Skip to content

Validation rule checking if access port is associated with just single network #690

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
mkilar123 wants to merge 3 commits into
base: develop
Choose a base branch
from
Open

Validation rule checking if access port is associated with just single network #690

mkilar123 wants to merge 3 commits into from

Conversation

@mkilar123
Copy link
Collaborator

@mkilar123 mkilar123 commented Dec 10, 2025
edited
Loading

Related Issue(s)

Fixes #695

Related Collection Role

  • cisco.nac_dc_vxlan.validate
  • cisco.nac_dc_vxlan.dtc.create
  • cisco.nac_dc_vxlan.dtc.deploy
  • cisco.nac_dc_vxlan.dtc.remove
  • other

Related Data Model Element

  • vxlan.fabric
  • vxlan.global
  • vxlan.topology
  • vxlan.underlay
  • vxlan.overlay
  • vxlan.overlay_extensions
  • vxlan.policy
  • vxlan.multisite
  • defaults.vxlan
  • other

Proposed Changes

Adding a validation rule which checks if an access interface is mapped to maximum one network:
Checked conditions:

  • If the access interface has "access_vlan" defined - it cannot be associated with any network_attach_group
  • If the access interface has no "access_vlan" defined - it can be associated with maximum one network_attach_group
  • If network_attach_group contains an access port - it can be associated with maximum one network
    The checks also apply to interfaces on TORs

Test Notes

Tests run:

  • access interface without "access_vlan" defined referenced max once in network_attach_groups

  • access interface with"access_vlan" defined not referenced in any network_attach_groups

  • TOR access interface without "access_vlan" defined referenced max once in network_attach_groups

  • TOR access interface with"access_vlan" defined not referenced in any network_attach_groups

  • access interface with"access_vlan" defined referenced only once in network_attach_groups

  • TOR access interface with"access_vlan" defined referenced only once in network_attach_groups

  • access interface without "access_vlan" defined referenced multiple times in network_attach_groups

  • TOR access interface without "access_vlan" defined referenced multiple times in network_attach_groups

  • network_attach_group containing access port referenced by one network

  • network_attach_group containing access port referenced by multiple networks

    • network_attach_group without access port referenced by multiple networks

Cisco Nexus Dashboard Version

Checklist

  • Latest commit is rebased from develop with merge conflicts resolved
  • New or updates to documentation has been made accordingly
  • Assigned the proper reviewers

@mkilar123 mkilar123 requested a review from a team as a code owner December 10, 2025 11:20
@mkilar123 mkilar123 requested a review from skaszlik December 10, 2025 11:20
@mkilar123 mkilar123 added enhancement New feature or request ready for review PR Ready for Review labels Dec 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@skaszlik skaszlik Awaiting requested review from skaszlik

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

enhancement New feature or request ready for review PR Ready for Review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Create a validation rule that would prevent attaching multiple networks to an access port

1 participant

@mkilar123