{ "additionalProperties": false, "description": "Global configuration", "extends": { "$ref": "PolicyConfigResource }, "id": "GlobalConfig", "module_id": "Policy", "properties": { "_create_time": { "$ref": "EpochMsTimestamp, "can_sort": true, "description": "Timestamp of resource creation", "readonly": true }, "_create_user": { "description": "ID of the user who created this resource", "readonly": true, "type": "string" }, "_last_modified_time": { "$ref": "EpochMsTimestamp, "can_sort": true, "description": "Timestamp of last modification", "readonly": true }, "_last_modified_user": { "description": "ID of the user who last modified this resource", "readonly": true, "type": "string" }, "_links": { "description": "The server will populate this field when returing the resource. Ignored on PUT and POST.", "items": { "$ref": "ResourceLink }, "readonly": true, "title": "References related to this resource", "type": "array" }, "_protection": { "description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.", "readonly": true, "title": "Indicates protection status of this resource", "type": "string" }, "_revision": { "description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.", "title": "Generation of this resource config", "type": "int" }, "_schema": { "readonly": true, "title": "Schema for this resource", "type": "string" }, "_self": { "$ref": "SelfResourceLink, "readonly": true, "title": "Link to this resource" }, "_system_owned": { "description": "Indicates system owned resource", "readonly": true, "type": "boolean" }, "allow_changing_vdr_mac_in_use": { "default": false, "description": "When this flag is set to true, it is allowed to change the VDR MAC being used by existing transport nodes in a NSX system. The VDR MAC used by a host switch in a transport node is decided by the OVERLAY transport zone(s) which the host switch joins. If any of the OVERLAY transport zone(s) has \"nested_nsx\" property set to true, the MAC in \"vdr_mac_nested\" is used; otherwise the MAC in \"vdr_mac\" is used. Thus the VDR MAC being used by a host switch in a transport node can be changed in below ways. If the host switch is not in any OVERLAY transport zone whose \"nested_nsx\" property is true but is in an OVERLAY transport zone, the first way is updating the \"vdr_mac\" property. The 2nd way is updating one of the OVERLAY transport zones joined by the host switch to set \"nested_nsx\" property true which will make the host switch use the VDR MAC in \"vdr_mac_nested\". The third way is directly updating the transport node to add an OVERLAY transport zone whose \"nested_nsx\" property is true into the host switch which will also make the host switch use the VDR MAC in \"vdr_mac_nested\". If the host switch is in some OVERLAY transport zone(s) whose \"nested_nsx\" property is true, the first way is updating the \"vdr_mac_nested\" property. The 2nd way is updating all those OVERLAY transport zones to set \"nested_nsx\" property false which will make the host switch use the VDR MAC in \"vdr_mac\". The third way is directly updating the transport node to remove all those OVERLAY transport zones from the host switch which will also make the host switch use the VDR MAC in \"vdr_mac\". Please note that changing the VDR MAC being used by existing transport nodes will most likely cause traffic disruption and network outage!", "title": "A flag to indicate if changing the VDR MAC being used is allowed", "type": "boolean" }, "arp_limit_per_gateway": { "default": 50000, "description": "Global configuration of maximum number of ARP entries per transport node at each Tier0/Tier1 gateway.", "maximum": 50000, "minimum": 5000, "title": "ARP limit per Tier0/Tier1 gateway", "type": "int" }, "children": { "description": "Subtree for this type within policy tree containing nested elements. Note that this type is applicable to be used in Hierarchical API only.", "items": { "$ref": "ChildPolicyConfigResource }, "required": false, "title": "Subtree for this type within policy tree", "type": "array" }, "description": { "can_sort": true, "maxLength": 1024, "title": "Description of this resource", "type": "string" }, "display_name": { "can_sort": true, "description": "Defaults to ID if not set", "maxLength": 255, "title": "Identifier to use when displaying entity in logs or GUI", "type": "string" }, "external_gateway_bfd": { "$ref": "ExternalGatewayBfdConfig, "description": "Configuration for BFD session between host nodes and external gateways. If this configuration is not provided, system defaults are applied.", "title": "External Bidirectional Flow Detection configuration" }, "fips": { "$ref": "FIPSGlobalConfig, "description": "Contains the FIPSGlobalConfig object.", "required": false, "title": "FIPS enabled config" }, "global_replication_mode_enabled": { "default": false, "description": "When this flag is set true, certain types of BUM packets will be sent to all VTEPs in the global VTEP table, ignoring the logical switching span.", "title": "A flag to indicate if global replication mode is enabled", "type": "boolean" }, "id": { "can_sort": true, "title": "Unique identifier of this resource", "type": "string" }, "is_inherited": { "description": "if True, meaning that this is a copy version of GM if False, meaning that this is a local version on LM", "required": false, "title": "This field indicates whether this is a copy version of GM/NSX+ or not", "type": "boolean" }, "l3_forwarding_mode": { "default": "IPV4_ONLY", "description": "Configure forwarding mode for routing. This setting does not restrict configuration for other modes.", "enum": [ "IPV4_ONLY", "IPV4_AND_IPV6" ], "required": false, "title": "L3 forwarding mode", "type": "string" }, "lb_ecmp": { "default": false, "description": "Flag to activate/deactivate ECMP load balancing. By default ECMP load balancing is deactivated.", "title": "Flag for controlling equal-cost multi-path(ECMP) load balancing.", "type": "boolean" }, "marked_for_delete": { "default": false, "description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.", "readonly": true, "required": false, "title": "Indicates whether the intent object is marked for deletion", "type": "boolean" }, "mtu": { "description": "Maximum transmission unit (MTU) specifies the size of the largest packet that a network protocol can transmit. This is the global default MTU for all the EXTERNAL (uplink) and SERVICE (CSP) interfaces in the NSX domain. There is no option to override this value at the transport zone level or transport node level.", "minimum": 1280, "required": false, "title": "MTU size", "type": "int" }, "operation_collectors": { "deprecated": true, "description": "This property is a part of OpsGlobalConfig object. Use /infra/ops-global-config instead. The VRNI and WAVE_FRONT collector type can be defined to collect the metric data. The WAVE_FRONT collector type can only be used in VMC mode.", "items": { "$ref": "GlobalCollectorConfig }, "required": false, "title": "Operation global collector config", "type": "array" }, "origin_site_id": { "description": "This is a UUID generated by the system for knowing which site owns an object. This is used in NSX+.", "readonly": true, "required": false, "title": "A unique identifier assigned by the system for knowing which site owns an object", "type": "string" }, "overridden": { "default": false, "description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.", "readonly": true, "required": false, "title": "Indicates whether this object is the overridden intent object", "type": "boolean" }, "owner_id": { "description": "This is a UUID generated by the system for knowing who owns this object. This is used in NSX+.", "readonly": true, "required": false, "title": "A unique identifier assigned by the system for the ownership of an object", "type": "string" }, "parent_path": { "description": "Path of its parent", "readonly": true, "required": false, "title": "Path of its parent", "type": "string" }, "path": { "description": "Absolute path of this object", "readonly": true, "required": false, "title": "Absolute path of this object", "type": "string" }, "physical_uplink_mtu": { "default": 1700, "description": "This is the global default MTU for all the physical uplinks in a NSX domain. This is the default value for the optional uplink profile MTU field. When the MTU value is not specified in the uplink profile, this global value will be used. This value can be overridden by providing a value for the optional MTU field in the uplink profile. Whenever this value is updated, the updated value will only be propagated to the uplinks that don't have the MTU value in their uplink profiles. If this value is not set, the default value of 1700 will be used. The Transport Node state can be monitored to confirm if the updated MTU value has been realized.", "readonly": false, "title": "MTU for the physical uplinks", "type": "int" }, "realization_id": { "description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated their unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.", "readonly": true, "required": false, "title": "A unique identifier assigned by the system for realizing intent", "type": "string" }, "relative_path": { "description": "Path relative from its parent", "readonly": true, "required": false, "title": "Relative path of this object", "type": "string" }, "remote_path": { "description": "This is the path of the object on the local managers when queried on the NSX+ service, and path of the object on NSX+ service when queried from the local managers.", "readonly": true, "required": false, "title": "Path of the object on the remote end.", "type": "string" }, "remote_tunnel_physical_mtu": { "default": 1700, "description": "This is the global default MTU for all the physical remote tunnel endpoints in an NSX domain. Please consider intersite link MTU minus any external overhead when defining the MTU. If this value is not set, the default value of 1500 will be used.", "readonly": false, "title": "The physical MTU for the remote tunnel endpoints", "type": "int" }, "resource_type": { "description": "The type of this resource.", "readonly": false, "type": "string" }, "site_infos": { "description": "Information related to sites applicable for given config.", "items": { "$ref": "SiteInfo }, "maxItems": 16, "required": false, "title": "Collection of Site information", "type": "array" }, "tags": { "items": { "$ref": "Tag }, "maxItems": 30, "title": "Opaque identifiers meaningful to the API user", "type": "array" }, "unique_id": { "description": "This is a UUID generated by the GM/LM to uniquely identify entities in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.", "readonly": true, "required": false, "title": "A unique identifier assigned by the system", "type": "string" }, "uplink_mtu_threshold": { "default": 9000, "description": "This value defines the upper threshold for the Maximum Transmission Unit (MTU) value that can be configured at a physical uplink level or a logical routing uplink level in a NSX domain. All Uplink profiles validate against this value so that the MTU specified in an Uplink profile does not exceed this global upper threshold. Similarly, when this value is modified, the new value must be greater than or equal to any existing Uplink profile's MTU.", "required": false, "title": "Upper threshold for MTU on physical and logical uplinks", "type": "int" }, "vdr_mac": { "$ref": "MACAddress, "default": "02:50:56:56:44:52", "description": "This is the global default MAC address for all VDRs in all transport nodes in a NSX system. It can be changed only when there is no transport node in the NSX system. This value cannot be same as vdr_mac_nested. When the property \"allow_changing_vdr_mac_in_use\" is false, it can not be changed if the current VDR MAC is being used by any transport node. A transport node uses this VDR MAC if any host switch in the node is in OVERLAY transport zone(s) but none of the transport zone(s) has \"nested_nsx\" property being true.", "title": "MAC address of the Virtual Distributed Router (VDR) port" }, "vdr_mac_nested": { "$ref": "MACAddress, "default": "02:50:56:56:44:53", "description": "This is the global default MAC address for all VDRs in all transport nodes in a NSX system nested in another NSX system. It can be changed only when there is no transport node in the NSX system. All transport zones in such a nested NSX system will have the \"nested_nsx\" property being true so that all transport nodes will use this MAC for the VDR ports to avoid conflict with the VDR MAC in the outer NSX system. When the property \"allow_changing_vdr_mac_in_use\" is false, it can not be changed if the current VDR MAC is being used by any transport node in a nested NSX environment. A transport node uses this VDR MAC if any host switch in the node is in an OVERLAY transport zone whose \"nested_nsx\" property is true.", "title": "The MAC address of the Virtual Distributed Router (VDR) port in a nested NSX environment." } }, "title": "Global configuration", "type": "object" }