H3C SeerEngine-Campus Operation Log Messages Reference-E62XX-5W100

HomeSupportResource CenterSDNH3C SeerEngine-CampusH3C SeerEngine-CampusTechnical DocumentsReference GuidesLog Message ReferencesH3C SeerEngine-Campus Operation Log Messages Reference-E62XX-5W100

 

H3C SeerEngine -Campus

Operation Log Messages Reference

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Document version: 5W100-20220530

 

Copyright © 2022 New H3C Technologies Co., Ltd. All rights reserved.

No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of New H3C Technologies Co., Ltd.

Except for the trademarks of New H3C Technologies Co., Ltd., any trademarks that may be mentioned in this document are the property of their respective owners.

The information in this document is subject to change without notice.


Contents

Introduction· 1

Viewing operation log messages· 1

Syslog message format 2

Using this document 4

Campus· 6

Create isolation domain· 7

Update isolation domain· 9

Delete isolation domain· 10

Create isolate domain interconnect 11

Update isolate domain interconnect 12

Delete isolate domain interconnect 13

Create private network· 14

Update private network· 16

Delete private network· 17

Create security group· 18

Update security group· 21

Delete security group· 23

Create Layer 2 network domain· 24

Update Layer 2 network domain· 27

Delete Layer 2 network domain· 29

Create Layer 3 campus interconnect 29

Update Layer 3 campus interconnect 31

Delete Layer 3 campus interconnect 32

Create subnet 33

Update subnet 34

Delete subnet 35

Bind security group to access scenario· 36

Unbind security group from access scenario· 36

Modify access scenario priority· 37

Create authentication server 37

Update authentication server 38

Delete authentication server 38

Smooth EIA· 39

Create resource group· 40

Update resource group· 42

Delete resource group· 43

Create network range· 43

Delete network range· 44

CON_APP·· 45

Install application· 45

Start application· 45

Stop application· 45

Uninstall application· 46

Upload application· 46

CON_AUTH·· 47

Add an API authentication-free IP· 47

Delete an API authentication-free IP· 47

Add an IP address to white list 48

Delete an IP address from white list 48

CON_LICENSE·· 49

Connect the license server 49

Disconnect the license server 49

Upload license file· 50

Update the quantity of requested licenses· 50

CON_LISTENER·· 51

Register alert topic· 51

Update alert topic· 51

Remove alert topic· 52

CON_NetworkMonitor 53

Change thresholds for a CPU· 54

Change thresholds for all CPUs· 55

CON_OAM·· 56

Create radar detection task· 56

Delete radar detection task· 57

Clear periodic radar detection tasks· 57

CON_OPENFLOW··· 58

Create flow table entry· 58

Modify flow table entry· 58

Delete flow table entry· 58

Devices change to fail-safe mode· 59

Devices change to normal mode· 59

CON_REGION·· 60

Create region· 60

Delete region· 61

Update region· 62

CON_SNMP·· 63

Create traditional NE· 63

Update traditional NE· 64

Delete traditional NE· 64

Start scanning traditional NE· 65

Stop scanning traditional NE· 65

CON_SYSTEM·· 66

Back up configuration· 66

Upload backup file· 66

Start recovery· 67

Download backup file· 67

Modify backup settings· 68

Modify configuration· 68

Restore configuration· 69

Prepare for upgrade· 69

Modify alert log remote transmission mode· 70

Modify audit log transmission mode· 70

Enter upgrade mode· 70

Quit upgrade mode· 71

CON_TEAM·· 72

Create team·· 72

Delete team·· 73

Modify team·· 73

Add member 74

Delete member 74

Modify member 75

CON_TOPOLOGY·· 76

Update device· 76

Update device layer 76

Delete inactive link· 77

Update port thresholds· 77

Clear events on a device· 78

Clear events on all devices· 78

CON_USER·· 79

Add a user 79

Delete a user 79

Change user password· 80

Update user config· 81

Add a role· 82

Update a role· 83

Delete a role· 84

DHCP·· 85

Create DHCP server 85

Update DHCP server 86

Delete DHCP server 86

Synchronize data from DHCP server 87

Stop Synchronizing data from DHCP server 87

Update IP Conflict Detection from DHCP server 88

DHCP address pool 89

Create DHCP address pool 89

Update DHCP address pool 90

Delete DHCP address pool 90

Synchronize data from DHCP address pool 91

Stop Synchronizing data from DHCP address pool 91

DHCP IP bind· 92

Update DHCP IP bind· 92

DHCP forbidden IP·· 93

Create DHCP forbidden IP· 93

Delete DHCP forbidden IP· 93

DHCP option· 94

Add DHCP option· 94

Delete DHCP option· 95

Fabrics· 96

Create Fabric· 96

Update Fabric· 98

Delete Fabric· 100

Search Fabric· 100

Create Fabric Connection· 101

Update Fabric Connection· 102

Delete Fabric Connection· 103

General Group· 104

Create general group· 104

Update general group· 104

Delete general group· 105

Add device to device group· 105

Delete device from device group· 106

Add interface to interface group· 107

Delete interface from interface group· 108

Bind policy· 108

Unbind policy· 109

IDM·· 110

Add NETCONF template· 110

Update NETCONF template· 112

Delete NETCONF template· 113

Add configuration file· 114

Delete configuration file· 115

Deploy configuration snippets· 115

Deploy commands· 116

Start automatic configuration process· 116

Stop automatic configuration process· 117

Add SNMP template· 118

Delete SNMP template· 119

Update SNMP template· 120

Add aggregate interface· 121

Update aggregate interface· 122

Configure aggregate interface· 123

Add automated configuration template· 124

Add automation parameters· 126

Add automation policy· 127

Bring up interfaces· 128

Shut down interfaces· 129

Configure interface· 130

Add automatic device replacement task· 131

Add fabric and deploy resource pool 132

NBAC·· 134

Create Application Description· 135

Update Application Description· 137

Delete Application Description· 138

Create Policy· 139

Update Policy· 140

Delete Policy· 141

Create Rule· 142

Update Rule· 144

Delete Rule· 146

Create Time Range· 147

Update Time Range· 148

Delete Time Range· 149

Create intergroup policy· 149

Update intergroup policy· 150

Created policy enforcement device group· 151

Updated policy enforcement device group· 152

Deleted policy enforcement device group· 153

NEM·· 154

Create VLAN-VXLAN mapping table· 154

Update VLAN-VXLAN mapping table· 154

Delete VLAN-VXLAN mapping table· 155

Create QinQ-VXLAN mapping table· 156

Update QinQ-VXLAN mapping table· 157

Delete QinQ-VXLAN mapping table· 159

Bind VLAN-VXLAN mapping table· 159

Update VLAN-VXLAN mapping table binding· 160

Delete VLAN-VXLAN mapping table binding· 160

Bind ports to VLAN-VXLAN mapping table· 161

Update bindings between ports and VLAN-VXLAN mapping table· 161

Delete bindings between ports and VLAN-VXLAN mapping table· 162

Bind ports to QinQ-VXLAN mapping table· 163

Update bindings between ports and QinQ-VXLAN mapping table· 163

Delete bindings between ports and QinQ-VXLAN mapping table· 164

Create gateway group· 165

Update gateway group· 167

Delete gateway group· 168

Create IP address pool 169

Update IP address pool 170

Delete IP address pool 171

Create gateway group VLAN range· 172

Update gateway group VLAN range· 172

Delete gateway group VLAN range· 173

Create VXLAN pool 173

Update VXLAN pool 174

Delete VXLAN pool 175

Create physical NE· 175

Update physical NE· 177

Delete physical NE· 179

Reboot physical NE· 180

Batch add physical NEs· 180

Start scanning physical NE· 181

Stop scanning physical NE· 181

Start migration on physical gateway· 181

Complete migration on physical gateway· 182

Start data synchronization on physical NE· 182

Start configuration auditing on physical NE· 183

Start data synchronization on virtual NE· 183

Start configuration auditing on virtual NE· 183

Create NETCONF default user 184

Configure default MAC address· 184

Delete default MAC address· 185

Create third party NE· 185

Delete third party NE· 186

Configure reserved option· 186

Create address pool 187

Update address pool 187

Delete address pool 188

Add resource· 188

Delete resource· 190

Configure VNFM·· 191

Configure gateway network· 191

Update gateway network· 192

Router bound to gateway· 192

Create aggregation group member 193

Update aggregation group member 194

Delete aggregation group member 194

Create aggregation group· 195

Update aggregation group· 195

Delete aggregation group· 196

Create global aggregation group configuration· 196

Update global aggregation group configuration· 197

Delete global aggregation group configuration· 198

Delete NE VXLAN tunnels· 198

Create connection limit rule· 198

Update connection limit rule· 199

Delete connection limit rule· 200

Create device configuration template· 200

Update device configuration template· 204

Delete device configuration template· 206

Create control protocol template· 207

Update control protocol template· 208

Delete control protocol template· 209

Create deploy resource pool 209

Update deploy resource pool 210

Delete deploy resource pool 211

Create auto detected· 212

Stop auto detected· 213

Delete auto detected· 213

Update global setting· 213

Create manual backup· 214

Recover configuration· 215

Create DHCP server 215

Update DHCP server 216

Delete DHCP server 216

Upload software· 217

Update software· 217

Delete software· 218

Upgrade software· 219

Replace physical NE· 219

Create tenant-gateway binding relationship· 221

Update tenant-gateway binding relationship· 221

Delete tenant-gateway binding relationship· 222

Create gateway· 222

Update gateway· 224

Delete gateway· 225

Create gateway member 225

Update gateway member 226

Delete gateway member 227

Create device whitelist 227

Update device whitelist 228

Delete device whitelist 229

Delete assetlist 229

Create egress interface· 230

Update egress interface· 232

Delete egress interface· 233

Create external connectivity· 234

Update external connectivity· 234

Delete external connectivity· 235

Add AAA template· 236

Update AAA template· 238

Delete AAA template· 239

Add MAC template· 240

Update MAC template· 242

Delete MAC template· 243

Add 802.1X template· 244

Update 802.1X auth template· 246

Delete 802.1X auth template· 247

Synchronization device bridgeMac and serialNumber infor 248

Create replacement task· 249

Delete replacement task· 250

Update ONU· 250

Delete ONU· 251

Create AP· 251

Delete AP· 251

Add Redundant Port 252

Update Redundant Port 252

Delete Redundant Port 253

Batch import wireless APs to ACs· 253

Synchronization ACs info· 253

Delete APs from the AC· 254

Redeployed traditional access devices· 254

Create third-party service device· 255

Update third-party service device· 256

Delete third-party service device· 257

Create third-party service· 258

Update third-party service· 259

Delete third party service· 259

Create third-party device config template· 260

Update third-party device config template· 261

Delete third-party device config template· 262

Add configuration task· 262

Delete configuration task· 263

Add failure signature· 263

Delete failure signature· 264

Add Step· 265

Update Step· 266

Delete Step· 267

Copy existing template· 267

Create FW Resource· 268

Update FW Resource· 270

Delete VFW Resource· 270

Create GW Member 271

Update GW Member 271

Create External Interface· 272

Update External Interface· 272

Create Extenal Network· 273

Smooth Asset and Template· 273

Create Server Resource· 274

Update Server Resource· 275

Delete Server Resource· 276

Create campus full mesh· 276

Delete campus full mesh· 277

Create auth free template· 277

Delete auth free template· 278

Create multicast 279

Update multicast 281

Delete multicast 282

Create ACL· 283

Delete ACL· 283

Create ACL rule· 284

Delete ACL rule· 284

Create SSM mapping· 285

Delete SSM mapping· 285

Create SSM mapping rule· 286

Delete SSM mapping rule· 286

Create Network Range· 286

Delete Network Range· 287

Create Device_websocket info· 288

Delete Device_websocket info· 288

Create SGT Pools· 288

Update SGT Pools· 289

Delete SGT Pools· 290

Add Auth Config· 290

Update Auth Config· 291

Delete Auth Config· 291

Add Inter Auth Config· 292

Update Inter Auth Config· 292

Delete Inter Auth Config· 293

Add Interface_isolate· 294

Update Interface_isolate· 294

Delete Interface_isolate· 295

RCAM·· 297

Create resource access template· 297

Delete resource access template· 298

ServiceChain· 299

Create service chain· 300

Update service chain· 302

Delete service chain· 303

SITE·· 304

Create Site table· 304

Update Site table· 305

Delete Site table· 306

VSM·· 307

Create VDS· 307

Update VDS· 308

Delete VDS· 309

Add host 310

Update host 311

Delete host 311

Create vRouter 312

Update vRouter 313

Delete vRouter 314

Create internal route· 315

Delete internal route· 315

Create interface· 316

Delete interface· 317

Create network· 318

Update network· 319

Delete network· 320

Create subnet 321

Update subnet 322

Delete subnet 323

Create network policy· 323

Update network policy· 324

Delete network policy· 324

Create security policy· 325

Update security policy· 325

Delete security policy· 326

Create floating IP· 327

Update floating IP· 328

Delete floating IP· 329

Create port group· 329

Update port group· 330

Delete port group· 330

Create security rules· 331

Update security rule· 332

Delete security rule· 333

Authenticate with vCenter 333

Disconnect with vCenter 334

Upload vib· 334

Delete vib· 334

Install VFE· 335

Update VFE· 335

Uninstall VFE· 335

Create domain· 336

Update domain· 337

Delete domain· 337

Create vPort 338

Update vPort 340

Delete vPort 341

Create router link· 342

Update router link· 342

Delete router link· 343

Create route table· 343

Update route table· 344

Delete route table· 344

Create route entry· 345

Update route entry· 345

Delete route entry· 346

Create APP cluster VIP· 346

Update APP cluster VIP· 347

Delete APP cluster VIP· 347

Create flooding domain· 348

Update flooding domain· 349

Delete flooding domain· 349

Update vCenter status· 350

Create port name prefix· 350

Delete vPort prefix name· 351

Update advanced setting· 351

Create netoverlay host 352

Delete netoverlay host 352

Update netoverlay host 353

Create netoverlay group· 353

Delete netoverlay group· 354

Create VLAN-VXLAN map· 354

Delete VLAN-VXLAN map· 355

Configure batch vSwitch deployment parameters· 355

Import host file· 355

Run custom script 356

Export host file· 356

Export SSH key· 356

Upload custom script 357

Install vSwitch· 357

Update vSwitch· 357

Uninstall vSwitch· 358

Check host status· 358

Upload vSwitch file· 358

Delete vSwitch file· 359

Create network nodes· 359

Update network node· 360

Delete network node· 360

Update global default action· 360

Create DFW policy· 361

Update DFW policy· 361

Delete DFW policy· 362

Create DFW policy rule· 363

Delete DFW policy rule· 364

Create DFW IP set 364

Update DFW IP set 365

Delete DFW IP set 365

Create DFW IP set rule· 366

Delete DFW IP set rule· 366

Track flow entry of IP packet 367

Track flow entry of ARP packet 368

Start auditing on host 369

Start synchronization on host 369

Created static link· 370

Deleted static link· 370

Create vRouter interconnection· 371

Update vRouter interconnection· 372

Delete vRouter interconnection· 373

Create Layer 2 DC interconnection· 373

Update Layer 2 DC interconnection· 374

Delete Layer 2 DC interconnection· 374

Create Layer 3 DC interconnection· 375

Update Layer 3 DC interconnection· 377

Delete Layer 3 DC interconnection· 378

Add subnet to Layer 3 DC interconnection· 378

Delete Layer 3 DC interconnection subnet 379

Upload the vSwitch license file· 379

Updated host load limit 380

Index· 381

 


Introduction

Operation logs record system operations and configuration modifications, such as device operations (adding, editing, or deleting a device) and policy configuration. Operation log messages include operation description, result, and failure reasons, and provide reference for system analysis and maintenance.

This document assumes that the readers are familiar with data communications technologies and H3C SeerEngine-Campus controller products.

Viewing operation log messages

The SeerEngine-Campus product is deployed based on the H3C SNA Center platform. To view the operation log messages:

1.     Log in to SNA Center.

2.     Click Settings.

3.     On the top navigation bar, click Logs.

4.     From the navigation pane, select Information.

5.     Click the Operation Logs tab.

6.     Select SeerEngine-Campus from the SNA Component Name list, and click Query.

The generated SeerEngine-Campus operation log messages are displayed as shown in Figure 1.

Figure 1 Operation log messages

 

Table 1 Operation log message elements

Element

Description

Time

Date and time when the log message was generated.

SNA Component Name

Name of the SNA component that produced the message.

Username

Name of the user that triggered the log generation.

User IP

IP address of the terminal where the user performed the operation.

Host Name

Name of the host that produced the message.

Service Name

Name of the service that produced the message.

Module Name

Name of the module that produced the message.

Operation Result

Operation result: Succeeded or Failed.

Operation Description

Text string that contains detailed information about the operation.

Failure Reason

Possible reasons for an operation failure.

 

Syslog message format

SeerEngine-Campus controllers can send operation logs to syslog servers through the syslog protocol. To set the IP addresses and port numbers of syslog servers:

1.     On the top navigation bar, click Logs.

2.     From the navigation pane, select Configuration.

3.     Click the Operation Logs tab.

4.     Set the IP addresses and port numbers of syslog servers.

By default, controllers send operation logs in the following format:

<PRI>TIMESTAMP Hostname Origin/severity/Keywords CONTENT

Table 2 Syslog message elements

Element

Description

<PRI>

Priority identifier. It is calculated by using the following formula:

Priority identifier=facilityx8+severity

Where:

·     Facility represents the programming module defined by syslog. In the current software version, the facility is user-level and its value is 1.

·     Severity represents the syslog message severity level. For more information, see (4).

TIMESTAMP

Date and time when the event occurred.

Hostname

Name or IP address of the server or virtual machine where the controller that produced the message resides.

Origin

Name of the service module that produced the message.

severity

Severity level of the message. For more information, see (5). For more information about the mappings between operation log message severity levels and syslog message severity levels, see (6).

Keywords

Keywords of the message that facilitate searching or memorizing.

CONTENT

Text string that contains detailed information about the operation, in the following format:

User=username IP=user IP Description=description Result=result Cause=operation failure causes

 

(3) lists all service modules that might produce operation log messages.

Table 3 Service module list

Service module name

Description

Campus

Policy management module.

CON_APP

Application management module.

CON_AUTH

Authentication management module.

CON_LICENSE

License management module.

CON_LISTENER

Listener module.

CON_NetworkMonitor

Network monitoring module.

CON_OAM

OAM module.

CON_OPENFLOW

OpenFlow module.

CON_REGION

Region module.

CON_SNMP

SNMP module.

CON_SYSTEM

System management module.

CON_TEAM

Team module.

CON_TOPOLOGY

Topology management module.

CON_USER

User management module.

DHCP

DHCP module.

Fabric

Fabric module

GeneralGroup

General group module.

IDM

Integrated deployment module.

NBAC

Network-based access control module.

NEM

Carrier network module.

ServiceChain

Service chain module.

VSM

Virtual network module.

 

Syslog messages are classified into eight severity levels from 0 to 7. The lower the number, the higher the severity, as shown in (4).

Table 4 Syslog message severity levels

Level

Severity

Description

0

Emergency

The system is unusable.

1

Alert

Action must be taken immediately.

2

Critical

Critical condition.

3

Error

Error condition.

4

Warning

Warning condition.

5

Notice

Normal but significant condition.

6

Informational

Informational message.

7

Debug

Debugging message.

 

Operation log messages are classified into two severity levels, as shown in (5).

Table 5 Operation log message severity levels

Level

Severity

Description

0

Info

Information message. It indicates that the operation succeeded.

1

Warning

Warning condition. It indicates that the operation failed.

 

(6) shows the mappings between operation log message severity levels and syslog message severity levels.

Table 6 Severity level mappings

Operation log message severity level

Syslog message severity level

0

6

1

4

 

Using this document

This document categorizes operation log messages by service module. This document explains messages in tables. 1.3  (1) describes information provided in these tables.

Table 7 Message explanation table contents

Item

Content

Example

Keyword

Summary of the message that facilitates searching or memorizing.

DELETE_FABRIC_OP

Message text

Presents the message description.

Deleted fabric: $1

Variable fields

Briefly describes the variable fields in the order that they appear in the message text.

The variable fields are numbered in the "$Number" form to help you identify their location in the message text.

$1: Fabric UUID.

Example

Provides a real message example.

Deleted fabric: 218b5f2f-e435-4365-a1ab-0eaa03b7fa19

Explanation

Explains the message.

A fabric was deleted.

Possible failure causes

Provides possible causes of an operation failure.

·     Configuration recovery is in progress.

·     The service has not been found.

·     The controller is not the active leader.

·     The fabric does not exist.

·     Unknown error.

·     The request is invalid.

·     The fabric has devices.

·     The fabric has border device groups.

·     

 


Campus

This section contains operation log messages of the campus module.

Create isolation domain

Keyword

CREATE_ISOLATE_DOMAIN_OP

Message text

Created isolation domain “$1”.

Variable fields

$1: Isolation domain name.

Example

Created isolation domain “domain1”.

Explanation

An isolation domain was created.

Possible failure causes

·     The request is invalid.

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     Unknown error.

·     The isolation domain name cannot exceed 62 characters.

·     The isolation domain name is required.

·     The isolation domain ID already exists.

·     The isolation domain name already exists.

·     Invalid VXLAN ID range.

·     Duplicated IDs exist for the isolation domains created in bulk.

·     Duplicated names exist for the isolation domains created in bulk.

·     The VLAN pool cannot be empty.

·     The VLAN pool does not exist.

·     Failed to create the isolation domain. Errors occurred during tenant creation.

·     The DHCP server does not exist.

·     The service is disabled.

·     The VXLAN ID range must contain 4092.

·     In a DHCP network in tight coupling mode, to bind a DHCP server to an isolation domain, make sure the DHCP server is up.

·     Invalid wireless forwarding mode.

·     Failed to synchronously create the address pool. An address pool with the same name already exists.

·     Failed to synchronously create the address pool. An address pool with the same network segment already exists.

·     To bind a DHCPv4 server in tight collaboration mode to an isolation domain, make sure the DHCPv4 server is up.

·     The specified DHCP server does not support IPv4.

·     The specified DHCP server does not support IPv6.

·     To bind a DHCPv6 server in tight collaboration mode to an isolation domain, make sure the DHCPv6 server is up.

·     To bind a DHCPv4 server in tight collaboration mode to a security group, make sure the DHCPv4 server is up.

·     To bind a DHCPv6 server in tight collaboration mode to a security group, make sure the DHCPv6 server is up.

·     The DHCPv4 server doesn't exist.

·     The DHCPv6 server doesn't exist.

·     Authentication server is not synchronized.

·     Failed to bind the fabric to the isolation domain, because the isolation domain has already been configured with a full-mesh fabric connection and the fabric has been enabled with multicast network capabilities.

·     The ARP scan and probe rate is out of range.

·     The ND scan and probe rate is out of range.

·     The ARP scan and probe rate must be a multiple of 10.

·     The ND scan and probe rate must be a multiple of 10.

·     You cannot specify the same isolation domain for both the router server and a client of the route server.

·     You cannot specify the same exit device for both the route server and a client of the route server.

·     You cannot disable IP security group tag subscription when VLAN preprovisioning for WLAN is enabled

 

Update isolation domain

Keyword

UPDATE_ISOLATE_DOMAIN_OP

Message text

Updated isolation domain “$1”.

Variable fields

$1: Isolation domain name.

Example

Updated isolation domain “domain1”.

Explanation

An isolation domain was updated.

Possible failure causes

·     The request is invalid.

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     Unknown error.

·     The isolation domain does not exist.

·     The VXLAN ID range cannot be modified.

·     The isolation domain name cannot be modified.

·     The VLAN pool cannot be empty.

·     Cannot modify the VLAN pool because the isolation domain has security groups.

·     The VLAN pool does not exist.

·     Failed to modify the isolation domain. Errors occurred during the DHCP server update process.

·     The service is disabled.

·     In a DHCP network in tight coupling mode, to bind a DHCP server to an isolation domain, make sure the DHCP server is up.

·     Invalid wireless forwarding mode.

·     The specified resource doesn't exist.

·     If no DNS servers are specified, the subnet will use the DNS servers specified for its isolation domain.

·     To bind a DHCPv4 server in tight collaboration mode to an isolation domain, make sure the DHCPv4 server is up.

·     The specified DHCP server does not support IPv4.

·     The specified DHCP server does not support IPv6.

·     To bind a DHCPv6 server in tight collaboration mode to an isolation domain, make sure the DHCPv6 server is up.

·     Failed to edit the DHCPv4 server for the isolation domain.

·     To bind a DHCPv4 server in tight collaboration mode to a security group, make sure the DHCPv4 server is up.

·     To bind a DHCPv6 server in tight collaboration mode to a security group, make sure the DHCPv6 server is up.

·     Cannot edit the policy mode of the isolation domain, because it has been bound to a Layer 2 network domain.

·     Cannot edit the policy mode of the isolation domain, because fabrics have been bound to the isolation domain.

·     Cannot edit the isolation domain, because its BYOD security group is used by an authentication server.

·     The DHCPv4 server doesn't exist.

·     The DHCPv6 server doesn't exist.

·     Authentication server is not synchronized.

·     Failed to bind the fabric to the isolation domain, because the isolation domain has already been configured with a full-mesh fabric connection and the fabric has been enabled with multicast network capabilities.

·     You cannot edit the policy mode for user-defined isolation domains.

·     The ARP scan and probe rate is out of range.

·     The ND scan and probe is out of range.

·     The ARP scan and probe must be a multiple of 10.

·     The ND scan and probe rate must be a multiple of 10.

·     Failed to change the enabling status of IP-security group tag subscription, because the isolation domain has been added to an isolation domain interconnect.

·     You cannot specify the same isolation domain for both the router server and a client of the route server.

·     You cannot specify the same exit device for both the route server and a client of the route server.

·     You cannot change the policy mode of the isolation domain,because the isolation domain is bound to a security group.

·     Invalid isolation domain type.

·     The VLAN preprovisioning for WLAN of the isolation domain cannot be modified.

 

Delete isolation domain

Keyword

DELETE_ISOLATE_DOMAIN_OP

Message text

Deleted isolation domain “$1”.

Variable fields

$1: Isolation domain name.

Example

Deleted isolation domain “domain1”.

Explanation

An isolation domain was deleted.

Possible failure causes

·     The request is invalid.

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     Unknown error.

·     Failed to delete the isolation domain because the isolation domain has private networks.

·     The isolation domain is the default isolation domain and cannot be deleted.

·     The isolation domain has been used by isolation domain interconnect and cannot be deleted.

·     Cannot delete the specified isolation domain,because it has fabric connections.

·     The service is disabled.

·     The specified resource doesn't exist.

·     Cannot delete the isolation domain because its default private network vpn-default has security groups.

·     Cannot delete the isolation domain because its default private network vpn-default has resource groups.

·     Cannot delete the isolation domain because its default private network vpn-default has Layer 2 network domains.

·     Cannot delete the isolation domain because its BYOD security group is used by an authentication server.

·     Authentication server is not synchronized.

·     You cannot delete the isolation domain, because it has been bound to security groups.

 

Create isolate domain interconnect

Keyword

CREATE_ISOLATE_DOMAIN_INTERCONNECT_OP

Message text

Created isolation domain interconnect “$1”

Variable fields

$1: Isolation domain interconnect parameters.

Example

Created isolation domain interconnect:

ID: connect

Name: isolation interconnect

Description":"Isolation domain interconnect",

Interconnect members":[

       {

      Isolate domain ID: db57e239-025f-45d7-bd75-246fdf2acdc7

      Ed device ID: 6d0f85d6-5460-4e09-b384-9654836bbb70

      Ed device name: Device1

       },

        {

      Isolate domain ID: db57e239-025f-45d7-bd75-246fdf2acdc7

      Ed device ID: 6d0f85d6-5460-4e09-b384-9654836bbb70

      Ed device name: Device1

       },

]

Explanation

An isolation domain interconnect was created.

Possible failure causes

·     Invalid license.

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The service is disabled.

·     The specified resource doesn't exist.

·     The request is invalid.

·     Unknown error.

·     The isolation domain interconnect with the specified ID already exists.

·     The isolation domain interconnect name cannot be empty.

·     The isolation domain interconnect name can contain up to 255 characters.

·     The isolation domain interconnect with the specified name already exists.

·     The isolation domain interconnect description can contain up to 255 characters.

·     The isolation domain interconnect ID cannot be empty.

·     The isolation domain interconnect with the specified ID does not exist.

·     The isolation domain interconnect must contain a minimum of two members.

·     The IDs of isolation domain interconnects to be bulk created cannot be duplicated.

·     The names of isolation domain interconnects to be bulk created cannot be duplicated.

·     The member IDs in the same isolation domain interconnect cannot be duplicated.

·     Some members in the isolation domain interconnect to be created are already assigned to another isolation domain interconnect.

·     The members of the isolation domain interconnect cannot be empty.

·     The enabling status of IP-security group tag subscription must be consistent across all isolation domain members on the isolation domain interconnect.

·     The member isolation domains must use the same policy mode.

 

Update isolate domain interconnect

Keyword

UPDATE_ISOLATE_DOMAIN_INTERCONNECT_OP

Message text

Updated isolation domain interconnect: “$1”

Variable fields

$1: Isolation domain interconnect parameters.

Example

Updated isolation domain interconnect:

Description":"Isolation domain interconnect",

Interconnect members": [

       {

      Isolate domain ID: db57e239-025f-45d7-bd75-246fdf2acdc7

      Ed device ID: 6d0f85d6-5460-4e09-b384-9654836bbb70

      Ed device name: Device2

       },

        {

      Isolate domain ID: db57e239-025f-45d7-bd75-246fdf2acdc7

      Ed device ID: 6d0f85d6-5460-4e09-b384-9654836bbb70

      Ed device name: Device2

       },

]

Explanation

An isolation domain interconnect was edited.

Possible failure causes

·     Invalid license.

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The service is disabled.

·     The specified resource doesn't exist.

·     The request is invalid.

·     Unknown error.

·     The isolation domain interconnect ID cannot be empty.

·     The isolation domain interconnect with the specified ID does not exist.

·     The isolation domain interconnect must contain a minimum of two members.

·     The IDs of isolation domain interconnects to be bulk created cannot be duplicated.

·     Some members in the isolation domain interconnect to be created are already assigned to another isolation domain interconnect.

·     The isolation domain interconnect ID cannot be edited.

·     The isolation domain interconnect name cannot be edited.

·     The members of the isolation domain interconnect cannot be empty.

·     The enabling status of IP-security group tag subscription must be consistent across all isolation domain members on the isolation domain interconnect.

·     The member isolation domains must use the same policy mode.

 

Delete isolate domain interconnect

Keyword

DELETE_ISOLATE_DOMAIN_INTERCONNECT_OP

Message text

Deleted isolation domain interconnect: “$1”

Variable fields

$1: Isolation domain interconnect name.

Example

Deleted isolation domain interconnect: connect

Explanation

An isolation domain interconnect was deleted.

Possible failure causes

·     Invalid license.

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The service is disabled.

·     The specified resource doesn't exist.

·     The request is invalid.

·     Unknown error.

 

Create private network

Keyword

CREATE_PRIVATE_NETWORK_OP

Message text

Created private network “$1”.

Variable fields

$1: Private network name.

Example

Created private network “vpn1”.

Explanation

A private network was created.

Possible failure causes

·     The request is invalid.

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The description cannot exceed 255 characters.

·     The L3VNI is out of range.

·     The segment ID has been used.

·     VXLAN 4094 is reserved.

·     The IP address of the DNS server is invalid.

·     The VPN instance name is required.

·     The VPN instance name cannot exceed 31 characters.

·     The VPN instance name already exists.

·     The number of DNS servers on the DNS relay agent cannot exceed 8.

·     Duplicated DNS server IP addresses exist.

·     The isolation domain ID does not exist.

·     The private network name is required.

·     The private network name cannot exceed 255 characters.

·     The private network ID already exists.

·     The private network name already exists.

·     Unknown error.

·     The service is disabled.

·     VXLAN 4093 is reserved.

·     VXLAN 1 is reserved.

·     The VPN name is already used.

·     The VPN instance name is case sensitive. Valid characters are letters, digits, underscores (_), and hyphens (-).

·     The default action is required.

·     Supported default actions are permit and deny.

·     No available VXLAN IDs.

·     The segment ID is out of range.

·     The segment ID has been used.

·     No available segment IDs.

·     Segment 1, Segment 4092, and Segment 4094 are reserved and cannot be used.

·     Cannot bind a gateway with the firewall function enabled to the private network, because the private network is in group-based policy mode.

·     The private network name cannot start with ' SDN_SC_'.

·     The VPN instance name cannot start with ' SDN_SC_'

·     The default private network and a user-defined private network cannot both be bound to a gateway.

·     Make sure the isolation domain of each gateway member bound to the private network is configured with the same policy mode as the private network.

·     To apply the policy to IPv6 users, please first enable IPv6 in the controller global settings.

·     Invalid method for communication with vpn-default.

 

Update private network

Keyword

UPDATE_PRIVATE_NETWORK_OP

Message text

Updated private network “$1”.

Variable fields

$1: Private network name.

Example

Updated private network “vpn1”.

Explanation

A private network was updated.

Possible failure causes

·     The request is invalid.

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The private network does not exist.

·     The private network ID cannot be modified.

·     The private network name cannot be modified.

·     The isolation domain ID cannot be modified.

·     The VPN instance name cannot be modified.

·     The IP address of the DNS server is invalid.

·     The description cannot exceed 255 characters.

·     The number of DNS servers on the DNS relay agent cannot exceed 8.

·     Unknown error.

·     The service is disabled.

·     The specified resource doesn't exist.

·     The segment ID cannot be modified.

·     Cannot unbind or replace the border gateway for the private network because a security group in the private network is being used by a security server

·     Cannot edit the policy mode of the private network, because it has been bound to Layer 2 network domains.

·     Cannot edit the object to which the policy is applied, because it has been bound to Layer 2 network domains.

·     Cannot edit the policy mode of the private network, because it has been bound to security groups.

·     Cannot edit the policy mode of the private network, because it has been bound to resource groups.

·     A service chain policy template has been applied to this private network. The policy application scope cannot include IPv6 users.

·     Cannot edit the object to which the policy is applied, because it has been bound to Layer 2 network domains.

·     Cannot edit the policy mode of the private network, because it has been bound to security groups.

·     Cannot edit the policy mode of the private network, because it has been bound to resource groups.

·     Cannot edit the private network because it is being used by a Layer 3 multicast network.

·     Cannot edit the border gateway, because the private network has a Layer 3 campus interconnect configured.

·     Cannot enable multicast network capabilities for the private network because the private network has been bound to a Layer 3 campus interconnect.

·     Cannot bind a gateway with the firewall function enabled to the private network, because the private network is in group-based policy mode.

·     Cannot change the policy mode of the private network to group-based, because a firewall has been attached to a gateway of the private network.

·     The default private network and a user-defined private network cannot both be bound to a gateway.

·     The private network has been bound to a firewall service. You cannot detach the private network from the egress gateway.

·     Cannot edit the policy mode of the private network, because it has been bound to a gateway.

·     To apply the policy to IPv6 users, please first enable IPv6 in the controller global settings

·     Cannot edit the method for communication with vpn-default of the private network, because it has been bound to security groups.

·     Cannot edit the method for communication with vpn-default of the private network, because it has been bound to Layer 2 network domains

 

Delete private network

Keyword

DELETE_PRIVATE_NETWORK_OP

Message text

Deleted private network “$1”.

Variable fields

$1: Private network name.

Example

Deleted private network “vpn1”.

Explanation

A private network was deleted.

Possible failure causes

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The default private network cannot be deleted.

·     The private network cannot be deleted because it has security groups.

·     Unknown error.

·     The service is disabled.

·     The private network cannot be deleted because it has resource groups.

·     The specified resource doesn't exist.

·     The private network does not exist.

·     Cannot delete the private network because it is being used by a Layer 3 network.

·     Cannot delete the private network, because a firewall has been attached to a gateway of the private network.

 

Create security group

Keyword

CREATE_SECURITYGROUP_OP

Message text

Created security group “$1”.

Variable fields

$1: Security group name.

Example

Created security group “sg1”

Explanation

A security group was created.

Possible failure causes

·     The request is invalid.

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The security group name is required.

·     The security group name cannot exceed 64 characters.

·     The private network ID is required.

·     Invalid security group type.

·     VXLAN 4094 is reserved.

·     The VXLAN ID is out of range.

·     The VSI interface description cannot exceed 251 characters.

·     The VSI MAC address is invalid.

·     A maximum of seven ACs can be configured.

·     The IP address of the AC is invalid.

·     Duplicated IP addresses exist for the ACs.

·     The security group ID already exists.

·     Duplicated security group IDs exist for the security groups created in bulk.

·     The security group name already exists.

·     Duplicated security group names exist for the security groups created in bulk.

·     The VLAN ID of the security group is invalid.

·     The VXLAN ID has been used.

·     The VLAN ID has been used.

·     Unknown error.

·     The service is disabled.

·     The BYOD security group can be configured only in the default private network.

·     Only can configure ACs when security group is wireless type.

·     Only one wireless security group can be configured in an isolation domain.

·     Only one critical security group can be configured in an isolation domain.

·     The AC ips is required.

·     In a DHCP network in tight coupling mode, to bind a DHCP server to a security group, make sure the DHCP server is up.

·     The DHCP server does not exist.

·     Only one BYOD security group can be configured.

·     Failed to add the security group because no available campus app license exists.

·     VLAN 4093 is reserved.

·     VXLAN 4093 is reserved.

·     VXLAN 1 is reserved.

·     The VLAN ID is out of range.

·     No available VXLAN IDs.

·     The DHCP server can be configured only for a critical or BYOD security group.

·     No available VLAN IDs.

·     The specified Layer 2 network domain does not exist.

·     A security group can be bound to only one Layer 2 network domain of one isolation domain.

·     The security group and the Layer 2 network domain to be bound must be of the same type.

·     The Layer 2 network domain has been bound to another security group.

·     Each of the Layer 2 network domains bulk created cannot be bound to multiple security groups.

·     A security group can be bound to only one Layer 2 network domain in the current software version.

·     An external network security group cannot be configured with Layer 2 network domains.

·     The security group is not configured with a Layer 2 network domain.

·     Only one external network security group can be configured in a private network.

·     An external network security group does not support specifying a VLAN ID.

·     An external network security group does not support specifying a VXLAN ID.

·     An external network security group does not support enabling DHCP.

·     An external network security group does not support enabling ARP proxy.

·     An external network security group does not support enabling ARP detection.

·     An external network security group does not support enabling IGMP snooping.

·     An external network security group does not support enabling allowing Layer 2 applications.

·     An external network security group does not support setting the VSI interface description.

·     An external network security group does not support setting the VSI MAC.

·     Wireless security groups can be configured only in the default private network.

·     The private network does not exist.

·     The Primary parameter cannot be empty.

·     The parent security group with the specified UUID does not exist.

·     Cannot specify a SGT in group-based policy mode.

·     Invalid value for the maximum number of security subgroups.

·     Make sure the security subgroups use the same policy mode as their parent security group.

·     Make sure the security subgroups are associated with the same private network as their parent security group.

·     The type is different with primary security group.

·     The child security group does not support to bind l2 network domain.

·     The security groups created in a private network must be configured with the same policy mode as the private network.

·     Cannot edit the policy mode of the security group.

·     The security group name cannot be the same as the BYOD security group name.

·     The security subgroup name already exists.

·     Please specify the Primary parameter.

·     The type of the security subgroup is different than the parent security group.

·     The security subgroup does not support binding to a Layer 2 network domain.

·     The name is reserved for the default security group. Please specify another one.

·     The security group and the Layer 2 network domain are not in the same private network.

·     The isolation domains bound to the critical security group conflict with those bound to another critical security group.

·     Only a normal or critical security group can be bound to isolation domains

·     Only a parent security group can be bound to isolation domains.

·     Only a security group with the group-based policy mode can be bound to isolation domains.

·     An external network security group does not support specifying a SGT.

·     No available SGTs.

·     You must select at least the isolation domains of all Layer 2 network domains bound to the security group.

·     A security group already exists with the specified SGT ID.

·     You cannot both configure the security subgroup and manually specify an SGT.

·     The SGT ID is out of range.

·     You must select at least the isolation domains of all Layer 2 network domains bound to the security group.

·     A VLAN network does not support configuring private networks for a security group.

·     Invalid network type for the security group.

·     You can create only one security group of the external network type.

·     You can specify an isolation domain for a security group only when the security group type is Normal, Critical, Guest, Authentication Failure, or AuthFree.

·     Only a normal or critical security group can be bound to isolation domains

 

Update security group

Keyword

UPDATE_SECURITYGROUP_OP

Message text

Updated security group “$1”.

Variable fields

$1: Security group name.

Example

Updated security group ”sg1”

Explanation

A security group was updated.

Possible failure causes

·     The request is invalid.

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The specified resource doesn't exist.

·     The security group ID cannot be modified.

·     The private network ID cannot be modified.

·     The security group type cannot be modified.

·     The subnets cannot be modified.

·     The VLAN ID cannot be modified.

·     The ARP proxy settings cannot be modified.

·     The VSI interface description cannot be modified.

·     The VSI MAC address cannot be modified.

·     The ARP check settings cannot be modified.

·     The IGMP snooping settings cannot be modified.

·     The DHCP enabling state is required.

·     The Layer 2 application settings cannot be modified.

·     The security group name already exists.

·     Unknown error.

·     The service is disabled.

·     Cannot edit the DHCP server when DHCP is enabled.

·     Cannot edit the DHCP enabling state for the security group because it is being used by an authentication server.

·     Cannot edit the DHCP server for the security group because it is being used by an authentication server.

·     The specified Layer 2 network domain does not exist.

·     The security group and the Layer 2 network domain to be bound must be of the same type..

·     A security group can be bound to only one Layer 2 network domain of one isolation domain.

·     he security group and the Layer 2 network domain to be bound must be of the same type.

·     Each of the Layer 2 network domains bulk created cannot be bound to multiple security groups.

·     A security group can be bound to only one Layer 2 network domain in the current software version.

·     Cannot remove the Layer 2 network domain binding of the security group because the security group is being used in an inter-group policy.

·     Cannot remove the Layer 2 network domain binding of the security group because the security group is being used by an authentication server.

·     Cannot remove the Layer 2 network domain binding of the security group because the security group is being used in a Layer 3 campus interconnect.

·     An external network security group cannot be configured with Layer 2 network domains.

·     The security group is not configured with a Layer 2 network domain.

·     An external network security group does not support enabling DHCP.

·     Cannot unbind or replace the Layer 2 network domain for the security group because the security group is being used by a security server.

·     The child security group does not support to bind Layer 2 network domain.

·     The security subgroup name already exists.

·     Cannot edit the list of Layer 2 network domains bound to the security group. The security group has been used on an authentication server.

·     Authentication server is not synchronized.

·     VLAN 4093 is reserved.

·     The VLAN ID has been used.

·     The VLAN ID of the security group is invalid.

·     The VLAN ID is out of range.

·     An external network security group does not support specifying a VLAN ID.

·     Cannot delete the Layer 2 network domain. It has been bound to an authentication-free policy template.

·     The security group and the Layer 2 network domain are not in the same private network.

·     The isolation domains bound to the critical security group conflict with those bound to another critical security group.

·     Only a normal or critical security group can be bound to isolation domains.

·     Only a parent security group can be bound to isolation domains.

·     Only a security group with the group-based policy mode can be bound to isolation domains.

·     You must select at least the isolation domains of all Layer 2 network domains bound to the security group.

·     You can specify an isolation domain for a security group only when the security group type is Normal, Critical, Guest, Authentication Failure, or AuthFree.

·     Only a normal or critical security group can be bound to isolation domains.

 

Delete security group

Keyword

DELETE_SECURITYGROUP_OP

Message text

Deleted security group “$1”.

Variable fields

$1: Security group name.

Example

Deleted security group ”sg1”.

Explanation

A security group was deleted.

Possible failure causes

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The specified resource doesn't exist.

·     Failed to delete the security group. The security group is being used by the authentication server.

·     Unknown error.

·     The service is disabled.

·     The security group which is used by application description cannot be deleted.

·     Cannot delete the security group because it is being used by a security server.

·     The security group cannot be deleted because it contains security subgroups.

·     Cannot delete the security subgroup because it has been used in an exception group policy rule.

·     Authentication server is not synchronized.

·     The wireless AC's IP cannot be a subnet gateway IP.

 

Create Layer 2 network domain

Keyword

CREATE_L2NETWORKDOMAIN_OP

Message text

Created Layer 2 network domain: “$1”

Variable fields

$1: Layer 2 network domain configuration parameters.

Example

Created Layer 2 network domain:

Name: [l2NetworkDomain1]

Explanation

A Layer 2 network domain was added.

Possible failure causes

·     The request is invalid.

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     Layer 2 network domain names cannot be duplicated.

·     Layer 2 network domain IDs cannot be duplicated.

·     The specified segment ID is already used.

·     The wireless ACs can be configured only for wireless Layer 2 network domains.

·     The Layer 2 network domain with the specified ID already exists.

·     The Layer 2 network domain name cannot be empty.

·     The Layer 2 network domain name can contain up to 255 characters.

·     The Layer 2 network domain with the specified name already exists.

·     Invalid Layer 2 network domain type.

·     BYOD Layer 2 network domains can be configured only in the default private network.

·     An isolation domain can be bound to only one BYOD Layer 2 network domain.

·     An isolation domain can be bound to only one wireless Layer 2 network domain.

·     An isolation domain can be bound to only one auth-fail Layer 2 network domain.

·     The DHCP server can be configured only for critical or BYOD Layer 2 network domain.

·     To bind a DHCP server in tight collaboration mode to a security group, make sure the DHCP server is up.

·     To bind a DHCPv4 server in tight collaboration mode to an isolation domain, make sure the DHCPv4 server is up.

·     The specified DHCP server does not support IPv4.

·     The specified DHCP server does not support IPv6.

·     To bind a DHCPv6 server in tight collaboration mode to an isolation domain, make sure the DHCPv6 server is up.

·     To configure a DHCPv4 server, make sure the IPv4 address assignment mode is DHCP.

·     To bind a DHCPv4 server in tight collaboration mode to a security group, make sure the DHCPv4 server is up.

·     To bind a DHCPv6 server in tight collaboration mode to a security group, make sure the DHCPv6 server is up.

·     To configure a DHCPv6 server, make sure the IPv6 address allocation method is stateful DHCPv6 or stateless DHCPv6.

·     Wireless Layer 2 network domains can be configured only in the default private network.

·     The isolate domain does not exist.

·     The segment ID is out of range.

·     The segment ID has been used.

·     No available segment IDs.

·     Segment 1, Segment 4092, and Segment 4094 are reserved and cannot be used.

·     The subnet gateway address cannot be the same as the IP address of the ingress or egress port of a service member.

·     The AC IP address conflicts with an existing IP address pool or with the management IP address of a device.

·     The AC IP cannot be contained in CIDRs of any other Layer 2 network domain.

·     The AC IP cannot be any subnet gateway IP of the Layer 2 network domain.

·     The isolation domain does not exist.

·     The specified private network does not exist.

·     IPv6 ND detection and ND snooping cannot be both enabled.

·     ARP packet validity check and ARP snooping cannot be both enabled.

·     Cannot specify a policy mode for a Layer 2 network domain.

·     The AC IP cannot be contained in CIDRs of any other Layer 2 network domain.

·     The AC IP cannot be any subnet gateway IP of the Layer 2 network domain.

·     Cannot change the IPv6 address allocation mode because the Layer 2 network domain contains an IPv6 subnet.

·     You can enable the IGMP snooping dropping unknown multicast packets feature only when multicast network capabilities are enabled.

·     You can enable the IGMP snooping querier only when multicast network capabilities are enabled.

·     You can enable the IGMP snooping proxy only when multicast network capabilities are enabled.

·     The Layer 2 network domain name cannot start with 'SDN_SC_'.

·     The static access can be set only for normal Layer 2 network domains.

·     Lease duration out of range.

·     The interface to be added in a networkrange and the interface to be added for port authentication cannot be the same.

·     Invalid network type for the Layer 2 network domain.

·     Invalid gateway device or fabric.

·     The VLAN ID is in use.

·     Invalid VLAN ID for the Layer 2 network domain.

·     The specified security group does not exist.

·     No available VLAN pool.

·     The security subgroup does not support binding to a Layer 2 network domain.

·     The security group and the Layer 2 network domain to be bound must be the same type.

·     Invalid network type for the security group.

·     You must select at least the isolation domains of all Layer 2 network domains bound to the security group.

·     The Unified Platform toker is null.

·     The fabric does not exist.

·     Invalid device interface configuration ID.

·     The interface configuration already exists.

·     Please specify a device ID.

·     Invalid device ID.

·     Invalid interface name.

·     The interface name already exists.

·     Invalid link type.

·     Invalid connection type.

·     Invalid spanning tree mode.

·     Invalid PVID.

·     A minimum of one permitted VLAN is invalid.

·     The link type does not match the permitted VLANs.

·     Invalid link type and VLAN configuration.

·     Invalid tagged VLANs.

·     A minimum of one untagged VLAN is invalid.

·     Invalid broadcast suppression threshold.

·     Invalid multicast suppression threshold.

·     Invalid unicast suppression threshold.

·     Please specify a device interface configuration ID.

·     Configuration recovery is in progress.

·     Invalid JSON format.

·     Unknown internal server error.

·     Internal Server Error.

·     The interface configuration does not exist.

·     Please check tagged and untagged VLANs for ID conflicts.

·     Get Unified Platform authority failed.

·     The number of items per page must be an integer in the range of 1 to 2147483647.

·     Invalid page index.

·     The specified device interfaces cannot overlap with border gateway members.

·     No wired service VLAN pool is available.

·     No wireless service VLAN pool is available.

·     No auth-free VLAN pool is available.

·     You can configure only one Layer 2 network domain for wireless management on a fabric

·     Please select a peer device type

·     Invalid peer device type

·     On a fabric, the VLAN IDs set on the core device for gateway IP assignment to Layer 2 domains cannot be the same as those set on any distribution devices

 

Update Layer 2 network domain

Keyword

UPDATE_L2NETWORKDOMAIN_OP

Message text

Updated Layer 2 network domain: “$1”

Variable fields

$1: Layer 2 network domain configuration parameters.

Example

Updated Layer 2 network domain:

Name: [l2NetworkDomain1]

Explanation

A Layer 2 network domain was edited.

Possible failure causes

·     The request is invalid.

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The Layer 2 network domain name cannot be edited.

·     The Layer 2 network domain type cannot be edited.

·     The CIDR cannot be edited.

·     The VLAN ID cannot be edited.

·     The VXLAN ID cannot be edited.

·     The ARP proxy settings cannot be edited.

·     The VSI MAC address cannot be edited.

·     The ARP check settings cannot be edited.

·     The IGMP snooping settings cannot be edited.

·     To bind a DHCPv4 server in tight collaboration mode to an isolation domain, make sure the DHCPv4 server is up.

·     The specified DHCP server does not support IPv4.

·     The specified DHCP server does not support IPv6.

·     To bind a DHCPv6 server in tight collaboration mode to an isolation domain, make sure the DHCPv6 server is up.

·     Failed to edit the DHCPv4 server for the isolation domain.

·     To configure a DHCPv4 server, make sure the IPv4 address assignment mode is DHCP.

·     To bind a DHCPv4 server in tight collaboration mode to a security group, make sure the DHCPv4 server is up.

·     To bind a DHCPv6 server in tight collaboration mode to a security group, make sure the DHCPv6 server is up.

·     The segment ID cannot be modified.

·     The specified Layer 2 network domain does not exist.

·     The subnet gateway address cannot be the same as the IP address of the ingress or egress port of a service member.

·     IPv6 ND detection and ND snooping cannot be both enabled.

·     ARP packet validity check and ARP snooping cannot be both enabled.

·     Cannot edit the policy mode of the security group the Layer 2 network domain.

·     Cannot change the IPv6 address allocation mode because the Layer 2 network domain contains an IPv6 subnet.

·     You can enable the IGMP snooping dropping unknown multicast packets feature only when multicast network capabilities are enabled.

·     You can enable the IGMP snooping querier only when multicast network capabilities are enabled.

·     You can enable the IGMP snooping proxy only when multicast network capabilities are enabled.

·     The security group bound to the Layer 2 network domain has been used on an authentication server. You cannot change the IPv6 address allocation method from stateful DHCPv6 or stateless DHCPv6 to manual or SLAAC.

·     Lease duration out of range.

·     The interface to be added in a networkrange and the interface to be added for port authentication cannot be the same.

·     You cannot change the fabric ID for a Layer 2 network domain.

·     You cannot change the VLAN ID for a Layer 2 network domain.

·     You cannot change the gateway devices for a Layer 2 network domain.

·     The specified security group does not exist.

·     The security subgroup does not support binding to a Layer 2 network domain.

·     The security group and the Layer 2 network domain to be bound must be the same type.

·     Invalid network type for the security group.

·     You must select at least the isolation domains of all Layer 2 network domains bound to the security group.

·     The Unified Platform toker is null.

·     The fabric does not exist.

·     Invalid device interface configuration ID.

·     The interface configuration already exists.

·     Please specify a device ID.

·     Invalid device ID.

·     Invalid interface name.

·     The interface name already exists.

·     Invalid link type.

·     Invalid connection type.

·     Invalid spanning tree mode.

·     Invalid PVID.

·     A minimum of one permitted VLAN is invalid.

·     The link type does not match the permitted VLANs.

·     Invalid link type and VLAN configuration.

·     Invalid tagged VLANs.

·     A minimum of one untagged VLAN is invalid.

·     Invalid broadcast suppression threshold.

·     Invalid multicast suppression threshold.

·     Invalid unicast suppression threshold.

·     Please specify a device interface configuration ID.

·     Configuration recovery is in progress.

·     Invalid JSON format.

·     Unknown internal server error.

·     Internal Server Error.

·     The interface configuration does not exist.

·     Please check tagged and untagged VLANs for ID conflicts.

·     Get Unified Platform authority failed.

·     The number of items per page must be an integer in the range of 1 to 2147483647.

·     Invalid page index.

·     The specified device interfaces cannot overlap with border gateway members

·     Please select a peer device type

·     Invalid peer device type

 

Delete Layer 2 network domain

Keyword

DELETE_L2NETWORKDOMAIN_OP

Message text

Deleted Layer 2 network domain: “$1”

Variable fields

$1: Layer 2 network domain name.

Example

Deleted Layer 2 network domain: l2NetworkDomain1

Explanation

A Layer 2 network domain was deleted.

Possible failure causes

·     The request is invalid.

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The Layer 2 network domain name cannot be empty.

·     The Layer 2 network domain has been bound to security group.

·     The Layer 2 network domain which is used by security group cannot be delete.

·     The Layer 2 networkdomain contains subnets and cannot be deleted.

·     Cannot delete the Layer 2 network domain because the Segment ID is being used by the ingress or egress port of a service member in a service chain.

·     Cannot delete the Layer 2 network domain because the Segment ID is being used by network range.

·     You cannot delete the Layer 2 network domain, because it has been bound to a Layer 2 multicast network.

 

Create Layer 3 campus interconnect

Keyword

CREATE_L3_CAMPUS_INTERCONNECT_OP

Message text

Created Layer 3 campus interconnect: “$1”

Variable fields

$1: Layer 3 campus interconnect information.

Example

Created Layer 3 campus interconnect:

{

  "l3_campus_interconnects": [

    {

      "id": "9ec0ead0-b288-42a1-b1b6-8606646a6f5c",

      "name": "l3_campus_interconnect",

      "description": "l3_campus_interconnect",

      "private_network_id":"1c6d3cf4-d622-4121-b193-bfac63a5e401",

      "private_network_name":"privateNetwork1",

      "local_security_groups": [

        "1c6d3cf4-d622-4121-b193-bfac63a5e409",

        "1c6d3cf4-d622-4121-b193-bfac63a5e410"

      ],

      "import_rts": [

        "1:6000"

      ],

      "export_rts": [

        "1:1000"

      ],

      "data_mode": "vxlan",

      "l3_vni": 9

    }

  ]

}

Explanation

A Layer 3 campus interconnect was added.

Possible failure causes

·     The request is invalid.

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The Layer 3 campus interconnect ID already exists.

·     The Layer 3 campus interconnect name is required.

·     The Layer 3 campus interconnect name cannot exceed 255 characters.

·     The Layer 3 campus interconnect name already exists.

·     The Layer 3 campus interconnect description cannot exceed 255 characters.

·     The private network ID is required.

·     The specified private network does not exist.

·     The default private network cannot be used by a Layer 3 campus interconnect.

·     The specified private network is used by a multi-campus interconnection.

·     The local security group list is required.

·     The specified security group doesn't exist.

·     The private network to which a security group in the local security group list belongs must be bound to the Layer 3 campus interconnect.

·     The specified security group is used by a Layer 3 campus interconnect.

·     The Layer 3 campus interconnect import RT list is required.

·     The Layer 3 campus interconnect export RT list is required.

·     Invalid packet encapsulation type.

·     The L3VNI is out of range.

·     The L3VNI has been used.

·     The IDs of Layer 3 campus interconnects created in bulk cannot be duplicated.

·     The names of Layer 3 campus interconnects created in bulk cannot be duplicated.

·     The specified security group is used by another Layer 3 campus interconnect.

·     L3VNI 1, L3VNI 4092 and L3VNI 4094 are reserved and cannot be used.

·     The mapping L3VNI is required.

·     The campus has not established a session with the datacenter.

 

Update Layer 3 campus interconnect

Keyword

UPDATE_L3_CAMPUS_INTERCONNECT_OP

Message text

Updated Layer 3 campus interconnect: “$1”

Variable fields

$1: Layer 3 campus interconnect information.

Example

Updated Layer 3 campus interconnect

{

  "l3_campus_interconnect": {

      "name": "l3_campus_interconnect1",

      "description": "modify l3_campus_interconnect1",

      "local_security_groups": [

        "1c6d3cf4-d622-4121-b193-bfac63a5e409"

      ],

      "import_rts": [

        "1:6006"

      ],

      "export_rts": [

        "1:1001"

      ],

      "l3_vni": 9

    }

}

Explanation

A Layer 3 campus interconnect was edited.

Possible failure causes

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     Unknown error.

·     The specified resource doesn't exist.

·     The Layer 3 campus interconnect ID cannot be modified.

·     The private network bound to a Layer 3 campus interconnect cannot be modified.

·     The Layer 3 campus interconnect data mode cannot be modified.

·     The Layer 3 campus interconnect name is required.

·     The Layer 3 campus interconnect name cannot exceed 255 characters.

·     The Layer 3 campus interconnect name already exists.

·     The Layer 3 campus interconnect description cannot exceed 255 characters.

·     The local security group list is required.

·     The specified security group doesn't exist.

·     The private network to which a security group in the local security group list belongs must be bound to the Layer 3 campus interconnect.

·     The specified security group is used by another Layer 3 campus interconnect.

·     The Layer 3 campus interconnect import RT list is required.

·     The Layer 3 campus interconnect export RT list is required.

·     The L3VNI is out of range.

·     The L3VNI has been used.

·     L3VNI 1, L3VNI 4092 and L3VNI 4094 are reserved and cannot be used.

·     The mapping L3VNI is required.

·     The campus has not established a session with the datacenter.

 

Delete Layer 3 campus interconnect

Keyword

DELETE_L3_CAMPUS_INTERCONNECT_OP

Message text

Deleted Layer 3 campus interconnect “$1”

Variable fields

$1: Layer 3 campus interconnect name.

Example

Deleted Layer 3 campus interconnect “l3CI1”

Explanation

A Layer 3 campus interconnect was deleted.

Possible failure causes

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     Unknown error.

·     The specified resource doesn't exist.

 

Create subnet

Keyword

CREATE_SUBNET_OP

Message text

Created subnet “$1”

Variable fields

$1: Subnet name.

Example

Created subnet “sd”

Explanation

A subnet was created.

Possible failure causes

·     The request is invalid.

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The subnet name is required.

·     The subnet name already exists.

·     The IP version of the subnet is invalid.

·     The CIDR already exists.

·     Only one IPv4 primary subnet is allowed.

·     Only one IPv6 subnet can be configured and the IPv6 subnet must be used as the primary subnet.

·     The number of DNS servers on the DNS relay agent cannot exceed 8.

·     Cannot configure DNS servers for secondary subnets.

·     The IP address of the DNS server is invalid.

·     Duplicated DNS server IP addresses exist.

·     The CIDR is required.

·     The IP address of the subnet gateway is required.

·     The IP address of the subnet gateway is invalid.

·     The IP address of the subnet gateway does not belong to the CIDR.

·     The subnet gateway IP address and the subnet broadcast IP address cannot be the same.

·     The subnet address and the gateway address cannot be the same.

·     Invalid CIDR.

·     The subnet and resource group subnet of a private network cannot overlap.

·     The subnet name cannot exceed 255 characters.

·     The security group ID is required.

·     The security group ID does not exist.

·     The subnet ID already exists.

·     Duplicated subnet IDs exist for the subnets created in bulk.

·     Unknown error.

·     The service is disabled.

·     Duplicated subnet names exist for the subnets created in bulk.

·     Please make sure all subnets in the BYOD Layer 2 network domain are the same IP version.

·     When the IPv6 address allocation method is SLAAC or stateless DHCPv6, the IPv6 address prefix must be 64 bits in length.

·     The IP version of the subnet CIDR must be the same as the specified IP version.

·     The IP version of the gateway IP address must be the same as the specified IP version.

·     The IP version of the DNS server IP address must be the same as the specified IP version.

·     An external network security group does not support creating subnets.

·     Operation failed. IP address ranges specified for the L2 network domain contain IP addresses of a switching device.

·     The subnet address overlaps with IP address pools or with the management IP addresses of devices.

·     The CIDR cannot contain AC IPs of any other Layer 2 network domain.

·     The subnet gateway IP cannot be any AC IP of the Layer 2 network domain.

·     The subnets created in bulk for a BYOD Layer 2 network domain must use the same IP version.

·     The subnet gateway IP cannot be a wireless AC's IP.

·     Cannot delete the subnet, because an IP address in the subnet is the ingress or egress port IP address of a service chain member.

·     The selected private network uses group-based policy mode. You cannot add this subnet, because it overlaps with a subnet in the resource group for a private network that also uses group-based policy mode.

·     To add a secondary subnet to the Layer 2 network domain, first make sure the Layer 2 network domain already has primary subnets.

·     The subnet name cannot start with 'SDN_SC_'.

 

Update subnet

Keyword

UPDATE_SUBNET_OP

Message text

Updated subnet “$1”

Variable fields

$1: Subnet name.

Example

Updated subnet “sd”

Explanation

A subnet was updated.

Possible failure causes

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The specified resource doesn't exist.

·     The subnet ID cannot be modified.

·     The subnet name cannot be modified.

·     The security group ID cannot be modified.

·     The IP version of the subnet cannot be modified.

·     The CIDR of the subnet cannot be modified.

·     The IP address of the subnet gateway cannot be modified.

·     The secondary field cannot be modified.

·     Unknown error.

·     The service is disabled.

 

Delete subnet

Keyword

DELETE_SUBNET_OP

Message text

Deleted subnet “$1”.

Variable fields

$1: Subnet name.

Example

Deleted subnet “sd”.

Explanation

A subnet was deleted.

Possible failure causes

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The specified resource doesn't exist.

·     Unknown error.

·     The service is disabled.

·     Failed to synchronously create the address pool. An address pool named xxx already exists.

·     Failed to synchronously create the address pool. An address pool with the same network segment already exists.

·     Failed to delete the IPv4 subnet because the security group bound to the IPv4 subnet's Layer 2 network domain is being used  by an authentication server.

·     Failed to delete the IPv6 subnet because the security group bound to the IPv6 subnet's Layer 2 network domain is being used  by an authentication server.

·     Failed to delete the IPv4 subnet because the security group to which the IPv4 subnet belongs is being used by a security server.

·     Failed to delete the IPv6 subnet because the security group to which the IPv6 subnet belongs is being used by a security server.

·     Failed to delete primary subnets from the Layer 2 network domain, because the Layer 2 network domain has secondary subnets.

 

Bind security group to access scenario

Keyword

ACCESS_STRATEGY_ADD_SECURITY_GROUP_OP

Message text

Bound security group $3 to access scenario $2 for user group $1.

Variable fields

$1: User group ID.

$2: Access scenario ID.

$3: Security group ID.

Example

Bound security group $3 to access scenario $2 for user group $1.

Explanation

A security group was bound to an access scenario in a user group.

Possible failure causes

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     Unknown error.

·     The operation requires the administrator privilege.

·     No security group is specified.

·     The security group does not exist.

·     The user group does not exist.

·     No user group is specified.

·     The access scenario does not exist.

·     No access scenario is specified.

·     The service is disabled.

 

Unbind security group from access scenario

Keyword

ACCESS_STRATEGY_DEL_SECURITY_GROUP_OP

Message text

Unbound the security group from access scenario $2 for user group $1.

Variable fields

$1: User group ID.

$2: Access scenario ID.

Example

Unbound the security group from access scenario $2 for user group $1.

Explanation

A security group was unbound from an access scenario in a user group.

Possible failure causes

·     The controller is not the active leader.

·     The operation requires the administrator privilege.

·     Configuration recovery is in progress.

·     Unknown error.

·     The user group does not exist.

·     No user group is specified.

·     The access scenario does not exist.

·     No access scenario is specified.

·     The service is disabled.

 

Modify access scenario priority

Keyword

SERVICE_STRATEGY_CHANGE_PRIORITY_OP

Message text

Modified access scenario priorities for user groups “$1”

Variable fields

$1: Set of user groups.

Example

Modified access scenario priorities for user groups “userAccessGroups”.

Explanation

The access scenario priorities were modified in user groups.

Possible failure causes

·     The controller is not the active leader.

·     The operation requires the administrator privilege.

·     Configuration recovery is in progress.

·     Unknown error.

·     Nonexistent user groups have been specified.

·     The user group is required .

·     Nonexistent access scenarios have been specified.

·     The access scenario is required.

·     A priority is required for an access scenario.

·     Cannot modify the priority of the default access scenario.

·     The service is disabled.

 

Create authentication server

Keyword

ADD_AUTH_OP

Message text

Created authentication server “$1”

Variable fields

$1: Authentication server ID.

Example

Created authentication server “ffffffff-0000-0000-0000-000000000012”

Explanation

An authentication server was created.

Possible failure causes

·     The request is invalid.

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The request is invalid.

·     The authentication server ID already exists.

·     The authentication server ID is required.

·     The authentication server IP is invalid.

·     The port number of the authentication server is required.

·     The port number of the authentication server is invalid.

·     The authentication server with the IP address and port number already exists.

·     The authentication server type is required.

·     The authentication server type already exists.

·     The authentication server password is required.

·     The authentication server password cannot exceed 255 characters.

·     The authentication server username is required.

·     The authentication server username cannot exceed 255 characters.

·     The service is disabled.

 

Update authentication server

Keyword

UPDATE_AUTH_OP

Message text

Updated authentication server “$1”

Variable fields

$1: Authentication server ID.

Example

Updated authentication server “ffffffff-0000-0000-0000-000000000012”

Explanation

An authentication server was modified.

Possible failure causes

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     Unknown error.

·     The authentication server ID does not exist.

·     The authentication server ID cannot be modified.

·     The authentication server type cannot be modified.

·     The service is disabled.

 

Delete authentication server

Keyword

DELETE_AUTH_OP

Message text

Deleted authentication server “$1”

Variable fields

$1: Authentication server ID.

Example

Deleted authentication server “ffffffff-0000-0000-0000-000000000012”

Explanation

An authentication server was deleted.

Possible failure causes

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     Unknown error.

·     The authentication server ID does not exist.

·     The service is disabled.

 

Smooth EIA

Keyword

SMOOTH_EIA_OP

Message text

Smoothed EIA authentication server “$1”.

Variable fields

$1: Authentication server ID.

Example

Smoothed EIA authentication server “ffffffff-0000-0000-0000-000000000012”.

Explanation

The EIA authentication server was synchronized.

Possible failure causes

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     Unknown error.

·     Failed to synchronize security group information to the authentication server.

·     Failed to synchronize user role information to the authentication server.

·     Failed to synchronize link information to the authentication server.

·     Failed to synchronize IP binding information from the authentication server to the DHCP server.

 

Create resource group

Keyword

CREATE_RESOURCEGROUP_OP

Message text

Created resource groups “$1”

Variable fields

$1: Resource group name.

Example

Created resource groups ”resourceGroup1”

Explanation

A resource group was created.

Possible failure causes

·     The request is invalid.

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The service is disabled.

·     The resource group ID already exists.

·     The resource group name is required.

·     The resource group name cannot exceed 255 characters.

·     The resource group name already exists.

·     The private network ID is required.

·     The specified private network does not exist.

·     The description cannot exceed 255 characters.

·     The address entries are required.

·     The address type is required.

·     Invalid address type.

·     The IP address range of the resource group is required.

·     Invalid IP address.

·     Up to 253 IP address ranges can be configured.

·     The end IP address must be higher than the start IP address in an IP address range.

·     The IP address ranges of resource groups cannot overlap.

·     The subnet and resource group subnet of a private network cannot overlap.

·     Duplicated IDs exist for the resource groups created in bulk.

·     Duplicated names exist for the resource groups created in bulk.

·     Unknown error.

·     The IP address of the resource group  conflicts in the same private network.

·     To interconnect two private networks, make sure the subnets in their resource groups do not overlap.

·     Operation failed. IP address ranges specified for the resource group contain IP addresses of a switching device.

·     The subnet address overlaps with IP address pools or with the management IP addresses of devices.

·     The specified private network does not exist.

·     The resource groups created in a private network must be configured with the same policy mode as the private network.

·     The resource group does not support specifying a Tag ID.

·     The selected private network uses group-based policy mode. You cannot add this subnet, because it overlaps with a subnet in the resource group for a private network that also uses group-based policy mode.

·     The selected private network uses group-based policy mode. You cannot add this subnet, because it overlaps with a subnet in the Layer 2 network domain for a private network that also uses group-based policy mode.

·     The IP address ranges in the resource groups of a shared VRF cannot overlap with the IP address ranges in the resource groups of a non-shared VRF.

·     You cannot change the network type of an IT resource group.

·     A VLAN network does not support configuring private networks for a resource group.

·     Invalid network type for the IT resource group.

·     In group-based policy mode,the subnets in the same IT resource group or in different IT resource groupscannot overlap.

·     The L3 CI EPG is required.

·     The L3 CI EPG does not exist.

·     Duplicate L3 CI EPG IDs exist for the resource groups created in bulk.

 

Update resource group

Keyword

UPDATE_RESOURCEGROUP_OP

Message text

Updated resource group “$1”

Variable fields

$1: Resource group name.

Example

Updated resource group “resourceGrpoup1”

Explanation

A resource group was updated.

Possible failure causes

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     The service is disabled.

·     Unknown error.

·     The resource group name cannot be modified.

·     The specified resource doesn't exist.

·     The resource group ID cannot be modified.

·     The private network ID cannot be modified.

·     The description cannot exceed 255 characters.

·     The address entries are required.

·     The address type is required.

·     Invalid address type.

·     The IP address ranges of resource groups cannot overlap.

·     The address entries cannot be modified for a resource group that is being used by an intergroup policy.

·     To interconnect two private networks, make sure the subnets in their resource groups do not overlap.

·     Operation failed. IP address ranges specified for the resource group contain IP addresses of a switching device.

·     Cannot edit the tag of the resource group.

·     Cannot edit the policy mode of the resource group.

·     The selected private network uses group-based policy mode. You cannot add this subnet, because it overlaps with a subnet in the resource group for a private network that also uses group-based policy mode.

·     The selected private network uses group-based policy mode. You cannot add this subnet, because it overlaps with a subnet in the Layer 2 network domain for a private network that also uses group-based policy mode.

·     The IT resource group must contain IPv4 subnets, because IPv4 has been enabled on a minimum of one gateway member bound to the IT resource group.

·     The IT resource group must contain IPv6 subnets, because IPv6 has been enabled on a minimum of one gateway member bound to the IT resource group.

·     You cannot edit the IT resource group, because firewall has been enabled on a minimum of one gateway member bound to the IT resource group.

·     The IP address ranges in the resource groups of a shared VRF cannot overlap with the IP address ranges in the resource groups of a non-shared VRF.

·     In group-based policy mode,the subnets in the same IT resource group or in different IT resource groupscannot overlap.

·     The L3 CI EPG is required.

·     The L3 CI EPG does not exist.

·     Duplicate L3 CI EPG IDs exist for the resource groups created in bulk.

 

Delete resource group

Keyword

DELETE_RESOURCEGROUP_OP

Message text

Deleted resource group “$1”

Variable fields

$1: Resource group name.

Example

Deleted resource group “resourceGroup1”

Explanation

A resource group was deleted.

Possible failure causes

·     The controller is not the active leader.

·     Configuration recovery is in progress.

·     Unknown error.

·     The service is disabled.

·     The specified resource doesn't exist.

·     The resource group is being used by an intergroup policy and cannot be deleted

·     You cannot delete the IT resource group, because gateway members have been bound to the IT resource group.

·     You cannot edit the EPG ID of a resource group.

 

Create network range

Keyword

CREATE_LAYER2_NETWORKDOMAIN_interface_OP

Message text

Created Layer 2 network domain interface “$1”

Variable fields

$1Network range configuration parameters.

Example

Created Layer 2 network domain interface:

"access:GigabitEthernet1/0/48"

Explanation

A network range was created.

Possible failure causes

A device interface already exists with the same UUID.

The device interface has been used by another access scenario of a Layer 2 network domain.

The device interface has been added.

 

Delete network range

Keyword

DELETE_LAYER2_NETWORKDOMAIN_interface_OP

Message text

Deleted Layer 2 network domain interface “$1”

Variable fields

$1Network range configuration parameters.

Example

Deleted Layer 2 network domain interface:

"access:GigabitEthernet1/0/48"

Explanation

A network range was deleted.

Possible failure causes

·     Please first delete the port authentication configuration of the device interface.

 

 


CON_APP

This section contains CON_APP messages.

Install application

Keyword

INSTALL_APP_OP

Message text

$1 had been installed.

Variable fields

$1: Application name.

Example

H3C VCFC ARP had been installed.

Explanation

An application was installed.

Possible failure causes

N/A

 

Start application

Keyword

START_APP_OP

Message text

$1 had been started.

Variable fields

$1: Application name.

Example

H3C VCFC ARP had been started.

Explanation

An application was started.

Possible failure causes

N/A

 

Stop application

Keyword

STOP_APP_OP

Message text

$1 had been stopped.

Variable fields

$1: Application name.

Example

H3C VCFC ARP had been stopped.

Explanation

An application was stopped.

Possible failure causes

N/A

 

Uninstall application

Keyword

REMOVE_APP_OP

Message text

$1 had been removed.

Variable fields

$1: Application name.

Example

H3C VCFC ARP had been removed.

Explanation

An application was uninstalled.

Possible failure causes

N/A

 

Upload application

Keyword

UPLOAD_APP_OP

Message text

Uploaded application: $1.

Variable fields

$1: Name of the application installation package.

Example

Uploaded application: arp-2156.zip.

Explanation

An application installation package was uploaded.

Possible failure causes

·     Unsigned or untrusted jars contained within.

·     Bad application package.

·     The number of applications exceeded the license limit.

·     The application already exists.

·     An unknown error occurs during the application package uploading process.

 


CON_AUTH

This section contains CON_AUTH messages.

Add an API authentication-free IP

Keyword

ADD_API_AUTH_FREEIP_OP

Message text

Added an API authentication-free IP: $1

Variable fields

$1: IP address of the API authentication-free user.

Example

Added an API authentication-free IP: 192.168.56.13

Explanation

An API authentication-free user was added.

Possible failure causes

·     Invalid IP address.

·     The IP address already exists.

·     The controller is not the active leader.

·     Unknown error.

·     Invalid role.

·     Invalid type

·     Invalid description.

 

Delete an API authentication-free IP

Keyword

DELETE_API_AUTH_FREEIP_OP

Message text

Deleted an API authentication-free IP: $1

Variable fields

$1: IP address of the API authentication-free user.

Example

Deleted an API authentication-free IP: 192.168.56.13

Explanation

An API authentication-free user was deleted.

Possible failure causes

·     The controller is not the active leader.

·     Unknown error.

·     Invalid IP address.

·     Invalid type

·     The IP address does not exist.

 

Add an IP address to white list

Keyword

ADD_IP_TO_WHITELIST_OP

Message text

Added IP address $1 to the white list.

Variable fields

$1: IP address added to the white list.

Example

Added IP address 192.168.56.13 to the white list.

Explanation

A user was added to the white list.

Possible failure causes

·     Invalid IP address.

·     The IP address already exists.

·     The controller is not the active leader.

·     Unknown error.

·     Invalid type.

·     Invalid description.

 

Delete an IP address from white list

Keyword

DELETE_IP_FROM_WHITELIST_OP

Message text

Deleted IP address $1 from the white list.

Variable fields

$1: IP address removed from the white list.

Example

Deleted IP address 192.168.56.13 from the white list.

Explanation

A user was removed from the white list.

Possible failure causes

·     Invalid IP address.

·     The controller is not the active leader.

·     The IP address does not exist.

·     Unknown error.

·     Invalid type.

 

 


CON_LICENSE

This section contains CON_LICENSE messages.

Connect the license server

Keyword

CONNECT_LICS_OP

Message text

Connected the license server: $1

Variable fields

$1: License server configuration information.

Example

Connected the license server:

License server IP: 192.168.40.40

Port: 5555

Username: sdn

Password: ******

Explanation

The user connected the controller to the license server.

Possible failure causes

·     Incorrect license server IP address or port number.

·     Incorrect username or password.

 

Disconnect the license server

Keyword

DISCONNECT_LICS_OP

Message text

Disconnected the license server: $1

Variable fields

$1: License server IP address.

Example

Disconnected the license server: 192.168.1.1

Explanation

The user disconnected the controller from the license server.

Possible failure causes

N/A

 

Upload license file

Keyword

UPLOAD_LICENSE_FILE_OP

Message text

Uploaded license file

Variable fields

N/A

Example

Uploaded license file

Explanation

A license file was uploaded.

Possible failure causes

License file error.

 

Update the quantity of requested licenses

Keyword

UPDATE_REQUESTED_LICENSES_OP

Message text

Updated the quantity of requested licenses: $1.

Variable fields

$1: Information about the quantity of requested licenses.

Example

Updated the quantity of requested licenses:

APP license: 1

MaxNodeNum license: 1

VirtualServiceNode license: 1

vSwitch license: 0

ZTP license: true

API license: true

Overlay license: true

OverlayHardwareEntity license: 1

ServiceChain license: true

Base license: 1.

Explanation

The quantity of requested licenses was changed.

Possible failure causes

Failed to save the configuration.

 

 


CON_LISTENER

This section contains CON_LISTENER messages.

Register alert topic

Keyword

REGISTER_ LISTENER_OP

Message text

Registered alert topic listener: $1

Variable fields

$1: Alert topic listener configuration.

Example

Registered alert topic listener:

{

    "alert":

    {

        "url": "http://192.168.16.2/vnetcontroller/alter",

        "level": "warn",

        "subject": ["tunnel", "session"],

        "app_name": "vnetcontroller",

        "push_history": true

    }

}

Explanation

An alert topic listener was registered.

Possible failure causes

A listener with the same app_name has already been registered.

 

Update alert topic

Keyword

UPDATE_LISTENER_OP

Message text

Updated alert topic listener: $1

Variable fields

$1: Alert topic listener configuration.

Example

Updated alert topic listener:

{

    "alert":

    {

        "app_name": "vnetcontroller",

        "level": "warn",

        "subject": ["tunnel", "session"]

    }

}

Explanation

An alert topic listener was modified.

Possible failure causes

N/A.

 

Remove alert topic

Keyword

REMOVE_LISTENER_OP

Message text

Removed alert topic listener: $1

Variable fields

$1: Name of the alert topic listener.

Example

Removed alert topic listener: vnetcontroller

Explanation

An alert topic listener was removed.

Possible failure causes

N/A.

 


CON_NetworkMonitor

This section contains CON_NetworkMonitor messages.

Change thresholds for a CPU

Keyword

CHANGE_THRESHOLDS_OP

Message text

Changed network monitor thresholds for CPU $1 in slot $2 of chassis $3 on device $4: $5

Variable fields

$1: CPU ID.

$2: Slot number.

$3: Chassis number.

$4: IP address of the device.

$5: Resource usage alarm thresholds.

Example

Changed network monitor thresholds for CPU 1 in slot 1 of chassis 1 on device 192.168.150.21:

  {

    cpuRecoveryThreshold: 10

    cpuMinorThreshold: 20

    cpuWarningThreshold: 40

    memorySecureThreshold: 10

    memoryEarlyWarningThreshold: 20

    memoryNormalThreshold: 30

    memoryMinorThreshold: 30

    memorySevereThreshold: 40

    memoryCriticalThreshold: 50

    aclMinorThreshold: 50

aclSevereThreshold: 60

acMinorThreshold: 20

acSevereThreshold: 40

vsiMinorThreshold: 20

vsiSevereThreshold: 40

vlanMinorThreshold: 20

vlanSevereThreshold: 40

  }

Explanation

The resource usage alarm thresholds were modified for a specific CPU.

Possible failure causes

·     The controller is not the active leader.

·     The device is not a physical device.

·     The device is offline.

·     The device does not exist.

·     The device does not support configuring CPU usage threshold.

·     The device does not support configuring memory usage threshold.

·     The device does not support configuring ACL resource usage threshold.

·     The device does not support configuring AC resource usage threshold.

·     The device does not support configuring VSI interface resource usage threshold.

·     The device does not support configuring VLAN interface resource usage threshold.

 

Change thresholds for all CPUs

Keyword

CHANGE_THRESHOLDS_ALL_OP

Message text

Changed network monitor thresholds for all CPUs on device $1: $2

Variable fields

$1: IP address of the device.

$2: Resource usage thresholds.

Example

Changed network monitor thresholds for all CPUs on device 192.168.150.21:

  {

    cpuRecoveryThreshold: 10

    cpuMinorThreshold: 20

    cpuWarningThreshold: 40

    memorySecureThreshold: 10

    memoryEarlyWarningThreshold: 20

    memoryNormalThreshold: 30

    memoryMinorThreshold: 30

    memorySevereThreshold: 40

    memoryCriticalThreshold: 50

    aclMinorThreshold: 50

aclSevereThreshold: 60

acMinorThreshold: 20

acSevereThreshold: 40

vsiMinorThreshold: 20

vsiSevereThreshold: 40

vlanMinorThreshold: 20

vlanSevereThreshold: 40

  }

Explanation

The resource usage thresholds were modified for all CPUs.

Possible failure causes

·     The controller is not the active leader.

·     The device is not a physical device.

·     The device is offline.

·     The device does not exist.

·     The device does not support configuring CPU usage threshold.

·     The device does not support configuring memory usage threshold.

·     The device does not support configuring ACL resource usage threshold.

·     The device does not support configuring AC resource usage threshold.

·     The device does not support configuring VSI interface resource usage threshold.

·     The device does not support configuring VLAN interface resource usage threshold.

 


CON_OAM

This section contains CON_OAM messages.

Create radar detection task

Keyword

CREATE_RADAR_DETECTION_OP

Message text

Created radar detection task: $1

Variable fields

$1: Parameters for the radar detection task.

Example

Created radar detection task:

  Username: sdn

  Task type: multiple

  Task info:

  Path type: single

  Network type: vxlan

  Segment ID: 2

  Protocol: TCP

  Source IP: 70.68.68.68

  Source port: 10000

  Start device IP: 192.168.70.68

  Start device ingress port: 0x1

  Destination IP: 168.168.1.2

  Destination port: 50000

  End device IP: null

  DSCP: 62

  Interval: 0

  Packet count: 1

  Timeout: 10

  Period: 1440

  Frequency: 600

Explanation

A radar detection task was created.

Possible failure causes

·     The start device IP address doesn't exist.

·     Task already exists. Please try again later.

·     The controller hasn't obtained start device port information.

·     The start device ingress port doesn't exist.

·     The destination IP address doesn't exist.

·     The gateway device that source device belongs to doesn't exist.

·     The controller is not the active leader.

·     Can't find the vPort with the source IP address.

·     The number of periodic detection tasks has reached the maximum.

·     Radar detection is disabled.

·     The number of periodic radar detection tasks has reached the upper limit.

 

Delete radar detection task

Keyword

Delete_RADAR_DETECTION_OP

Message text

Deleted radar detection task: $1

Variable fields

$1: UUID of the radar detection task.

Example

Deleted radar detection task: 218b5f2f-e435-4365-a1ab-0eaa03b7fa19

Explanation

A radar detection task was deleted.

Possible failure causes

·     The controller is not the active leader.

·     Radar detection is disabled.

·     The periodic scanning task ID doesn’t match the username of the task creator.

 

Clear periodic radar detection tasks

Keyword

CLEAR_RADAR_DETECTION_OP

Message text

Clear all periodic radar detection tasks for user $1.

Variable fields

$1: Username.

Example

Clear all periodic radar detection tasks for user sdn.

Explanation

All periodic radar detection tasks created by the user were cleared.

Possible failure causes

·     The controller is not the active leader.

·     Radar detection is disabled.

 


CON_OPENFLOW

This section contains CON_OPENFLOW messages.

Create flow table entry

Keyword

CREATE_FLOWTABLE_OP

Message text

A flow table entry was added.

Variable fields

N/A

Example

A flow table entry was added.

Explanation

A flow table entry was added.

Possible failure causes

N/A

 

Modify flow table entry

Keyword

MODIFY_FLOWTABLE_OP

Message text

A flow table entry was modified.

Variable fields

N/A

Example

A flow table entry was modified.

Explanation

A flow table entry was modified.

Possible failure causes

N/A

 

Delete flow table entry

Keyword

DELETE_FLOWTABLE_OP

Message text

A flow table entry was deleted.

Variable fields

N/A

Example

A flow table entry was deleted.

Explanation

A flow table entry was deleted.

Possible failure causes

No such device: Datapath ID: OpenFlow network device has been disconnected.

 

Devices change to fail-safe mode

Keyword

CHANGE_DEVICE_FAILSAFE_OP

Message text

Devices changed to fail-safe mode. All controllers in the team are disallowed to accept OpenFlow connection requests.

Variable fields

N/A

Example

Devices changed to fail-safe mode. All controllers in the team are disallowed to accept OpenFlow connection requests.

Explanation

The fail-safe mode was set.

Possible failure causes

Abnormal connections between the active leader and other controllers in the team.

 

Devices change to normal mode

Keyword

CHANGE_DEVICE_NORMAL_OP

Message text

Devices changed to normal mode. All controllers in the team are allowed to accept OpenFlow connection requests.

Variable fields

N/A

Example

Devices changed to normal mode. All controllers in the team are allowed to accept OpenFlow connection requests.

Explanation

The normal mode was set.

Possible failure causes

Abnormal connections between the active leader and other controllers in the team.

 

 


CON_REGION

This section contains CON_REGION messages.

Create region

Keyword

CREATE_REGION_ OP

Message text

Created region: $1

Variable fields

$1: Region information.

Example

Created region:

Name:region1

Region ID:fdd9f2d3-d2b2-4afe-942f-e6943b54e259

DenyvSwitch:false

Master:192.168.56.153

Subordinate:

192.168.56.154

ManagedNodeSubnets:

         192.168.38.25/24

         192.168.39.25/24

Explanation

A region was created.

Possible failure causes

·     The team doesn't exist.

·     Incorrect controller IP address.

·     The region name is already used.

·     The controller was already in a region.

·     The controller is not the active leader.

·     Incorrect JSON format.

·     The request can't be null.

·     Incorrect controller name.

·     The master IP address must be different from the subordinate IP address.

·     Incorrect IP address or mask format for the managed node subnets.

 

Delete region

Keyword

DELETE_REGION_OP

Message text

Deleted region:$1

Variable fields

$1: Region information.

Example

Deleted region:

Name: region1

Region ID: fdd9f2d3-d2b2-4afe-942f-e6943b54e259

DenyvSwitch:false

Master:192.168.56.153

Subordinate:

192.168.56.154

ManagedNodeSubnets:

         192.168.38.25/24

         192.168.39.25/24

Explanation

A region was deleted.

Possible failure causes

·     The controller is not the active leader.

·     Incorrect JSON format.

·     The region does not exist.

 

Update region

Keyword

UPDATE_REGION_OP

Message text

Updated region:$1

Variable fields

$1: Region information.

Example

Updated region:

Name: region1

Region ID: fdd9f2d3-d2b2-4afe-942f-e6943b54e259

DenyvSwitch:false

Master:192.168.56.153

Subordinate:

192.168.56.154

ManagedNodeSubnets:

         192.168.38.25/24

         192.168.39.25/24

Explanation

A region was updated.

Possible failure causes

·     The region does not exist.

·     The controller is not the active leader.

·     Incorrect JSON format.

·     The request can't be null.

·     The input region information was incorrect.

·     Incorrect IP address or mask format for the managed node subnets.

 


CON_SNMP

This section contains CON_SNMP messages.

Create traditional NE

Keyword

CREATE_TRADITIONAL_NE_OP

Message text

Created traditional NE: $1

Variable fields

$1: Traditional NE configuration information.

Example

Created traditional NE:

IP: 192.168.9.198

MAC: 74:25:8a:c4:e2:de

Read community: public

Write community: private

Controller IP: 192.168.89.155

Access attribute: access

Status: Inactive

Explanation

The user added a traditional NE.

Possible failure causes

·     The controller is not the active leader.

·     Invalid network element IP address.

·     The traditional network element at X.X.X.X already exists.

·     Invalid controller IP address.

·     The controller IP address doesn't exist in the team.

·     The IP address for a controller in standalone mode must be 127.0.0.1.

·     Invalid access attribute.

·     The traditional network element has been added to the controller by using X.X.X.X.

 

Update traditional NE

Keyword

UPDATE_TRADITIONAL_NE_OP

Message text

Updated traditional NE: $1

Variable fields

$1: Traditional NE configuration information.

Example

Updated traditional NE:

IP: 192.168.9.198

MAC: 74:25:8a:c4:e2:de

Read community: public

Write community: private

Controller IP: 192.168.89.155

Access attribute: access

Status: Inactive

Explanation

The user modified the traditional NE.

Possible failure causes

·     The controller is not the active leader.

·     Invalid network element IP address.

·     The network element IP address doesn't exist.

·     Invalid controller IP address.

·     The controller IP address doesn't exist in the team.

·     The IP address for a controller in standalone mode must be 127.0.0.1.

·     Invalid access attribute.

·     Unknown error.

 

Delete traditional NE

Keyword

DELETE_TRADITIONAL_NE_OP

Message text

Deleted traditional NE: $1

Variable fields

$1: IP address of the traditional NE.

Example

Deleted traditional NE: 192.168.9.198

Explanation

The user deleted the traditional NE.

Possible failure causes

·     The controller is not the active leader.

·     Invalid network element IP address.

·     The network element IP address doesn't exist.

 

Start scanning traditional NE

Keyword

START_SCAN_TRADITIONAL_NE_OP

Message text

Started scanning traditional NEs: $1

Variable fields

$1: Settings for auto traditional NE scanning.

Example

Started scanning traditional NEs:

  Start IP: 192.168.125.0

  End IP: 192.168.125.255

  SNMP read community: public

  SNMP write community: private

Explanation

The user started auto traditional NE scanning.

Possible failure causes

N/A

 

Stop scanning traditional NE

Keyword

STOP_SCAN_TRADITIONAL_NE_OP

Message text

Stopped scanning traditional NEs

Variable fields

N/A

Example

Stopped scanning traditional NEs

Explanation

The user stopped auto traditional NE scanning.

Possible failure causes

N/A

 

 


CON_SYSTEM

This section contains CON_SYSTEM messages.

Back up configuration

Keyword

BACKUP_OP

Message text

Backed up the configuration.

Variable fields

$1: Session name.

Example

Backed up the configuration.

Explanation

A backup session was completed.

Possible failure causes

·     The operation requires the administrator privilege.

·     Failed to create the backup file.

·     The system is recovering the configuration.

·     The team to which the controller belongs has no active leader.

 

Upload backup file

Keyword

UPLOAD_BACKUPFILE_OP

Message text

Uploaded the backup file.

Variable fields

N/A

Example

Uploaded the backup file.

Explanation

A backup file was uploaded.

Possible failure causes

·     The controller is not the active leader.

·     The operation requires the administrator privilege.

·     Invalid backup file format.

·     Invalid backup file content.

·     The active leader can't send the backup file to other controllers due to network errors.

·     The system is recovering the configuration.

·     The team to which the controller belongs has no active leader.

·     Can’t upload the backup file because some controllers are down: $1, $2, $3.

 

Start recovery

Keyword

RESTORE_OP

Message text

Restored the configuration.

Variable fields

N/A

Example

Restored the configuration.

Explanation

A recovery was started.

Possible failure causes

·     The controller is not the active leader.

·     The operation requires the administrator privilege.

·     The backup file doesn't exist.

·     The backup file doesn't include the required files.

·     The controller's IP address is not included in the team settings of the backup file.

·     The active leader can't restore the configuration of other controllers due to network errors.

·     The system is recovering the configuration.

·     The team to which the controller belongs has no active leader.

·     Can’t perform configuration recovery because some controllers are down.

 

Download backup file

Keyword

DOWNLOAD_BACKUPFILE_OP

Message text

Downloaded the backup file.

Variable fields

N/A

Example

Downloaded the backup file.

Explanation

The backup file had been successfully downloaded.

Possible failure causes

·     The backup file doesn't exist.

·     The system is recovering the configuration.

·     The team to which the controller belongs has no active leader.

 

Modify backup settings

Keyword

MODIFY_BACKUPSET_OP

Message text

Modified settings for configuration backup.

Variable fields

N/A

Example

Modified settings for configuration backup.

Explanation

The settings for configuration backup were modified.

Possible failure causes

·     Illegal backup settings.

·     The operation requires the administrator privilege.

·     The controller is not the active leader.

·     Not permitted to access the backup path.

·     Failed to save the settings.

·     The system is recovering the configuration.

·     The team to which the controller belongs has no active leader.

 

Modify configuration

Keyword

MODIFY_CONFIG_OP

Message text

Modified configuration: $1.

Variable fields

$1: Component name and configuration items.

Example

Modified configuration: Authentication Manager {

ConnPoolMaxActive=4

AuthenticationProtocol=PAP

SharedKey=******

AuthMode=local

AAAServerIP=192.168.56.19

ConnPoolMaxIdle=1

CachedTokenIdle=900

}.

Explanation

The values for the configuration items of the specified component were modified. If a password or key is included in the component, it is displayed with asterisks (******).

Possible failure causes

·     Failed to update the configuration file.

·     The existing team token must be deleted before you configure a new one.

·     Invalid value for parameter $1.

·     Failed to encrypt the password or key.

 

Restore configuration

Keyword

RESTORE_CONFIG_OP

Message text

Restored configuration: $1.

Variable fields

$1: Component name and configuration items. If the values for all configuration items are restored, only the component name is displayed.

Example

Restored configuration: Authentication Manager {

ConnPoolMaxActive=4

AuthenticationProtocol=PAP

SharedKey=******

AuthMode=local

AAAServerIP=192.168.56.19

ConnPoolMaxIdle=1

CachedTokenIdle=900

}.

Explanation

The values for the configuration items of the specified component were restored to the default. If a password or key is included in the component, it is displayed with asterisks (******).

Possible failure causes

·     Can't delete the team token in team mode.

·     Failed to update the configuration file.

 

Prepare for upgrade

Keyword

UPGRADE_PREPARE_OP

Message text

Prepared for upgrade: $1

Variable fields

$1: IP address of the controller that prepares for upgrade.

Example

Prepared for upgrade

Explanation

Upgrade preparation was performed.

Possible failure causes

Invalid request.

 

Modify alert log remote transmission mode

Keyword

MODIFY_ALERTLOG_TRANSMISSION_OP

Message text

The alert log remote transmission mode was set to sending logs to the syslog server.

Variable fields

N/A

Example

The alert log remote transmission mode was set to sending logs to the syslog server.

Explanation

The user changed the system log settings by enabling the syslog server feature. System logs will be sent to the specified syslog server.

Possible failure causes

N/A

 

Modify audit log transmission mode

Keyword

MODIFY_AUDITLOG_TRANSMISSION_OP

Message text

The audit log remote transmission mode was set to sending logs to the syslog server.

Variable fields

N/A

Example

The audit log remote transmission mode was set to sending logs to the syslog server.

Explanation

The user changed the operation log settings by enabling the syslog server feature. Operation logs will be sent to the specified syslog server.

Possible failure causes

N/A

 

Enter upgrade mode

Keyword

ENTER_UPGRADE_MODE_OP

Message text

Enter upgrade mode.

Variable fields

N/A

Example

Enter upgrade mode.

Explanation

The operation for entering the upgrade mode was performed.

Possible failure causes

N/A

 

Quit upgrade mode

Keyword

QUIT_UPGRADE_MODE_OP

Message text

Quit upgrade mode.

Variable fields

N/A

Example

Quit upgrade mode.

Explanation

The operation for quitting the upgrade mode was performed.

Possible failure causes

N/A

 

 


CON_TEAM

This section contains CON_TEAM messages.

Create team

Keyword

CREATE_TEAM_OP

Message text

Created team: $1

Variable fields

$1: Configuration of the team.

Example

Created team:

Name: TestCluster1

IP: 192.168.40.40

Mask: 255.255.255.0

Mode:1

Version: 1404159495844

Team ID: f892866f-0ec9-4ef0-a0a8-6df783ef7b19

Leaders: [

{Name: leader1, IP: 192.168.56.147, Priority: 200, Network_device: eth0, Server ID: 1},

{Name: leader2, IP: 192.168.56.148, Priority: 100, Network_device: eth1, Server ID: 2}

]

Members: [

{Name: member, IP: 192.168.40.146, Priority: 1016, Network_device: , Server ID: 5}

]

Explanation

A team was created.

Possible failure causes

·     The team contained only one leader.

·     The controller was not a leader.

·     Team IP address and member IP address must be different.

·     Member IP addresses must be different.

·     Member names must be different.

·     Leader priorities must be different.

·     The number of controllers exceeded the upper limit (32).

·     Server processing error.

·     The versions of the controllers are inconsistent.

·     The team token is not configured for the controller.

 

Delete team

Keyword

DELETE_TEAM_OP

Message text

Deleted team: $1

Variable fields

$1: Configuration of the team.

Example

Deleted team:

Name: TestCluster1

IP: 192.168.40.40

Explanation

A team was deleted.

Possible failure causes

·     The team didn't exist.

·     The controller was not the active leader.

·     Server processing error.

 

Modify team

Keyword

MODIFY_TEAM_OP

Message text

Modified team: $1

Variable fields

$1: Configuration modification of the team.

Example

Modified team:

Name:TestCluster1->TestCluster2

IP:192.168.35.11->192.168.35.12

Mask:255.255.255.0->255.255.0.0

Explanation

A team was modified.

Possible failure causes

·     The controller was not the active leader.

·     The team didn't exist.

·     Server processing error.

·     The team name is invalid.

 

Add member

Keyword

ADD_MEMBER_OP

Message text

Added member: $1

Variable fields

$1: Member information.

Example

Added member:

Name:leader1

IP:192.168.56.147

Explanation

A member was added.

Possible failure causes

·     The controller was not the active leader.

·     The team didn't exist.

·     The member IP address must be different from the team IP address.

·     The member IP address was already used.

·     The member name was already used.

·     Server processing error.

·     The version of the selected controller is different than the team.

 

Delete member

Keyword

DELETE_MEMBER_OP

Message text

Deleted member: $1

Variable fields

$1: Member information.

Example

Deleted member:

Name:leader1

IP:192.168.56.147

Explanation

A member was deleted.

Possible failure causes

·     The controller was not the active leader or the member to be deleted.

·     The member didn't exist.

·     A leader can't be deleted.

·     The member was in a region.

·     Server processing error.

 

Modify member

Keyword

MODIFY_MEMBER_OP

Message text

Modified member: $1

Variable fields

$1: Member modification information.

Example

Modified member:

Name:member1->member2

IP:192.168.35.11

Network_device:eth0->eth1

Explanation

A member was modified.

Possible failure causes

·     The controller was not the active leader.

·     NIC for the member can't be changed.

·     Server processing error.

·     The controller name is invalid.

·     The member name was already used.

 


CON_TOPOLOGY

This section contains CON_TOPOLOGY messages.

Update device

Keyword

UPDATE_DEVICE_INFO_OP

Message text

Updated device: $1

Variable fields

$1: Device information.

Example

Updated device:

IP address: 192.168.9.198

Datapath ID: 00:00:74:25:8a:c4:e2:de

Asset number: 201605181600

Device description: H3C Comware Platform Software, Software Version 7.1.070, ESS 2505P01

Location: A13-A13

Function: core

Remarks: description

Device name: 201-98

Status: Inactive

Explanation

The user modified the device information on the device statistics page.

Possible failure causes

The device doesn't exist.

 

Update device layer

Keyword

UPDATE_DEVICE_LAYER_OP

Message text

Updated the layer for device (IP address $1 and datapath ID $2): $3.

Variable fields

$1: IP address of the device.

$2: Datapath ID of the device.

$3: Layer of the device. Options are access, convergence, and core.

Example

Updated the layer for device (IP address 192.168.9.198 and datapath ID 00:00:74:25:8a:c4:e2:de): core.

Explanation

The user modified the layer for the device specified on the physical topology page.

Possible failure causes

The device doesn't exist.

 

Delete inactive link

Keyword

DELETE_INACTIVE_LINK_OP

Message text

Deleted an inactive link. Link information: $1

Variable fields

$1: Inactive link information.

Example

Deleted an inactive link. Link information:

From: Port GigabitEthernet1/0/3 on device (IP address 192.168.150.44 and datapath ID 00:00:68 b:10 a:04:00).

To: Port GigabitEthernet1/0/5 on device (IP address 192.168.150.42 and datapath ID 00:00:94:e2:4e:53:02:00).

Explanation

The user deleted the inactive link for the device.

Possible failure causes

N/A

 

Update port thresholds

Keyword

UPDATE_PORT_THRESHOLD_OP

Message text

Updated port thresholds: $1

Variable fields

$1: Port thresholds.

Example

Updated port monitor thresholds:

  Inbound bandwidth usage: 12%

  Outbound bandwidth usage: 32%

  Inbound error packet rate: 43%

  Outbound error packet rate: 43%

  Inbound packet loss rate: 54%

  Outbound packet loss rate: 65%

Explanation

The user modified the port thresholds.

Possible failure causes

N/A

 

Clear events on a device

Keyword

CLEAR_DEVICE_EVENTS_OP

Message text

Clear events on device: $1.

Variable fields

$1: IP address of the device.

Example

Clear events on device: 192.168.5.3.

Explanation

The user cleared the events on a device.

Possible failure causes

The device doesn't exist.

 

Clear events on all devices

Keyword

CLEAR_ALL_DEVICES_EVENTS_OP

Message text

Clear events on all devices.

Variable fields

N/A

Example

Clear events on all devices.

Explanation

The user cleared the events on all devices.

Possible failure causes

N/A

 


CON_USER

This section contains CON_USER messages.

Add a user

Keyword

ADD_USER_OP

Message text

Added a user:$1.

Variable fields

$1: User name.

Example

Added a user:11.

Explanation

A user was added.

Possible failure causes

·     Invalid username.

·     Invalid role.

·     The username already exists.

·     The password length is out of range or the password contains only letters, digits, or special characters.

·     The controller is not the active leader.

·     Incorrect format.

·     Failed to add the user.

 

Delete a user

Keyword

DELETE_USER_OP

Message text

Deleted a user: $1.

Variable fields

$1: User name.

Example

Deleted a user: 11.

Explanation

A user was deleted.

Possible failure causes

·     Invalid username.

·     No permission to delete itself.

·     The controller is not the active leader.

·     Can't delete an online user.

·     Token aged.

 

Change user password

Keyword

CHANGE_PASSWORD_OP

Message text

Changed user $1's password.

Variable fields

$1: Username.

Example

Changed user 11's password.

Explanation

A user's password was changed.

Possible failure causes

·     Invalid username.

·     Invalid old password.

·     The password length is out of range or the password contains only letters, digits, or special characters.

·     Can't modify another user's