grpc-tunnel
Syntax
grpc-tunnel {
servers {
retry-interval interval;
server server-name {
address ip-address;
port port-number;
credentials {
tls {
certificate-id local-certificate in pki
ca-profiles [ specific ca-profiles in pki ];
}
}
targets [ ssh | netconf-ssh | gnmi-gnoi];
routing-instance routing-instance;
source-address ip-address;
}
}
target-string-option {
pattern [ hostname | vendor | model | version | custom ];
custom-string custom-string;
delimiter delimiter-string;
}
}
Hierarchy Level
[edit system services]
Description
Configure gRPC tunnel settings.
Options
| retry-interval |
Optional. Specify the time after which the target retries to connect again if the tunnel-server is not reachable. There is no limit on the number of times the target retries to connect to the server.
|
| server |
Specify the tunnel server name. A maximum of 10 tunnel servers can be configured at a time. |
| address |
Specify the IPv4 or IPv6 address or hostname of the tunnel server. |
| port |
Specify the port number through which the tunnel server listens. |
| credentials |
Configure options for TLS-based authentication. |
| tls |
Configure TLS certificate related options. |
| certificate-id |
Optional. Specify the local tunnel client certificate-id loaded in the PKI hierarchy. Mandatory in cases where mutual authentication is required and the client must present the certificate to the server. |
| ca-profiles |
Optional. Specify the list of certificate authority (CA)s to validate the certificate of the tunnel server. If not specified, the gRPC tunnel utilizes the loaded CAs through PKI hierarchy to validate the server certificate. |
| targets |
Specify the list of target applications that are to be made available. It may contain one or more target types.
|
| routing-instance |
Optional. Specify the name of the routing instance through which the target can reach the tunnel server. |
| source-address |
Optional. Specify the IPv4 or IPv6 source address that can connect with the tunnel server. |
| target-string-option |
Optional. Configure to modify the target string that gets registered with the tunnel server. |
| pattern |
Optional. Specify the list of supported options. You can use this statement to select the string to be created using the options.
|
| custom-string |
Specify the string to be used when pattern contains custom as one of the options. |
| delimiter |
Specify a character to act as the delimiter.
|
Required Privilege Level
system— To view this statement in the configuration.
system-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS and Junos OS Evolved Release 22.4R1.
routing-instance routing-instance and
source-address ip-address options introduced
in Junos OS and Junos OS Evolved Release 23.2R1.