System Administration > Configuration > Global Configurations
Name | Description | Type | Notes |
---|---|---|---|
_create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
_create_user | ID of the user who created this resource | string | Readonly |
_last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
_last_modified_user | ID of the user who last modified this resource | string | Readonly |
_links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
_protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
_revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
_schema | Schema for this resource | string | Readonly |
_self | Link to this resource | SelfResourceLink | Readonly |
_system_owned | Indicates system owned resource | boolean | Readonly |
description | Description of this resource | string | Maximum length: 1024 Sortable |
display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
id | Unique identifier of this resource | string | Sortable |
opaque_config | A list of global opaque configuration for ESX hosts. | array of KeyValuePair | Required |
resource_type | Must be set to the value EsxGlobalOpaqueConfig | GlobalConfigType | Required |
tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
Name | Description | Type | Notes |
---|---|---|---|
_create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
_create_user | ID of the user who created this resource | string | Readonly |
_last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
_last_modified_user | ID of the user who last modified this resource | string | Readonly |
_links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
_protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
_revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
_schema | Schema for this resource | string | Readonly |
_self | Link to this resource | SelfResourceLink | Readonly |
_system_owned | Indicates system owned resource | boolean | Readonly |
description | Description of this resource | string | Maximum length: 1024 Sortable |
display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
id | Unique identifier of this resource | string | Sortable |
lb_fips_enabled | A flag to turn on or turn off the FIPS compliance of load balancer feature. When this flag is set to true FIPS mode will be set on ssl encryptions of load balancer feature. |
boolean | Default: "False" |
resource_type | Must be set to the value FipsGlobalConfig | GlobalConfigType | Required |
tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
Name | Description | Type | Notes |
---|---|---|---|
_create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
_create_user | ID of the user who created this resource | string | Readonly |
_last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
_last_modified_user | ID of the user who last modified this resource | string | Readonly |
_links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
_protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
_revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
_schema | Schema for this resource | string | Readonly |
_self | Link to this resource | SelfResourceLink | Readonly |
_system_owned | Indicates system owned resource | boolean | Readonly |
description | Description of this resource | string | Maximum length: 1024 Sortable |
display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
global_addrset_mode_enabled | A flag to indicate if global address set is enabled in DFW When this flag is set to true, global address set is enabled in Distributed Firewall. |
boolean | Default: "True" |
global_fastpath_mode_enabled | A flag to indicate if fast path searching is enabled in DFW This property is deprecated. The fast path mode is always enabled in Distributed Firewall. |
boolean | Deprecated Default: "True" |
id | Unique identifier of this resource | string | Sortable |
resource_type | Must be set to the value FirewallGlobalConfig | GlobalConfigType | Required |
tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
Name | Description | Type | Notes |
---|---|---|---|
_create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
_create_user | ID of the user who created this resource | string | Readonly |
_last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
_last_modified_user | ID of the user who last modified this resource | string | Readonly |
_links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
_protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
_revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
_schema | Schema for this resource | string | Readonly |
_self | Link to this resource | SelfResourceLink | Readonly |
_system_owned | Indicates system owned resource | boolean | Readonly |
description | Description of this resource | string | Maximum length: 1024 Sortable |
display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
global_idsevents_to_syslog_enabled | A flag to indicate if IDS events need to be sent to syslog When this flag is set to true, IDS events would be sent to syslog. |
boolean | Default: "False" |
id | Unique identifier of this resource | string | Sortable |
resource_type | Must be set to the value IdsGlobalConfig | GlobalConfigType | Required |
tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
Name | Description | Type | Notes |
---|---|---|---|
_create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
_create_user | ID of the user who created this resource | string | Readonly |
_last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
_last_modified_user | ID of the user who last modified this resource | string | Readonly |
_links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
_protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
_revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
_schema | Schema for this resource | string | Readonly |
_self | Link to this resource | SelfResourceLink | Readonly |
_system_owned | Indicates system owned resource | boolean | Readonly |
collectors | Operation Collector Config Operation Collector Config. |
array of OperationCollector | |
description | Description of this resource | string | Maximum length: 1024 Sortable |
display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
id | Unique identifier of this resource | string | Sortable |
report_interval | Report interval for operation data in seconds Report interval for operation data in seconds. |
int | Minimum: 1 Maximum: 1800 Default: "30" |
resource_type | Must be set to the value OperationCollectorGlobalConfig | GlobalConfigType | Required |
tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
Name | Description | Type | Notes |
---|---|---|---|
_create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
_create_user | ID of the user who created this resource | string | Readonly |
_last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
_last_modified_user | ID of the user who last modified this resource | string | Readonly |
_links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
_protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
_revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
_schema | Schema for this resource | string | Readonly |
_self | Link to this resource | SelfResourceLink | Readonly |
_system_owned | Indicates system owned resource | boolean | Readonly |
allow_changing_vdr_mac_in_use | A flag to indicate if changing the VDR MAC being used is allowed When this flag is set to true, it is allowed to change the VDR MAC being used by existing transport nodes in a NSX system. The VDR MAC used by a host switch in a transport node is decided by the OVERLAY transport zone(s) which the host switch joins. If any of the OVERLAY transport zone(s) has "nested_nsx" property being true, the MAC in "vdr_mac_nested" is used; otherwise the MAC in "vdr_mac" is used. Thus the VDR MAC being used by a host switch in a transport node can be changed in below ways. If the host switch is not in any OVERLAY transport zone whose "nested_nsx" property is true but is in an OVERLAY transport zone, the first way is updating the "vdr_mac" property. The 2nd way is updating one of the OVERLAY tranport zones joined by the host switch to set "nested_nsx" property true which will make the host switch use the VDR MAC in "vdr_mac_nested". The third way is directly updating the transport node to add an OVERLAY transport zone whose "nested_nsx" property is true into the host switch which will also make the host switch use the VDR MAC in "vdr_mac_nested". If the host switch is in some OVERLAY transport zone(s) whose "nested_nsx" property is true, the first way is updating the "vdr_mac_nested" property. The 2nd way is updating all those OVERLAY tranport zones to set "nested_nsx" property false which will make the host switch use the VDR MAC in "vdr_mac". The third way is directly updating the transport node to remove all those OVERLAY transport zones from the host switch which will also make the host switch use the VDR MAC in "vdr_mac". Please note that changing the VDR MAC being used by existing transport nodes will most likely cause traffic disruption and network outage! |
boolean | Default: "False" |
description | Description of this resource | string | Maximum length: 1024 Sortable |
display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
id | Unique identifier of this resource | string | Sortable |
l3_forwarding_mode | L3 forwarding mode This setting does not restrict configuration as per other modes. But the forwarding will only work as per the mode set here. |
string | Required Enum: IPV4_ONLY, IPV4_AND_IPV6 Default: "IPV4_ONLY" |
logical_uplink_mtu | MTU for the logical uplinks This is the global default MTU for all the logical uplinks in a NSX domain. Currently logical uplink MTU can only be set globally and applies to the entire NSX domain. There is no option to override this value at transport zone level or transport node level. If this value is not set, the default value of 1500 will be used. |
int | Default: "1500" |
resource_type | Must be set to the value RoutingGlobalConfig | GlobalConfigType | Required |
tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
vdr_mac | The MAC address of the Virtual Distributed Router (VDR) port This is the global default MAC address for all VDRs in all transport nodes in a NSX system. When the property "allow_changing_vdr_mac_in_use" is false, it can not be changed if the current VDR MAC is being used by any transport node. A transport node uses this VDR MAC if any host switch in the node is in OVERLAY transport zone(s) but none of the transport zone(s) has "nested_nsx" property being true. |
MACAddress | Default: "02:50:56:56:44:52" |
vdr_mac_nested | The MAC address of the Virtual Distributed Router (VDR) port in a nested NSX environment. This is the global default MAC address for all VDRs in all transport nodes in a NSX system nested in another NSX system. All transport zones in such a nested NSX system will have the "nested_nsx" property being true so that all transport nodes will use this MAC for the VDR ports to avoid conflict with the VDR MAC in the outer NSX system. When the property "allow_changing_vdr_mac_in_use" is false, it can not be changed if the current VDR MAC is being used by any transport node in a nested NSX environment. A transport node uses this VDR MAC if any host switch in the node is in an OVERLAY transport zone whose "nested_nsx" property is true. |
MACAddress | Default: "02:50:56:56:44:53" |
Name | Description | Type | Notes |
---|---|---|---|
_create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
_create_user | ID of the user who created this resource | string | Readonly |
_last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
_last_modified_user | ID of the user who last modified this resource | string | Readonly |
_links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
_protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
_revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
_schema | Schema for this resource | string | Readonly |
_self | Link to this resource | SelfResourceLink | Readonly |
_system_owned | Indicates system owned resource | boolean | Readonly |
ca_signed_only | A flag to indicate whether the server certs are only allowed to be ca-signed. When this flag is set to true (for NDcPP compliance) only ca-signed certificates will be allowed to be applied as server certificates. Since this check has now moved to the compliance-report, enabling this check is no longer required if the NDcPP Security alarms have been enabled. |
boolean | Default: "False" |
crl_checking_enabled | A flag to indicate whether the Java trust-managers check certificate revocation When this flag is set to true, during certificate checking the CRL is fetched and checked whether the certificate is revoked or not. |
boolean | Default: "True" |
description | Description of this resource | string | Maximum length: 1024 Sortable |
display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
eku_checking_enabled | A flag to indicate whether the Extended Key Usage extension in the certificate is checked. When this flag is set to true, during certificate checking the Extended Key Usage extension is expected to be present, indicating whether the certificate is to be used a client certificate or server certificate. Setting this value to false is not recommended as it leads to lower security and operational risk. Since this check has now moved to the compliance-report, enabling/disabling this flag no longer has any effect when applying certificates. |
boolean | Default: "True" |
id | Unique identifier of this resource | string | Sortable |
resource_type | Must be set to the value SecurityGlobalConfig | GlobalConfigType | Required |
tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
Name | Description | Type | Notes |
---|---|---|---|
_create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
_create_user | ID of the user who created this resource | string | Readonly |
_last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
_last_modified_user | ID of the user who last modified this resource | string | Readonly |
_links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
_protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
_revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
_schema | Schema for this resource | string | Readonly |
_self | Link to this resource | SelfResourceLink | Readonly |
_system_owned | Indicates system owned resource | boolean | Readonly |
arp_limit_per_lr | ARP limit per logical router per transport node This is a global max ARP limit per logical router per transport node. It is applied to all the logical routers present on all types of transport nodes in the NSX domain. Updates to the field are allowed only through /policy/api/v1/infra/global-config API. |
int | Minimum: 5000 Maximum: 50000 Default: "50000" |
description | Description of this resource | string | Maximum length: 1024 Sortable |
display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
global_replication_mode_enabled | A flag to indicate if global replication mode is enabled When this flag is set true, certain types of BUM packets will be sent to all VTEPs in the global VTEP table, ignoring the logical switching span. |
boolean | Default: "False" |
id | Unique identifier of this resource | string | Sortable |
physical_uplink_mtu | MTU for the physical uplinks This is the global default MTU for all the physical uplinks in a NSX domain. This is the default value for the optional uplink profile MTU field. When the MTU value is not specified in the uplink profile, this global value will be used. This value can be overridden by providing a value for the optional MTU field in the uplink profile. Whenever this value is updated, the updated value will only be propagated to the uplinks that don't have the MTU value in their uplink profiles. If this value is not set, the default value of 1700 will be used. The Transport Node state can be monitored to confirm if the updated MTU value has been realized. |
int | Default: "1700" |
remote_tunnel_physical_mtu | The physical MTU for the remote tunnel endpoints This is the global default MTU for all the physical remote tunnel endpoints in an NSX domain. Please consider intersite link MTU minus any external overhead when defining the MTU. If this value is not set, the default value of 1500 will be used. |
int | Default: "1700" |
resource_type | Must be set to the value SwitchingGlobalConfig | GlobalConfigType | Required |
tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
uplink_mtu_threshold | Upper threshold for MTU on physical and logical uplinks This value defines the upper threshold for the MTU value that can be configured at a physical uplink level or a logical routing uplink level in a NSX domain. All Uplink profiles validate against this value so that the MTU specified in an Uplink profile does not exceed this global upper threshold. Similarly, when this value is modified, the new value must be greater than or equal to any existing Uplink profile's MTU. This value is also validated to be greater than or equal to physical_uplink_mtu in SwitchingGlobalConfig and logical_uplink_mtu in RoutingGlobalConfig. |
int | Default: "9000" |
Name | Description | Type | Notes |
---|---|---|---|
_create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
_create_user | ID of the user who created this resource | string | Readonly |
_last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
_last_modified_user | ID of the user who last modified this resource | string | Readonly |
_links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
_protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
_revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
_schema | Schema for this resource | string | Readonly |
_self | Link to this resource | SelfResourceLink | Readonly |
_system_owned | Indicates system owned resource | boolean | Readonly |
description | Description of this resource | string | Maximum length: 1024 Sortable |
display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
id | Unique identifier of this resource | string | Sortable |
opaque_config | A list of global opaque configuration for ESX hosts. | array of KeyValuePair | Required |
resource_type | Must be set to the value EsxGlobalOpaqueConfig | GlobalConfigType | Required |
tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
Name | Description | Type | Notes |
---|---|---|---|
_create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
_create_user | ID of the user who created this resource | string | Readonly |
_last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
_last_modified_user | ID of the user who last modified this resource | string | Readonly |
_links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
_protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
_revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
_schema | Schema for this resource | string | Readonly |
_self | Link to this resource | SelfResourceLink | Readonly |
_system_owned | Indicates system owned resource | boolean | Readonly |
description | Description of this resource | string | Maximum length: 1024 Sortable |
display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
id | Unique identifier of this resource | string | Sortable |
lb_fips_enabled | A flag to turn on or turn off the FIPS compliance of load balancer feature. When this flag is set to true FIPS mode will be set on ssl encryptions of load balancer feature. |
boolean | Default: "False" |
resource_type | Must be set to the value FipsGlobalConfig | GlobalConfigType | Required |
tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
Name | Description | Type | Notes |
---|---|---|---|
_create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
_create_user | ID of the user who created this resource | string | Readonly |
_last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
_last_modified_user | ID of the user who last modified this resource | string | Readonly |
_links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
_protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
_revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
_schema | Schema for this resource | string | Readonly |
_self | Link to this resource | SelfResourceLink | Readonly |
_system_owned | Indicates system owned resource | boolean | Readonly |
description | Description of this resource | string | Maximum length: 1024 Sortable |
display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
global_addrset_mode_enabled | A flag to indicate if global address set is enabled in DFW When this flag is set to true, global address set is enabled in Distributed Firewall. |
boolean | Default: "True" |
global_fastpath_mode_enabled | A flag to indicate if fast path searching is enabled in DFW This property is deprecated. The fast path mode is always enabled in Distributed Firewall. |
boolean | Deprecated Default: "True" |
id | Unique identifier of this resource | string | Sortable |
resource_type | Must be set to the value FirewallGlobalConfig | GlobalConfigType | Required |
tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
Name | Description | Type | Notes |
---|---|---|---|
_create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
_create_user | ID of the user who created this resource | string | Readonly |
_last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
_last_modified_user | ID of the user who last modified this resource | string | Readonly |
_links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
_protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
_revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
_schema | Schema for this resource | string | Readonly |
_self | Link to this resource | SelfResourceLink | Readonly |
_system_owned | Indicates system owned resource | boolean | Readonly |
description | Description of this resource | string | Maximum length: 1024 Sortable |
display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
global_idsevents_to_syslog_enabled | A flag to indicate if IDS events need to be sent to syslog When this flag is set to true, IDS events would be sent to syslog. |
boolean | Default: "False" |
id | Unique identifier of this resource | string | Sortable |
resource_type | Must be set to the value IdsGlobalConfig | GlobalConfigType | Required |
tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
Name | Description | Type | Notes |
---|---|---|---|
_create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
_create_user | ID of the user who created this resource | string | Readonly |
_last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
_last_modified_user | ID of the user who last modified this resource | string | Readonly |
_links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
_protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
_revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
_schema | Schema for this resource | string | Readonly |
_self | Link to this resource | SelfResourceLink | Readonly |
_system_owned | Indicates system owned resource | boolean | Readonly |
collectors | Operation Collector Config Operation Collector Config. |
array of OperationCollector | |
description | Description of this resource | string | Maximum length: 1024 Sortable |
display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
id | Unique identifier of this resource | string | Sortable |
report_interval | Report interval for operation data in seconds Report interval for operation data in seconds. |
int | Minimum: 1 Maximum: 1800 Default: "30" |
resource_type | Must be set to the value OperationCollectorGlobalConfig | GlobalConfigType | Required |
tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
Name | Description | Type | Notes |
---|---|---|---|
_create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
_create_user | ID of the user who created this resource | string | Readonly |
_last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
_last_modified_user | ID of the user who last modified this resource | string | Readonly |
_links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
_protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
_revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
_schema | Schema for this resource | string | Readonly |
_self | Link to this resource | SelfResourceLink | Readonly |
_system_owned | Indicates system owned resource | boolean | Readonly |
allow_changing_vdr_mac_in_use | A flag to indicate if changing the VDR MAC being used is allowed When this flag is set to true, it is allowed to change the VDR MAC being used by existing transport nodes in a NSX system. The VDR MAC used by a host switch in a transport node is decided by the OVERLAY transport zone(s) which the host switch joins. If any of the OVERLAY transport zone(s) has "nested_nsx" property being true, the MAC in "vdr_mac_nested" is used; otherwise the MAC in "vdr_mac" is used. Thus the VDR MAC being used by a host switch in a transport node can be changed in below ways. If the host switch is not in any OVERLAY transport zone whose "nested_nsx" property is true but is in an OVERLAY transport zone, the first way is updating the "vdr_mac" property. The 2nd way is updating one of the OVERLAY tranport zones joined by the host switch to set "nested_nsx" property true which will make the host switch use the VDR MAC in "vdr_mac_nested". The third way is directly updating the transport node to add an OVERLAY transport zone whose "nested_nsx" property is true into the host switch which will also make the host switch use the VDR MAC in "vdr_mac_nested". If the host switch is in some OVERLAY transport zone(s) whose "nested_nsx" property is true, the first way is updating the "vdr_mac_nested" property. The 2nd way is updating all those OVERLAY tranport zones to set "nested_nsx" property false which will make the host switch use the VDR MAC in "vdr_mac". The third way is directly updating the transport node to remove all those OVERLAY transport zones from the host switch which will also make the host switch use the VDR MAC in "vdr_mac". Please note that changing the VDR MAC being used by existing transport nodes will most likely cause traffic disruption and network outage! |
boolean | Default: "False" |
description | Description of this resource | string | Maximum length: 1024 Sortable |
display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
id | Unique identifier of this resource | string | Sortable |
l3_forwarding_mode | L3 forwarding mode This setting does not restrict configuration as per other modes. But the forwarding will only work as per the mode set here. |
string | Required Enum: IPV4_ONLY, IPV4_AND_IPV6 Default: "IPV4_ONLY" |
logical_uplink_mtu | MTU for the logical uplinks This is the global default MTU for all the logical uplinks in a NSX domain. Currently logical uplink MTU can only be set globally and applies to the entire NSX domain. There is no option to override this value at transport zone level or transport node level. If this value is not set, the default value of 1500 will be used. |
int | Default: "1500" |
resource_type | Must be set to the value RoutingGlobalConfig | GlobalConfigType | Required |
tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
vdr_mac | The MAC address of the Virtual Distributed Router (VDR) port This is the global default MAC address for all VDRs in all transport nodes in a NSX system. When the property "allow_changing_vdr_mac_in_use" is false, it can not be changed if the current VDR MAC is being used by any transport node. A transport node uses this VDR MAC if any host switch in the node is in OVERLAY transport zone(s) but none of the transport zone(s) has "nested_nsx" property being true. |
MACAddress | Default: "02:50:56:56:44:52" |
vdr_mac_nested | The MAC address of the Virtual Distributed Router (VDR) port in a nested NSX environment. This is the global default MAC address for all VDRs in all transport nodes in a NSX system nested in another NSX system. All transport zones in such a nested NSX system will have the "nested_nsx" property being true so that all transport nodes will use this MAC for the VDR ports to avoid conflict with the VDR MAC in the outer NSX system. When the property "allow_changing_vdr_mac_in_use" is false, it can not be changed if the current VDR MAC is being used by any transport node in a nested NSX environment. A transport node uses this VDR MAC if any host switch in the node is in an OVERLAY transport zone whose "nested_nsx" property is true. |
MACAddress | Default: "02:50:56:56:44:53" |
Name | Description | Type | Notes |
---|---|---|---|
_create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
_create_user | ID of the user who created this resource | string | Readonly |
_last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
_last_modified_user | ID of the user who last modified this resource | string | Readonly |
_links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
_protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
_revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
_schema | Schema for this resource | string | Readonly |
_self | Link to this resource | SelfResourceLink | Readonly |
_system_owned | Indicates system owned resource | boolean | Readonly |
ca_signed_only | A flag to indicate whether the server certs are only allowed to be ca-signed. When this flag is set to true (for NDcPP compliance) only ca-signed certificates will be allowed to be applied as server certificates. Since this check has now moved to the compliance-report, enabling this check is no longer required if the NDcPP Security alarms have been enabled. |
boolean | Default: "False" |
crl_checking_enabled | A flag to indicate whether the Java trust-managers check certificate revocation When this flag is set to true, during certificate checking the CRL is fetched and checked whether the certificate is revoked or not. |
boolean | Default: "True" |
description | Description of this resource | string | Maximum length: 1024 Sortable |
display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
eku_checking_enabled | A flag to indicate whether the Extended Key Usage extension in the certificate is checked. When this flag is set to true, during certificate checking the Extended Key Usage extension is expected to be present, indicating whether the certificate is to be used a client certificate or server certificate. Setting this value to false is not recommended as it leads to lower security and operational risk. Since this check has now moved to the compliance-report, enabling/disabling this flag no longer has any effect when applying certificates. |
boolean | Default: "True" |
id | Unique identifier of this resource | string | Sortable |
resource_type | Must be set to the value SecurityGlobalConfig | GlobalConfigType | Required |
tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
Name | Description | Type | Notes |
---|---|---|---|
_create_time | Timestamp of resource creation | EpochMsTimestamp | Readonly Sortable |
_create_user | ID of the user who created this resource | string | Readonly |
_last_modified_time | Timestamp of last modification | EpochMsTimestamp | Readonly Sortable |
_last_modified_user | ID of the user who last modified this resource | string | Readonly |
_links | References related to this resource The server will populate this field when returing the resource. Ignored on PUT and POST. |
array of ResourceLink | Readonly |
_protection | Indicates protection status of this resource Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity. |
string | Readonly |
_revision | Generation of this resource config The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected. |
int | |
_schema | Schema for this resource | string | Readonly |
_self | Link to this resource | SelfResourceLink | Readonly |
_system_owned | Indicates system owned resource | boolean | Readonly |
arp_limit_per_lr | ARP limit per logical router per transport node This is a global max ARP limit per logical router per transport node. It is applied to all the logical routers present on all types of transport nodes in the NSX domain. Updates to the field are allowed only through /policy/api/v1/infra/global-config API. |
int | Minimum: 5000 Maximum: 50000 Default: "50000" |
description | Description of this resource | string | Maximum length: 1024 Sortable |
display_name | Identifier to use when displaying entity in logs or GUI Defaults to ID if not set |
string | Maximum length: 255 Sortable |
global_replication_mode_enabled | A flag to indicate if global replication mode is enabled When this flag is set true, certain types of BUM packets will be sent to all VTEPs in the global VTEP table, ignoring the logical switching span. |
boolean | Default: "False" |
id | Unique identifier of this resource | string | Sortable |
physical_uplink_mtu | MTU for the physical uplinks This is the global default MTU for all the physical uplinks in a NSX domain. This is the default value for the optional uplink profile MTU field. When the MTU value is not specified in the uplink profile, this global value will be used. This value can be overridden by providing a value for the optional MTU field in the uplink profile. Whenever this value is updated, the updated value will only be propagated to the uplinks that don't have the MTU value in their uplink profiles. If this value is not set, the default value of 1700 will be used. The Transport Node state can be monitored to confirm if the updated MTU value has been realized. |
int | Default: "1700" |
remote_tunnel_physical_mtu | The physical MTU for the remote tunnel endpoints This is the global default MTU for all the physical remote tunnel endpoints in an NSX domain. Please consider intersite link MTU minus any external overhead when defining the MTU. If this value is not set, the default value of 1500 will be used. |
int | Default: "1700" |
resource_type | Must be set to the value SwitchingGlobalConfig | GlobalConfigType | Required |
tags | Opaque identifiers meaningful to the API user | array of Tag | Maximum items: 30 |
uplink_mtu_threshold | Upper threshold for MTU on physical and logical uplinks This value defines the upper threshold for the MTU value that can be configured at a physical uplink level or a logical routing uplink level in a NSX domain. All Uplink profiles validate against this value so that the MTU specified in an Uplink profile does not exceed this global upper threshold. Similarly, when this value is modified, the new value must be greater than or equal to any existing Uplink profile's MTU. This value is also validated to be greater than or equal to physical_uplink_mtu in SwitchingGlobalConfig and logical_uplink_mtu in RoutingGlobalConfig. |
int | Default: "9000" |