Appliance Management API (0.1.0)

Download OpenAPI specification:Download

Anapaya Operations: [email protected]

Management API for the Anapaya EDGE and CORE appliances

init

Operations that are important for initialization of the appliance.

Put a new configuration

Put a new configuration to the appliance.

query Parameters
force
boolean

Push the configuration, even if configuration validation fails. This parameter MUST be used with care as it can leave the appliance in a misconfigured state.

disable_strict_parsing
boolean

Disable strict parsing of the appliance configuration.

header Parameters
If-Match
string
Request Body schema: application/json

The config to be pushed to the appliance.

required
object (Config)

Anapaya appliance configuration

Responses

Request samples

Content type
application/json
{
  • "config": {
    }
}

Response samples

Content type
application/json
{
  • "config": {
    },
  • "metadata": {
    }
}

Validates a configuration

Validates a configuration.

query Parameters
disable_strict_parsing
boolean

Disable strict parsing of the appliance configuration.

Request Body schema: application/json

The config to be validated.

required
object (Config)

Anapaya appliance configuration

Responses

Request samples

Content type
application/json
{
  • "config": {
    }
}

Response samples

Content type
application/json
{
  • "config": {
    },
  • "metadata": {
    }
}

Add a TRC file

Add a SCION CPPKI Trust Root Configuration (TRC) file to the device. The TRC is first validated before it is added to the trust store. Only valid TRCs are added to the trust store. Use the 'force' query parameter to force the addition of the TRC regardless of validity.

query Parameters
force
boolean
Default: false

If force is true, the TRC is added regardless of validity.

Request Body schema: application/x-pem-files
string <binary>

The PEM encoded signed TRC.

Responses

Request samples

Content type
application/x-pem-files
-----BEGIN TRC-----
ZjAwOjA6MTEwI ...
-----END TRC-----

Response samples

Content type
application/json
{
  • "trc": {
    }
}

Add a bundle of TRC files

Add a bundle SCION CPPKI Trust Root Configuration (TRC) files to the device. The TRCs are first validated before they are added to the trust store. Only valid TRCs are added to the trust store. Use the 'force' query parameter to force the addition of the TRCs regardless of validity.

query Parameters
force
boolean
Default: false

If force is true, the TRC is added regardless of validity.

Request Body schema: application/x-pem-files
string <binary>

The PEM encoded signed TRC.

Responses

Request samples

Content type
application/x-pem-files
-----BEGIN TRC-----
ZjAwOjA6MTEwI ...
-----END TRC-----
-----BEGIN TRC-----
6QV3F2EsMZVWD ...
-----END TRC-----
-----BEGIN TRC-----
GO0Vg34C8eRAu ...
-----END TRC-----

Response samples

Content type
application/json
{
  • "trcs": [
    ]
}

Create an AS certificate signing request

Create a SCION CPPKI AS Certificate Signing Request (CSR). The CSR needs to be signed by a SCION CPPKI Certificate Authority in the local ISD. The fully signed certificate chain then needs to be installed via the /cppki/certificates endpoint.

Request Body schema: application/json

The parameters for the CSR.

required
object (Subject of a certificate signing request.)

Responses

Request samples

Content type
application/json
{
  • "subject": {
    }
}

Response samples

Content type
{
  • "certificate_signing_request": {
    }
}

Add an AS certificate chain

Add a SCION CPPKI AS certificate chain to the device by promoting an existing certificate signing request. The certificate chain is first verified against the active TRC of the local ISD before it is added. Only verifiable certificate chains are added. Use the 'force' query parameter to force the addition of the certificate chain regardless of validity or verifiability.

query Parameters
force
boolean
Default: false

If force is true the certificate chain is added regardless of validity.

Request Body schema:
string <binary>

Certificate chain containing the new AS certificate and the issuing CA certificate encoded in a degenerate PKCS#7 data structure.

Responses

Request samples

Content type
No sample

Response samples

Content type
application/json
{
  • "certificate_chain": {
    }
}

config

Operations related to managing the configuration of the appliance.

Get the current configuration

Get the currently active appliance configuration.

header Parameters
If-None-Match
string

Responses

Response samples

Content type
application/json
{
  • "config": {
    },
  • "metadata": {
    }
}

Put a new configuration

Put a new configuration to the appliance.

query Parameters
force
boolean

Push the configuration, even if configuration validation fails. This parameter MUST be used with care as it can leave the appliance in a misconfigured state.

disable_strict_parsing
boolean

Disable strict parsing of the appliance configuration.

header Parameters
If-Match
string
Request Body schema: application/json

The config to be pushed to the appliance.

required
object (Config)

Anapaya appliance configuration

Responses

Request samples

Content type
application/json
{
  • "config": {
    }
}

Response samples

Content type
application/json
{
  • "config": {
    },
  • "metadata": {
    }
}

Validates a configuration

Validates a configuration.

query Parameters
disable_strict_parsing
boolean

Disable strict parsing of the appliance configuration.

Request Body schema: application/json

The config to be validated.

required
object (Config)

Anapaya appliance configuration

Responses

Request samples

Content type
application/json
{
  • "config": {
    }
}

Response samples

Content type
application/json
{
  • "config": {
    },
  • "metadata": {
    }
}

cppki

Operations related to managing SCION CPPKI cryptographic material of the appliance.

List the TRC files

List the latest SCION CPPKI Trust Root Configuration (TRC) files for each ISD that are known to the appliance. The result can be filtered by ISD. Optionally, all TRCs can be requested instead of only the latest ones by setting the 'all' query parameter.

query Parameters
isd
Array of integers

Comma-separated list of ISDs to include.

all
boolean

Include all TRCs instead of just the latest one per ISD.

Responses

Response samples

Content type
application/json
{
  • "trcs": [
    ]
}

Add a TRC file

Add a SCION CPPKI Trust Root Configuration (TRC) file to the device. The TRC is first validated before it is added to the trust store. Only valid TRCs are added to the trust store. Use the 'force' query parameter to force the addition of the TRC regardless of validity.

query Parameters
force
boolean
Default: false

If force is true, the TRC is added regardless of validity.

Request Body schema: application/x-pem-files
string <binary>

The PEM encoded signed TRC.

Responses

Request samples

Content type
application/x-pem-files
-----BEGIN TRC-----
ZjAwOjA6MTEwI ...
-----END TRC-----

Response samples

Content type
application/json
{
  • "trc": {
    }
}

Add a bundle of TRC files

Add a bundle SCION CPPKI Trust Root Configuration (TRC) files to the device. The TRCs are first validated before they are added to the trust store. Only valid TRCs are added to the trust store. Use the 'force' query parameter to force the addition of the TRCs regardless of validity.

query Parameters
force
boolean
Default: false

If force is true, the TRC is added regardless of validity.

Request Body schema: application/x-pem-files
string <binary>

The PEM encoded signed TRC.

Responses

Request samples

Content type
application/x-pem-files
-----BEGIN TRC-----
ZjAwOjA6MTEwI ...
-----END TRC-----
-----BEGIN TRC-----
6QV3F2EsMZVWD ...
-----END TRC-----
-----BEGIN TRC-----
GO0Vg34C8eRAu ...
-----END TRC-----

Response samples

Content type
application/json
{
  • "trcs": [
    ]
}

Get the TRC

Get the SCION CPPKI Trust Root Configuration (TRC).

path Parameters
isd
required
integer
Example: 12
base
required
integer
Example: 1
serial
required
integer
Example: 3

Responses

Response samples

Content type
application/json
{
  • "trc": {
    }
}

Get the TRC blob

Get the SCION CPPKI Trust Root Configuration (TRC) as PEM encoded byte blob.

path Parameters
isd
required
integer
Example: 12
base
required
integer
Example: 1
serial
required
integer
Example: 3

Responses

Response samples

Content type
{
  • "trc": "-----BEGIN TRC-----\\nZjAwOjA6MTEwI ...\\n-----END TRC-----"
}

List the certificate signing requests

List the certificate signing requests that are available on the device.

query Parameters
isd_as
string (ISD-AS Identifier) ^\d+-([a-f0-9]{1,4}:){2}([a-f0-9]{1,4})|\d+$
Example: isd_as=1-ff00:0:110

Responses

Response samples

Content type
application/json
{
  • "certificate_signing_requests": [
    ]
}

Create an AS certificate signing request

Create a SCION CPPKI AS Certificate Signing Request (CSR). The CSR needs to be signed by a SCION CPPKI Certificate Authority in the local ISD. The fully signed certificate chain then needs to be installed via the /cppki/certificates endpoint.

Request Body schema: application/json

The parameters for the CSR.

required
object (Subject of a certificate signing request.)

Responses

Request samples

Content type
application/json
{
  • "subject": {
    }
}

Response samples

Content type
{
  • "certificate_signing_request": {
    }
}

Get the certificate signing request

Get the SCION Certificate Signing Request for a given CSR ID

path Parameters
csr_id
required
string <hex-string> (Certificate signing request identifier)
Example: fa53a04a

Certificate signing request identifier.

Responses

Response samples

Content type
application/json
{
  • "certificate_signing_request": {
    }
}

Get the certificate signing request blob

Get the SCION CPPKI Certificate Signing Request encoded as PEM bytes blob for a given CSR ID.

path Parameters
csr_id
required
string <hex-string> (Certificate signing request identifier)
Example: fa53a04a

Certificate signing request identifier.

Responses

Response samples

Content type
{
  • "csr": "-----BEGIN CERTIFICATE REQUEST-----\\nCertificateSigningRequest ...\\n-----END CERTIFICATE REQUEST-----"
}

List the certificate chains

List the certificate chains that are available on the device.

query Parameters
isd_as
string (ISD-AS Identifier) ^\d+-([a-f0-9]{1,4}:){2}([a-f0-9]{1,4})|\d+$
Example: isd_as=1-ff00:0:110
all
boolean

Include all certificate chains instead of just the valid ones.

Responses

Response samples

Content type
application/json
{
  • "certificate_chains": [
    ]
}

Add an AS certificate chain

Add a SCION CPPKI AS certificate chain to the device by promoting an existing certificate signing request. The certificate chain is first verified against the active TRC of the local ISD before it is added. Only verifiable certificate chains are added. Use the 'force' query parameter to force the addition of the certificate chain regardless of validity or verifiability.

query Parameters
force
boolean
Default: false

If force is true the certificate chain is added regardless of validity.

Request Body schema:
string <binary>

Certificate chain containing the new AS certificate and the issuing CA certificate encoded in a degenerate PKCS#7 data structure.

Responses

Request samples

Content type
No sample

Response samples

Content type
application/json
{
  • "certificate_chain": {
    }
}

Manually renew an AS certificate chain

Manually renew a SCION CPPKI AS certificate chain with the regular renewal mechanism. By default, the distinguished name of the subject in the predecessor certificate chain is used. A different distinguished name can be requested by setting the subject in the request body. By default the issuers are taken from the appliance configuration, specific issuers can be configured in the request body. If they are set, certificate renewal is attempted with each issuer in order until success.

Note that certificate renewal requires at least one valid certificate chain to be present on the appliance.

query Parameters
isd_as
string (ISD-AS Identifier) ^\d+-([a-f0-9]{1,4}:){2}([a-f0-9]{1,4})|\d+$
Example: isd_as=1-ff00:0:110

The ISD-AS for which the certificate is renewed. This parameter is required only if the request body is not set, and there are multiple ISD-ASes configured on the appliance.

Request Body schema: application/json
object (Subject of a certificate signing request.)
issuers
Array of strings (ISD-AS Identifier)

Responses

Request samples

Content type
application/json
{
  • "subject": {
    },
  • "issuers": [
    ]
}

Response samples

Content type
application/x-pem-file
-----BEGIN CERTIFICATE-----
ASCertificate ...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
CACertificate ...
-----END CERTIFICATE-----

Get the certificate chain

Get the SCION CPPKI AS certificate chain for a given ChainID.

path Parameters
chain_id
required
string <hex-string> (Certificate chain identifier)
Example: fa53a04a

Certificate chain identifier.

Responses

Response samples

Content type
application/json
{
  • "certificate_chain": {
    }
}

Get the certificate chain blob

Get the SCION CPPKI AS certificate chain encoded as PEM bytes blob for a given ChainID.

path Parameters
chain_id
required
string <hex-string> (Certificate chain identifier)
Example: fa53a04a

Certificate chain identifier.

Responses

Response samples

Content type
{
  • "certificate_chain": "-----BEGIN CERTIFICATE-----\\nASCertificate ...\\n-----END CERTIFICATE-----"
}

Manually request an AS certificate chain for a given CSR

Manually request a SCION CPPKI AS certificate chain for a given CSR using the regular certificate renewal mechanism. The endpoint expects a CSR and uses that to request a certificate renewal. The certificate renewal request is signed by an active key/certificate of the appliance such that the CA will be able to authenticate the renewal request and issue the certificate. This is useful if one appliance has been disconnected from the SCION network for several days and thus has no valid AS certificate anymore that could be used for certificate renewal. In such a case, one can generate a new CSR on the appliance that was offline and use this endpoint on an appliance that still has a valid AS certificate to request a new certificate on behalf of the sibling.The returned certificate can then be deployed to the offline appliance using the regular POST /cppki/certificates endpoint.

Request Body schema: application/json
csr
required
string

PEM encoded CSR

Responses

Request samples

Content type
application/json
{
  • "csr": "-----BEGIN CERTIFICATE REQUEST-----\\nCertificateSigningRequest ...\\n-----END CERTIFICATE REQUEST-----"
}

Response samples

Content type
application/x-pem-file
-----BEGIN CERTIFICATE-----
ASCertificate ...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
CACertificate ...
-----END CERTIFICATE-----

tools

Operations used to trigger SCION utilities, such as ping and traceroute.

Trigger a scion ping run

Trigger and wait for a ping run to test connectivity to a remote SCION host using SCMP echo packets.

Request Body schema: application/json
required
object (PingRun)

Responses

Request samples

Content type
application/json
{
  • "run": {
    }
}

Response samples

Content type
application/json
{
  • "summary": {
    }
}

Trigger a SCION showpaths request

Trigger a SCION showpaths request to a remote SCION AS.

Request Body schema: application/json
required
object (ShowpathsRun)

Responses

Request samples

Content type
application/json
{
  • "run": {
    }
}

Response samples

Content type
application/json
{
  • "paths": [
    ]
}

Trigger a scion traceroute run

Trigger a SCION traceroute run and trace the SCION path to a remote AS using SCMP traceroute packets.

Request Body schema: application/json
required
object (TracerouteRun)

Responses

Request samples

Content type
application/json
{
  • "run": {
    }
}

Response samples

Content type
application/json
{
  • "summary": {
    }
}

software

Operations related to managing and installing software packages.

List the package information for scion packages in the remote repository.

List the package information (e.g., version) for all the scion packages which are available in the remote repository.

Responses

Response samples

Content type
application/json
{}

Get the scion package information.

Get the package information of the scion package for the given version.

path Parameters
version
required
string (Package version)
Example: v0.25.12

Version of the scion package.

Responses

Response samples

Content type
application/json
{}

List the package information for system packages in the remote repository.

List the package information (e.g., version) for all the system packages which are available in the remote repository.

Responses

Response samples

Content type
application/json
{}

Get the system package information.

Get the package information of the system package for the given version.

path Parameters
version
required
string (Package version)
Example: v0.25.12

Version of the system package.

Responses

Response samples

Content type
application/json
{}

Fetch the software scion package of a given version.

Fetch the software scion package of a given version from a remote repository.

Request Body schema: application/json
version
required
string (Package version)

Responses

Request samples

Content type
application/json
{
  • "version": "v0.25.12"
}

Response samples

Content type
application/json
{
  • "fetch": {
    }
}

Fetch the software system package for a given version.

Fetch the software system package for a given version from a remote repository.

Request Body schema: application/json
version
required
string (Package version)

Responses

Request samples

Content type
application/json
{
  • "version": "v0.25.12"
}

Response samples

Content type
application/json
{
  • "fetch": {
    }
}

Get the download status of a software scion package.

Get the download status of a software scion package from a remote repository.

path Parameters
id
required
string (Identifier of the software package fetching process.)

Identifier of the fetch process for the specific scion package version.

Responses

Response samples

Content type
application/json
{
  • "fetch_status": {
    }
}

Get the download status of a software system package.

Get the download status of a software system package from a remote repository.

path Parameters
id
required
string (Identifier of the software package fetching process.)

Identifier of the fetch process for the specific system package version.

Responses

Response samples

Content type
application/json
{
  • "fetch_status": {
    }
}

List the package information for scion packages available locally.

List the package information (e.g., version) for all the scion packages which are available locally on the appliance.

Responses

Response samples

Content type
application/json
{}

Upload the scion package.

Upload the scion package to the local repository of the appliance.

query Parameters
force
boolean
Default: false

If force is true, the package is stored regardless of whether it already exists.

Request Body schema: application/octet-stream
string <binary>

Responses

Response samples

Content type
application/json
{}

Get the scion package information.

Get the package information of the scion package for the given version.

path Parameters
version
required
string (Package version)
Example: v0.25.12

Version of the scion package.

Responses

Response samples

Content type
application/json
{}

Delete the given scion package.

Delete the scion package for the given version if it is available locally on the appliance.

path Parameters
version
required
string (Package version)
Example: v0.25.12

Version of the scion package.

Responses

Response samples

Content type
application/json
{}

List the package information for system packages available locally.

List the package information (e.g., version) for all the system packages which are available locally on the appliance.

Responses

Response samples

Content type
application/json
{}

Upload the system package.

Upload the system package to the local repository of the appliance.

query Parameters
force
boolean
Default: false

If force is true, the package is stored regardless of whether it already exists.

Request Body schema: application/octet-stream
string <binary>

Responses

Response samples

Content type
application/json
{}

Get the system package information.

Get the package information of the system package for the given version.

path Parameters
version
required
string (Package version)
Example: v0.25.12

Version of the system package.

Responses

Response samples

Content type
application/json
{}

Delete the given system package.

Delete the system package for the given version if it is available locally on the appliance.

path Parameters
version
required
string (Package version)
Example: v0.25.12

Version of the system package.

Responses

Response samples

Content type
application/json
{}

Trigger installation of the specified scion package.

Trigger the installation of the scion package with the version specified in the request body.

Request Body schema: application/json
version
required
string (Package version)
force
boolean
Default: false
skip_signature_verification
boolean
Default: false

Responses

Request samples

Content type
application/json
{
  • "version": "v0.25.12",
  • "force": false,
  • "skip_signature_verification": false
}

Response samples

Content type
application/json
{
  • "install_info": {
    }
}

Trigger installation of the specified system package.

Trigger the installation of the system package with the version specified in the request body.

Request Body schema: application/json
version
required
string (Package version)
force
boolean
Default: false
skip_signature_verification
boolean
Default: false

Responses

Request samples

Content type
application/json
{
  • "version": "v0.25.12",
  • "force": false,
  • "skip_signature_verification": false
}

Response samples

Content type
application/json
{
  • "install_info": {
    }
}

Get the status of the scion package installation process for the given id.

Get the status of the installation process of the scion package for the given id.

path Parameters
id
required
string (Identifier of the software package installation process.)

Identifier of the installation process for the specific scion package version.

Responses

Response samples

Content type
application/json
{
  • "install_info": {
    }
}

Get the status of the system package installation process for the given id.

Get the status of the installation process of the system package for the given id.

path Parameters
id
required
string (Identifier of the software package installation process.)

Identifier of the installation process for the specific system package version.

Responses

Response samples

Content type
application/json
{
  • "install_info": {
    }
}

Get the installed scion version.

Get the version of scion package currently installed.

Responses

Response samples

Content type
application/json
{
  • "version": "v0.25.12",
  • "checksum": "string"
}

Get the installed system version.

Get the version of system package currently installed.

Responses

Response samples

Content type
application/json
{
  • "version": "v0.25.12",
  • "checksum": "string"
}

migrations

Operations related to migrations towards a new version of the appliance.

Put the configuration for migration to {version}.

This endpoint allows the preparation of the installation of a new appliance release. It accepts any json and stores this so that the new appliance version will find it. The new appliance version will validate the configuration and if validation succeeds use that as configuration. This helps to do upgrades where new configuration features can't be automatically migrated or are newly added. For example to migrate to v0.33.1 put the new configuration to /migrations/v0.33/config. Note that if there was a previous configuration it is overwritten.

path Parameters
version
required
string (Version without patch)
Example: v0.32

Version of the appliance for which the configuration is.

Responses

Response samples

Content type
application/json+problem
{}

Get the configuration for migration to {version}.

Get the configuration that is applied on the migration to version {version}.

path Parameters
version
required
string (Version without patch)
Example: v0.32

Version of the appliance for which the configuration is.

Responses

Response samples

Content type
application/json+problem
{}

debug

Operations related to enabling and disabling debug information.

Network interfaces summary.

Network interfaces summary.

query Parameters
interface-name
string

Responses

Response samples

Content type
application/json
{
  • "interfaces": [
    ]
}

Network routes summary.

Network routes summary.

query Parameters
ip
string

Responses

Response samples

Content type
application/json
{
  • "routes": [
    ]
}

Get if the periodic appliance-controller notifications are enabled.

Check if the controller notifications are enabled or not. For context: If notifications are enabled, the appliance-controller periodically sends notifications with the latest configuration, which eventually overwrites any manual changes. By default, the controller notifications should be enabled. However, in the case of manual troubleshooting, it may be convenient to temporarily disable the controller notifications.

Responses

Response samples

Content type
application/json
{
  • "disabled": true,
  • "indefinite": false,
  • "deadline": "2022-02-21T10:31:45Z",
  • "timeout": "10m"
}

Enable or disable periodic notifications from the appliance-controller.

Enable or disable the appliance-controller notifications. Optionally, a deadline can be provided, either as absolute time or as a relative duration. The deadline indicates until when the appliance-controller notifications should be disabled. If both absolute and relative times are given, the minimum is taken. For context: If notifications are enabled (default), the appliance-controller periodically sends notifications with the latest configuration, which overwrites any manual changes. Note that disabling notifications should only happen when debugging the configuration of the host. It should not be treated as a permanent solution to configuration changes, meaning that eventually the appliance-controller notifications should be re-enabled.

Request Body schema: application/json
disabled
required
boolean

Whether the appliance-controller notifications are disabled.

indefinite
boolean
Default: false

Whether the appliance-controller notifications are disabled indefinitely. Only one of indefinite, deadline and timeout must be set.

deadline
string <date-time>

Until when appliance-controller notifications are disabled specified as a RFC3339 formatted date-time string. Only one of indefinite, deadline and timeout must be set.

timeout
string

Duration during which the appliance-controller notifications are disabled specified as a duration string. A duration string is a possibly signed sequence of decimal numbers, each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m". Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h". Only one of indefinite, deadline and timeout must be set.

Responses

Request samples

Content type
application/json
{
  • "disabled": true,
  • "indefinite": false,
  • "deadline": "2022-02-21T10:31:45Z",
  • "timeout": "10m"
}

Response samples

Content type
application/json
{
  • "disabled": true,
  • "indefinite": false,
  • "deadline": "2022-02-21T10:31:45Z",
  • "timeout": "10m"
}

Trigger a notification from the appliance-controller.

Triggering a notification will reapply the lastest stored configuration.

Responses

Response samples

Content type
application/json+problem
{}

Get the SCION interfaces.

Get a list of all the SCION interfaces configured on the host.

query Parameters
local_isd_as
string (ISD-AS Identifier) ^\d+-([a-f0-9]{1,4}:){2}([a-f0-9]{1,4})|\d+$
Example: local_isd_as=1-ff00:0:110
remote_isd_as
string (ISD-AS Identifier) ^\d+-([a-f0-9]{1,4}:){2}([a-f0-9]{1,4})|\d+$
Example: remote_isd_as=1-ff00:0:110
interface_id
integer >= 0

Responses

Response samples

Content type
application/json
{
  • "interfaces": [
    ],
  • "sibling_interfaces": [
    ]
}

Get summary of the SCION tunneling infrastructure.

Get summary of the SCION tunneling infrastructure.

Responses

Response samples

Content type
application/json
{
  • "sessions": [
    ],
  • "routing_chains": [
    ],
  • "paths": {
    }
}

Get the SCION tunneling domains configuration.

Get the SCION tunneling domains configuration.

query Parameters
domain
string

Responses

Response samples

Content type
application/json
{
  • "domains": [
    ]
}

Discovery of tunneling peers.

Discovery of tunneling peers.

Responses

Response samples

Content type
application/json
{
  • "sessions": [
    ]
}

List of all SCION paths with their stats.

Returns a list of all SCION paths and their stats.

Responses

Response samples

Content type
application/json
{
  • "paths": [
    ]
}

List of SCION paths with their stats.

Returns a list of all SCION paths and their stats filtered by the fingerprints provided in the request body.

Request Body schema: application/json
fingerprints
required
Array of strings

List of path fingerprints to search for.

Responses

Request samples

Content type
application/json
{
  • "fingerprints": [
    ]
}

Response samples

Content type
application/json
{
  • "paths": [
    ]
}

SGRP domains.

SGRP domains with the associated network prefixes.

query Parameters
domain
string

Responses

Response samples

Content type
application/json
{
  • "domains": {
    }
}

Known local network prefixes.

Known local network prefixes, including their source. These are afterwards filtered according to domain definitions and eventually sent to SGRP peers.

Responses

Response samples

Content type
application/json
{
  • "local-prefixes": {
    }
}

SGRP peers.

SGRP peers. Peer is a remote SGRP-capable application accessed from a specific local ISD-AS.

query Parameters
local-isd-as
string (ISD-AS Identifier) ^\d+-([a-f0-9]{1,4}:){2}([a-f0-9]{1,4})|\d+$
Example: local-isd-as=1-ff00:0:110
remote-isd-as
string (ISD-AS Identifier) ^\d+-([a-f0-9]{1,4}:){2}([a-f0-9]{1,4})|\d+$
Example: remote-isd-as=1-ff00:0:110

Responses

Response samples

Content type
application/json
{
  • "peers": [
    ]
}

Get the list of appliance services and service groups.

Get the list of services and service groups that must be running on the appliance.

Responses

Response samples

Content type
application/json
{
  • "services": [
    ],
  • "groups": [
    ]
}

Restarts the given service.

Restarts the given service.

path Parameters
service_name
required
string

Name of the service to restart.

Responses

Response samples

Content type
application/json
{ }

Indicate the service health.

Present the health of the service along with the executed health checks.

path Parameters
service_name
required
string

Name of the service to get health of.

Responses

Response samples

Content type
application/json
{
  • "health": {
    }
}

Restart group of services.

Trigger restart of all the services in a group.

path Parameters
group_name
required
string

Name of the service groups to restart.

Responses

Response samples

Content type
application/json
{
  • "services": [
    ]
}

Summary of all service health checks.

Present the health of all the services along with the executed health checks.

Responses

Response samples

Content type
application/json
{
  • "health": {
    }
}

Get the BGP configuration.

Get the BGP configuration of the host.

Responses

Response samples

Content type
application/json
{
  • "configuration": {
    }
}

Get the state of the BGP neighbors.

Get the state of the BGP neighbors.

Responses

Response samples

Content type
application/json
{
  • "neighbors": [
    ]
}

vpp

Dump of the VPP state set up by dataplane-control service.

Responses

Response samples

Content type
application/json
{ }

Dump of the VPP state set up by the gateway service.

Responses

Response samples

Content type
application/json
{ }

Status page listing of loaded VPP plugins.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting VPP errors.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting VPP logs.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting VPP events.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page listing internal VPP interfaces.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page listing interfaces mirrored from VPP to Linux.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page listing addresses on VPP interfaces.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page listing hardware interfaces managed by VPP.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting VPP IPv4 neighbors.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting VPP IPv6 neighbors.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting VPP IPv4 FIB.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting VPP IPv6 FIB.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting VPP IPv6 link-local FIB.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting VPP VRRP.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting VPP memory.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting VPP buffers.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path to clear the VPP runtime.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path to clear the metrics on VPP interfaces.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path to clear VPP errors.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting VPP runtime.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting TUN/TAP devices created by VPP.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path that starts a free form packet trace. The trace can be stopped with the `/vpp/trace/stop` endpoint.

query Parameters
n
string
Default: ""

VPP node to trace.

i
string
Default: ""

Include only packets passing through the specified VPP node. Include and exclude parameters are mutually exclusive.

e
string
Default: ""

Exclude packets passing through the specified VPP node. Include and exclude parameters are mutually exclusive.

t
integer
Default: 500

Timeout (in ms) for the trace to be stopped.

p
integer
Default: 50

maximum number of packets to return.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path that starts a trace without timeout. The trace can be stopped with the `/vpp/trace/stop` endpoint.

query Parameters
n
string
Default: ""

VPP node to trace.

i
string
Default: ""

Include only packets passing through the specified VPP node. Include and exclude parameters are mutually exclusive.

e
string
Default: ""

Exclude packets passing through the specified VPP node. Include and exclude parameters are mutually exclusive.

p
integer
Default: 50

maximum number of packets to return.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path that stops tracing.

query Parameters
p
integer
Default: 50

maximum number of packets to return.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path that starts a trace for packets entering via memif.

query Parameters
t
integer
Default: 500

Timeout (in ms) for the trace to be stopped.

p
integer
Default: 50

maximum number of packets to return.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path that starts a trace for packets entering via DPDK.

query Parameters
t
integer
Default: 500

Timeout (in ms) for the trace to be stopped.

p
integer
Default: 50

maximum number of packets to return.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path that starts a trace for IPv4 packets entering via VPP UDP socket.

query Parameters
t
integer
Default: 500

Timeout (in ms) for the trace to be stopped.

p
integer
Default: 50

maximum number of packets to return.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path that starts a trace for IPv6 packets entering via VPP UDP socket.

query Parameters
t
integer
Default: 500

Timeout (in ms) for the trace to be stopped.

p
integer
Default: 50

maximum number of packets to return.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path that starts a trace for packets entering via TUN/TAP.

query Parameters
t
integer
Default: 500

Timeout (in ms) for the trace to be stopped.

p
integer
Default: 50

maximum number of packets to return.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting the bfd session states.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting the SCION interfaces.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting the SCION router ASes.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting the SCION services.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting the SCION router IPFIX table.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting the SCION router IPFIX statistics.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting the SCION router IPFIX parameters.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Status page reporting the SCION router bandwidth reservations.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

SCION gateway: global settings.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

SCION gateway: routing hierarchy.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

SCION gateway: TUN device.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

SCION gateway: remote ASes.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

SCION gateway: routing chains.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

SCION gateway: traffic classes.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

SCION gateway: sessions.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

SCION gateway: known paths.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

SCION gateway: trace all egress IPv4 packets entering via memif.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

SCION gateway: trace all egress IPv6 packets entering via memif.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

SCION gateway: trace all egress IPv4 packets entering via dpdk.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

SCION gateway: trace all egress IPv6 packets entering via dpdk.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

SCION gateway: trace all egress frames on top of IPv4 underlay.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

SCION gateway: trace all egress frames on top of IPv6 underlay.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

SCION gateway: trace all ingress frames entering via memif.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

SCION gateway: trace all ingress frames entering via dpdk.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

SCION gateway: trace all ingress IP packets.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

vpp-trace

Action path that starts a free form packet trace. The trace can be stopped with the `/vpp/trace/stop` endpoint.

query Parameters
n
string
Default: ""

VPP node to trace.

i
string
Default: ""

Include only packets passing through the specified VPP node. Include and exclude parameters are mutually exclusive.

e
string
Default: ""

Exclude packets passing through the specified VPP node. Include and exclude parameters are mutually exclusive.

t
integer
Default: 500

Timeout (in ms) for the trace to be stopped.

p
integer
Default: 50

maximum number of packets to return.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path that starts a trace without timeout. The trace can be stopped with the `/vpp/trace/stop` endpoint.

query Parameters
n
string
Default: ""

VPP node to trace.

i
string
Default: ""

Include only packets passing through the specified VPP node. Include and exclude parameters are mutually exclusive.

e
string
Default: ""

Exclude packets passing through the specified VPP node. Include and exclude parameters are mutually exclusive.

p
integer
Default: 50

maximum number of packets to return.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path that stops tracing.

query Parameters
p
integer
Default: 50

maximum number of packets to return.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path that starts a trace for packets entering via memif.

query Parameters
t
integer
Default: 500

Timeout (in ms) for the trace to be stopped.

p
integer
Default: 50

maximum number of packets to return.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path that starts a trace for packets entering via DPDK.

query Parameters
t
integer
Default: 500

Timeout (in ms) for the trace to be stopped.

p
integer
Default: 50

maximum number of packets to return.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path that starts a trace for IPv4 packets entering via VPP UDP socket.

query Parameters
t
integer
Default: 500

Timeout (in ms) for the trace to be stopped.

p
integer
Default: 50

maximum number of packets to return.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path that starts a trace for IPv6 packets entering via VPP UDP socket.

query Parameters
t
integer
Default: 500

Timeout (in ms) for the trace to be stopped.

p
integer
Default: 50

maximum number of packets to return.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

Action path that starts a trace for packets entering via TUN/TAP.

query Parameters
t
integer
Default: 500

Timeout (in ms) for the trace to be stopped.

p
integer
Default: 50

maximum number of packets to return.

Responses

Response samples

Content type
application/json+problem
{
  • "type": "/problem/connection-error",
  • "title": "Service Unavailable",
  • "status": 503,
  • "detail": "Connection to database timed out",
  • "instance": "/problem/connection-error#token-info-read-timed-out"
}

firewall

Get the firewall configuration of the appliance.

Get the installed firewall configuration of the appliance, including the tables, named counters, chains and rules.

Responses

Response samples

Content type
application/json
{
  • "tables": [
    ]
}

Get a specific firewall table.

Get a specific firewall table of the appliance by name, including the named counters, chains, and their rules.

path Parameters
table_name
required
string

Responses

Response samples

Content type
application/json
{
  • "table": {
    }
}

Get the rules of a chain of a firewall table.

Get a specific set of rules specified by their chain and table name of the appliance firewall.

path Parameters
table_name
required
string
chain_name
required
string

Responses

Response samples

Content type
application/json
{
  • "chain": {
    }
}

Generate the default firewall configuration for the given appliance configuration.

Validates a configuration and returns the firewall configuration which would be applied for the given appliance configuration.

query Parameters
disable_strict_parsing
boolean

Disable strict parsing of the appliance configuration.

Request Body schema: application/json

The config to be validated.

required
object (Config)

Anapaya appliance configuration

Responses

Request samples

Content type
application/json
{
  • "config": {
    }
}

Response samples

Content type
application/json
{
  • "tables": [
    ]
}

network

List the available physical interfaces

List the available physical interfaces of the appliance. The result includes the interface name and the PCI-E Bus/Device/Function (BDF) address for each interface. Only physical interfaces are listed here. To configure them use the config endpoint of the API.

Responses

Response samples

Content type
application/json
{
  • "interfaces": [
    ]
}

Get list of Wireguard interfaces.

List the configured wireguard interfaces. The result includes the interface name and the public key.

Responses

Response samples

Content type
application/json
{
  • "interfaces": [
    ]
}

Get a Wireguard interface.

Returns the configured wireguard interface and the public key.

path Parameters
interface_name
required
string

Name of the interface to list.

Responses

Response samples

Content type
application/json
{
  • "name": "wg0",
  • "public_key": "SqLwwTSYHBwQljJDqx7aUVWVDFN6ir6FQL/m3VfmhhQ="
}