devices.yaml | Homer Public

Type: object
No Additional Properties

All properties whose name matches the following regular expression must respect the following conditions

Property name regular expression: ^.+$
root ^.+$
Type: object
No Additional Properties

root ^.+$ config
Type: object
No Additional Properties

root ^.+$ config mgmt_ip
Type: array

List of addr/netmask for mgmt interfaces; if specified, one per RE.

 No Additional Items

Tuple Validation

Item at 1 must be:
root ^.+$ config mgmt_ip mgmt_ip item 0
Type: stringFormat: ip_interface

root ^.+$ config fpcs_to_sample
Type: array

List of FPC indices on which to enable jflow sampling.

 No Additional Items

Tuple Validation

Item at 1 must be:
root ^.+$ config fpcs_to_sample fpcs_to_sample item 0
Type: integer

root ^.+$ config transits
Type: object

BGP peer IP

Each additional property must conform to the following schema

root ^.+$ config transits additionalProperties
Type: object
No Additional Properties

root ^.+$ config transits additionalProperties provider
Type: string

one of common.yaml transit_providers

root ^.+$ config transits additionalProperties import_policy
Type: boolean

Generate the policy based on the peer ASN.

root ^.+$ config transits additionalProperties export_policy
Type: boolean

Generate the policy based on the peer ASN.

root ^.+$ config filters
Type: object

Extra firewall filters to apply to interfaces.

 No Additional Properties

All properties whose name matches the following regular expression must respect the following conditions

Property name regular expression: ^.+$
root ^.+$ config filters ^.+$
Type: string

root ^.+$ config urpf_strict
Type: array

Enable uRPF filtering in strict mode for any interfaces in this list.

 No Additional Items

Tuple Validation

Item at 1 must be:
root ^.+$ config urpf_strict urpf_strict item 0
Type: string

Interface with sub interface (eg. xe-1/0/1.1234 or xe-1/0/1.0)

root ^.+$ config vrrp_bandwidth_threshold
Type: boolean

In a LACP bundle, configure VRRP to failover on the loss of one link.

root ^.+$ config damping
Type: array

Enable interface flap damping.

 No Additional Items

Tuple Validation

Item at 1 must be:
root ^.+$ config damping damping item 0
Type: string

root ^.+$ config primary_ixp
Type: boolean

Set if the IXP terminating on that router should be prioritized.

root ^.+$ config tcp_mss_clamping
Type: boolean

Clamps outbound tcp-mss to 1436. Usually applied per site.

root ^.+$ config prepend_as_out
Type: boolean

Prepends our AS# 3x to our peering and transits. Usually applied per site.

root ^.+$ config dhcp_pool
Type: stringFormat: ip_network

root ^.+$ config lldp_disabled
Type: array

Don't send LLDP frames on those interfaces as SRXs show L2 errors when receiving them.

 No Additional Items

Tuple Validation

Item at 1 must be:
root ^.+$ config lldp_disabled lldp_disabled item 0
Type: string

root ^.+$ config flowspec_flows
Type: object

Add flowspec rule to the routers

 No Additional Properties

All properties whose name matches the following regular expression must respect the following conditions

Property name regular expression: ^.+$
root ^.+$ config flowspec_flows ^.+$
Type: object
No Additional Properties

root ^.+$ config flowspec_flows ^.+$ protocol
Type: enum (of string)

Must be one of:

  • "tcp"
  • "udp"
  • "ip"
  • "ah"
  • "egp"
  • "esp"
  • "gre"
  • "icmp"
  • "icmp6"
  • "igmp"
  • "ipip"
  • "ospf"
  • "pim"
  • "rsvp"
  • "sctp"
  • "[tcp udp]"

root ^.+$ config flowspec_flows ^.+$ destination
Type: stringFormat: ip_network

root ^.+$ config flowspec_flows ^.+$ source
Type: stringFormat: ip_network

root ^.+$ config security_zones
Type: array
No Additional Items

Tuple Validation

Item at 1 must be:
root ^.+$ config security_zones security_zones item 0
Type: object
No Additional Properties

root ^.+$ config security_zones security_zones item 0 services
Type: array
No Additional Items

Tuple Validation

Item at 1 must be:
root ^.+$ config security_zones security_zones item 0 services services item 0
Type: string

root ^.+$ config security_zones security_zones item 0 interfaces
Type: array
No Additional Items

Tuple Validation

Item at 1 must be:
root ^.+$ config security_zones security_zones item 0 interfaces interfaces item 0
Type: string

root ^.+$ config tunnels
Type: object

GRE tunnels source/destination

 No Additional Properties

All properties whose name matches the following regular expression must respect the following conditions

Property name regular expression: ^.+$
root ^.+$ config tunnels ^.+$
Type: object
No Additional Properties

root ^.+$ config tunnels ^.+$ source
Type: string

root ^.+$ config tunnels ^.+$ destination
Type: string

root ^.+$ config security_log
Type: object

Configure Juniper's security logs

 No Additional Properties

root ^.+$ config security_log source
Type: string

Local source IP.

root ^.+$ config security_log streams
Type: object
No Additional Properties

All properties whose name matches the following regular expression must respect the following conditions

Property name regular expression: ^.+$
root ^.+$ config security_log streams ^.+$
Type: string

Unique name and destination IP.

root ^.+$ config screen
Type: object
No Additional Properties

root ^.+$ config screen tcp_syn_flood_dest
Type: integer

root ^.+$ config screen udp_flood
Type: integer

root ^.+$ config asn
Type: integer

Primary ASN of the device.

root ^.+$ config confed
Type: integer

root ^.+$ config mgmt_gw
Type: string

root ^.+$ config mgmt_junos
Type: boolean

Configure the mgmt_junos routing instance (default: true)

root ^.+$ config customers
Type: array
No Additional Items

Tuple Validation

Item at 1 must be:
root ^.+$ config customers customers item 0
Type: integer

root ^.+$ config sampling
Type: object
No Additional Properties

root ^.+$ config sampling collectors
Type: object

Used to define BGP peering to a single IP.

Each additional property must conform to the following schema

root ^.+$ config sampling collectors additionalProperties
Type: string

root ^.+$ config bgp_out
Type: objectFormat: ip_network

Each additional property must conform to the following schema

root ^.+$ config bgp_out additionalProperties
Type: string

root ^.+$ config bgp6_out
Type: objectFormat: ip_network

Each additional property must conform to the following schema

root ^.+$ config bgp6_out additionalProperties
Type: string

root ^.+$ config ping_offload_vip
Type: stringFormat: ip_interface

root ^.+$ config ping_offload_redirect
Type: stringFormat: ipv4

root ^.+$ config dhcp_server
Type: object
No Additional Properties

root ^.+$ config dhcp_server name
Type: string

root ^.+$ config dhcp_server ip
Type: stringFormat: ipv4

root ^.+$ config dhcp_relay_ra
Type: array

Controls interfaces to get DHCP relay and IPv6 RAs enabled on CRs

 No Additional Items

Tuple Validation

Item at 1 must be:
root ^.+$ config dhcp_relay_ra dhcp_relay_ra item 0
Type: string

root ^.+$ config capirca
Type: array

List of Capirca policy files to apply

 No Additional Items

Tuple Validation

Item at 1 must be:
root ^.+$ config capirca capirca item 0
Type: string

root ^.+$ config bgp_keys
Type: object

Each additional property must conform to the following schema

root ^.+$ config bgp_keys additionalProperties
Type: string

root ^.+$ config license_keys
Type: array

[Secret] some features require a license key.

 No Additional Items

Tuple Validation

Item at 1 must be:
root ^.+$ config license_keys license_keys item 0
Type: string

root ^.+$ config snmp_communities
Type: array
No Additional Items

Tuple Validation

Item at 1 must be:
root ^.+$ config snmp_communities snmp_communities item 0
Type: string

root ^.+$ config netbox_driven_interfaces
Type: boolean

Configure interfaces using Netbox as the source of truth.

root ^.+$ config l3_switch
Type: boolean

The switch also does L3 routing.

root ^.+$ config evpn
Type: boolean

The switch uses BGP EVPN and VXLAN transport.

root ^.+$ config junos_root_password
Type: string

[Secret]

root ^.+$ config junos_ospf_md5_key
Type: string

[Secret]

root ^.+$ config junos_vrrp_key
Type: string

[Secret]

root ^.+$ config blackhole
Type: array

Network prefixes to ban, v4 and v6 with subnet

 No Additional Items

Tuple Validation

Item at 1 must be:
root ^.+$ config blackhole blackhole item 0
Type: stringFormat: ip_network

root ^.+$ config block80
Type: array

Network prefixes to ban port80 traffic, v4 and v6 with subnet

 No Additional Items

Tuple Validation

Item at 1 must be:
root ^.+$ config block80 block80 item 0
Type: stringFormat: ip_network

root ^.+$ config rpki_whitelist
Type: array

Force router to accept a RPKI invalid prefix.

 No Additional Items

Tuple Validation

Item at 1 must be:
root ^.+$ config rpki_whitelist rpki_whitelist item 0
Type: object
No Additional Properties

The following properties are required:

  • description
  • network

root ^.+$ config rpki_whitelist rpki_whitelist item 0 prefix
Type: stringFormat: ip_network

root ^.+$ config device_bgp
Type: object

Device-specific BGP peerings, nested to avoid namespace collision.

 No Additional Properties

root ^.+$ config device_bgp anycast
Type: object

Each additional property must conform to the following schema

root ^.+$ config device_bgp anycast additionalProperties
Type: object

The following properties are required:

  • 4

root ^.+$ config device_bgp anycast additionalProperties 4
Type: stringFormat: ipv4

root ^.+$ config device_bgp anycast additionalProperties 6
Type: stringFormat: ipv6

root ^.+$ config device_bgp pybal
Type: object

Used to define BGP peering to a single IP.

Same definition as collectors

root ^.+$ config device_bgp k8s
Type: object

Used to define BGP peerings to a pair of IPs, one for v4 one for v6

Each additional property must conform to the following schema

root ^.+$ config device_bgp k8s additionalProperties
Type: object

The following properties are required:

  • 4
  • 6

root ^.+$ config device_bgp k8s additionalProperties 4
Type: stringFormat: ipv4

root ^.+$ config device_bgp k8s additionalProperties 6
Type: stringFormat: ipv6

root ^.+$ config device_bgp k8s_stage
Type: object

Used to define BGP peerings to a pair of IPs, one for v4 one for v6

Same definition as k8s

root ^.+$ config device_bgp k8s_mlserve
Type: object

Used to define BGP peerings to a pair of IPs, one for v4 one for v6

Same definition as k8s

root ^.+$ config device_bgp k8s_mlstaging
Type: object

Used to define BGP peerings to a pair of IPs, one for v4 one for v6

Same definition as k8s

root ^.+$ config device_bgp k8s_dse
Type: object

Used to define BGP peerings to a pair of IPs, one for v4 one for v6

Same definition as k8s

root ^.+$ config device_bgp k8s_aux
Type: object

Used to define BGP peerings to a pair of IPs, one for v4 one for v6

Same definition as k8s

root ^.+$ config device_bgp cr_switch
Type: object

Used to define BGP peerings to a pair of IPs, one for v4 one for v6

Same definition as k8s

root ^.+$ config device_bgp switch_cr
Type: object

Used to define BGP peerings to a pair of IPs, one for v4 one for v6

Same definition as k8s

root ^.+$ config device_bgp mr_sw
Type: object

Used to define BGP peerings to a pair of IPs, one for v4 one for v6

Same definition as k8s

root ^.+$ config device_bgp sw_mr
Type: object

Used to define BGP peerings to a pair of IPs, one for v4 one for v6

Same definition as k8s

root ^.+$ config device_bgp ris
Type: object

Used to define BGP peerings to a pair of IPs, one for v4 one for v6

Same definition as k8s

root ^.+$ config device_bgp bgptools
Type: object

Used to define BGP peerings to a pair of IPs, one for v4 one for v6

Same definition as k8s

root ^.+$ config evpn_bgp
Type: object

BGP EVPN members and cluster vars for given site.

root ^.+$ config evpn_bgp rr
Type: object

Dict of cluster RRs. Key is device name, value is device loopback.

Each additional property must conform to the following schema

root ^.+$ config evpn_bgp rr additionalProperties
Type: stringFormat: ipv4

root ^.+$ config evpn_bgp clients
Type: object

Dict of cluster RR clients. Key is device name, value is device loopback.

Each additional property must conform to the following schema

root ^.+$ config evpn_bgp clients additionalProperties
Type: stringFormat: ipv4

root ^.+$ config static_routes
Type: objectFormat: ip_network

Static routes to be added to a device.

Each additional property must conform to the following schema

root ^.+$ config static_routes additionalProperties
Type: object
No Additional Properties

root ^.+$ config esi_lag
Type: object

Mecanism to define AE int as an esi-lag and provide ID.

Each additional property must conform to the following schema

root ^.+$ config esi_lag additionalProperties
Type: string

root ^.+$ config ike_psk
Type: object

Dict for IKE PSKs keyed by the Netbox tunnel name.

Each additional property must conform to the following schema

root ^.+$ config ike_psk additionalProperties
Type: string

root ^.+$ config arp_policer
Type: object

Dict keyed by interface names with arp policer bandwidth in bytes as values

 No Additional Properties

All properties whose name matches the following regular expression must respect the following conditions

Property name regular expression: ^.+$
root ^.+$ config arp_policer ^.+$
Type: integer

root ^.+$ timeout
Type: integer

Value must be greater or equal to 0