SDEWAN is implemented as CNF based on OpenWRT and it will support below functionalities:
- Export Restful API interface to support configuration of MWAN3, Firewall & NAT, IpSec.
- Site-to-Site tunnels across edges & edges & central orchestrators and application managers
SDEWAN Service
SDEWAN service restful API provides the capability to list available SDEWAN services, get service status and execute service operation.
Common Error code:
| Code | Description |
|---|---|
| 400 | Bad request |
| 401 | unauthorized -the security token is not provides or expired. |
| 404 | resource not found |
Error Response:
| Name | In | Type | Description |
|---|---|---|---|
| message | body | string | error message |
GET /cgi-bin/luci/sdewan/v1/services
Lists all available sdewan services supported by SDEWAN CNF
Request: N/A
Response
- Normal response codes: 200
Response Parameters
Name In Type Description services body array a list of supported service - Response Example
{
"services": ["mwan3", "firewall", "ipsec"]
}
PUT /cgi-bin/luci/sdewan/v1/service/{service}/
Execute a operation for a service
Request:
Request Parameters
Name In Type Description service path string service name, valid value are "mwan3", "firewall", "ipsec" action body string action to be executed. valid value are "start", "stop", "restart", "reload" Response Example
{
"action": "start"
}
Response
- Normal response code: 200
- Error response code: 400 (e.g. invalid action)
Response Parameters
Name In Type Description result body string operation execution result Response Example
{
"result": "success"
}
MWAN3
SD-EWAN MWAN3 API provides support to get/create/update/delete MWAN3 Rule, Policy.
MWAN3 Policy
GET /cgi-bin/luci/sdewan/mwan3/v1/policies
Lists all defined policies
Request: N/A
Response
- Normal response codes: 200
Response Parameters
Name In Type Description policies body array a list of defined policies - Response Example
{
"policies": [{
"name":"balanced",
"members": [
{
"interface": "net1",
"metric" 1,
"weight": 2
}
{
"interface": "net2",
"metric" 1,
"weight": 1
}
]
}
]
}
GET /cgi-bin/luci/sdewan/mwan3/v1/policy/{policy}
Get a policy
Request: N/A
Request Parameters
Name In Type Description policy path string policy name
Response
- Normal response codes: 200
- Error response code: 404
Response Parameters
Name In Type Description name body string policy name members body array policy members interface body string member interface name metric body int (optional) default: 1, members within one policy with a lower metric have precedence over higher metric members weight body int (optional) default: 1, members with same metric will distribute load based on this weight value - Response Example
{
"name": "balanced",
"members": [
{
"interface": "net1",
"metric" 1,
"weight": 2
}
{
"interface": "net2",
"metric" 1,
"weight": 1
}
]
}
POST /cgi-bin/luci/sdewan/mwan3/v1/policy
create a new policy
Request:
Request Parameters: same with GET's response request
- Request Example: same with GET's response example
Response
- Normal response codes: 201
- Error response codes: 400, 401
PUT /cgi-bin/luci/sdewan/mwan3/v1/policy/{policy}
update a policy
Request:
Request Parameters:
Name In Type Description policy path string policy name members body array policy members interface body string member interface name metric body int (optional) default: 1, members within one policy with a lower metric have precedence over higher metric members weight body int (optional) default: 1, members with same metric will distribute load based on this weight value - Request Example
{
"members": [
{
"interface": "net1",
"metric" 1,
"weight": 2
}
{
"interface": "net2",
"metric" 1,
"weight": 1
}
]
}
Response
- Normal response codes: 204
- Error response codes: 400, 401, 404
DELETE /cgi-bin/luci/sdewan/mwan3/v1/policy/{policy}
delete a policy
Request:
Request Parameters
Name In Type Description policy path string policy name
Response
- Normal response codes: 200
- Error response codes: 401, 404
MWAN3 Rule
GET /cgi-bin/luci/sdewan/mwan3/v1/rules
Lists all defined rules
Request: N/A
Response
- Normal response codes: 200
Response Parameters
Name In Type Description rules body array a list of defined rules - Response Example
{
"rules": [{
"name":"default_rule",
"dest_ip": "0.0.0.0/0"
"policy": "balanced"
}
]
}
GET /cgi-bin/luci/sdewan/mwan3/v1/rule/{rule}
Get a rule
Request: N/A
Request Parameters
Name In Type Description rule path string rule name
Response
- Normal response codes: 200
- Error response code: 404
Response Parameters
Name In Type Description name body string rule name policy body string policy used for the rule src_ip body string (optional) source ip address src_port body string (optional) source port or port range dest_ip body string (optional) destination ip address dest_port body string (optional) destination port or port range proto body string (optional) protocol for the rule. Valid values: "tcp", "udp", "icmp", "all" family body string (optional) address family. Valid values: "ipv4", "ipv6", "all" sticky body string (optional) default: 0, allow traffic from the same source ip address within the timeout limit to use same wan interface as prior session timeout body int (optional) default: 600, Stickiness timeout value in seconds - Response Example
{
"name":"default_rule",
"dest_ip": "0.0.0.0/0"
"policy": "balanced"
}
POST /cgi-bin/luci/sdewan/mwan3/v1/rule
create a new rule
Request:
Request Parameters: same with GET's response request
- Request Example: same with GET's response example
Response
- Normal response codes: 201
- Error response codes: 400, 401
PUT /cgi-bin/luci/sdewan/mwan3/v1/rule/{rule}
update a policy
Request:
Request Parameters
Name In Type Description rule path string rule name policy body string policy used for the rule src_ip body string (optional) source ip address src_port body string (optional) source port or port range dest_ip body string (optional) destination ip address dest_port body string (optional) destination port or port range proto body string (optional) protocol for the rule. Valid values: "tcp", "udp", "icmp", "all" family body string (optional) address family. Valid values: "ipv4", "ipv6", "all" sticky body string (optional) default: 0, allow traffic from the same source ip address within the timeout limit to use same wan interface as prior session timeout body int (optional) default: 600, Stickiness timeout value in seconds - Request Example
{
"dest_ip": "0.0.0.0/0"
"policy": "balanced"
}
Response
- Normal response codes: 204
- Error response codes: 400, 401, 404
DELETE /cgi-bin/luci/sdewan/mwan3/v1/rule/{rule}
delete a rule
Request:
Request Parameters
Name In Type Description rule path string rule name
Response
- Normal response codes: 200
- Error response codes: 401, 404
Firewall
SD-EWAN Firewall API provides support to get/create/update/delete Firewall Rule (include Firewall, SNAT, DNAT etc.).