Service VRF Sub-Interfaces
This page describes the API call sequence and payloads for connecting a service-side Ethernet interface to a switch using one VLAN sub-interface per service VRF.
Use Case
Section titled “Use Case”You have three service-side VRFs and want to connect a router Ethernet interface to a switch as an 802.1Q trunk. Each VRF uses one VLAN sub-interface on the same physical interface.
Example design:
| VRF / VPN | VLAN | Router sub-interface | Gateway IP |
|---|---|---|---|
| 10 | 10 | GigabitEthernet2.10 |
10.10.10.1/24 |
| 20 | 20 | GigabitEthernet2.20 |
10.20.20.1/24 |
| 30 | 30 | GigabitEthernet2.30 |
10.30.30.1/24 |
API Workflow
Section titled “API Workflow”- Create or identify the Service Feature Profile.
- Create one LAN VPN parcel per service VRF.
- Create one Ethernet interface sub-parcel under each LAN VPN parcel.
- Attach or deploy the Service Feature Profile through the Configuration Group workflow.
Create the LAN VPN Parcels
Section titled “Create the LAN VPN Parcels”Create one LAN VPN parcel for each service VRF.
POST /dataservice/v1/feature-profile/sdwan/service/<serviceId>/lan/vpnContent-Type: application/jsonExample for VRF / VPN 10:
{ "name": "lan_vpn_10", "description": "Service VRF 10", "data": { "vpnId": { "optionType": "global", "value": 10 }, "name": { "optionType": "global", "value": "VRF10" } }}Response:
{ "id": "11111111-1111-1111-1111-111111111111"}Save this returned ID as the parent LAN VPN parcel ID, for example <vpn10ParcelId>.
Repeat the same call for VPN 20 and VPN 30:
| Placeholder | VPN ID | Name |
|---|---|---|
<vpn10ParcelId> |
10 | VRF10 |
<vpn20ParcelId> |
20 | VRF20 |
<vpn30ParcelId> |
30 | VRF30 |
Create the Ethernet Sub-Interfaces
Section titled “Create the Ethernet Sub-Interfaces”Create one Ethernet interface parcel under each LAN VPN parcel.
POST /dataservice/v1/feature-profile/sdwan/service/<serviceId>/lan/vpn/<vpnParcelId>/interface/ethernetContent-Type: application/jsonExample for VLAN 10 / VRF 10:
{ "name": "ge2_10_vrf10", "description": "VLAN 10 sub-interface for VRF 10", "data": { "shutdown": { "optionType": "global", "value": false }, "interfaceName": { "optionType": "global", "value": "GigabitEthernet2.10" }, "description": { "optionType": "global", "value": "VRF10 to switch VLAN 10" }, "intfIpAddress": { "static": { "staticIpV4AddressPrimary": { "ipAddress": { "optionType": "global", "value": "10.10.10.1" }, "subnetMask": { "optionType": "global", "value": "255.255.255.0" } } } }, "nat": { "optionType": "global", "value": false }, "advanced": { "ipMtu": { "optionType": "default", "value": 1500 }, "arpTimeout": { "optionType": "default", "value": 1200 }, "loadInterval": { "optionType": "default", "value": 30 }, "ipDirectedBroadcast": { "optionType": "default", "value": false } } }}Repeat with the corresponding parent VPN parcel ID and interface values:
| Parent parcel | Interface parcel name | Interface name | IP address | Mask |
|---|---|---|---|---|
<vpn10ParcelId> |
ge2_10_vrf10 |
GigabitEthernet2.10 |
10.10.10.1 |
255.255.255.0 |
<vpn20ParcelId> |
ge2_20_vrf20 |
GigabitEthernet2.20 |
10.20.20.1 |
255.255.255.0 |
<vpn30ParcelId> |
ge2_30_vrf30 |
GigabitEthernet2.30 |
10.30.30.1 |
255.255.255.0 |
Optional Schema Checks
Section titled “Optional Schema Checks”Use these calls to confirm the exact schema supported by the running SD-WAN Manager release:
GET /dataservice/v1/feature-profile/sdwan/service/lan/vpn/schema?schemaType=postGET /dataservice/v1/feature-profile/sdwan/service/lan/vpn/interface/ethernet/schema?schemaType=postSD-Routing VRF Variant
Section titled “SD-Routing VRF Variant”If the device and workflow use the SD-Routing feature profile model instead of the SD-WAN Service Feature Profile model, use the SD-Routing VRF endpoints:
POST /dataservice/v1/feature-profile/sd-routing/service/<serviceId>/vrfPOST /dataservice/v1/feature-profile/sd-routing/service/<serviceId>/vrf/<vrfId>/interface/ethernetThe Ethernet interface payload is similar, but the parent object is a vrf feature rather than a lan/vpn parcel.