openstack-attic/netconn-api
Code Issues Proposed changes
b51a471b55
netconn-api/v2.0/section_neutron-vpn-ext.xml
Andreas Jaeger b51a471b55 Remove extra whitespace 
Remove extra whitespace like whitespace at end of line or
before a closing </para>. Also, change tabs to spaces.

Change-Id: I43d5418cc6c21736a29921e88774cdfdadc09b28
2013-12-26 18:40:20 +01:00

1772 lines
69 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE section [
<!-- Some useful entities borrowed from HTML -->
<!ENTITY ndash "&#x2013;">
<!ENTITY mdash "&#x2014;">
<!ENTITY hellip "&#x2026;">
<!ENTITY plusmn "&#xB1;">
<!-- Useful for describing APIs -->
<!ENTITY GET '<command xmlns="http://docbook.org/ns/docbook">GET</command>'>
<!ENTITY PUT '<command xmlns="http://docbook.org/ns/docbook">PUT</command>'>
<!ENTITY POST '<command xmlns="http://docbook.org/ns/docbook">POST</command>'>
<!ENTITY DELETE '<command xmlns="http://docbook.org/ns/docbook">DELETE</command>'>
<!ENTITY CHECK '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="figures/Check_mark_23x20_02.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
<!ENTITY ARROW '<inlinemediaobject xmlns="http://docbook.org/ns/docbook">
<imageobject>
<imagedata fileref="figures/Arrow_east.svg"
format="SVG" scale="60"/>
</imageobject>
</inlinemediaobject>'>
]>
<section xmlns="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:svg="http://www.w3.org/2000/svg"
xmlns:m="http://www.w3.org/1998/Math/MathML"
xmlns:html="http://www.w3.org/1999/xhtml"
xmlns:db="http://docbook.org/ns/docbook" version="5.0"
status="final" xml:id="vpnaas_ext">
<title>The Virtual Private Network as a Service (VPNaaS) Extension</title>
<para>The VPNaaS extension provides OpenStack tenants
with the ability to extend private networks across the public
telecommunication infrastructure.
The capabilities provided by this initial implementation of the
VPNaaS extension are:
<itemizedlist>
<listitem>
<para>Site-to-site Virtual Private Network connecting two
private networks.</para>
</listitem>
<listitem>
<para>Multiple VPN connections per tenant.</para>
</listitem>
<listitem>
<para>Supporting IKEv1 policy with 3des, aes-128, aes-256,
or aes-192 encryption.</para>
</listitem>
<listitem>
<para>Supporting IPSec policy with 3des, aes-128, aes-256,
or aes-192 encryption, sha1 authentication, ESP, AH,
or AH-ESP transform protocol, and tunnel or transport
mode encapsulation.</para>
</listitem>
<listitem>
<para>Dead Peer Detection (DPD) allowing hold, clear, restart,
disabled, or restart-by-peer actions.</para>
</listitem>
</itemizedlist>
</para>
<para>This extension introduces new resources:
<itemizedlist>
<listitem>
<para><emphasis role="bold">service</emphasis>, a high level
object that associates VPN with a specific subnet and
router.</para>
</listitem>
<listitem>
<para><emphasis role="bold">ikepolicy</emphasis>, the Internet
Key Exchange policy identifying the authentication and
encryption algorithm used during phase one and phase
two negotiation of a VPN connection.</para>
</listitem>
<listitem>
<para><emphasis role="bold">ipsecpolicy</emphasis>, the IP
security policy specifying the authentication and
encryption algorithm, and encapsulation mode used for
the established VPN connection.</para>
</listitem>
<listitem>
<para><emphasis role="bold">ipsec-site-connection</emphasis>,
has details for the site-to-site IPsec connection,
including the peer CIDRs, MTU, authentication mode,
peer address, DPD settings, and status.</para>
</listitem>
</itemizedlist>
</para>
<note>
<para>This extension is <emphasis role="bold">experimental</emphasis>
for the Havana release. The API may change without backward
compatibility.</para>
</note>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_concepts">
<title>Concepts</title>
<para>
A VPN <emphasis role="bold">service</emphasis> relates the
Virtual Private Network with a specific subnet and router for a
tenant.
</para>
<para>
An <emphasis role="bold">IKE Policy</emphasis> is used for
phase one and phase two negotiation of the VPN connection.
Configuration selects the authentication and encryption
algorithm used to establish a connection.
</para>
<para>
An <emphasis role="bold">IPsec Policy</emphasis> is used to
specify the encryption algorithm, transform protocol, and
mode (tunnel/transport) for the VPN connection.
</para>
<para>
A VPN <emphasis role="bold">connection</emphasis> represents
the IPsec tunnel established between two sites for the tenant.
This contains configuration settings specifying the policies
used, peer information, MTU, and the DPD actions to take.
</para>
</section>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_flow">
<title>High-level flow</title>
<para>
The high-level task flow for using VPNaaS API to configure a
site-to-site Virtual Private Network is as follows:
<orderedlist>
<listitem>
<para>The tenant creates a VPN service specifying the router
and subnet.</para>
</listitem>
<listitem>
<para>The tenant creates an IKE Policy.</para>
</listitem>
<listitem>
<para>The tenant creates an IPsec Policy.</para>
</listitem>
<listitem>
<para>The tenant creates a VPN connection, specifying the
VPN service, peer information, and IKE and IPsec
policies.</para>
</listitem>
</orderedlist>
</para>
</section>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_service">
<title>VPN Service Operations</title>
<para>This section discusses operations for managing a tenant's
VPN service through this extension.
</para>
<table rules="all">
<caption>VPN Service Attributes</caption>
<col width="20%"/>
<col width="8%"/>
<col width="10%"/>
<col width="7%"/>
<col width="15%"/>
<col width="15%"/>
<col width="25%"/>
<thead>
<tr>
<th>Attribute</th>
<th>Type</th>
<th>Required</th>
<th>CRUD
<footnote xml:id="vpnaas_service_crud_note">
<para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">C</emphasis>. Use the attribute in create operations.</para>
</listitem>
<listitem>
<para><emphasis role="bold">R</emphasis>. This attribute is returned in response to show and list operations.</para>
</listitem>
<listitem>
<para><emphasis role="bold">U</emphasis>. You can update the value of this attribute.</para>
</listitem>
<listitem>
<para><emphasis role="bold">D</emphasis>. You can delete the value of this attribute.</para>
</listitem>
</itemizedlist>
</para>
</footnote>
</th>
<th>Default Value</th>
<th>Validation Constraints</th>
<th>Notes</th>
</tr>
</thead>
<tbody>
<tr>
<td>id</td>
<td>uuid-str</td>
<td>N/A</td>
<td>R</td>
<td>generated</td>
<td>N/A</td>
<td>Unique identifier for the VPN Service object.</td>
</tr>
<tr>
<td>tenant_id</td>
<td>uuid-str</td>
<td>Yes</td>
<td>CR</td>
<td>Derived from Authentication token</td>
<td>valid tenant_id</td>
<td>Owner of the VPN service. Only admin users can specify a
tenant identifier other than their own.</td>
</tr>
<tr>
<td>name</td>
<td>String</td>
<td>No</td>
<td>CRU</td>
<td>None</td>
<td>N/A</td>
<td>Human readable name for the VPN service.
Does not have to be unique.
</td>
</tr>
<tr>
<td>description</td>
<td>String</td>
<td>No</td>
<td>CRU</td>
<td>None</td>
<td>N/A</td>
<td>Human readable description for the VPN service.</td>
</tr>
<tr>
<td>status</td>
<td>String</td>
<td>N/A</td>
<td>R</td>
<td>N/A</td>
<td>N/A</td>
<td>Indicates whether IPsec VPN service is currently
operational. Possible values include:
ACTIVE, DOWN, BUILD, ERROR, PENDING_CREATE,
PENDING_UPDATE, or PENDING_DELETE.</td>
</tr>
<tr>
<td>admin_state_up</td>
<td>Bool</td>
<td>N/A</td>
<td>CRU</td>
<td>true</td>
<td>{true | false }</td>
<td>Administrative state of the vpnservice. If false
(down), port does not forward packets.</td>
</tr>
<tr>
<td>subnet_id</td>
<td>uuid-str</td>
<td>Yes</td>
<td>CR</td>
<td>N/A</td>
<td>valid subnet ID</td>
<td>The subnet on which the tenant wants the VPN service. This
may be extended in the future to support multiple subnets.</td>
</tr>
<tr>
<td>router_id</td>
<td>uuid-str</td>
<td>Yes</td>
<td>CR</td>
<td>N/A</td>
<td>valid router ID</td>
<td>Router ID to which the VPN service is inserted. This may
change in the future, when router level insertion is available.</td>
</tr>
</tbody>
</table>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_service_list">
<title>List VPN Services</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&GET;
</td>
<td>/vpn/vpnservices</td>
<td>Lists VPN services.</td>
</tr>
</tbody>
</informaltable>
<simpara>Normal Response Code:
<returnvalue>200</returnvalue>
</simpara>
<simpara>Error Response Codes: Unauthorized (<errorcode>401</errorcode>),
Forbidden (<errorcode>403</errorcode>)
</simpara>
<para>This operation does not require a request body.</para>
<para>This operation returns a response body.</para>
<example>
<title>List VPN Services: Request</title>
<programlisting>
GET /v2.0/vpn/vpnservices.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
</example>
<example>
<title>List VPN Services: Response</title>
<programlisting language="json"><xi:include href="samples/vpn/vpnservice-list-res.json" parse="text"/></programlisting>
</example>
</section>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_service_show">
<title>Show VPN Service</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&GET;
</td>
<td>/vpn/vpnservices/<parameter>service-id</parameter></td>
<td>Returns details about a specific VPN service.</td>
</tr>
</tbody>
</informaltable>
<simpara>Normal Response Code:
<returnvalue>200</returnvalue>
</simpara>
<simpara>Error Response Codes: Unauthorized (<errorcode>401</errorcode>),
Forbidden (<errorcode>403</errorcode>), Not Found (<errorcode>404</errorcode>)
</simpara>
<para>This operation does not require a request body.</para>
<para>This operation returns a response body.</para>
<example>
<title>Show VPN Service: Request</title>
<programlisting>
GET /v2.0/vpn/vpnservices/9faaf49f-dd89-4e39-a8c6-101839aa49bc.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
</example>
<example>
<title>Show VPN Service: Response</title>
<programlisting language="json"><xi:include href="samples/vpn/vpnservice-show-res.json" parse="text"/></programlisting>
</example>
</section>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_service_create">
<title>Create VPN Service</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&POST;</td>
<td>/vpn/vpnservices</td>
<td>Creates a new VPN service.</td>
</tr>
</tbody>
</informaltable>
<para>Normal Response Code: <returnvalue>201</returnvalue>
</para>
<simpara>Error Response Codes: Unauthorized (<errorcode>401</errorcode>),
Bad Request (<errorcode>400</errorcode>)</simpara>
<para>This operation requires a request body.</para>
<para>This operation returns a response body.</para>
<example>
<title>Create VPN Service: Request</title>
<programlisting>
POST /v2.0/vpn/vpnservices.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/vpnservice-create-req.json" parse="text"/></programlisting>
</example>
<example>
<title>Create VPN: Response</title>
<programlisting>
HTTP/1.1 201 Created
Content-Type: application/json; charset=UTF-8
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/vpnservice-create-res.json" parse="text"/></programlisting>
</example>
</section>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_service_update">
<title>Update VPN Service</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&PUT;</td>
<td>/vpn/vpnservices/<parameter>service-id</parameter></td>
<td>Updates a VPN service, provided status is not
indicating a PENDING_* state.</td>
</tr>
</tbody>
</informaltable>
<para>Normal Response Code: <returnvalue>200</returnvalue></para>
<simpara>Error Response Codes: Unauthorized (<errorcode>401</errorcode>),
Bad Request (<errorcode>400</errorcode>), Not Found (<errorcode>404</errorcode>)</simpara>
<example>
<title>Update VPN Service: Request</title>
<programlisting>
PUT /v2.0/vpn/vpnservices/41bfef97-af4e-4f6b-a5d3-4678859d2485.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/vpnservice-update-req.json" parse="text"/></programlisting>
</example>
<example>
<title>Update VPN Service: Response</title>
<programlisting>
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/vpnservice-update-res.json" parse="text"/></programlisting>
</example>
</section>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_service_delete">
<title>Delete VPN Service</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&DELETE;</td>
<td>/vpn/vpnservices/<parameter>service-id</parameter></td>
<td>Removes a VPN service.</td>
</tr>
</tbody>
</informaltable>
<para>Normal Response Code: <returnvalue>204</returnvalue>
</para>
<simpara>Error Response Codes: Unauthorized (<errorcode>401</errorcode>),
Not Found (<errorcode>404</errorcode>), Conflict
(<errorcode>409</errorcode>)</simpara>
<para>This operation does not require a request body.</para>
<para>This operation does not return a response body.</para>
<example>
<title>Delete VPN Service: Request</title>
<programlisting>
DELETE /v2.0/vpn/vpnservices/1be5e5f7-c45e-49ba-85da-156575b60d50.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
</example>
<example>
<title>Delete VPN Service: Response</title>
<programlisting>
HTTP/1.1 204 No Content
Content-Length: 0
</programlisting>
</example>
</section>
</section> <!-- end of vpnservice section-->
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_ikepolicy">
<title>IKE Policy Operations</title>
<para>This section discusses operations for managing IKE Policies
through the VPN as a Service extension.
</para>
<table rules="all">
<caption>IKE Policy Attributes</caption>
<col width="20%"/>
<col width="8%"/>
<col width="10%"/>
<col width="7%"/>
<col width="15%"/>
<col width="15%"/>
<col width="25%"/>
<thead>
<tr>
<th>Attribute</th>
<th>Type</th>
<th>Required</th>
<th>CRUD
<footnote xml:id="vpnaas_ikepolicy_crud_note">
<para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">C</emphasis>. Use the attribute in create operations.</para>
</listitem>
<listitem>
<para><emphasis role="bold">R</emphasis>. This attribute is returned in response to show and list operations.</para>
</listitem>
<listitem>
<para><emphasis role="bold">U</emphasis>. You can update the value of this attribute.</para>
</listitem>
<listitem>
<para><emphasis role="bold">D</emphasis>. You can delete the value of this attribute.</para>
</listitem>
</itemizedlist>
</para>
</footnote>
</th>
<th>Default Value</th>
<th>Validation Constraints</th>
<th>Notes</th>
</tr>
</thead>
<tbody>
<tr>
<td>id</td>
<td>uuid-str</td>
<td>N/A</td>
<td>R</td>
<td>generated</td>
<td>N/A</td>
<td>Unique identifier for the IKE policy.</td>
</tr>
<tr>
<td>tenant_id</td>
<td>uuid-str</td>
<td>Yes</td>
<td>CR</td>
<td>None</td>
<td>valid tenant_id</td>
<td>Unique identifier for owner of the VPN service.</td>
</tr>
<tr>
<td>name</td>
<td>string</td>
<td>yes</td>
<td>CRU</td>
<td>None</td>
<td>N/A</td>
<td>Friendly name for the IKE policy.</td>
</tr>
<tr>
<td>description</td>
<td>string</td>
<td>no</td>
<td>CRU</td>
<td>None</td>
<td>N/A</td>
<td>Description of the IKE policy.</td>
</tr>
<tr>
<td>auth_algorithm</td>
<td>string</td>
<td>no</td>
<td>CRU</td>
<td>sha1</td>
<td>N/A</td>
<td>Authentication Hash algorithms: sha1.</td>
</tr>
<tr>
<td>encryption_algorithm</td>
<td>string</td>
<td>no</td>
<td>CRU</td>
<td>aes-128</td>
<td>N/A</td>
<td>Encryption Algorithms: 3des, aes-128, aes-256, aes-192, etc.</td>
</tr>
<tr>
<td>phase1_negotiation_<?sbr?>mode</td>
<td>string</td>
<td>no</td>
<td>CRU</td>
<td>Main Mode</td>
<td>N/A</td>
<td>IKE mode: Main Mode.</td>
</tr>
<tr>
<td>pfs</td>
<td>string</td>
<td>no</td>
<td>CRU</td>
<td>Group5</td>
<td>N/A</td>
<td>Perfect Forward Secrecy: Group2, Group5, or Group14.</td>
</tr>
<tr>
<td>ike_version</td>
<td>string</td>
<td>no</td>
<td>CRU</td>
<td>v1</td>
<td>N/A</td>
<td>Version: v1 or v2.</td>
</tr>
<tr>
<td>lifetime</td>
<td>dict</td>
<td>no</td>
<td>CRU</td>
<td>units: seconds, value: 3600.</td>
<td>Dictionary should be in this form: {'units': 'seconds', 'value': 2000}.
Value is a positive integer.</td>
<td>Lifetime of the SA. Units in 'seconds'. Either units or
value may be omitted.</td>
</tr>
</tbody>
</table>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_ikepolicy_list">
<title>List IKE Policies</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&GET;
</td>
<td>/vpn/ikepolicies</td>
<td>Lists IKE policies.</td>
</tr>
</tbody>
</informaltable>
<simpara>Normal Response Code:
<returnvalue>200</returnvalue>
</simpara>
<simpara>Error Response Codes: Unauthorized
(<errorcode>401</errorcode>), Forbidden
(<errorcode>403</errorcode>)
</simpara>
<para>This operation does not require a request body.</para>
<para>This operation returns a response body.</para>
<example>
<title>List IKE Policies: Request</title>
<programlisting>
GET /v2.0/vpn/ikepolicies.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
</example>
<example>
<title>List IKE Policies: Response</title>
<programlisting>
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ikepolicy-list-res.json" parse="text"/></programlisting>
</example>
</section>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_ikepolicy_show">
<title>Show IKE Policy</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&GET;
</td>
<td>/vpn/ikepolicies/<parameter>ikepolicy-id</parameter></td>
<td>Returns details about a specific IKE policy.</td>
</tr>
</tbody>
</informaltable>
<simpara>Normal Response Code:
<returnvalue>200</returnvalue>
</simpara>
<simpara>Error Response Codes: Unauthorized (<errorcode>401</errorcode>),
Forbidden (<errorcode>403</errorcode>), Not Found (<errorcode>404</errorcode>)
</simpara>
<para>This operation does not require a request body.</para>
<para>This operation returns a response body.</para>
<example>
<title>Show IKE Policy: Request</title>
<programlisting>
GET /v2.0/vpn/ikepolicies/5522aff7-1b3c-48dd-9c3c-b50f016b73db.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
</example>
<example>
<title>Show IKE Policy: Response</title>
<programlisting>
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ikepolicy-show-res.json" parse="text"/></programlisting>
</example>
</section>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_ikepolicy_create">
<title>Create IKE Policy</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&POST;</td>
<td>/vpn/ikepolicies</td>
<td>Creates a new IKE policy.</td>
</tr>
</tbody>
</informaltable>
<para>Normal Response Code: <returnvalue>201</returnvalue>
</para>
<simpara>Error Response Codes: Unauthorized (<errorcode>401</errorcode>),
Bad Request (<errorcode>400</errorcode>)</simpara>
<para>This operation requires a request body.</para>
<para>This operation returns a response body.</para>
<example>
<title>Create IKE Policy: Request</title>
<programlisting>
POST /v2.0/vpn/ikepolicies.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ikepolicy-create-req.json" parse="text"/></programlisting>
</example>
<example>
<title>Create IKE Policy: Response</title>
<programlisting>
HTTP/1.1 201 Created
Content-Type: application/json; charset=UTF-8
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ikepolicy-create-res.json" parse="text"/></programlisting>
</example>
</section>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_ikepolicy_update">
<title>Update IKE Policy</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&PUT;</td>
<td>/vpn/ikepolicies/<parameter>ikepolicy-id</parameter></td>
<td>Updates an IKE policy.</td>
</tr>
</tbody>
</informaltable>
<para>Normal Response Code: <returnvalue>200</returnvalue></para>
<simpara>Error Response Codes: Unauthorized (<errorcode>401</errorcode>),
Bad Request (<errorcode>400</errorcode>), Not Found (<errorcode>404</errorcode>)</simpara>
<example>
<title>Update IKE Policy: Request</title>
<programlisting>
PUT /v2.0/vpn/ikepolicies/5522aff7-1b3c-48dd-9c3c-b50f016b73db.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ikepolicy-update-req.json" parse="text"/></programlisting>
</example>
<example>
<title>Update IKE Policy: Response</title>
<programlisting>
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ikepolicy-update-res.json" parse="text"/></programlisting>
</example>
</section>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_ikepolicy_delete">
<title>Delete IKE Policy</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&DELETE;</td>
<td>/vpn/ikepolicies/<parameter>ikepolicy-id</parameter></td>
<td>Removes an IKE policy.</td>
</tr>
</tbody>
</informaltable>
<para>Normal Response Code: <returnvalue>204</returnvalue>
</para>
<simpara>Error Response Codes: Unauthorized (<errorcode>401</errorcode>),
Not Found (<errorcode>404</errorcode>), Conflict
(<errorcode>409</errorcode>)</simpara>
<para>This operation does not require a request body.</para>
<para>This operation does not return a response body.</para>
<example>
<title>Delete IKE Policy: Request</title>
<programlisting>
DELETE /v2.0/vpn/ikepolicies/5522aff7-1b3c-48dd-9c3c-b50f016b73db.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
</example>
<example>
<title>Delete IKE Policy: Response</title>
<programlisting>
HTTP/1.1 204 No Content
Content-Length: 0
</programlisting>
</example>
</section>
</section> <!-- end of ikepolicy section-->
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_ipsecpolicy">
<title>IPSec Policy Operations</title>
<para>This section discusses operations for managing IPSec
policies through the VPN as a Service extension.
</para>
<table rules="all">
<caption>IPSec Policy Attributes</caption>
<col width="20%"/>
<col width="8%"/>
<col width="10%"/>
<col width="7%"/>
<col width="15%"/>
<col width="15%"/>
<col width="25%"/>
<thead>
<tr>
<th>Attribute</th>
<th>Type</th>
<th>Required</th>
<th>CRUD
<footnote xml:id="vpnaas_ipsec_crud_note">
<para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">C</emphasis>. Use the attribute in create operations.</para>
</listitem>
<listitem>
<para><emphasis role="bold">R</emphasis>. This attribute is returned in response to show and list operations.</para>
</listitem>
<listitem>
<para><emphasis role="bold">U</emphasis>. You can update the value of this attribute.</para>
</listitem>
<listitem>
<para><emphasis role="bold">D</emphasis>. You can delete the value of this attribute.</para>
</listitem>
</itemizedlist>
</para>
</footnote>
</th>
<th>Default Value</th>
<th>Validation Constraints</th>
<th>Notes</th>
</tr>
</thead>
<tbody>
<tr>
<td>id</td>
<td>uuid-str</td>
<td>N/A</td>
<td>R</td>
<td>generated</td>
<td>N/A</td>
<td>Unique identifier for the IPsec policy.</td>
</tr>
<tr>
<td>tenant_id</td>
<td>uuid-str</td>
<td>Yes</td>
<td>CR</td>
<td>None</td>
<td>valid tenant_id</td>
<td>Unique identifier for owner of the VPN service.</td>
</tr>
<tr>
<td>name</td>
<td>string</td>
<td>yes</td>
<td>CRU</td>
<td>None</td>
<td>N/A</td>
<td>Friendly name for the IPsec policy.</td>
</tr>
<tr>
<td>description</td>
<td>string</td>
<td>no</td>
<td>CRU</td>
<td>None</td>
<td>N/A</td>
<td>Description of the IPSec policy.</td>
</tr>
<tr>
<td>transform_protocol</td>
<td>string</td>
<td>no</td>
<td>CRU</td>
<td>ESP</td>
<td>N/A</td>
<td>Transform protocol used: ESP, AH, or AH-ESP.</td>
</tr>
<tr>
<td>encapsulation_mode</td>
<td>string</td>
<td>no</td>
<td>CRU</td>
<td>tunnel</td>
<td>N/A</td>
<td>Encapsulation mode: tunnel or transport.</td>
</tr>
<tr>
<td>auth_algorithm</td>
<td>string</td>
<td>no</td>
<td>CRU</td>
<td>sha1</td>
<td>N/A</td>
<td>Authentication algorithm: sha1.</td>
</tr>
<tr>
<td>encryption_algorithm</td>
<td>string</td>
<td>no</td>
<td>CRU</td>
<td>aes-128</td>
<td>N/A</td>
<td>Encryption Algorithms: 3des, aes-128, aes-256, or aes-192.</td>
</tr>
<tr>
<td>pfs</td>
<td>string</td>
<td>no</td>
<td>CRU</td>
<td>group5</td>
<td>N/A</td>
<td>Perfect Forward Secrecy: group2, group5, or group14.</td>
</tr>
<tr>
<td>lifetime</td>
<td>dict</td>
<td>no</td>
<td>CRU</td>
<td>units: seconds, value: 3600.</td>
<td>Dictionary should be in this form: {'units': 'seconds', 'value': 2000}.
Value is a positive integer.</td>
<td>Lifetime of the SA. Units in 'seconds'. Either units or
value may be omitted.</td>
</tr>
</tbody>
</table>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_ipsecpolicy_list">
<title>List IPSec Policy</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&GET;
</td>
<td>/vpn/ipsecpolicies</td>
<td>Lists IPSec policies.</td>
</tr>
</tbody>
</informaltable>
<simpara>Normal Response Code:
<returnvalue>200</returnvalue>
</simpara>
<simpara>Error Response Codes: Unauthorized
(<errorcode>401</errorcode>), Forbidden
(<errorcode>403</errorcode>)
</simpara>
<para>This operation does not require a request body.</para>
<para>This operation returns a response body.</para>
<example>
<title>List IPSec Policies: Request</title>
<programlisting>
GET /v2.0/vpn/ipsecpolicies.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
</example>
<example>
<title>List IPSec Policies: Response</title>
<programlisting>
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ipsecpolicy-list-res.json" parse="text"/></programlisting>
</example>
</section>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_ipsecpolicy_show">
<title>Show IPSec Policy</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&GET;
</td>
<td>/vpn/ipsecpolicies/<parameter>ipsecpolicy-id</parameter></td>
<td>Returns details about a specific IPSec policy.</td>
</tr>
</tbody>
</informaltable>
<simpara>Normal Response Code:
<returnvalue>200</returnvalue>
</simpara>
<simpara>Error Response Codes: Unauthorized (<errorcode>401</errorcode>),
Forbidden (<errorcode>403</errorcode>), Not Found (<errorcode>404</errorcode>)
</simpara>
<para>This operation does not require a request body.</para>
<para>This operation returns a response body.</para>
<example>
<title>Show IPSec Policy: Request</title>
<programlisting>
GET /v2.0/vpn/ipsecpolicies/5291b189-fd84-46e5-84bd-78f40c05d69c.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
</example>
<example>
<title>Show IPSec Policy: Response</title>
<programlisting>
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ipsecpolicy-show-res.json" parse="text"/></programlisting>
</example>
</section>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_ipsecpolicy_create">
<title>Create IPSec Policy</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&POST;</td>
<td>/vpn/ipsecpolicies</td>
<td>Creates a new IPSec policy.</td>
</tr>
</tbody>
</informaltable>
<para>Normal Response Code: <returnvalue>201</returnvalue>
</para>
<simpara>Error Response Codes: Unauthorized (<errorcode>401</errorcode>),
Bad Request (<errorcode>400</errorcode>)</simpara>
<para>This operation requires a request body.</para>
<para>This operation returns a response body.</para>
<example>
<title>Create IPSec Policy: Request</title>
<programlisting>
POST /v2.0/vpn/ipsecpolicies.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ipsecpolicy-create-req.json" parse="text"/></programlisting>
</example>
<example>
<title>Create IPSec Policy: Response</title>
<programlisting>
HTTP/1.1 201 Created
Content-Type: application/json; charset=UTF-8
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ipsecpolicy-create-res.json" parse="text"/></programlisting>
</example>
</section>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_ipsecpolicy_update">
<title>Update IPSec Policy</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&PUT;</td>
<td>/vpn/ipsecpolicies/<parameter>ipsecpolicy-id</parameter></td>
<td>Updates a IPSec policy.</td>
</tr>
</tbody>
</informaltable>
<para>Normal Response Code: <returnvalue>200</returnvalue></para>
<simpara>Error Response Codes: Unauthorized (<errorcode>401</errorcode>),
Bad Request (<errorcode>400</errorcode>), Not Found (<errorcode>404</errorcode>)</simpara>
<example>
<title>Update IPSec Policy: Request</title>
<programlisting>
PUT /v2.0/vpn/ipsecpolicies/5291b189-fd84-46e5-84bd-78f40c05d69c.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ipsecpolicy-update-req.json" parse="text"/></programlisting>
</example>
<example>
<title>Update IPSec Policy: Response</title>
<programlisting>
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ipsecpolicy-update-res.json" parse="text"/></programlisting>
</example>
</section>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_ipsecpolicy_delete">
<title>Delete IPSec Policy</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&DELETE;</td>
<td>/vpn/ipsecpolicies/<parameter>ipsecpolicy-id</parameter></td>
<td>Removes a IPSec policy.</td>
</tr>
</tbody>
</informaltable>
<para>Normal Response Code: <returnvalue>204</returnvalue>
</para>
<simpara>Error Response Codes: Unauthorized (<errorcode>401</errorcode>),
Not Found (<errorcode>404</errorcode>), Conflict
(<errorcode>409</errorcode>)</simpara>
<para>This operation does not require a request body.</para>
<para>This operation does not return a response body.</para>
<example>
<title>Delete IPSec Policy: Request</title>
<programlisting>
DELETE /v2.0/vpn/ipsecpolicies/5291b189-fd84-46e5-84bd-78f40c05d69c.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
</example>
<example>
<title>Delete IPSec Policy: Response</title>
<programlisting>
HTTP/1.1 204 No Content
Content-Length: 0
</programlisting>
</example>
</section>
</section> <!-- end of ipsecpolicy section-->
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_ipsec_site_connection">
<title>IPSec Site Connection Operations</title>
<para>This section discusses operations for managing IPSec
site-to-site connections through the VPN as a Service extension.
</para>
<table rules="all">
<caption>IPSec Site Connection Attributes</caption>
<col width="20%"/>
<col width="8%"/>
<col width="10%"/>
<col width="7%"/>
<col width="15%"/>
<col width="15%"/>
<col width="25%"/>
<thead>
<tr>
<th>Attribute</th>
<th>Type</th>
<th>Required</th>
<th>CRUD
<footnote xml:id="vpnaas_ipsec_site_connection_crud_note">
<para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">C</emphasis>. Use the attribute in create operations.</para>
</listitem>
<listitem>
<para><emphasis role="bold">R</emphasis>. This attribute is returned in response to show and list operations.</para>
</listitem>
<listitem>
<para><emphasis role="bold">U</emphasis>. You can update the value of this attribute.</para>
</listitem>
<listitem>
<para><emphasis role="bold">D</emphasis>. You can delete the value of this attribute.</para>
</listitem>
</itemizedlist>
</para>
</footnote>
</th>
<th>Default Value</th>
<th>Validation Constraints</th>
<th>Notes</th>
</tr>
</thead>
<tbody>
<tr>
<td>id</td>
<td>uuid-str</td>
<td>N/A</td>
<td>R</td>
<td>generated</td>
<td>N/A</td>
<td>Unique identifier for the IPSec site-to-site connection.</td>
</tr>
<tr>
<td>tenant_id</td>
<td>uuid-str</td>
<td>Yes</td>
<td>CR</td>
<td>None</td>
<td>valid tenant_id</td>
<td>Unique identifier for owner of the VPN service.</td>
</tr>
<tr>
<td>name</td>
<td>string</td>
<td>no</td>
<td>CRU</td>
<td>None</td>
<td>N/A</td>
<td>Name for IPSec site-to-site connection.</td>
</tr>
<tr>
<td>description</td>
<td>string</td>
<td>no</td>
<td>CRU</td>
<td>None</td>
<td>N/A</td>
<td>Description of the IPSec site-to-site connection.</td>
</tr>
<tr>
<td>peer_address</td>
<td>string</td>
<td>yes</td>
<td>CRU</td>
<td>N/A</td>
<td>N/A</td>
<td>Peer gateway public IPv4/IPv6 address or FQDN.</td>
</tr>
<tr>
<td>peer_id</td>
<td>string</td>
<td>yes</td>
<td>CRU</td>
<td>N/A</td>
<td>N/A</td>
<td>Peer router identity for authentication. Can be
IPv4/IPv6 address, e-mail address, key id, or FQDN.</td>
</tr>
<tr>
<td>peer_cidrs</td>
<td>list[string]</td>
<td>yes</td>
<td>CRU</td>
<td>N/A</td>
<td>unique list of valid cidr in the form &lt;net_address&gt;/&lt;prefix&gt;</td>
<td>Peer private CIDRs.</td>
</tr>
<tr>
<td>route_mode</td>
<td>string</td>
<td>no</td>
<td>R</td>
<td>static</td>
<td>static</td>
<td>Route mode: static. This will be extended in the future.</td>
</tr>
<tr>
<td>mtu</td>
<td>integer</td>
<td>no</td>
<td>CRU</td>
<td>1500</td>
<td>Integer. Minimum is 68 for IPv4 and 1280 for IPv6.</td>
<td>Maximum Transmission Unit to address fragmentation.</td>
</tr>
<tr>
<td>auth_mode</td>
<td>string</td>
<td>no</td>
<td>R</td>
<td>psk</td>
<td>psk/certs</td>
<td>Authentication mode: PSK or certificate.</td>
</tr>
<tr>
<td>psk</td>
<td>string</td>
<td>yes</td>
<td>CRU</td>
<td>N/A</td>
<td>NO</td>
<td>Pre Shared Key: any string.</td>
</tr>
<tr>
<td>initiator</td>
<td>string</td>
<td>no</td>
<td>CRU</td>
<td>bi-directional</td>
<td>bi-directional / response-only</td>
<td>Whether this VPN can only respond to connections or can
initiate as well.</td>
</tr>
<tr>
<td>admin_state_up</td>
<td>bool</td>
<td>N/A</td>
<td>CRU</td>
<td>TRUE</td>
<td>true / false</td>
<td>Administrative state of VPN connection. If false (down),
VPN connection does not forward packets.</td>
</tr>
<tr>
<td>status</td>
<td>string</td>
<td>N/A</td>
<td>R</td>
<td>N/A</td>
<td>N/A</td>
<td>Indicates whether VPN connection is currently operational.
Possible values include: ACTIVE, DOWN, BUILD, ERROR,
PENDING_CREATE, PENDING_UPDATE, or PENDING_DELETE.</td>
</tr>
<tr>
<td>ikepolicy_id</td>
<td>uuid</td>
<td>yes</td>
<td>CR</td>
<td>N/A</td>
<td>Unique identifier of IKE policy</td>
<td>Unique identifier of IKE policy.</td>
</tr>
<tr>
<td>ipsecpolicy_id</td>
<td>uuid</td>
<td>yes</td>
<td>CR</td>
<td>N/A</td>
<td>Unique identifier of IPSec policy</td>
<td>Unique identifier of IPSec policy.</td>
</tr>
<tr>
<td>vpnservice_id</td>
<td>uuid</td>
<td>yes</td>
<td>CR</td>
<td>N/A</td>
<td>Unique identifier of VPN service</td>
<td>Unique identifier of VPN service.</td>
</tr>
<tr>
<td>dpd</td>
<td>dict</td>
<td>no</td>
<td>CRU</td>
<td>action: hold, interval: 30, timeout: 120</td>
<td>Dictionary should be in this form:
{'action': 'clear', 'interval': 20, 'timeout': 60}.
Interval is positive integer. Timeout is greater
than interval.</td>
<td>Dead Peer Detection protocol controls. Action: clear, hold,
restart, disabled, or restart-by-peer. Interval and timeout
in seconds.</td>
</tr>
</tbody>
</table>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_ipsec_site_connection_list">
<title>List IPSec Site Connections</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&GET;
</td>
<td>/vpn/ipsec-site-connections</td>
<td>Lists the IPSec site-to-site connections.</td>
</tr>
</tbody>
</informaltable>
<simpara>Normal Response Code:
<returnvalue>200</returnvalue>
</simpara>
<simpara>Error Response Codes: Unauthorized
(<errorcode>401</errorcode>), Forbidden
(<errorcode>403</errorcode>)
</simpara>
<para>This operation does not require a request body.</para>
<para>This operation returns a response body.</para>
<example>
<title>List IPSec Site Connections: Request</title>
<programlisting>
GET /v2.0/vpn/ipsec-site-connections.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
</example>
<example>
<title>List IPSec Site Connections: Response</title>
<programlisting>
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ipsec-site-connection-list-res.json" parse="text"/></programlisting>
</example>
</section>
<?hard-pagebreak?>
<section xml:id="vpnaas_ext_ops_ipsec_site_connection_show">
<title>Show IPSec Site Connection</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&GET;
</td>
<td>/vpn/ipsec-site-connections/<parameter>connection-id</parameter></td>
<td>Returns details about a specific IPSec site-to-site connection.</td>
</tr>
</tbody>
</informaltable>
<simpara>Normal Response Code:
<returnvalue>200</returnvalue>
</simpara>
<simpara>Error Response Codes: Unauthorized (<errorcode>401</errorcode>),
Forbidden (<errorcode>403</errorcode>), Not Found (<errorcode>404</errorcode>)
</simpara>
<para>This operation does not require a request body.</para>
<para>This operation returns a response body.</para>
<example>
<title>Show IPSec Site Connection: Request</title>
<programlisting>
GET /v2.0/vpn/ipsec-site-connections/cbc152a0-7e93-4f98-9f04-b085a4bf2511.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
</example>
<example>
<title>Show IPSec Site Connection: Response</title>
<programlisting>
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ipsec-site-connection-show-res.json" parse="text"/></programlisting>
</example>
</section>
<section xml:id="vpnaas_ext_ops_ipsec_site_connection_create">
<title>Create IPSec Site Connection</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&POST;</td>
<td>/vpn/ipsec-site-connections</td>
<td>Creates a new IPSec site connection.</td>
</tr>
</tbody>
</informaltable>
<para>Normal Response Code: <returnvalue>201</returnvalue>
</para>
<simpara>Error Response Codes: Unauthorized (<errorcode>401</errorcode>),
Bad Request (<errorcode>400</errorcode>)</simpara>
<para>This operation requires a request body.</para>
<para>This operation returns a response body.</para>
<example>
<title>Create IPSec Site Connection: Request</title>
<programlisting>
POST /v2.0/vpn/ipsec-site-connections.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ipsec-site-connection-create-req.json" parse="text"/></programlisting>
</example>
<example>
<title>Create IPSec Site Connection: Response</title>
<programlisting>
HTTP/1.1 201 Created
Content-Type: application/json; charset=UTF-8
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ipsec-site-connection-create-res.json" parse="text"/></programlisting>
</example>
</section>
<section xml:id="vpnaas_ext_ops_ipsec_site_connection_update">
<title>Update IPSec Site Connection</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&PUT;</td>
<td>/vpn/ipsec-site-connections/<parameter>connection-id</parameter></td>
<td>Updates an IPSec site-to-site connection, provided status is not
indicating a PENDING_* state.</td>
</tr>
</tbody>
</informaltable>
<para>Normal Response Code: <returnvalue>200</returnvalue></para>
<simpara>Error Response Codes: Unauthorized (<errorcode>401</errorcode>),
Bad Request (<errorcode>400</errorcode>), Not Found (<errorcode>404</errorcode>)</simpara>
<example>
<title>Update IPSec Site Connection: Request</title>
<programlisting>
PUT /v2.0/vpn/ipsec-site-connections/f7cf7305-f491-45f4-ad9c-8e7240fe3d72.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ipsec-site-connection-update-req.json" parse="text"/></programlisting>
</example>
<example>
<title>Update IPSec Site Connection: Response</title>
<programlisting>
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
</programlisting>
<programlisting language="json"><xi:include href="samples/vpn/ipsec-site-connection-update-res.json" parse="text"/></programlisting>
</example>
</section>
<section xml:id="vpnaas_ext_ops_ipsec_site_connection_delete">
<title>Delete IPSec Site Connection</title>
<informaltable rules="all" width="100%">
<col width="20%"/>
<col width="20%"/>
<col width="60%"/>
<thead>
<tr>
<td>Verb</td>
<td>URI</td>
<td>Description</td>
</tr>
</thead>
<tbody>
<tr>
<td>&DELETE;</td>
<td>/vpn/ipsec-site-connections/<parameter>connection-id</parameter></td>
<td>Deletes a IPSec site-to-site connection.</td>
</tr>
</tbody>
</informaltable>
<para>Normal Response Code: <returnvalue>204</returnvalue>
</para>
<simpara>Error Response Codes: Unauthorized (<errorcode>401</errorcode>),
Not Found (<errorcode>404</errorcode>), Conflict
(<errorcode>409</errorcode>)</simpara>
<para>This operation does not require a request body.</para>
<para>This operation does not return a response body.</para>
<example>
<title>Delete IPSec Site Connection: Request</title>
<programlisting>
DELETE /v2.0/vpn/ipsec-site-connections/cbc152a0-7e93-4f98-9f04-b085a4bf2511.json
User-Agent: python-neutronclient
Accept: application/json
</programlisting>
</example>
<example>
<title>Delete IPSec Site Connection: Response</title>
<programlisting>
HTTP/1.1 204 No Content
Content-Length: 0
</programlisting>
</example>
</section>
</section> <!-- end of ipsec_site_connection section-->
</section> <!-- end of vpnaas section -->
View Git Blame Copy Permalink