Network Data Models

Table of Contents

1. Overview
2. Model Types
3. Common Model Patterns
4. Usage Examples
5. Models by Category
6. Network Interfaces
7. Network Services
8. VPN Configuration
9. Other Network Models
10. Routing Configuration
11. Routing Profile Models
12. Best Practices
13. Related Documentation

Overview

The Strata Cloud Manager SDK uses Pydantic models for data validation and serialization of network configurations. These models ensure that the data being sent to and received from the Strata Cloud Manager API adheres to the expected structure and constraints. This section documents the models for network configuration resources.

Model Types

For each network configuration, there are corresponding model types:

• Create Models: Used when creating new network resources ({Object}CreateModel)
• Update Models: Used when updating existing network resources ({Object}UpdateModel)
• Response Models: Used when parsing network data retrieved from the API ({Object}ResponseModel)
• Base Models: Common shared attributes for related network models ({Object}BaseModel)

Common Model Patterns

Network models share common patterns:

• Container validation (exactly one of folder/snippet/device)
• UUID validation for identifiers
• Network address and service validation
• Translation configuration validation
• Rule positioning and ordering logic
• Discriminated union patterns for advanced configurations

Usage Examples

from scm.client import ScmClient
from scm.models.network import NatRuleCreateModel, NatRuleUpdateModel

# Initialize client
client = ScmClient(
   client_id="your_client_id",
   client_secret="your_client_secret",
   tsg_id="your_tsg_id"
)

# Create a new NAT rule using a model
nat_rule = NatRuleCreateModel(
   name="outbound-nat",
   source=["10.0.0.0/24"],
   destination=["any"],
   service="any",
   nat_type="ipv4",
   source_translation={
      "dynamic_ip_and_port": {
         "type": "dynamic_ip_and_port",
         "translated_address": ["192.168.1.100"]
      }
   },
   folder="NAT Rules"
)

# Convert the model to a dictionary for the API call
rule_dict = nat_rule.model_dump(exclude_unset=True)
result = client.nat_rule.create(rule_dict)

# Update an existing NAT rule using a model
update_rule = NatRuleUpdateModel(
   id=result.id,
   name="outbound-nat-updated",
   description="Updated outbound NAT rule",
   folder="NAT Rules"
)

update_dict = update_rule.model_dump(exclude_unset=True)
updated_result = client.nat_rule.update(update_dict)

Models by Category

Network Interfaces

• Aggregate Interface Models - Aggregate (bonded) ethernet interfaces with LACP
• Ethernet Interface Models - Physical ethernet interfaces (Layer 2/3/TAP modes)
• Layer2 Subinterface Models - Layer 2 VLAN subinterfaces
• Layer3 Subinterface Models - Layer 3 VLAN subinterfaces with IP addressing
• Loopback Interface Models - Loopback interfaces
• Tunnel Interface Models - Tunnel interfaces for VPN
• VLAN Interface Models - VLAN interfaces for inter-VLAN routing

Network Services

• DHCP Interface Models - DHCP server and relay configurations on firewall interfaces
• Interface Management Profile Models - Interface management profiles for controlling management access

VPN Configuration

• IKE Crypto Profile Models - Internet Key Exchange crypto profiles for VPN tunnels
• IKE Gateway Models - Internet Key Exchange gateways for VPN tunnel endpoints
• IPsec Crypto Profile Models - IPsec crypto profiles for VPN tunnels
• IPsec Tunnel Models - IPsec tunnel configurations for site-to-site VPN

Other Network Models

• DNS Proxy Models - DNS proxy configurations with domain-specific rules and caching
• NAT Rule Models - Network Address Translation rules
• PBF Rule Models - Policy-Based Forwarding rule configurations
• QoS Profile Models - Quality of Service profile configurations
• QoS Rule Models - QoS policy rule configurations with move operations
• Security Zone Models - Security Zone configuration and management
• Zone Protection Profile Models - Zone protection profiles for flood and scan protection

Routing Configuration

• Logical Router Models - Logical router models with VRF, BGP, OSPF, ECMP, and static routes

Routing Profile Models

• BGP Address Family Profile Models - BGP address family configuration models
• BGP Auth Profile Models - BGP MD5 authentication profile models
• BGP Filtering Profile Models - BGP filtering profile models for route filtering
• BGP Redistribution Profile Models - BGP redistribution profile models
• BGP Route Map Models - BGP route map models with match/set criteria
• BGP Route Map Redistribution Models - BGP route map redistribution models with protocol crossover patterns
• OSPF Auth Profile Models - OSPF authentication profile models
• Route Access List Models - Route access list models for route filtering
• Route Prefix List Models - Route prefix list models for prefix-based filtering

Best Practices

1. Model Validation
2. Always validate network configuration data with models before sending to the API
3. Handle validation errors appropriately for network configurations

4. Use model_dump(exclude_unset=True) to avoid sending default values in network rules

5. NAT Rule Configuration

6. Ensure source and destination addresses are properly formatted
7. Validate that exactly one translation type is specified
8. Test NAT rules in a non-production environment first

9. Document NAT rules and their intended purpose

10. Network Address Handling

11. Validate IP addresses and subnets before creating rules
12. Use CIDR notation consistently for network addresses
13. Be aware of overlapping network definitions

14. Consider using address objects for frequently used networks

15. Error Handling

16. Catch and handle ValueError exceptions from network model validation
17. Check for common NAT configuration issues (missing translation, invalid addresses)
18. Validate that referenced services exist when used in NAT rules

Related Documentation

• Network Configuration - Working with network configurations
• NAT Rules Configuration - NAT rule operations
• Address Models - Address models used in network configurations