Cisco Nexus-as-Code (NAC)

L3out

L3out Node and Interface Profiles can either be auto-generated, one per L3out, or can be defined explicitly.

Note: Whether an interface is an svi, routed sub-interface, or routed depends on the following configuration:

svi - vlan: <not null>, svi: true, ip: <not null>

routed sub-interface - vlan: <not null>, svi: false, ip: <not null>

routed interface - vlan: <null>, svi: false, ip: <not null>

The following table maps the subnet flags of external endpoint groups to the corresponding GUI terminology:

Subnet Flag GUI Terminology
import_security External Subnets for External EPG
shared_security Shared Security Import Subnet
import_route_control Import Route Control Subnet
export_route_control Export Route Control Subnet
shared_route_control Shared Route Control Subnet
aggregate_import_route_control Aggregate Export
aggregate_export_route_control Aggregate Import
aggregate_shared_route_control Aggregate Shared Routes

Location in GUI:

  • Tenants » XXX » Networking » L3outs

Diagram

Class Diagram

Classes

tenants (apic)

Name Type Constraint Mandatory Default Value
l3outs List [l3outs] No

l3outs (apic.tenants)

Name Type Constraint Mandatory Default Value
name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes
ndo_managed Boolean true, false No false
alias String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
target_dscp Any Choice[CS0, CS1, AF11, AF12, AF13, CS2, AF21, AF22, AF23, CS3, AF31, AF32, AF33, CS4, AF41, AF42, AF43, CS5, VA, EF, CS6, CS7, unspecified] or Integer[min: 0, max: 63] No unspecified
vrf String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes
domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes
bgp Class [bgp] No
ospf Class [ospf] No
eigrp Class [eigrp] No
bfd_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
bgp_peers List [bgp_peers] No
nodes List [nodes] No
node_profiles List [node_profiles] No
external_endpoint_groups List [external_endpoint_groups] No
import_route_map Class [import_route_map] No
export_route_map Class [export_route_map] No
interleak_route_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
default_route_leak_policy Class [default_route_leak_policy] No
dampening_ipv4_route_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
dampening_ipv6_route_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
redistribution_route_maps List [redistribution_route_maps] No
l3_multicast_ipv4 Boolean true, false No false
pim_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
igmp_interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
qos_class Choice level1, level2, level3, level4, level5, level6, unspecified No unspecified
custom_qos_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
multipod Boolean true, false No true
remote_leaf Boolean true, false No false
import_route_control_enforcement Boolean true, false No false
export_route_control_enforcement Boolean true, false No true
dhcp_labels List [dhcp_labels] No

bgp (apic.tenants.l3outs)

Name Type Constraint Mandatory Default Value
timer_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
as_path_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No

ospf (apic.tenants.l3outs)

Name Type Constraint Mandatory Default Value
ospf_interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
area Any Integer[min: 0, max: 4294967295] or Choice[backbone] or IP Yes
area_type Choice regular, stub, nssa No regular
area_cost Integer min: 1, max: 16777215 No 1
area_control_redistribute Boolean true, false No true
area_control_summary Boolean true, false No true
area_control_suppress_fa Boolean true, false No false
auth_type Choice none, simple, md5 No none
auth_key String No
auth_key_id Integer min: 1, max: 255 No 1
policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No

eigrp (apic.tenants.l3outs)

Name Type Constraint Mandatory Default Value
interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
asn Integer min: 1, max: 65535 Yes
interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No

bgp_peers (apic.tenants.l3outs)

Name Type Constraint Mandatory Default Value
ip IP Yes
remote_as Integer min: 0, max: 4294967295 Yes
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
allow_self_as Boolean true, false No false
as_override Boolean true, false No false
disable_peer_as_check Boolean true, false No false
next_hop_self Boolean true, false No false
send_community Boolean true, false No false
send_ext_community Boolean true, false No false
password String No
allowed_self_as_count Integer min: 1, max: 10 No 3
bfd Boolean true, false No false
disable_connected_check Boolean true, false No false
ttl Integer min: 1, max: 255 No 1
weight Integer min: 0, max: 65535 No 0
remove_all_private_as Boolean true, false No false
remove_private_as Boolean true, false No false
replace_private_as_with_local_as Boolean true, false No false
unicast_address_family Boolean true, false No true
multicast_address_family Boolean true, false No true
admin_state Boolean true, false No true
local_as Integer min: 0, max: 4294967295 No
as_propagate Choice none, no-prepend, replace-as, dual-as No none
peer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No

nodes (apic.tenants.l3outs)

Name Type Constraint Mandatory Default Value
node_id Integer min: 1, max: 4000 Yes
pod_id Integer min: 1, max: 255 No
router_id IP Yes
router_id_as_loopback Boolean true, false No true
loopback IP No
static_routes List [static_routes] No
interfaces List [interfaces] No

node_profiles (apic.tenants.l3outs)

Name Type Constraint Mandatory Default Value
name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes
bgp Class [bgp] No
bgp_peers List [bgp_peers] No
nodes List [nodes] No
interface_profiles List [interface_profiles] No

external_endpoint_groups (apic.tenants.l3outs)

Name Type Constraint Mandatory Default Value
name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes
ndo_managed Boolean true, false No false
alias String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
preferred_group Boolean true, false No false
qos_class Choice level1, level2, level3, level4, level5, level6, unspecified No unspecified
target_dscp Any Choice[CS0, CS1, AF11, AF12, AF13, CS2, AF21, AF22, AF23, CS3, AF31, AF32, AF33, CS4, AF41, AF42, AF43, CS5, VA, EF, CS6, CS7, unspecified] or Integer[min: 0, max: 63] No unspecified
subnets List [subnets] No
contracts Class [contracts] No
route_control_profiles List [route_control_profiles] No

import_route_map (apic.tenants.l3outs)

Name Type Constraint Mandatory Default Value
name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
type Choice combinable, global No global
contexts List [contexts] No

export_route_map (apic.tenants.l3outs)

Name Type Constraint Mandatory Default Value
name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
type Choice combinable, global No global
contexts List [contexts] No

default_route_leak_policy (apic.tenants.l3outs)

Name Type Constraint Mandatory Default Value
always Boolean true, false No false
criteria Choice only, in-addition No only
context_scope Boolean true, false No false
outside_scope Boolean true, false No true

redistribution_route_maps (apic.tenants.l3outs)

Name Type Constraint Mandatory Default Value
source Choice direct, attached-host, static No static
route_map String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes

dhcp_labels (apic.tenants.l3outs)

Name Type Constraint Mandatory Default Value
dhcp_relay_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes
dhcp_option_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
scope Choice infra, tenant No infra

static_routes (apic.tenants.l3outs.nodes)

Name Type Constraint Mandatory Default Value
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
prefix IP Yes
preference Integer min: 1, max: 255 No 1
bfd Boolean true, false No false
next_hops List [next_hops] No
track_list String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No

interfaces (apic.tenants.l3outs.nodes)

Name Type Constraint Mandatory Default Value
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
node_id Integer min: 1, max: 4000 No
node2_id Integer min: 1, max: 4000 No
port Integer min: 1, max: 127 No
sub_port Integer min: 1, max: 16 No
module Integer min: 1, max: 9 No 1
channel String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
ip IP No 0.0.0.0
svi Boolean true, false No false
multipod_direct Boolean true, false No false
autostate Boolean true, false No false
floating_svi Boolean true, false No false
vlan Integer min: 1, max: 4096 No
mac MAC No 00:22:BD:F8:19:FF
mtu Any Choice[inherit] or Integer[min: 576, max: 9216] No inherit
ip_a IP No
ip_b IP No
ip_shared IP No
bgp_peers List [bgp_peers] No
paths List [paths] No
mode Choice regular, native, untagged No regular
state Choice local, vrf No
micro_bfd Class [micro_bfd] No

bgp (apic.tenants.l3outs.node_profiles)

Name Type Constraint Mandatory Default Value
timer_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
as_path_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No

bgp_peers (apic.tenants.l3outs.node_profiles)

Name Type Constraint Mandatory Default Value
ip IP Yes
remote_as Integer min: 0, max: 4294967295 Yes
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
allow_self_as Boolean true, false No false
as_override Boolean true, false No false
disable_peer_as_check Boolean true, false No false
next_hop_self Boolean true, false No false
send_community Boolean true, false No false
send_ext_community Boolean true, false No false
password String No
allowed_self_as_count Integer min: 1, max: 10 No 3
bfd Boolean true, false No false
disable_connected_check Boolean true, false No false
ttl Integer min: 1, max: 255 No 1
weight Integer min: 0, max: 65535 No 0
remove_all_private_as Boolean true, false No false
remove_private_as Boolean true, false No false
replace_private_as_with_local_as Boolean true, false No false
unicast_address_family Boolean true, false No true
multicast_address_family Boolean true, false No true
admin_state Boolean true, false No true
local_as Integer min: 0, max: 4294967295 No
as_propagate Choice none, no-prepend, replace-as, dual-as No none
peer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No

nodes (apic.tenants.l3outs.node_profiles)

Name Type Constraint Mandatory Default Value
node_id Integer min: 1, max: 4000 Yes
pod_id Integer min: 1, max: 255 No
router_id IP Yes
router_id_as_loopback Boolean true, false No true
loopback IP No
static_routes List [static_routes] No

interface_profiles (apic.tenants.l3outs.node_profiles)

Name Type Constraint Mandatory Default Value
name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
bfd_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
ospf Class [ospf] No
eigrp Class [eigrp] No
pim_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
igmp_interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
qos_class Choice level1, level2, level3, level4, level5, level6, unspecified No unspecified
custom_qos_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
interfaces List [interfaces] No
dhcp_labels List [dhcp_labels] No

subnets (apic.tenants.l3outs.external_endpoint_groups)

Name Type Constraint Mandatory Default Value
name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
ndo_managed Boolean true, false No false
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
prefix IP Yes
import_route_control Boolean true, false No false
export_route_control Boolean true, false No false
shared_route_control Boolean true, false No false
import_security Boolean true, false No true
shared_security Boolean true, false No false
aggregate_import_route_control Boolean true, false No false
aggregate_export_route_control Boolean true, false No false
aggregate_shared_route_control Boolean true, false No false
bgp_route_summarization Boolean true, false No false
bgp_route_summarization_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
ospf_route_summarization Boolean true, false No false
eigrp_route_summarization Boolean true, false No false
route_control_profiles List [route_control_profiles] No

contracts (apic.tenants.l3outs.external_endpoint_groups)

Name Type Constraint Mandatory Default Value
consumers List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No
providers List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No
imported_consumers List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No

route_control_profiles (apic.tenants.l3outs.external_endpoint_groups)

Name Type Constraint Mandatory Default Value
name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes
direction Choice import, export No import

contexts (apic.tenants.l3outs.import_route_map)

Name Type Constraint Mandatory Default Value
name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
action Choice permit, deny No permit
order Integer min: 0, max: 9 No 0
match_rules List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No
set_rule String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No

contexts (apic.tenants.l3outs.export_route_map)

Name Type Constraint Mandatory Default Value
name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
action Choice permit, deny No permit
order Integer min: 0, max: 9 No 0
match_rules List String[Regex: ^[a-zA-Z0-9_.:-]{1,64}$] No
set_rule String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No

next_hops (apic.tenants.l3outs.nodes.static_routes)

Name Type Constraint Mandatory Default Value
ip IP Yes
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
preference Integer min: 0, max: 255 No 1
type Choice prefix, none No prefix

bgp_peers (apic.tenants.l3outs.nodes.interfaces)

Name Type Constraint Mandatory Default Value
ip IP Yes
remote_as Integer min: 0, max: 4294967295 Yes
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
allow_self_as Boolean true, false No false
as_override Boolean true, false No false
disable_peer_as_check Boolean true, false No false
next_hop_self Boolean true, false No false
send_community Boolean true, false No false
send_ext_community Boolean true, false No false
password String No
allowed_self_as_count Integer min: 1, max: 10 No 3
bfd Boolean true, false No false
disable_connected_check Boolean true, false No false
ttl Integer min: 1, max: 255 No 1
weight Integer min: 0, max: 65535 No 0
remove_all_private_as Boolean true, false No false
remove_private_as Boolean true, false No false
replace_private_as_with_local_as Boolean true, false No false
unicast_address_family Boolean true, false No true
multicast_address_family Boolean true, false No true
admin_state Boolean true, false No true
local_as Integer min: 0, max: 4294967295 No
as_propagate Choice none, no-prepend, replace-as, dual-as No none
peer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No

paths (apic.tenants.l3outs.nodes.interfaces)

Name Type Constraint Mandatory Default Value
physical_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
vmware_vmm_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
elag String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
floating_ip IP Yes

micro_bfd (apic.tenants.l3outs.nodes.interfaces)

Name Type Constraint Mandatory Default Value
destination_ip IP Yes
start_timer Any Integer[min: 60, max: 3600] or Integer[min: 0, max: 0] No 0

static_routes (apic.tenants.l3outs.node_profiles.nodes)

Name Type Constraint Mandatory Default Value
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
prefix IP Yes
preference Integer min: 1, max: 255 No 1
bfd Boolean true, false No false
next_hops List [next_hops] No
track_list String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No

ospf (apic.tenants.l3outs.node_profiles.interface_profiles)

Name Type Constraint Mandatory Default Value
ospf_interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
auth_type Choice none, simple, md5 No none
auth_key String No
auth_key_id Integer min: 1, max: 255 No 1
policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No

eigrp (apic.tenants.l3outs.node_profiles.interface_profiles)

Name Type Constraint Mandatory Default Value
interface_profile_name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
interface_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
keychain_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No

interfaces (apic.tenants.l3outs.node_profiles.interface_profiles)

Name Type Constraint Mandatory Default Value
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
node_id Integer min: 1, max: 4000 No
node2_id Integer min: 1, max: 4000 No
pod_id Integer min: 1, max: 255 No
module Integer min: 1, max: 9 No 1
port Integer min: 1, max: 127 No
sub_port Integer min: 1, max: 16 No
channel String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
ip IP No 0.0.0.0
multipod_direct Boolean true, false No false
svi Boolean true, false No false
autostate Boolean true, false No false
floating_svi Boolean true, false No false
vlan Integer min: 1, max: 4096 No
mac MAC No 00:22:BD:F8:19:FF
mtu Any Choice[inherit] or Integer[min: 576, max: 9216] No inherit
ip_a IP No
ip_b IP No
ip_shared IP No
bgp_peers List [bgp_peers] No
paths List [paths] No
mode Choice regular, native, untagged No regular
scope Choice local, vrf No local

route_control_profiles (apic.tenants.l3outs.external_endpoint_groups.subnets)

Name Type Constraint Mandatory Default Value
name String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ Yes
direction Choice import, export No import

next_hops (apic.tenants.l3outs.node_profiles.nodes.static_routes)

Name Type Constraint Mandatory Default Value
ip IP Yes
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
preference Integer min: 0, max: 255 No 1
type Choice prefix, none No prefix

bgp_peers (apic.tenants.l3outs.node_profiles.interface_profiles.interfaces)

Name Type Constraint Mandatory Default Value
ip IP Yes
remote_as Integer min: 0, max: 4294967295 Yes
description String Regex: ^[a-zA-Z0-9\\!#$%()*,-./:;@ _{|}~?&+]{1,128}$ No
allow_self_as Boolean true, false No false
as_override Boolean true, false No false
disable_peer_as_check Boolean true, false No false
next_hop_self Boolean true, false No false
send_community Boolean true, false No false
send_ext_community Boolean true, false No false
password String No
allowed_self_as_count Integer min: 1, max: 10 No 3
bfd Boolean true, false No false
disable_connected_check Boolean true, false No false
ttl Integer min: 1, max: 255 No 1
weight Integer min: 0, max: 65535 No 0
remove_all_private_as Boolean true, false No false
remove_private_as Boolean true, false No false
replace_private_as_with_local_as Boolean true, false No false
unicast_address_family Boolean true, false No true
multicast_address_family Boolean true, false No true
admin_state Boolean true, false No true
local_as Integer min: 0, max: 4294967295 No
as_propagate Choice none, no-prepend, replace-as, dual-as No none
peer_prefix_policy String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
export_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
import_route_control String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No

paths (apic.tenants.l3outs.node_profiles.interface_profiles.interfaces)

Name Type Constraint Mandatory Default Value
physical_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
vmware_vmm_domain String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
elag String Regex: ^[a-zA-Z0-9_.:-]{1,64}$ No
floating_ip IP Yes

Examples

Simple example:

yaml
Copyapic:
  tenants:
    - name: ABC
      l3outs:
        - name: L3OUT1
          vrf: VRF1
          domain: ROUTED1
          nodes:
            - node_id: 101
              router_id: 5.5.5.5
              static_routes:
                - prefix: 2.2.2.0/24
                  description: My Desc
                  next_hops:
                    - ip: 6.6.6.6
                  track_list: TRACK_POL
              interfaces:
                - node_id: 101
                  port: 10
                  vlan: 301
                  ip: 14.14.14.1/24
                  bgp_peers:
                    - ip: 14.14.14.14
                      remote_as: 65010
          external_endpoint_groups:
            - name: EXT-EPG1
              subnets:
                - prefix: 0.0.0.0/0
              contracts:
                consumers:
                  - CON1

SVI example:

yaml
Copyapic:
  tenants:
    - name: ABC
      l3outs:
        - name: L3OUT1
          vrf: VRF1
          domain: ROUTED1
          node_profiles:
            - name: NODE_101
              nodes:
                - node_id: 101
                  router_id: 5.5.5.5
                  static_routes:
                    - prefix: 2.2.2.0/24
                      description: My Desc
                      next_hops:
                        - ip: 6.6.6.6
              interface_profiles:
                - name: NODE_101
                  interfaces:
                    - node_id: 101
                      port: 10
                      vlan: 301
                      svi: true
                      ip: 14.14.14.1/24

Routed Sub-interface example:

yaml
Copyapic:
  tenants:
    - name: ABC
      l3outs:
        - name: L3OUT1
          vrf: VRF1
          domain: ROUTED1
          node_profiles:
            - name: NODE_101
              nodes:
                - node_id: 101
                  router_id: 5.5.5.5
                  static_routes:
                    - prefix: 2.2.2.0/24
                      description: My Desc
                      next_hops:
                        - ip: 6.6.6.6
              interface_profiles:
                - name: NODE_101
                  interfaces:
                    - node_id: 101
                      port: 10
                      vlan: 301
                      svi: false
                      ip: 14.14.14.1/24

Routed Interface example:

yaml
Copyapic:
  tenants:
    - name: ABC
      l3outs:
        - name: L3OUT1
          vrf: VRF1
          domain: ROUTED1
          node_profiles:
            - name: NODE_101
              nodes:
                - node_id: 101
                  router_id: 5.5.5.5
                  static_routes:
                    - prefix: 2.2.2.0/24
                      description: My Desc
                      next_hops:
                        - ip: 6.6.6.6
              interface_profiles:
                - name: NODE_101
                  interfaces:
                    - node_id: 101
                      port: 10
                      ip: 14.14.14.1/24

Example with explicit profiles:

yaml
Copyapic:
  tenants:
    - name: ABC
      l3outs:
        - name: L3OUT1
          vrf: VRF1
          domain: ROUTED1
          node_profiles:
            - name: NODE_101
              bgp:
                timer_policy: BGP_TIMER1
                as_path_policy: BGP_AS_PATH1
              nodes:
                - node_id: 101
                  router_id: 5.5.5.5
                  static_routes:
                    - prefix: 2.2.2.0/24
                      description: My Desc
                      next_hops:
                        - ip: 6.6.6.6
              interface_profiles:
                - name: NODE_101
                  description: NODE_101 Description
                  dhcp_labels:
                    - dhcp_relay_policy: DHCP-RELAY1
                      dhcp_option_policy: DHCP-OPTION1
                      scope: tenant
                  interfaces:
                    - node_id: 101
                      port: 10
                      vlan: 301
                      ip: 14.14.14.1/24
                      bgp_peers:
                        - ip: 14.14.14.14
                          remote_as: 65010
          external_endpoint_groups:
            - name: EXT-EPG1
              subnets:
                - prefix: 0.0.0.0/0

Full example:

yaml
Copyapic:
  tenants:
    - name: ABC
      l3outs:
        - name: L3OUT1
          alias: L3OUT1-ALIAS
          description: My Desc
          target_dscp: AF13
          qos_class: level3
          import_route_control_enforcement: true
          export_route_control_enforcement: true
          custom_qos_policy: QOS_POLICY
          vrf: VRF1
          domain: ROUTED1
          bfd_policy: BFD1
          dhcp_labels:
            - dhcp_relay_policy: DHCP-RELAY1
              dhcp_option_policy: DHCP-OPTION1
              scope: tenant
          bgp:
            timer_policy: BGP_TIMER1
            as_path_policy: BGP_AS_PATH1
          ospf:
            area: 0
            area_type: regular
            area_cost: 1
            auth_type: simple
            auth_key: cisco
            auth_key_id: 1
            policy: OIP1
          interleak_route_map: ROUTE_MAP1
          default_route_leak_policy:
            always: false
            criteria: 'in-addition'
            context_scope: false
            outside_scope: false
          redistribution_route_maps:
            - source: direct
              route_map: ROUTE_MAP2
          dampening_ipv4_route_map: ROUTE_MAP3
          dampening_ipv6_route_map: ROUTE_MAP4
          nodes:
            - node_id: 101
              router_id: 5.5.5.5
              router_id_as_loopback: true
              static_routes:
                - prefix: 2.2.2.0/24
                  description: My Desc
                  preference: 1
                  next_hops:
                    - ip: 6.6.6.6
                      description: My Next Hop Desc
              interfaces:
                - channel: VPC1
                  svi: true
                  scope: local
                  vlan: 301
                  ip_a: 14.14.14.1/24
                  ip_b: 14.14.14.2/24
                  ip_shared: 14.14.14.3/24
                  mode: native
                  bgp_peers:
                    - ip: 14.14.14.14
                      remote_as: 65010
                      description: My Desc
                      allow_self_as: true
                      as_override: true
                      bfd: true
                      disable_connected_check: true
                      remove_private_as: true
                      remove_all_private_as: true
                      multicast_address_family: true
                      ttl: 1
                      weight: 0
                      password: C1sco123
                      local_as: 1234
                      as_propagate: dual-as
                      peer_prefix_policy: BGP_PP1
                      export_route_control: ROUTE_MAP1
                      import_route_control: ROUTE_MAP2
                - channel: PC1
                  vlan: 311
                  ip: 24.24.24.1/24
                  bgp_peers:
                    - ip: 24.24.24.2
                      remote_as: 65010
                  micro_bfd:
                    destination_ip: 24.24.24.2
                    start_timer: 120
          import_route_map:
            name: example-import-name
            description: desc
            type: global
            contexts:
              - name: CONTEXT1
                description: desc1
                action: deny
                order: 2
                match_rules:
                - MATCH1
                set_rule: SET1
          export_route_map:
          name: example-export-name
            contexts:
              - name: CONTEXT1
                match_rules:
                - MATCH2
                set_rule: SET2
          external_endpoint_groups:
            - name: EXT-EPG1
              alias: ABC-EXT-EPG1
              description: My Desc
              preferred_group: false
              qos_class: level4
              target_dscp: CS5
              route_control_profiles:
                - name: IMPORT-RCP1
                  direction: import
              subnets:
                - name: ALL
                  prefix: 0.0.0.0/0
                  import_route_control: false
                  export_route_control: false
                  shared_route_control: false
                  import_security: true
                  shared_security: false
                  route_control_profiles:          
                    - name: EXPORT-RCP1
                      direction: export
              contracts:
                consumers:
                  - CON1
                providers:
                  - CON1
                imported_consumers:
                  - IMPORT-CON1
Next