Web Services API Guide, Cisco DCNM for LAN, Release 5.x
PortSecApp Service
Downloads: This chapterpdf (PDF - 181.0KB) The complete bookPDF (PDF - 11.08MB) | Feedback

PortSecurityApp Service

Table Of Contents

PortSecurityApp Service

Information About PortSecurityApp Service

bindPortSecuritySettingToNetworkInterfaces

bindStaticSecureHostsToAccessNetworkInterface

bindStaticSecureHostsToPvlanHostNetworkInterface

bindStaticSecureHostsToPvlanPromiscousNetworkInterface

bindStaticSecureHostsToVlanInTrunkNetworkInterface

bindStaticSecureHostsToVlanInTrunkNetworkInterfaceBy
Range

clearPortSecuritySettingToNetworkInterfaces

createPortSecurityNetworkInterfaceSettingForVlans

deletePortSecurityNetworkInterfaceSettingForVlans

disablePortSecurityInAllInterfacesInNetworkElement

disablePortSecurityInNetworkInterfaces

disablePortSecurityService

disablePortSecurityStopLearning

enablePortSecurityInNetworkInterfaces

enablePortSecurityService

enablePortSecurityStopLearning

getAllDynamicSecureMacAddressesInNetworkInterface

getAllDynamicSecureMacAddressesInVlanOfNetwork
Interface

getAllDynamicSecureMacAddressesInVlanOfNetwork
InterfaceByVlanId

getAllPortSecurityDisabledInterfacesInNetworkElement

getAllPortSecurityEnabledInterfacesInNetworkElement

getAllPortSecurityVlanSettingsForNetworkInterface

getAllStaticSecureMacAddressesInNetworkInterface

getAllStaticSecureMacAddressesInVlanOfNetworkInterface

getAllStaticSecureMacAddressesInVlanOfNetworkInterface
ByVlanId

getPortSecurityCapableInterfaces

getPortSecurityGlobalSettingsInNetworkElements

getPortSecurityServiceStateInNetworkElements

getPortSecuritySettingsInNetworkInterfaces

getPortSecurityStopLearningStateInNetworkElements

getPortSecurityVlanSettingsForNetworkInterface

getPortSecurityVlanSettingsForNetworkInterfaceByRange

modifyPortSecurityGlobalSettings

modifyPortSecuritySettingInNetworkInterfaces

modifyPortSecurityVlanSettingsInNetworkInterface

unbindAllSecureDynamicHostsFromNetworkInterface

unbindAllSecureDynamicHostsFromVlanTrunkInNetwork
Interface

unbindAllSecureDynamicHostsFromVlanTrunkInNetwork
InterfaceByRange

unbindAllStaticSecureHostsFromNetworkInterface

unbindAllStaticSecureHostsFromVlanInTrunkInNetwork
Interface

unbindAllStaticSecureHostsFromVlanInTrunkInNetwork
InterfaceByRange

unbindSecureDynamicHostsFromVlanInTrunkNetwork
Interface

unbindStaticSecureHostsFromVlanInTrunkNetworkInterface


PortSecurityApp Service


This chapter describes the DCNM web services' API methods for the PortSecurityApp service.

Information About PortSecurityApp Service

The port security feature allows you to restrict input to an interface by limiting and identifying MAC addresses of the workstations that are allowed to access the port. Port security can be enabled only on switched network interfaces. The API categories are as follows:

Query/Get APIs—Query data from the persistent database.

Modify APIs—Modify existing port security parameters.

Bind and Unbind APIs—Bind and unbind secured MAC address.

Enable and Disable APIs—Enable and disable the port security.

bindPortSecuritySettingToNetworkInterfaces

Applies a given PortSecurityNetworkInterfaceSetting to a collection of interfaces. This collection of interfaces shall have both port security enabled and disabled interfaces.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameIds is null or it is empty.

If interfaceNameIds contains invalid Switched Network Interface InstanceNameId or null value.

If there is no equivalent Switched Network Interfaces object with the given InstanceNameId in the interfaceNameIds.

If portSecurityNetworkInterfaceSetting is null

Parameters

opContext—Operational context

interfaceNameIds—a collection of InstanceNameId of switched network interfaces to which a port security setting has to be applied.

portSecurityNetworkInterfaceSetting—PortSecurityNetworkInterfaceSetting object.

Return Value

void

bindStaticSecureHostsToAccessNetworkInterface

Assigns a collection of hosts statically to a switched network interface operating in access mode.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameId is null.

If interfaceNameId is not a valid Switched Network Interface InstanceNameId.

If there is no equivalent Switched Network Interfaces object with the given InstanceNameId

If securedStaticMacAddressCol collection is null or it is empty.

Parameters

opContext—TODO

interfaceNameId—InstanceNameId of the switched network interface.

secureStaticMacAddressCol—a collection of SecuredMacAddress to be bound to the interface.

Return Value

A collection of InstanceNameId of secured mac address.

bindStaticSecureHostsToPvlanHostNetworkInterface

Assigns a collection of hosts statically to a switched network interface operating in Private VLAN Host mode.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameId is null.

If interfaceNameId is not a valid Switched Network Interface InstanceNameId.

If there is no equivalent Switched Network Interfaces object with the given InstanceNameId

If securedStaticMacAddressCol collection is null or it is empty.

Parameters

opContext—Operational context

interfaceNameId—InstanceNameId of the switched network interface.

secureStaticMacAddressCol—a collection of SecuredMacAddress to be bound to the interface.

Return Value

A collection of InstanceNameIdof secured mac address.

bindStaticSecureHostsToPvlanPromiscousNetworkInterface

Assigns a collection of hosts statically to a switched network interface operating in Private VLAN promiscuous mode.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameId is null.

If interfaceNameId is not a valid Switched Network Interface InstanceNameId.

If there is no equivalent Switched Network Interfaces object with the given InstanceNameId

If securedStaticMacAddressCol collection is null or it is empty.

Parameters

opContext—Operational context

interfaceNameId—InstanceNameId of the switched network interface.

secureStaticMacAddressCol—a collection of SecuredMacAddress to be bound to the interface.

Return Value

A collection of InstanceNameIdof secured mac address.

bindStaticSecureHostsToVlanInTrunkNetworkInterface

Assigns a collection of hosts statically to a switched network interface operating in trunk mode.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameId is null.

If interfaceNameId is not a valid Switched Network Interface InstanceNameId.

If there is no equivalent Switched Network Interfaces object with the given InstanceNameId

If vlanIds collection is null or it is empty.

If vlanId collection contains an object that is not of type VlanExternal.

If securedStaticMacAddressCol collection is null or it is empty.

Parameters

opContext—Operational context

interfaceNameId—InstanceNameId of the switched network interface operating in trunk mode.

vlanIds—a collection of InstanceNameId of the VLANs which is carried by trunk network interface.

secureStaticMacAddressCol—a collection of SecuredMacAddress bound to the interface.

Return Value

A collection of InstanceNameId of secured mac address.

bindStaticSecureHostsToVlanInTrunkNetworkInterfaceBy
Range

Assigns a collection of hosts statically to a switched network interface operating in trunk mode. This will support the VLANs which does not exist on the device (preprovisioning).

ValidationException is thrown if any of the following situation occurs:

If interfaceNameId is null.

If interfaceNameId is not a valid Switched Network Interface InstanceNameId.

If there is no equivalent Switched Network Interfaces object with the given InstanceNameId

If vlanRange is null or it is empty.

If securedStaticMacAddress collection is null or it is empty.

Parameters

opContext—Operational context

interfaceNameId—InstanceNameId of the switched network interface operating in trunk mode.

vlanRange—Range of VLANs (includes comma separated and hyphenated VLAN IDs)

secureStaticMacAddressCol—a collection of SecuredMacAddress bound to the interface.

Return Value

A collection of InstanceNameId of secured mac address.

clearPortSecuritySettingToNetworkInterfaces

Clears the port security configurations in collection of interfaces.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameIds is null or it is empty.

If interfaceNameIds contains invalid Switched Network Interface InstanceNameId or null value.

If there is no equivalent Switched Network Interfaces object with the given InstanceNameId in the interfaceNameIds.

Parameters

opContext—Operational context

interfaceNameIds—a collection of InstanceNameId of switched network interfaces to which a port security setting has to be applied.

Return Value

void

createPortSecurityNetworkInterfaceSettingForVlans

Returns a list of newly created PortSecurityNetworkInterfaceSettingForVlan. Only maxAddress is configured for this newly created class.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameId is null or empty.

If interfaceNameId is not a valid Switched Network Interface InstanceNameId.

If maxAddressList is null

If the size of the vlanRange is not equal to the size of the maxAddressList.

In case of the accessPort, if the VLAN size is more than one.

Parameters

opContext—Operational context

ifInstanceNameId—InstanceNameId of the switched network interface.

vlanRange—a comma separated or hyphenated string representing a collection of VLAN IDs.

-

Return Value

A collection of InstanceNameIds of the newly created PortSecurityNetworkInterfaceSettingForVlan.

deletePortSecurityNetworkInterfaceSettingForVlans

Deletes one or more standard Port Security Network Interface Setting for VLAN objects. Given the InstanceNameId of the PortSecurityNetworkInterfaceSettingForVlan objects, those objects will be deleted from the server. ValidationException is thrown if any of the following situation occurs:

If psSettingForVlanInstanceNameIds is null or it is empty.

If psSettingForVlanInstanceNameIds contains invalid Port Security Network Interface Setting for VLAN InstanceNameId or null value.

If there is no equivalent PortSecurityNetworkInterfaceSettingForVlan object with the given InstanceNameId in the psSettingForVlanInstanceNameIds.

Parameters

opContext—Operational context

psSettingForVlanInstanceNameIds—InstanceNameId of the PortSecurityNetworkInterfaceSettingForVlan.

Return Value

void

disablePortSecurityInAllInterfacesInNetworkElement

Disables port security in all the interfaces in a network element.

ValidationException is thrown if the argument passed is null or it is not a valid network element InstanceNameId.

Parameters

opContext—Operational context

networkElementId—InstanceNameId of the network element.

Return Value

void

disablePortSecurityInNetworkInterfaces

Disables port security in a given set of interfaces which have port security enabled.

ValidationException is thrown if any of the following situation occurs:

If interfaceName is null.

If interfaceName is not a valid Switched Network Interface InstanceNameId.

If there is no equivalent Switched Network Interfaces object with the given InstanceNameId

Parameters

opContext—Operational context

interfaceNames—a collection of InstanceNameId of switched network interfaces in which port security is enabled.

Return Value

void

disablePortSecurityService

Disables PortSecurity Service in a InstanceNameId network element. Service Enabling/Disabling is supported in NX-OS platform. If this API is called with the network elements of Catalyst 6500 series switches then FeatureException will be thrown.

ValidationException is thrown if any of the following situation occurs:

32.If neInstanceNameIdCol is null.

33.If neInstanceNameIdCol does not contain a valid network element InstanceNameId.

34.If the network element does not exist in the database.

Parameters

opContext—Operational context

neInstanceNameIdCol—- A collection of InstanceNameId of the network elements.

Return Value

void

disablePortSecurityStopLearning

Disables PortSecurity Stop Learning in a InstanceNameId network element. Stop Learning Enabling/Disabling is supported in NX-OS platform. If this API is called with the network elements of Catalyst 6500 series switches then FeatureException will be thrown.

ValidationException is thrown if any of the following situation occurs:

38.If neInstanceNameIdCol is null.

39.If neInstanceNameIdCol does not contain a valid network element InstanceNameId.

40.If the network element does not exist in the database.

Parameters

opContext—Operational context

neInstanceNameIdCol—- A collection of InstanceNameId of the network elements.

Return Value

void

enablePortSecurityInNetworkInterfaces

Enables port security in a given set of interfaces. Port Security can be enabled in the following interfaces.

Port security disabled Switched Network interfaces.

Switched Network Interfaces which don't have port security configurations.

ValidationException is thrown if any of the following situation occurs:

If interfaceName is null.

If interfaceName is not a valid Switched Network Interface InstanceNameId.

If there is no equivalent Switched Network Interfaces object with the given InstanceNameId

Parameters

opContext—Operational context

interfaceNames—a collection of InstanceNameId of switched network interfaces in which port security has to be enabled.

Return Value

A collection PortSecurityNetworkInterfaceSetting objects.

enablePortSecurityService

Enables PortSecurity Service in a InstanceNameId network element. Service Enabling/Disabling is supported in NX-OS platform. If this API is called with the network elements of Catalyst 6500 series switches then FeatureException will be thrown.

ValidationException is thrown if any of the following situation occurs:

29.If neInstanceNameIdCol is null.

30.If neInstanceNameIdCol does not contain a valid network element InstanceNameId.

31.If the network element does not exist in the database.

Parameters

opContext—Operational context

neInstanceNameIdCol—- A collection of InstanceNameId of the network elements.

Return Value

void

enablePortSecurityStopLearning

Enables PortSecurity Stop Learning in a InstanceNameId network element. Stop Learning Enabling/Disabling is supported in NX-OS platform. If this API is called with the network elements of Catalyst 6500 series switches then FeatureException will be thrown.

ValidationException is thrown if any of the following situation occurs:

35.If neInstanceNameIdCol is null.

36.If neInstanceNameIdCol does not contain a valid network element InstanceNameId.

37.If the network element does not exist in the database.

Parameters

opContext—Operational context

neInstanceNameIdCol—- A collection of InstanceNameId of the network elements.

Return Value

void

getAllDynamicSecureMacAddressesInNetworkInterface

Returns all the host MAC addresses that are learnt dynamically in all the VLANs in a switched network interface. For trunk ports, MAC addresses bound to the port through all the VLANs will be returned. For access ports, MAC addresses bound to the access VLAN will be returned.

ValidationException is thrown if the argument passed is null or it is not a valid Switched Network Interface InstanceNameId.

Parameters

opContext—Operational context

interfaceNameId—InstanceNameId of the switched network interface.

Return Value

void

getAllDynamicSecureMacAddressesInVlanOfNetwork
Interface

Returns all the host MAC addresses that are learnt dynamically in a VLAN in a switched network interface.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameId is null.

If interfaceNameId is not a valid Switched Network Interface InstanceNameId.

If vlanId is null.

If vlanId is not a valid VLAN InstanceNameId.

Parameters

opContext—Operational context

interfaceNameId—InstanceNameId of the switched network interface.

vlanId—InstanceNameId of the VLAN.

Return Value

A collection of SecureStaticMacAddress objects pertaining to the hosts that are bound to the given VLAN.

getAllDynamicSecureMacAddressesInVlanOfNetwork
InterfaceByVlanId

Returns all the host MAC addresses that are learnt dynamically in VLANs in a switched network interface. This method will address assigning static secure MAC address in a VLAN that has not been created (preprovisioning).

ValidationException is thrown if any of the following situation occurs:

If interfaceNameId is null.

If interfaceNameId is not a valid Switched Network Interface InstanceNameId.

If vlanId is null.

Parameters

opContext—Operational context

interfaceNameId—InstanceNameId of the switched network interface.

VLAN—Valid VLAN Id.

Return Value

A collection of SecuredDynamicMacAddress objects pertaining to the hosts that are bound the given VLAN.

getAllPortSecurityDisabledInterfacesInNetworkElement

Returns all the port security disabled interfaces in a given network element. Given the instance name ID of the network element, returns a collection switched network interface objects. The following are the criteria to check the port security disabled interfaces.

PortSecurityNetworkInterfaceSetting parameters are configured and getPortSecurityEnable() method returns false.

PortSecurityNetworkInterfaceSetting parameters are not configured and the collection size of PortSecuritySetting size is greater than 0.

ValidationException is thrown if the argument passed is null or it is not a valid network element InstanceNameId.

Parameters

opContext—Operational context

neInstanceNameId—InstanceNameId of the network element.

Return Value

A collection of port security disabled SwitchedNetworkInterfaces. only the following associations will be present, and all other associations will be cleared.

PortSecurityNetworkInterfaceSetting

NetworkInterfaceName

PortSetting

PortCapablity

NetworkInterfaceStaus

PortStatus

AbstractNetworkElement

Collection of RoutedSubNetworkInterface

Collection of Switched Network Interfaces belongs to VLAN Collection

getAllPortSecurityEnabledInterfacesInNetworkElement

Returns all the port security enabled interfaces in a given network element. Given the instance name ID of the network element, returns a collection switched network interface objects.

ValidationException is thrown if the argument passed is null or it is not a valid network element InstanceNameId.

Parameters

opContext—Operational context

neInstanceNameId—InstanceNameId of the network element.

Return Value

A collection of port security enabled SwitchedNetworkInterfaces. only the following associations will be present, and all other associations will be cleared.

PortSecurityNetworkInterfaceSetting

NetworkInterfaceName

PortSetting

PortCapablity

NetworkInterfaceStaus

PortStatus

AbstractNetworkElement

Collection of RoutedSubNetworkInterface

Collection of Switched Network Interfaces belongs to VLAN Collection

getAllPortSecurityVlanSettingsForNetworkInterface

Returns the port security settings configured in each VLAN in a collection of switched network interfaces. For trunk ports, port security settings of all the VLANs in the trunk will be returned. For access ports, port security settings of the access VLAN will be returned.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameIds is null or it is empty.

If interfaceNameIds contains invalid Switched Network Interface InstanceNameId or null value.

If there is no equivalent Switched Network Interfaces object with the given InstanceNameId in the interfaceNameIds.

Parameters

opContext—Operational context

interfaceNameIds—a collection of InstanceNameIdsInstanceNameId of the switched network interfaces.

Return Value

A collection of PortSecurityNetworkInterfaceSettingForVlan objects pertaining to the VLANs in the interface. For access ports, size of the returned collection will be 1.

getAllStaticSecureMacAddressesInNetworkInterface

Returns all the host MAC addresses that are bound statically to all the VLANs in a switched network interface. For trunk ports, MAC addresses bound to the port through all the VLANs will be returned. For access ports, MAC addresses bound to the access VLAN will be returned.

ValidationException is thrown if the argument passed is null or it is not a valid Switched Network Interface InstanceNameId.

Parameters

opContext—Operational context

interfaceNameId—InstanceNameId of the switched network interface.

Return Value

A collection of SecureStaticMacAddress objects pertaining to the hosts that are bound to the Switched Network Interface.

getAllStaticSecureMacAddressesInVlanOfNetworkInterface

Returns all the host MAC addresses that are bound statically to a VLAN in a switched network interface.This method will get the static secure MAC address in a VLAN that had been created.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameId is null.

If interfaceNameId is not a valid Switched Network Interface InstanceNameId.

If vlanId is null.

If vlanId is not a valid VLAN InstanceNameId.

Parameters

opContext—Operational context

interfaceNameId—InstanceNameId of the switched network interface.

vlanId—InstanceNameId of the VLAN.

Return Value

A collection of SecureStaticMacAddress objects pertaining to the hosts that are bound to the given VLAN.

getAllStaticSecureMacAddressesInVlanOfNetworkInterface
ByVlanId

Returns all the host MAC addresses that are bound statically to a VLANs in a switched network interface. This method will address assigning static secure MAC address in a VLAN that has not been created.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameId is null.

If interfaceNameId is not a valid Switched Network Interface InstanceNameId.

If vlanId is null.

Parameters

opContext—Operational context

interfaceNameId—InstanceNameId of the switched network interface.

VLAN—Valid VLAN Id.

Return Value

A collection of SecureStaticMacAddress objects pertaining to the hosts that are bound the given VLAN.

getPortSecurityCapableInterfaces

Returns all the port security capable interfaces in a given network element and a slot number. Given the instance name ID of the network element and slot no, returns a collection port security capable switched network interface objects.

ValidationException is thrown if the argument passed is null or it is not a valid network element InstanceNameId.

Parameters

opContext—Operational context

networkElementInstanceNameId—InstanceNameId of the network element.

slotNo—slot number in Integer.

Return Value

A collection of port security capable SwitchedNetworkInterfaces.

getPortSecurityGlobalSettingsInNetworkElements

Returns the port security global configurations configured in a given list of network elements. List of network elements can include Virtual Network Elements also. This API is applicable only for Nexus 7000 series switch Platform. ValidationException is thrown if any of the following situation occurs:

If abstractNetworkElementIds is null or it is empty.

If abstractNetworkElementIds contains invalid Abstract Network Element InstanceNameId or null value.

If there is no equivalent Abstract Network Element object with the given InstanceNameId in the abstractNetworkElementIds.

Parameters

opContext—Operational context

abstractNetworkElementIds—a collection of InstanceNameIds of Abstract Network Elements.

Return Value

A collection of PortSecurityGlobalSetting objects representing the global Port Security configurations done in the Abstract Network Elements.

getPortSecurityServiceStateInNetworkElements

Returns state of PortSecurity Service like whether PortSecurityService is enabled or disabled in a list of network elements. Given the list of instance name IDs of the network elements, returns a array of Boolean values.

ValidationException is thrown if any of the following situation occurs:

if the argument passed is null

If neInstanceNameIdCol collection contains an element that is null or the collection is empty or it is not type InstanceNameId

if the argument passed is null or it is not a valid network element InstanceNameId.

Parameters

opContext—Operational context

neInstanceNameIdCol—InstanceNameId of the one or more Network Element for which the DhcpSnoopingService state is required

Return Value

The returned array will contain Boolean instances.

Boolean value TRUE indicates PortSecurityService is enabled in the given network element.

Boolean value FALSE indicates PortSecurityService is disabled in the given network element.

getPortSecuritySettingsInNetworkInterfaces

Returns the port security configurations done in a given collection of network interfaces.This collection shall have port security settings for both port security enabled and port security disabled interfaces. This collection shall have null in case of interface doesn't have the port security setting parameters.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameIds is null or it is empty.

If interfaceNameIds contains invalid Switched Network Interface InstanceNameId or null value.

If there is no equivalent Switched Network Interfaces object with the given InstanceNameId in the interfaceNameIds.

Parameters

opContext—Operational context

interfaceNameIds—a collection of InstanceNameId of switched network interfaces.

Return Value

A collection of PortSecurityNetworkInterfaceSetting objects pertaining to all the SwitchedNetworkInterfaces.

getPortSecurityStopLearningStateInNetworkElements

Returns state of PortSecurity stop learning state like whether PortSecurityStopLearning is enabled or disabled in a list of network elements. Given the list of instance name IDs of the network elements, returns a array of Boolean values.

ValidationException is thrown if any of the following situation occurs:

if the argument passed is null

If neInstanceNameIdCol collection contains an element that is null or the collection is empty or it is not type InstanceNameId.

if the argument passed is null or it is not a valid network element InstanceNameId.

Parameters

opContext—Operational context

neInstanceNameIdCol—InstanceNameId of the one or more Network Element for which the DhcpSnoopingService state is required

Return Value

The returned array will contain Boolean instances.

Boolean value TRUE indicates PortSecurityStopLearning is enabled in the given network element.

Boolean value FALSE indicates PortSecurityStopLearning is disabled in the given network element.

getPortSecurityVlanSettingsForNetworkInterface

Returns the port security settings configured in a given collections of VLANs in a switched network interface. This object will always have a collection of SecuredMacAddress objects and the SecuredDynamicMacAddress objects.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameId is null.

If interfaceNameId is not a valid Switched Network Interface InstanceNameId.

If vlanIds are null or it is empty.

If interfaceNameIds contains invalid VLAN InstanceNameId or null value.

If there is no equivalent VLAN the given InstanceNameId in the vlanIds.

Parameters

opContext—Operational context

interfaceNameId—InstanceNameId of the switched network interface.

vlanIds—a collection of InstanceNameId of the VLANs that are members of the trunk. For access ports, this collection contains only the InstanceNameId of the access VLAN.

Return Value

A collection of PortSecurityNetworkInterfaceSettingForVlan objects pertaining to the given VLANs in the interface. For access ports, size of the returned collection will be 1.

getPortSecurityVlanSettingsForNetworkInterfaceByRange

Returns the port security settings configured in a given collections of VLANs represented by vlanRange (Preprovisioning). This object will always have a collection of SecuredMacAddress objects and the SecuredDynamicMacAddress Object.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameId is null.

If interfaceNameId is not a valid Switched Network Interface InstanceNameId.

If vlanRange is null or it is empty.

Parameters

opContext—Operational context

interfaceNameId—InstanceNameId of the switched network interface.

vlanRange—Range of VLANs (includes comma separated and hyphenated VLAN IDs)

Return Value

A collection of PortSecurityNetworkInterfaceSettingForVlan objects pertaining to the VLANs in the interface. For access ports, size of the returned collection will be 1.

modifyPortSecurityGlobalSettings

Updates the given list of port security global settings applied on network elements. This API is specific to Nexus 7000 series switch platform.

ValidationException is thrown if any of the following situation occurs:

If portSecurityGlobalSetting collection is null or it is empty.

If portSecurityGlobalSetting collection contains an object that is not of type PortSecurityGlobalSetting.

Parameters

opContext—Operational context

portSecurityGlobalSettings—a collection of PortSecurityGlobalSetting Objects. networkElementIds

Return Value

void

modifyPortSecuritySettingInNetworkInterfaces

Updates the server with a collection of modified PortSecurityNetworkInterfaceSetting Objects.

ValidationException is thrown if any of the following situation occurs:

If portSecurityNetworkInterfaceSetting collection is null or it is empty.

If portSecurityNetworkInterfaceSetting collection contains an object that is not of type PortSecurityNetworkInterfaceSetting.

PropertiesException is thrown if any of the following situation occurs:

In the portSecurityNetworkInterfaceSetting collection, if any attribute in the PortSecurityNetworkInterfaceSetting is not valid.

IntegrityException is thrown if any of the following situation occurs:

If the portSecurityNetworkInterfaceSetting collection contains a PortSecurityNetworkInterfaceSetting that does not exist in the database.

Parameters

opContext—Operational context

portSecurityNetworkInterfaceSettingCol—a collection of modified PortSecurityNetworkInterfaceSetting objects

Return Value

void

modifyPortSecurityVlanSettingsInNetworkInterface

Updates the server with a collection of modified PortSecurityNetworkInterfaceSettingForVlan objects.

ValidationException is thrown if any of the following situation occurs:

If portSecurityVlanSetting collection is null or it is empty.

If portSecurityVlanSetting collection contains an object that is not of type PortSecurityNetworkInterfaceSettingForVlan.

PropertiesException is thrown if any of the following situation occurs:

In the portSecurityVlanSetting collection, if any attribute in the PortSecurityNetworkInterfaceSettingForVlan is not valid.

IntegrityException is thrown if any of the following situation occurs:

If the portSecurityVlanSetting collection contains a PortSecurityNetworkInterfaceSettingForVlan that does not exist in the database.

Parameters

opContext—Operational context

portSecurityVlanSettingCol—a collection of modified PortSecurityNetworkInterfaceSettingForVlan objects

Return Value

void

unbindAllSecureDynamicHostsFromNetworkInterface

Clears all the hosts dynamically learnt in a network interface. In case of access port, this method will unbind all the hosts learnt dynamically in access VLAN. In case of trunk ports, this method will unbind all the hosts learnt dynamically in all VLANs of the trunk.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameIds is null or it is empty.

If interfaceNameIds contains invalid Switched Network Interface InstanceNameId or null value.

If there is no equivalent Switched Network Interfaces object with the given InstanceNameId in the interfaceNameIds.

Parameters

opContext—Operational context

interfaceNameIds—a collection of InstanceNameId of interfaces from which static secure hosts have to be cleared.

Return Value

void

unbindAllSecureDynamicHostsFromVlanTrunkInNetwork
Interface

Clears all hosts dynamically learnt in a collection of VLANs in a trunk network interface.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameId is null or it is empty.

If interfaceNameId contains invalid Switched Network Interface InstanceNameId or null value.

If there is no equivalent Switched Network Interfaces object with the given InstanceNameId in the interfaceNameIds.

If vlanIds collection is null or it is empty.

If vlanId collection contains an object that is not of type VlanExternal.

Parameters

opContext—Operational context

interfaceNameId—InstanceNameId of the interface.

vlanIds—a collection of InstanceNameIds of VLANs.

Return Value

void

unbindAllSecureDynamicHostsFromVlanTrunkInNetwork
InterfaceByRange

Clears all hosts bound to a collection of VLANs allowed in a trunk network interface.This method will address clearing secure Dynamic MAC address in a VLAN that has not been created (preprovisioning).

ValidationException is thrown if any of the following situation occurs:

If interfaceNameId is null or it is empty.

If interfaceNameId contains invalid Switched Network Interface InstanceNameId or null value.

If vlanRange is null or it is empty.

Parameters

opContext—Operational context

interfaceNameId—InstanceNameId of the interface.

vlanRange—a comma separated or hyphenated string representing a collection of VLAN IDs.

Return Value

void

unbindAllStaticSecureHostsFromNetworkInterface

Clears all the static secure hosts bound to a network interface. In case of Access ports, this method will clear all the hosts bound to access VLAN. In case of trunk ports, this method will clear hosts bound to all VLANs of the trunk.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameIds is null or it is empty.

If interfaceNameIds contains invalid Switched Network Interface InstanceNameId or null value.

If there is no equivalent Switched Network Interfaces object with the given InstanceNameId in the interfaceNameIds.

Parameters

opContext—Operational context

interfaceNameIds—a collection of InstanceNameId of interfaces from which static secure hosts have to be cleared.

Return Value

void

unbindAllStaticSecureHostsFromVlanInTrunkInNetwork
Interface

Clears all hosts bound to a collection of VLANs in a trunk network interface.

ValidationException is thrown if any of the following situation occurs:

If interfaceNameIds is null or it is empty.

If interfaceNameIds contains invalid Switched Network Interface InstanceNameId or null value.

If there is no equivalent Switched Network Interfaces object with the given InstanceNameId in the interfaceNameIds.

If vlanIds collection is null or it is empty.

If vlanIds collection contains an object that is not of type VlanExternal.

Parameters

opContext—Operational context

interfaceNameId—InstanceNameId of the interface.

vlanIds—a collection of InstanceNameIds of VLANs.

Return Value

void

unbindAllStaticSecureHostsFromVlanInTrunkInNetwork
InterfaceByRange

Clears all hosts bound to a collection of VLANs allowed in a trunk network interface. This is used to handle non-existing VLANs (preprovisioning).

ValidationException is thrown if any of the following situation occurs:

If interfaceNameIds is null or it is empty.

If interfaceNameIds contains invalid Switched Network Interface InstanceNameId or null value.

If there is no equivalent Switched Network Interfaces object with the given InstanceNameId in the interfaceNameIds.

If vlanRange is null or it is empty.

Parameters

opContext—Operational context

interfaceNameId—InstanceNameId of the interface.

vlanRange—a comma separated or hyphenated string representing a collection of VLAN IDs.

Return Value

void

unbindSecureDynamicHostsFromVlanInTrunkNetwork
Interface

Clears a collection of hosts dynamically learnt in a VLAN in a trunk network interface.

ValidationException is thrown if any of the following situation occurs:

If secureDynamicMacAddress collection is null or it is empty.

Parameters

opContext—Operational context

secureDynamicMacAddressCol—a collection of SecuredDynamicMacAddress bound to the interface.

Return Value

void

unbindStaticSecureHostsFromVlanInTrunkNetworkInterface

Clears a collection of hosts bound to a trunk network interface.

ValidationException is thrown if any of the following situation occurs:

If securedStaticMacAddress collection is null or it is empty.

Parameters

opContext—Operational context

secureHostInstanceNameIdCol—a collection of InstanceNameId of SecureStaticMacAddress bound to the interface

Return Value

void