Configuring GRPC tunnel destination
Configuring GRPC tunnel destination
Configuring GRPC tunnel destination
POST http://<mgmt_IP>/api/mo/sys.json
{
"topSystem": {
"children": [
{
"grpctunnelInst": {
"children": [
{
"grpctunnelTunnelMgr": {
"children": [
{
"grpctunnelTunnel": {
"attributes": {
"cert": "server.trust.point",
"certClient": "client.trust.point",
"dest": "1.1.1.1",
"port": "1111",
"srcIf": "lo1",
"targetId": "t1111",
"targetType": "GNMI_GNOI",
"targetVrf": "t-vrf-1001",
"vrf": "vrf-0001"
}
}
}
]
}
}
]
}
}
]
}
}
{
imdata:[]
}
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="101">
<edit-config>
<target>
<running/>
</target>
<config>
<System xmlns="http://cisco.com/ns/yang/cisco-nx-os-device">
<grpctunnel-items>
<tunnelmgr-items>
<tunnel-items>
<Tunnel-list>
<dest>1.1.1.1</dest>
<port>1111</port>
<targetId>t1111</targetId>
<targetType>GNMI_GNOI</targetType>
<vrf>vrf-0001</vrf>
<cert>server.trust.point</cert>
<certClient>client.trust.point</certClient>
<srcIf>lo1</srcIf>
<targetVrf>t-vrf-1001</targetVrf>
</Tunnel-list>
</tunnel-items>
</tunnelmgr-items>
</grpctunnel-items>
</System>
CLI Command
The CLI commands are equivalent to the payload examples displayed in the pane on the right. Click the DME tab in the top-left corner of the right pane to view the JSON payload. Click the YANG tab to view the XML payload.
grpctunnel destination <name-or-ip> port <port> target <target-id> type <type> use-vrf <vrf-name> [source-interface <intf-name>] [cert <tunnel server trustpoint>] [client-cert <client trustpoint>] [target-vrf <target-vrf>]
Note: The property information for this example was added in Release 10.3(2)F.
Verifying a DME Configuration
The following table contains the distinguished name (DN) for each managed object (MO) in the DME payload. Issue a GET request using the DN to verify the configuration was posted or to get information about the configured properties of a particular object.
| MO | DN |
|---|---|
| Tunnel | sys/grpctunnel/tunnelmgr/tunnel-[name-or-ip]-port-[port-num]-target-[target-id]-type-[GNMI_GNOI]-vrf-[vrf-name] |
Tunnel Properties
The following table contains information about the tunnel properties. and MOs, see the NX-API DME Model Reference linked in the Related Documentation section below.
| Property Name | Data Type | Value | Description |
|---|---|---|---|
| dest | naming:Name | Range: min="1" max="254" | Tunnel server ip address or the hostname |
| port | scalar:Uint1 | Range : [1-65535] | Tunnel server port number |
| targetId | naming:Name | Range: min="1" max="254" | Target ID. This is an opaque string. |
| targetType | naming:Name | Only support GNMI_GNOI | Target Type |
| vrf | l3:VrfName | Range: min="1" max="32" | vrf name to dial out |
| srcIf | nw:IfId | Supported interfaces include loopback and svi interfaces | source-interface used to determine the egress source ip address of the tunnel establishment. |
| cert | os:OsString | Range: min="0" max="64" | Trustpoint which holds the tunnel server certificate. |
| certClient | os:OsString | Range: min="0" max="64" | Trustpoint which holds the client certificate. |
| targetVrf | l3:VrfName | Range: min="1" max="32" | vrf name to be used to reach local target. |
Related Documentation
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference:
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload:
https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide: