description "High Availability-related operations"; } enum "ui" { value 16; description "User Interface operations"; } enum "general" { value 17; description "Miscellaneous operations"; } enum "fwd" { value 18; description "Firewall process operations"; } enum "rpd" { value 19; description "Routing Protocol process operations"; } enum "auth" { value 20; description "Authentication operations"; } enum "profile" { value 21; description "Profile operations"; } enum "session-db" { value 22; description "Session database operations"; } enum "performance" { value 23; description "Performance measurement operations"; } enum "statistics" { value 24; description "Baseline statistics operations"; } enum "dhcpv6-io" { value 25; description "I/O operations for dhcpv6"; } enum "dhcpv6-rpd" { value 26; description "Routing Protocol process operations for dhcpv6"; } enum "dhcpv6-session-db" { value 27; description "Session database operations for dhcpv6"; } enum "dhcpv6-general" { value 28; description "Miscellaneous operations for dhcpv6"; } enum "liveness-detection" { value 29; description "Liveness detection operations"; } enum "security-persistence" { value 30; description "Liveness detection operations"; } enum "mclag" { value 31; description "Multichassis LAG"; } enum "ra-guard" { value 32; description "DHCP RA guard option for dhcpv6"; } } } } // list flag } // grouping jdhcp-traceoptions-type grouping jdhcp-vendor-specific-type { description "Add vendor-specific option processing"; uses apply-advanced; leaf host-name { type empty; description "Add router host name"; } leaf location { type empty; description "Add location information expressed as interface name format"; } } // grouping jdhcp-vendor-specific-type grouping juniper-multicast-snooping-options { uses apply-advanced; container options { description "Miscellaneous options"; uses apply-advanced; container syslog { description "Set system logging level"; uses apply-advanced; container level { description "Logging level"; leaf emergency { type empty; description "Emergency level"; } leaf alert { type empty; description "Alert level"; } leaf critical { type empty; description "Critical level"; } leaf error { type empty; description "Error level"; } leaf warning { type empty; description "Warning level"; } leaf notice { type empty; description "Notice level"; } leaf info { type empty; description "Informational level"; } leaf debug { type empty; description "Debugging level"; } } // container level leaf upto { type enumeration { enum "emergency" { value 0; description "Emergency level"; } enum "alert" { value 1; description "Alert level"; } enum "critical" { value 2; description "Critical level"; } enum "error" { value 3; description "Error level"; } enum "warning" { value 4; description "Warning level"; } enum "notice" { value 5; description "Notice level"; } enum "info" { value 6; description "Informational level"; } enum "debug" { value 7; description "Debugging level"; } } description "Log up to a particular logging level"; } leaf mark { type union { type int32; type string { pattern "<.*>|$.*"; } } units "seconds"; description "Periodically mark the trace file"; } } // container syslog } // container options container traceoptions { description "Multicast snooping trace options"; uses apply-advanced; container file { description "Trace file options"; leaf filename { type string { junos:posix-pattern "![/ %]"; junos:pattern-message "Must not contain '/', % or a space"; length "1 .. 1024"; } description "Name of file in which to write trace information"; } leaf replace { type empty; status deprecated; description "Replace trace file rather than appending to it"; } leaf size { type string; description "Maximum trace file size"; } leaf files { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "2 .. 1000"; } } default "10"; description "Maximum number of trace files"; } leaf no-stamp { type empty; status deprecated; description "Do not timestamp trace file"; } choice world-readable-choice { leaf world-readable { type empty; description "Allow any user to read the log file"; } leaf no-world-readable { type empty; description "Don't allow any user to read the log file"; } } // choice world-readable-choice } // container file list flag { key "name"; ordered-by user; description "Tracing parameters"; leaf name { type enumeration { enum "parse" { value 0; description "Trace configuration parsing"; } enum "config-internal" { value 1; description "Trace configuration internals"; } enum "route" { value 2; description "Trace routing information"; } enum "normal" { value 3; description "Trace normal events"; } enum "general" { value 4; description "Trace general events"; } enum "state" { value 5; description "Trace state transitions"; } enum "policy" { value 6; description "Trace policy processing"; } enum "task" { value 7; description "Trace routing protocol task processing"; } enum "timer" { value 8; description "Trace routing protocol timer processing"; } enum "all" { value 9; description "Trace everything"; } } } leaf disable { type empty; description "Disable this trace flag"; } } // list flag } // container traceoptions container forwarding-cache { description "Multicast forwarding cache"; uses apply-advanced; container threshold { description "Threshold"; uses apply-advanced; leaf suppress { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 200000"; } } description "Suppress threshold"; } leaf reuse { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 200000"; } } description "Reuse threshold"; } } // container threshold } // container forwarding-cache leaf-list flood-groups { type jt:ipaddr; ordered-by user; description "Groups for which the traffic will be flooded"; } container graceful-restart { description "Configure graceful restart attributes"; uses apply-advanced; choice enable-disable { leaf disable { type empty; description "Disable graceful restart"; } } // choice enable-disable leaf restart-duration { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "0 .. 300"; } } units "seconds"; default "180"; description "Maximum time for graceful restart to finish"; } } // container graceful-restart container multichassis-lag-replicate-state { presence "enable multichassis-lag-replicate-state"; description "Enable multichassis lag replication"; uses apply-advanced; leaf suppress-report { type empty; description "Enable mclag report suppression"; } } // container multichassis-lag-replicate-state container oism { description "Optimized inter subnet multicast options"; uses apply-advanced; leaf install-star-g-routes { type empty; description "Install (*,G) multicast routes in data plane"; } } // container oism leaf nexthop-hold-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 1000"; } } units "milliseconds"; description "Nexthop hold time in milliseconds"; } } // grouping juniper-multicast-snooping-options grouping juniper-protocols-bd { description "Bridging configuration"; uses apply-advanced; container mac-table-size { junos:must "(!(((".. .. .. protocols vpls" || ".. .. .. protocols evpn") && ".. .. .. instance-type virtual-switch")))"; junos:must-message "mac-table-size needs to be specified under switch-options for a virtual-switch instance"; description "Size of MAC address forwarding table"; uses apply-advanced; leaf limit { type union { type string { pattern "<.*>|$.*"; } type uint32; } description "Maximum number of MAC addresses"; } leaf packet-action { type enumeration { enum "none" { value 0; description "Forward the packet"; } enum "drop" { value 1; description "Drop packets and do not learn. Default is forward"; } } description "Action when MAC limit is reached"; } } // container mac-table-size container mac-ip-table-size { junos:must "(!(((".. .. .. protocols vpls" || ".. .. .. protocols evpn") && ".. .. .. instance-type virtual-switch")))"; junos:must-message "mac-ip-table-size needs to be specified under switch-options for a virtual-switch instance"; description "Size of MAC+IP bindings table"; uses apply-advanced; leaf limit { type union { type string { pattern "<.*>|$.*"; } type uint32; } description "Maximum number of MAC+IP bindings"; } } // container mac-ip-table-size container interface-mac-limit { junos:must "(!(((".. .. .. protocols vpls" || ".. .. .. protocols evpn") && ".. .. .. instance-type virtual-switch")))"; junos:must-message "interface-mac-limit needs to be specified under switch-options for a virtual-switch instance"; description "Maximum MAC address learned per interface"; uses apply-advanced; leaf limit { type union { type string { pattern "<.*>|$.*"; } type uint32; } description "Maximum number of MAC addresses per interface"; } leaf packet-action { type enumeration { enum "none" { value 0; description "Forward the packet"; } enum "drop" { value 1; description "Drop packets and do not learn. Default is forward"; } enum "log" { value 2; description "Do not drop the packet but generate an alarm, an SNMP trap or a system log entry"; } enum "shutdown" { value 3; description "Disable the interface and generate an alarm, an SNMP trap or a system log entry"; } enum "drop-and-log" { value 4; description "Drop the packet and generate an alarm, an SNMP trap or a system log entry"; } } description "Action when MAC limit is reached"; } } // container interface-mac-limit container interface-mac-ip-limit { junos:must "(!(((".. .. .. protocols vpls" || ".. .. .. protocols evpn") && ".. .. .. instance-type virtual-switch")))"; junos:must-message "interface-mac-ip-limit needs to be specified under switch-options for a virtual-switch instance"; description "Maximum MAC+IP bindings learned per interface"; uses apply-advanced; leaf limit { type union { type string { pattern "<.*>|$.*"; } type uint32; } description "Maximum number of MAC+IP bindings per interface"; } } // container interface-mac-ip-limit container mac-notification { presence "enable mac-notification"; description "MAC notification options"; uses apply-advanced; leaf notification-interval { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 60"; } } units "seconds"; default "30"; description "Interval for sending MAC notifications"; } } // container mac-notification leaf mac-table-aging-time { type union { type string { pattern "<.*>|$.*"; } type uint32; } units "seconds"; description "Delay for discarding MAC address if no updates are received"; } leaf no-mac-learning { junos:must "(!(((".. .. .. protocols vpls" || ".. .. .. protocols evpn") && ".. .. .. instance-type virtual-switch")))"; junos:must-message "no-mac-learning needs to be specified under switch-options for a virtual-switch instance"; type empty; description "Disable dynamic MAC address learning"; } leaf no-normalization { type empty; description "Disable vlan id normalization for interfaces"; } leaf mac-statistics { junos:must "(!(((".. .. .. protocols vpls" || ".. .. .. protocols evpn") && ".. .. .. instance-type virtual-switch")))"; junos:must-message "mac-statistics needs to be specified under switch-options for a virtual-switch instance"; type empty; description "Enable MAC address statistics"; } container mib { presence "enable mib"; description "Snmp mib options"; uses apply-advanced; container dot1q-mib { presence "enable dot1q-mib"; description "Dot1q MIB configuration options"; uses apply-advanced; leaf port-list { type enumeration { enum "bit-map" { value 0; description "Port list is represented in bit-map format"; } enum "string" { value 1; description "Port list is represented in string format"; } } description "Port list for staticegressports and staticuntaggedports MIB"; } } // container dot1q-mib } // container mib container static-rvtep-mac { description "Configure Static MAC and remote VxLAN tunnel endpoint entries"; uses apply-advanced; list mac { key "mac_addr remote-vtep"; description "Unicast MAC address"; leaf mac_addr { type jt:mac-unicast; } leaf remote-vtep { type jt:ipaddr; description "Configure static remote VXLAN tunnel endpoints"; } } // list mac } // container static-rvtep-mac list interface { junos:must "(!((".. .. .. protocols vpls" && ".. .. .. instance-type virtual-switch")))"; junos:must-message "interface needs to be specified under switch-options for a virtual-switch instance"; key "name"; ordered-by user; description "Interface that connect this site to the VPN"; leaf name { junos:must "(((".. .. .. interface $$" || (".. .. .. .. .. interface $$" || "interfaces $$-IFL family ethernet-switching vlan")) || (!(".. .. .. .. .. .. .. routing-instances") && ("interfaces $$-IFL family bridge interface-mode" && !(any "routing-instances <*> interface $$")))))"; junos:must-message "Interface must be part of this routing instance"; junos:must "((".. .. .. interface $$" || (".. .. .. .. .. interface $$" || (".. .. .. .. interface $$" || "interfaces $$-IFL family ethernet-switching"))))"; junos:must-message "Interface must be part of this routing instance"; type union { type jt:interface-name; type string { pattern "<.*>|$.*"; } } description "Interface name"; } uses apply-advanced; container interface-mac-limit { junos:must "(!(".. .. .. .. .. vlans ${vlan} private-vlan"))"; junos:must-message "Switch-options configuration is not allowed on interfaces which are part of secondary VLANs"; description "Maximum number of MAC addresses learned on the interface"; uses apply-advanced; leaf limit { type union { type string { pattern "<.*>|$.*"; } type uint32; } description "Maximum number of MAC addresses per interface"; } leaf disable { type empty; description "Disable interface for interface-mac-limit"; } leaf packet-action { type enumeration { enum "none" { value 0; description "Forward the packet"; } enum "drop" { value 1; description "Drop packets and do not learn. Default is forward"; } enum "log" { value 2; description "Do not drop the packet but generate an alarm, an SNMP trap or a system log entry"; } enum "shutdown" { value 3; description "Disable the interface and generate an alarm, an SNMP trap or a system log entry"; } enum "drop-and-log" { value 4; description "Drop the packet and generate an alarm, an SNMP trap or a system log entry"; } } description "Action when MAC limit is reached"; } } // container interface-mac-limit leaf action-priority { junos:must "(!(".. .. .. .. .. vlans ${vlan} private-vlan"))"; junos:must-message "Switch-options configuration is not allowed on interfaces which are part of secondary VLANs"; type union { type string { pattern "<.*>|$.*"; } type uint32 { range "0 .. 8"; } } description "Blocking priority of this interface on mac move detection"; } list static-mac { junos:must "(!(".. .. .. .. .. vlans ${vlan} private-vlan"))"; junos:must-message "Switch-options configuration is not allowed on interfaces which are part of secondary VLANs"; key "name"; ordered-by user; description "Static MAC addresses assigned to this interface"; leaf name { junos:must "((!(".. .. .. .. vlan-id all") || all ".. vlan-id <*>"))"; junos:must-message " Specify vlan-id for qualified learning "; type jt:mac-addr; description "MAC address"; } uses apply-advanced; list vlan-id { junos:must "(".. .. .. .. vlan-id all")"; junos:must-message "'vlan-id all' has to be configured for the bridging domain"; key "name"; ordered-by user; description "VLAN ID of learning VLAN"; leaf name { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "0 .. 4094"; } } description "Learning VLAN"; } uses apply-advanced; } // list vlan-id } // list static-mac container interface-mac-ip-limit { description "Maximum number of MAC+IP bindings learned on the interface"; uses apply-advanced; leaf limit { type union { type string { pattern "<.*>|$.*"; } type uint32; } description "Maximum number of MAC+IP bindings per interface"; } } // container interface-mac-ip-limit leaf no-mac-learning { junos:must "(!(".. .. .. .. .. vlans ${vlan} private-vlan"))"; junos:must-message "Switch-options configuration is not allowed on interfaces which are part of secondary VLANs"; type empty; description "Disable dynamic MAC address learning"; } leaf mac-pinning { type empty; description "Enable MAC pinning"; } leaf persistent-learning { junos:must "(!("switch-options mac-table-aging-time "))"; junos:must-message "Persistent learning can not co-exist with mac-table-aging-time"; type empty; description "Enable persistent MAC learning on this interface"; } } // list interface } // grouping juniper-protocols-bd grouping macro-data-type { leaf name { type string; description "Keyword part of the keyword-value pair"; } leaf value { type string; description "Value part of the keyword-value pair"; } } // grouping macro-data-type grouping override-type { description "DHCP override processing"; uses apply-advanced; leaf no-unicast-replies { junos:must "(!(".. layer2-unicast-replies"))"; junos:must-message "no-unicast-replies cannot be configured with layer2-unicast-replies"; type empty; description "Overwrite unicast bit in incoming packet, when present"; } choice allow-snooped-clients-choice { leaf allow-snooped-clients { type empty; description "Allow client creation from snooped PDUs"; } leaf no-allow-snooped-clients { type empty; description "Don't allow client creation from snooped PDUs"; } } // choice allow-snooped-clients-choice leaf allow-no-end-option { type empty; description "Allow packets without end-of-option"; } leaf always-write-giaddr { type empty; description "Overwrite existing 'giaddr' field, when present"; } container always-write-option-82 { presence "enable always-write-option-82"; description "Overwrite existing value of option 82, when present"; uses write-option-82-type; } // container always-write-option-82 leaf user-defined-option-82 { type string { length "1 .. 252"; } description "Set user defined description for option-82"; } leaf layer2-unicast-replies { junos:must "(!(".. no-unicast-replies"))"; junos:must-message "layer2-unicast-replies cannot be configured with no-unicast-replies"; type empty; description "Do not broadcast client responses"; } leaf trust-option-82 { type empty; description "Trust options-82 option"; } leaf delay-authentication { type empty; description "Delay subscriber authentication in DHCP protocol processing until request packet"; } leaf disable-relay { type empty; description "Disable DHCP relay processing"; } leaf no-bind-on-request { type empty; description "Do not bind if stray DHCP request is received"; } leaf interface-client-limit { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 500000"; } } description "Limit the number of client allowed on an interface"; } leaf no-arp { junos:must "((!(".. route-suppression destination") && !(".. route-suppression access-internal")))"; junos:must-message "Cannot specify route-suppression with overrides no-arp"; type empty; status deprecated; description "Disable DHCP ARP table population"; } leaf bootp-support { type empty; description "Allows relay of bootp req and reply"; } leaf dual-stack { type string { length "1 .. 64"; } description "Dual stack group to use."; } container client-discover-match { presence "enable client-discover-match"; description "Use secondary match criteria for DISCOVER PDU"; choice match-with { leaf option60-and-option82 { type empty; description "Use option 60 and option 82"; } leaf incoming-interface { type empty; description "Use incoming interface"; } } // choice match-with } // container client-discover-match container proxy-mode { presence "enable proxy-mode"; description "Put the relay in proxy mode"; } // container proxy-mode leaf asymmetric-lease-time { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "600 .. 86400"; } } units "seconds"; description "Use a reduced lease time for the client. In seconds"; } container replace-ip-source-with { description "Replace IP source address in request and release packets"; choice replacement-type { leaf giaddr { type empty; description "Replace IP source address with giaddr"; } } // choice replacement-type } // container replace-ip-source-with leaf send-release-on-delete { type empty; description "Always send RELEASE to the server when a binding is deleted"; } leaf apply-secondary-as-giaddr { type empty; description "Enable DHCP relay to use secondary gateway ip for relay interfaces"; } leaf relay-source { type union { type jt:interface-name; type string { pattern "<.*>|$.*"; } } description "Interface for relay source"; } leaf delete-binding-on-renegotiation { type empty; description "Delete binding on rengotiation"; } } // grouping override-type grouping relay-active-leasequery-v4-type { description "Configure active leasequery"; uses apply-advanced; leaf topology-discover { junos:must "(".. peer-address")"; junos:must-message "Must configure [peer-address] to configure topology-discover"; type empty; description "Topology discovery"; } list peer-address { key "name"; ordered-by user; description "Server ip address"; leaf name { type jt:ipaddr; description "Peer ip address"; } uses apply-advanced; } // list peer-address leaf timeout { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "10 .. 3600"; } } units "seconds"; default "120"; description "Read/write timeout in seconds"; } leaf idle-timeout { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "10 .. 3600"; } } units "seconds"; default "60"; description "Idle timeout in seconds"; } } // grouping relay-active-leasequery-v4-type grouping relay-active-leasequery-v6-type { description "Configure active leasequery"; uses apply-advanced; leaf topology-discover { junos:must "(".. peer-address")"; junos:must-message "Must configure [peer-address] to configure topology-discover"; type empty; description "Topology discovery"; } leaf timeout { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "10 .. 3600"; } } units "seconds"; default "120"; description "Read/write timeout in seconds"; } leaf idle-timeout { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "10 .. 3600"; } } units "seconds"; default "60"; description "Idle timeout in seconds"; } list peer-address { key "name"; ordered-by user; description "Peer ipv6 address"; leaf name { type jt:ipv6addr; description "Peer ipv6 address"; } uses apply-advanced; } // list peer-address } // grouping relay-active-leasequery-v6-type grouping relay-bulk-leasequery-v4-type { junos:must "(".. overrides always-write-option-82")"; junos:must-message "Must configure [overrides always-write-option-82] to overwrite circuit-id for bulk-leasequery"; junos:must "((".. relay-option-82 circuit-id" && !((".. relay-option-82 circuit-id use-interface-description" || ".. relay-option-82 circuit-id require-interface-description"))))"; junos:must-message "Must configure [relay-option-82 circuit-id] without description to insert circuit-id for bulk-leasequery"; description "Configure bulk leasequery"; uses apply-advanced; leaf attempts { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 720"; } } default "360"; description "Number of retry attempts"; } leaf timeout { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 10"; } } units "seconds"; default "10"; description "Number of seconds"; } } // grouping relay-bulk-leasequery-v4-type grouping relay-bulk-leasequery-v6-type { junos:must "(".. relay-agent-interface-id")"; junos:must-message "Must configure [relay-agent-interface-id] to insert interface-id for bulk-leasequery"; description "Configure bulk leasequery"; uses apply-advanced; leaf attempts { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 10"; } } default "6"; description "Number of retry attempts"; } leaf timeout { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 10"; } } units "seconds"; default "10"; description "Number of seconds"; } container trigger { description "Trigger for bulk leasequery"; leaf automatic { type empty; description "Trigger automatically"; } } // container trigger } // grouping relay-bulk-leasequery-v6-type grouping relay-leasequery-type { description "Configure leasequery"; uses apply-advanced; leaf attempts { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 10"; } } default "6"; description "Number of retry attempts"; } leaf timeout { type union { type string { pattern "<.*>|$.*"; } type uint32 { range "1 .. 10"; } } units "seconds"; default "10"; description "Number of seconds"; } } // grouping relay-leasequery-type grouping relay-option-60-type-group { description "DHCP option-60 processing"; uses apply-advanced; container vendor-option { description "Add vendor option"; uses apply-advanced; container equals { description "Option 60 equals"; uses relay-option-60-match-group; } // container equals container not-equals { status deprecated; description "Option 60 does not equal"; uses relay-option-60-match-group; } // container not-equals container starts-with { description "Option 60 starts with"; uses relay-option-60-match-group; } // container starts-with choice server-group-choice { leaf default-relay-server-group { junos:must "(".. .. .. .. server-group $$")"; junos:must-message "Referenced group must be defined under [edit dhcp-relay server-group]"; type string { length "1 .. 64"; } description "Name of DHCP relay server group when match is not made"; } leaf default-local-server-group { junos:must "(".. .. .. .. .. .. system services dhcp-local-server group $$")"; junos:must-message "Referenced group must be defined under [edit system services dhcp-local-server group]"; type string { length "1 .. 64"; } description "Name of DHCP local server group when match is not made"; } leaf drop { type empty; description "Discard when a match is not made"; } leaf forward-only { type empty; description "Forward without subscriber services when a match is not made"; } } // choice server-group-choice } // container vendor-option } // grouping relay-option-60-type-group grouping relay-option-60-match-group { uses apply-advanced; list ascii { key "name"; description "ASCII string"; leaf name { type string { length "1 .. 256"; } description "ASCII string"; } uses apply-advanced; choice server-group-choice { leaf relay-server-group { junos:must "(".. .. .. .. .. .. server-group $$")"; junos:must-message "Referenced group must be defined under [edit forwarding options dhcp-relay server-group]"; type string { length "1 .. 64"; } description "Name of DHCP relay server group when match is made"; } leaf local-server-group { junos:must "(".. .. .. .. .. .. .. .. system services dhcp-local-server group $$")"; junos:must-message "Referenced group must be defined under [edit system services dhcp-local-server group]"; type string { length "1 .. 64"; } description "Name of DHCP local server group when match is made"; } leaf drop { type empty; description "Discard when a match is made"; } leaf forward-only { type empty; description "Forward without subscriber services when a match is made"; } } // choice server-group-choice } // list ascii list hexadecimal { key "name"; description "Hexadecimal string"; leaf name { type string { junos:posix-pattern "^[[:xdigit:]]+$"; junos:pattern-message "Must be hexadecimal digits (0-9, a-f, A-F)"; length "1 .. 512"; } description "Hexadecimal string"; } uses apply-advanced; choice server-group-choice { leaf relay-server-group { junos:must "(".. .. .. .. .. .. server-group $$")"; junos:must-message "Referenced group must be defined under [edit forwarding-options dhcp-relay server-group]"; type string { length "1 .. 64"; } description "Name of DHCP relay server group when match is made"; } leaf local-server-group { junos:must "(".. .. .. .. .. .. .. .. system services dhcp-local-server group $$")"; junos:must-message "Referenced group must be defined under [edit system services dhcp-local-server group]"; type string { length "1 .. 64"; } description "Name of DHCP local server group when match is made"; } leaf drop { type empty; description "Discard when a match is made"; } leaf forward-only { type empty; description "Forward without subscriber services when a match is made"; } } // choice server-group-choice } // list hexadecimal } // grouping relay-option-60-match-group grouping relay-option-60-type-top { description "DHCP option-60 processing"; uses apply-advanced; container vendor-option { description "Add vendor option"; uses apply-advanced; container equals { description "Option 60 equals"; uses relay-option-60-match-top; } // container equals container not-equals { status deprecated; description "Option 60 does not equal"; uses relay-option-60-match-top; } // container not-equals container starts-with { description "Option 60 starts with"; uses relay-option-60-match-top; } // container starts-with choice server-group-choice { leaf default-relay-server-group { junos:must "(".. .. .. server-group $$")"; junos:must-message "Referenced group must be defined under [edit dhcp-relay server-group]"; type string { length "1 .. 64"; } description "Name of DHCP relay server group when match is not made"; } leaf default-local-server-group { junos:must "(".. .. .. .. .. system services dhcp-local-server group $$")"; junos:must-message "Referenced group must be defined under [edit system services dhcp-local-server group]"; type string { length "1 .. 64"; } description "Name of DHCP local server group when match is not made"; } leaf drop { type empty; description "Discard when a match is not made"; } leaf forward-only { type empty; description "Forward without subscriber services when a match is not made"; } } // choice server-group-choice } // container vendor-option } // grouping relay-option-60-type-top grouping relay-option-60-match-top { uses apply-advanced; list ascii { key "name"; description "ASCII string"; leaf name { type string { length "1 .. 256"; } description "ASCII string"; } uses apply-advanced; choice server-group-choice { leaf relay-server-group { junos:must "(".. .. .. .. .. server-group $$")"; junos:must-message "Referenced group must be defined under [edit forwarding options dhcp-relay server-group]"; type string { length "1 .. 64"; } description "Name of DHCP relay server group when match is made"; } leaf local-server-group { junos:must "(".. .. .. .. .. .. .. system services dhcp-local-server group $$")"; junos:must-message "Referenced group must be defined under [edit system services dhcp-local-server group]"; type string { length "1 .. 64"; } description "Name of DHCP local server group when match is made"; } leaf drop { type empty; description "Discard when a match is made"; } leaf forward-only { type empty; description "Forward without subscriber services when a match is made"; } } // choice server-group-choice } // list ascii list hexadecimal { key "name"; description "Hexadecimal string"; leaf name { type string { junos:posix-pattern "^[[:xdigit:]]+$"; junos:pattern-message "Must be hexadecimal digits (0-9, a-f, A-F)"; length "1 .. 512"; } description "Hexadecimal string"; } uses apply-advanced; choice server-group-choice { leaf relay-server-group { junos:must "(".. .. .. .. .. server-group $$")"; junos:must-message "Referenced group must be defined under [edit forwarding-options dhcp-relay server-group]"; type string { length "1 .. 64"; } description "Name of DHCP relay server group when match is made"; } leaf local-server-group { junos:must "(".. .. .. .. .. .. .. system services dhcp-local-server group $$")"; junos:must-message "Referenced group must be defined under [edit system services dhcp-local-server group]"; type string { length "1 .. 64"; } description "Name of DHCP local server group when match is made"; } leaf drop { type empty; description "Discard when a match is made"; } leaf forward-only { type empty; description "Forward without subscriber services when a match is made"; } } // choice server-group-choice } // list hexadecimal } // grouping relay-option-60-match-top grouping relay-option-82-type { description "DHCP option-82 processing"; uses apply-advanced; container circuit-id { presence "enable circuit-id"; description "Add circuit identifier"; uses apply-advanced; container prefix { description "Add prefix to circuit/interface-id or remote-id"; uses apply-advanced; leaf host-name { type empty; description "Add router host name to circuit / interface-id or remote-id"; } leaf logical-system-name { type empty; description "Add logical system name to circuit / interface-id or remote-id"; } leaf routing-instance-name { type empty; description "Add routing instance name to circuit / interface-id or remote-id"; } } // container prefix leaf use-interface-description { junos:must "(!(".. require-interface-description"))"; junos:must-message "use-interface-description may not be set with require-interface-desciption"; type enumeration { enum "logical" { value 0; description "Use the logical interface description"; } enum "device" { value 1; description "Use the device interface description"; } } description "Use interface description instead of circuit identifier"; } leaf use-vlan-id { junos:must "((!(".. no-vlan-interface-name") && (!(".. use-interface-description") && !(".. require-interface-description"))))"; junos:must-message "Vlan-tag cannot be added as no-vlan-interface-name or interface-description is configured"; type empty; description "Use VLAN id instead of name"; } container vlan-id-only { junos:must "(!((".. include-irb-and-l2" || (".. keep-incoming-circuit-id" || (".. user-defined" || (".. no-vlan-interface-name" || (".. use-interface-description" || (".. use-vlan-id" || (".. prefix" || ".. require-interface-description")))))))))"; junos:must-message "Vlan-id-only cannot be clubbed along with any other option-82 knob"; presence "enable vlan-id-only"; description "Use only VLAN id"; uses apply-advanced; } // container vlan-id-only leaf no-vlan-interface-name { type empty; description "Not include vlan or interface name"; } leaf include-irb-and-l2 { type empty; description "Include IRB and L2 interface name"; } leaf user-defined { junos:must "(!((".. include-irb-and-l2" || (".. keep-incoming-circuit-id" || (".. no-vlan-interface-name" || (".. use-interface-description" || (".. use-vlan-id" || (".. prefix" || ".. require-interface-description"))))))))"; junos:must-message "The user defined description for option 82 must be defined in order to see the usage and doesnt coexist with prefix"; type empty; description "Include user defined string"; } leaf keep-incoming-circuit-id { type empty; description "Keep incoming circuit identifier"; } } // container circuit-id container remote-id { presence "enable remote-id"; description "Add remote identifier"; uses apply-advanced; container prefix { description "Add prefix to circuit/interface-id or remote-id"; uses apply-advanced; leaf host-name { type empty; description "Add router host name to circuit / interface-id or remote-id"; } leaf logical-system-name { type empty; description "Add logical system name to circuit / interface-id or remote-id"; } leaf routing-instance-name { type empty; description "Add routing instance name to circuit / interface-id or remote-id"; } } // container prefix leaf use-interface-description { junos:must "(!(".. require-interface-description"))"; junos:must-message "use-interface-description may not be set with require-interface-desciption"; type enumeration { enum "logical" { value 0; description "Use the logical interface description"; } enum "device" { value 1; description "Use the device interface description"; } } description "Use interface description instead of circuit identifier"; } leaf use-vlan-id { junos:must "((!(".. no-vlan-interface-name") && (!(".. use-interface-description") && !(".. require-interface-description"))))"; junos:must-message "Vlan-tag cannot be added as no-vlan-interface-name or interface-description is configured"; type empty; description "Use VLAN id instead of name"; } leaf no-vlan-interface-name { type empty; description "Not include vlan or interface name"; } leaf include-irb-and-l2 { type empty; description "Include IRB and L2 interface name"; } container hostname-only { junos:must "(!((".. include-irb-and-l2" || (".. keep-incoming-remote-id" || (".. no-vlan-interface-name" || (".. use-interface-description" || (".. use-vlan-id" || (".. prefix" || ".. use-string"))))))))"; junos:must-message "Hostname-only cannot be clubbed with any other sub-option"; presence "enable hostname-only"; description "Include hostname only"; uses apply-advanced; } // container hostname-only leaf keep-incoming-remote-id { type empty; description "Keep incoming remote identifier"; } leaf use-string { junos:must "(!((".. use-interface-description" || (".. require-interface-description" || (".. include-irb-and-l2" || (".. keep-incoming-circuit-id" || (".. no-vlan-interface-name" || ".. use-vlan-id")))))))"; junos:must-message "use-string can only coexist with prefix"; type string; description "Use raw string instead of the default remote id"; } } // container remote-id leaf server-id-override { junos:must "(!(".. link-selection"))"; junos:must-message "server-id-override cannot be configured with link-selection"; type empty; description "Add link-selection and server-id sub-options on packets to server"; } leaf link-selection { junos:must "(!(".. server-id-override"))"; junos:must-message "link-selection cannot be configured with server-id-override"; type empty; description "Add link-selection suboption on packets to server"; } leaf exclude-relay-agent-identifier { type empty; description "Exclude relay agent identifier from packets to server"; } container vendor-specific { description "Add vendor-specific information"; uses jdhcp-vendor-specific-type; } // container vendor-specific } // grouping relay-option-82-type grouping relay-v4-option-ascii-hex { uses apply-advanced; list ascii { key "name"; description "ASCII string"; leaf name { type string { length "1 .. 256"; } description "ASCII string"; } uses apply-advanced; choice server-group-choice { leaf relay-server-group { junos:must "((".. .. .. .. .. .. server-group $$" || (".. .. .. .. .. server-group $$" || (".. .. .. .. server-group $$" || ".. .. .. server-group $$"))))"; junos:must-message "Referenced group must be defined under [edit forwarding dhcp-relay server-group]"; type string { length "1 .. 64"; } description "Name of DHCP relay server group when match is made"; } leaf local-server-group { junos:must "((".. .. .. .. .. .. .. .. system services dhcp-local-server group $$" || (".. .. .. .. .. .. .. system services dhcp-local-server group $$" || (".. .. .. .. .. .. system services dhcp-local-server group $$" || ".. .. .. .. .. system services dhcp-local-server group $$"))))"; junos:must-message "Referenced group must be defined under [edit system services dhcp-local-server group]"; type string { length "1 .. 64"; } description "Name of DHCP local server group when match is made"; } leaf drop { type empty; description "Discard when a match is made"; } leaf forward-only { type empty; description "Forward without subscriber services when a match is made"; } } // choice server-group-choice } // list ascii list hexadecimal { key "name"; description "Hexadecimal string"; leaf name { type string { junos:posix-pattern "^[[:xdigit:]]+$"; junos:pattern-message "Must be hexadecimal digits (0-9, a-f, A-F)"; length "1 .. 512"; } description "Hexadecimal string"; } uses apply-advanced; choice server-group-choice { leaf relay-server-group { junos:must "((".. .. .. .. .. .. server-group $$" || (".. .. .. .. .. server-group $$" || (".. .. .. .. server-group $$" || ".. .. .. server-group $$"))))"; junos:must-message "Referenced group must be defined under [edit forwarding dhcp-relay server-group]"; type string { length "1 .. 64"; } description "Name of DHCP relay server group when match is made"; } leaf local-server-group { junos:must "((".. .. .. .. .. .. .. .. system services dhcp-local-server group $$" || (".. .. .. .. .. .. .. system services dhcp-local-server group $$" || (".. .. .. .. .. .. system services dhcp-local-server group $$" || ".. .. .. .. .. system services dhcp-local-server group $$"))))"; junos:must-message "Referenced group must be defined under [edit system services dhcp-local-server group]"; type string { length "1 .. 64"; } description "Name of DHCP local server group when match is made"; } leaf drop { type empty; description "Discard when a match is made"; } leaf forward-only { type empty; description "Forward without subscriber services when a match is made"; } } // choice server-group-choice } // list hexadecimal } // grouping relay-v4-option-ascii-hex grouping relay-v6-option-ascii-hex { uses apply-advanced; list ascii { key "name"; description "ASCII string"; leaf name { type string { length "1 .. 256"; } description "ASCII string"; } uses apply-advanced; choice server-group-choice { leaf relay-server-group { junos:must "((".. .. .. .. .. .. server-group $$" || (".. .. .. .. .. server-group $$" || (".. .. .. .. server-group $$" || ".. .. .. server-group $$"))))"; junos:must-message "Referenced group must be defined under [edit forwarding options dhcp-relay dhcpv6 server-group]"; type string { length "1 .. 64"; } description "Name of DHCP relay server group when match is made"; } leaf drop { type empty; description "Discard when a match is made"; } leaf forward-only { type empty; description "Forward without subscriber services when a match is made"; } } // choice server-group-choice } // list ascii list hexadecimal { key "name"; description "Hexadecimal string"; leaf name { type string { junos:posix-pattern "^[[:xdigit:]]+$"; junos:pattern-message "Must be hexadecimal digits (0-9, a-f, A-F)"; length "1 .. 512"; } description "Hexadecimal string"; } uses apply-advanced; choice server-group-choice { leaf relay-server-group { junos:must "((".. .. .. .. .. .. server-group $$" || (".. .. .. .. .. server-group $$" || (".. .. .. .. server-group $$" || ".. .. .. server-group $$"))))"; junos:must-message "Referenced group must be defined under [edit forwarding options dhcp-relay dhcpv6 server-group]"; type string { length "1 .. 64"; } description "Name of DHCP relay server group when match is made"; } leaf drop { type empty; description "Discard when a match is made"; } leaf forward-only { type empty; description "Forward without subscriber services when a match is made"; } } // choice server-group-choice } // list hexadecimal } // grouping relay-v6-option-ascii-hex grouping security-dhcpv6-options-type { description "Configure DHCPv6 options"; uses apply-advanced; container option-37 { presence "enable option-37"; description "Configure DHCPv6 remote identifier option"; uses apply-advanced; container prefix { description "Configure DHCPv6 remote identifier prefix"; uses apply-advanced; leaf host-name { type empty; description "Prefix router host name to DHCPv6 remote identifier"; } leaf logical-system-name { type empty; description "Prefix logical system name to DHCPv6 remote identifier"; } leaf routing-instance-name { type empty; description "Prefix routing instance name to DHCPv6 remote identifier"; } leaf vlan-name { type empty; description "Prefix vlan name to DHCPv6 remote identifier"; } leaf vlan-id { type empty; description "Prefix vlan tag to DHCPv6 remote identifier"; } } // container prefix leaf use-interface-mac { type empty; description "Add incoming interface's MAC address to DHCPv6 remote identifier"; } leaf use-interface-index { type enumeration { enum "logical" { value 0; description "Use the logical interface index"; } enum "device" { value 1; description "Use the device interface index"; } } description "Add interface index to DHCPv6 remote identifier"; } leaf use-interface-name { type enumeration { enum "logical" { value 0; description "Use the logical interface name"; } enum "device" { value 1; description "Use the device interface name"; } } description "Add interface name to DHCPv6 remote identifier"; } leaf use-interface-description { type enumeration { enum "logical" { value 0; description "Use the logical interface description"; } enum "device" { value 1; description "Use the device interface description"; } } description "Add interface description to DHCPv6 remote identifier"; } leaf use-string { junos:must "(!(".. use-interface-description"))"; junos:must-message "use-string and use-interface-description cannot be configured together"; type string; description "Add custom string to DHCPv6 remote identifier"; } } // container option-37 container option-18 { presence "enable option-18"; description "Configure DHCPv6 interface identifier option"; uses apply-advanced; container prefix { description "Configure DHCPv6 interface identifier prefix"; uses apply-advanced; leaf host-name { type empty; description "Prefix router host name to DHCPv6 interface identifier"; } leaf logical-system-name { type empty; description "Prefix logical system name to DHCPv6 interface identifier"; } leaf routing-instance-name { type empty; description "Prefix routing instance name to DHCPv6 interface identifier"; } leaf vlan-name { type empty; description "Prefix vlan name to DHCPv6 interface identifier"; } leaf vlan-id { type empty; description "Prefix vlan tag to DHCPv6 interface identifier"; } } // container prefix leaf use-interface-mac { type empty; description "Add incoming interface's MAC address to DHCPv6 circuit identifier"; } leaf use-interface-index { type enumeration { enum "logical" { value 0; description "Use the logical interface index"; } enum "device" { value 1; description "Use the device interface index"; } } description "Add interface index to DHCPv6 interface identifier"; } leaf use-interface-name { type enumeration { enum "logical" { value 0; description "Use the logical interface name"; } enum "device" { value 1; description "Use the device interface name"; } } description "Add interface name to DHCPv6 remote identifier"; } leaf use-interface-description { type enumeration { enum "logical" { value 0; description "Use the logical interface description"; } enum "device" { value 1; description "Use the device interface description"; } } description "Add interface description to DHCPv6 interface identifier"; } leaf use-string { junos:must "(!(".. use-interface-description"))"; junos:must-message "use-string and use-interface-description cannot be configured together"; type string; description "Add custom string to DHCPv6 interface identifier"; } } // container option-18 container option-16 { presence "enable option-16"; description "Configure DHCPv6 vendor class identifier option. Overwrite if exists"; uses apply-advanced; leaf use-string { type string; description "Add custom string to DHCPv6 vendor identifier"; } } // container option-16 leaf option-79 { junos:must "(".. .. light-weight-dhcpv6-relay")"; junos:must-message "Option-79 can be configured only on LDRAs"; type empty; description "Configure DHCPv6 client link layer address option"; } } // grouping security-dhcpv6-options-type grouping security-option-82-type { description "DHCP option-82 processing"; uses apply-advanced; container circuit-id { presence "enable circuit-id"; description "Configure DHCP option 82 circuit id"; uses apply-advanced; container prefix { description "Configure DHCP option 82 circuit id prefix"; uses apply-advanced; leaf host-name { type empty; description "Add router host name to DHCP option-82 circuit id"; } leaf logical-system-name { type empty; description "Add logical system name to DHCP option-82 circuit id"; } leaf routing-instance-name { type empty; description "Add routing instance name to DHCP option-82 circuit id"; } } // container prefix leaf use-interface-description { type enumeration { enum "logical" { value 0; description "Use the logical interface description"; } enum "device" { value 1; description "Use the device interface description"; } } description "Use interface description instead of circuit identifier"; } leaf use-vlan-id { type empty; description "Use VLAN id instead of name"; } } // container circuit-id container remote-id { presence "enable remote-id"; description "Configure DHCP option 82 remote id"; uses apply-advanced; leaf host-name { type empty; description "Add router host name to DHCP option-82 remote id"; } leaf use-interface-description { type enumeration { enum "logical" { value 0; description "Use the logical interface description"; } enum "device" { value 1; description "Use the device interface description"; } } description "Use interface description instead of interface name"; } leaf use-string { junos:must "(!(".. use-interface-description"))"; junos:must-message "use-string and use-interface-description cannot be configured together"; type string; description "Use raw string instead of the default remote id"; } leaf mac { type empty; description "Add chassis MAC Address to DHCP option-82 remote id"; } } // container remote-id container vendor-id { presence "enable vendor-id"; description "Configure DHCP option 82 vendor id"; uses apply-advanced; leaf use-string { type string; default "Juniper Networks"; description "Use raw string instead of the default vendor id"; } } // container vendor-id } // grouping security-option-82-type grouping server-group-type { uses apply-advanced; list server-group { key "name"; ordered-by user; description "One or more server groups"; leaf name { type string { junos:posix-pattern "^[A-Za-z0-9][_0-9A-Za-z-]*$"; junos:pattern-message "Must be a non-reserved string of 64 characters or less"; length "1 .. 64"; } description "Server group name"; } uses apply-advanced; list address { key "name"; max-elements 32; ordered-by user; description "IP Address of one or more DHCP servers"; leaf name { type jt:ipaddr; description "IP Address of DHCP server"; } uses apply-advanced; } // list address } // list server-group } // grouping server-group-type grouping server-match-action-choice { uses apply-advanced; choice v4-action-choice { leaf forward-only { type empty; description "Forward without subscriber services"; } leaf create-relay-entry { type empty; description "Create relay entry and allow subscriber services"; } } // choice v4-action-choice } // grouping server-match-action-choice grouping server-match-v6-ascii-hex { uses apply-advanced; list ascii { key "name"; description "ASCII string"; leaf name { type string { length "1 .. 256"; } description "ASCII string"; } uses apply-advanced; choice server-match-action-choice { leaf forward-only { type empty; description "Forward without subscriber services when a match is made"; } leaf create-relay-entry { type empty; description "Create relay entry and allow subscriber services"; } } // choice server-match-action-choice } // list ascii list hexadecimal { key "name"; description "Hexadecimal string"; leaf name { type string { junos:posix-pattern "^[[:xdigit:]]+$"; junos:pattern-message "Must be hexadecimal digits (0-9, a-f, A-F)"; length "1 .. 512"; } description "Hexadecimal string"; } uses apply-advanced; choice server-match-action-choice { leaf forward-only { type empty; description "Forward without subscriber services when a match is made"; } leaf create-relay-entry { type empty; description "Create relay entry and allow subscriber services"; } } // choice server-match-action-choice } // list hexadecimal } // grouping server-match-v6-ascii-hex grouping v6-relay-option-interface-id-type { description "Interface ID processing"; uses apply-advanced; container prefix { description "Add prefix to circuit/interface-id or remote-id"; uses apply-advanced; leaf host-name { type empty; description "Add router host name to circuit / interface-id or remote-id"; } leaf logical-system-name { type empty; description "Add logical system name to circuit / interface-id or remote-id"; } leaf routing-instance-name { type empty; description "Add routing instance name to circuit / interface-id or remote-id"; } } // container prefix leaf use-interface-description { junos:must "(!(".. require-interface-description"))"; junos:must-message "use-interface-description may not be set with require-interface-desciption"; type enumeration { enum "logical" { value 0; description "Use the logical interface description"; } enum "device" { value 1; description "Use the device interface description"; } } description "Use interface description instead of circuit identifier"; } leaf use-vlan-id { junos:must "((!(".. no-vlan-interface-name") && (!(".. use-interface-description") && !(".. require-interface-description"))))"; junos:must-message "Vlan-tag cannot be added as no-vlan-interface-name or interface-description is configured"; type empty; description "Use VLAN id instead of name"; } leaf no-vlan-interface-name { type empty; description "Not include vlan or interface name"; } leaf include-irb-and-l2 { type empty; description "Include IRB and L2 interface name"; } container use-option-82 { presence "enable use-option-82"; description "Use option-82 circuit-id for interface-id"; uses v6-relay-option-cid-rid-action; } // container use-option-82 container keep-incoming-interface-id { presence "enable keep-incoming-interface-id"; description "Keep incoming interface identifier"; uses v6-relay-option-cid-rid-action; } // container keep-incoming-interface-id } // grouping v6-relay-option-interface-id-type grouping v6-relay-option-cid-rid-action { uses apply-advanced; leaf strict { type empty; description "Drop packet if id not present"; } } // grouping v6-relay-option-cid-rid-action grouping v6-relay-option-remote-id-type { description "Remote ID processing"; uses apply-advanced; container prefix { description "Add prefix to circuit/interface-id or remote-id"; uses apply-advanced; leaf host-name { type empty; description "Add router host name to circuit / interface-id or remote-id"; } leaf logical-system-name { type empty; description "Add logical system name to circuit / interface-id or remote-id"; } leaf routing-instance-name { type empty; description "Add routing instance name to circuit / interface-id or remote-id"; } } // container prefix leaf use-interface-description { junos:must "(!(".. require-interface-description"))"; junos:must-message "use-interface-description may not be set with require-interface-desciption"; type enumeration { enum "logical" { value 0; description "Use the logical interface description"; } enum "device" { value 1; description "Use the device interface description"; } } description "Use interface description instead of circuit identifier"; } leaf use-vlan-id { junos:must "((!(".. no-vlan-interface-name") && (!(".. use-interface-description") && !(".. require-interface-description"))))"; junos:must-message "Vlan-tag cannot be added as no-vlan-interface-name or interface-description is configured"; type empty; description "Use VLAN id instead of name"; } leaf no-vlan-interface-name { type empty; description "Not include vlan or interface name"; } leaf include-irb-and-l2 { type empty; description "Include IRB and L2 interface name"; } container use-option-82 { presence "enable use-option-82"; description "Use option-82 remote-id for v6 remote-id"; uses v6-relay-option-cid-rid-action; } // container use-option-82 leaf keep-incoming-remote-id { type empty; description "Keep incoming remote identifier"; } } // grouping v6-relay-option-remote-id-type grouping v6-server-group-type { uses apply-advanced; list server-group { key "name"; ordered-by user; description "One or more server groups"; leaf name { type string { junos:posix-pattern "^[A-Za-z0-9][_0-9A-Za-z-]*$"; junos:pattern-message "Must be a non-reserved string of 64 characters or less"; length "1 .. 64"; } description "DHCPv6 Server group name"; } uses apply-advanced; list address { key "name"; max-elements 32; ordered-by user; description "IP Address of one or more DHCP servers"; leaf name { type jt:ipaddr; description "IP Address of DHCP server"; } uses apply-advanced; } // list address } // list server-group } // grouping v6-server-group-type grouping write-option-82-type { uses apply-advanced; } // grouping write-option-82-type } // module junos-qfx-conf-bridge-domains
© 2023 YumaWorks, Inc. All rights reserved.