openstack/python-neutronclient
Code Issues Proposed changes

Merge "CLI support for VPNaaS multiple local subnets"

Browse Source
This commit is contained in:
Jenkins 2015-11-12 16:59:10 +00:00 committed by Gerrit Code Review
commit 5ebba55f78
5 changed files with 206 additions and 136 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

100
neutronclient/neutron/v2_0/vpn/ipsec_site_connection.py
View File

@ -37,8 +37,7 @@ class ListIPsecSiteConnection(neutronv20.ListCommand):
resource = 'ipsec_site_connection' resource = 'ipsec_site_connection'
_formatters = {'peer_cidrs': _format_peer_cidrs} _formatters = {'peer_cidrs': _format_peer_cidrs}
list_columns = [ list_columns = [
'id', 'name', 'peer_address', 'peer_cidrs', 'route_mode', 'id', 'name', 'peer_address', 'auth_mode', 'status']
'auth_mode', 'status']
pagination_support = True pagination_support = True
sorting_support = True sorting_support = True
@ -49,7 +48,46 @@ class ShowIPsecSiteConnection(neutronv20.ShowCommand):
resource = 'ipsec_site_connection' resource = 'ipsec_site_connection'
class CreateIPsecSiteConnection(neutronv20.CreateCommand): class IPsecSiteConnectionMixin(object):
def add_known_arguments(self, parser):
parser.add_argument(
'--dpd',
metavar="action=ACTION,interval=INTERVAL,timeout=TIMEOUT",
type=utils.str2dict,
help=vpn_utils.dpd_help("IPsec connection."))
parser.add_argument(
'--local-ep-group',
help=_('Local endpoint group ID/name with subnet(s) for '
'IPSec connection.'))
parser.add_argument(
'--peer-ep-group',
help=_('Peer endpoint group ID/name with CIDR(s) for '
'IPsec connection.'))
def args2body(self, parsed_args, body=None):
"""Add in conditional args and then return all conn info."""
if body is None:
body = {}
if parsed_args.dpd:
vpn_utils.validate_dpd_dict(parsed_args.dpd)
body['dpd'] = parsed_args.dpd
if parsed_args.local_ep_group:
_local_epg = neutronv20.find_resourceid_by_name_or_id(
self.get_client(), 'endpoint_group',
parsed_args.local_ep_group)
body['local_ep_group_id'] = _local_epg
if parsed_args.peer_ep_group:
_peer_epg = neutronv20.find_resourceid_by_name_or_id(
self.get_client(), 'endpoint_group',
parsed_args.peer_ep_group)
body['peer_ep_group_id'] = _peer_epg
return {self.resource: body}
class CreateIPsecSiteConnection(IPsecSiteConnectionMixin,
neutronv20.CreateCommand):
"""Create an IPsec site connection.""" """Create an IPsec site connection."""
resource = 'ipsec_site_connection' resource = 'ipsec_site_connection'
@ -73,11 +111,6 @@ class CreateIPsecSiteConnection(neutronv20.CreateCommand):
default='bi-directional', choices=['bi-directional', default='bi-directional', choices=['bi-directional',
'response-only'], 'response-only'],
help=_('Initiator state in lowercase, default:bi-directional')) help=_('Initiator state in lowercase, default:bi-directional'))
parser.add_argument(
'--dpd',
metavar="action=ACTION,interval=INTERVAL,timeout=TIMEOUT",
type=utils.str2dict,
help=vpn_utils.dpd_help("IPsec connection."))
parser.add_argument( parser.add_argument(
'--vpnservice-id', metavar='VPNSERVICE', '--vpnservice-id', metavar='VPNSERVICE',
required=True, required=True,
@ -102,12 +135,14 @@ class CreateIPsecSiteConnection(neutronv20.CreateCommand):
parser.add_argument( parser.add_argument(
'--peer-cidr', '--peer-cidr',
action='append', dest='peer_cidrs', action='append', dest='peer_cidrs',
required=True, help=_('[DEPRECATED in Mitaka] Remote subnet(s) in CIDR format. '
help=_('Remote subnet(s) in CIDR format.')) 'Cannot be specified when using endpoint groups. Only '
'applicable, if subnet provided for VPN service.'))
parser.add_argument( parser.add_argument(
'--psk', '--psk',
required=True, required=True,
help=_('Pre-shared key string.')) help=_('Pre-shared key string.'))
super(CreateIPsecSiteConnection, self).add_known_arguments(parser)
def args2body(self, parsed_args): def args2body(self, parsed_args):
_vpnservice_id = neutronv20.find_resourceid_by_name_or_id( _vpnservice_id = neutronv20.find_resourceid_by_name_or_id(
@ -123,52 +158,45 @@ class CreateIPsecSiteConnection(neutronv20.CreateCommand):
message = _("Invalid MTU value: MTU must be " message = _("Invalid MTU value: MTU must be "
"greater than or equal to 68") "greater than or equal to 68")
raise exceptions.CommandError(message) raise exceptions.CommandError(message)
if (bool(parsed_args.local_ep_group) !=
bool(parsed_args.peer_ep_group)):
message = _("You must specify both local and peer endpoint "
"groups.")
raise exceptions.CommandError(message)
if parsed_args.peer_cidrs and parsed_args.local_ep_group:
message = _("You cannot specify both endpoint groups and peer "
"CIDR(s).")
raise exceptions.CommandError(message)
if not parsed_args.peer_cidrs and not parsed_args.local_ep_group:
message = _("You must specify endpoint groups or peer CIDR(s).")
raise exceptions.CommandError(message)
body = { body = {
'vpnservice_id': _vpnservice_id, 'vpnservice_id': _vpnservice_id,
'ikepolicy_id': _ikepolicy_id, 'ikepolicy_id': _ikepolicy_id,
'ipsecpolicy_id': _ipsecpolicy_id, 'ipsecpolicy_id': _ipsecpolicy_id,
'peer_address': parsed_args.peer_address,
'peer_id': parsed_args.peer_id,
'mtu': parsed_args.mtu,
'initiator': parsed_args.initiator,
'psk': parsed_args.psk,
'admin_state_up': parsed_args.admin_state_down, 'admin_state_up': parsed_args.admin_state_down,
} }
neutronv20.update_dict(parsed_args, body,
['peer_id', 'mtu', 'initiator', 'psk',
'peer_address'])
if parsed_args.name: if parsed_args.name:
body['name'] = parsed_args.name body['name'] = parsed_args.name
if parsed_args.description: if parsed_args.description:
body['description'] = parsed_args.description body['description'] = parsed_args.description
if parsed_args.tenant_id: if parsed_args.tenant_id:
body['tenant_id'] = parsed_args.tenant_id body['tenant_id'] = parsed_args.tenant_id
if parsed_args.dpd:
vpn_utils.validate_dpd_dict(parsed_args.dpd)
body['dpd'] = parsed_args.dpd
if parsed_args.peer_cidrs: if parsed_args.peer_cidrs:
body['peer_cidrs'] = parsed_args.peer_cidrs body['peer_cidrs'] = parsed_args.peer_cidrs
return super(CreateIPsecSiteConnection, self).args2body(parsed_args,
return {'ipsec_site_connection': body} body)
class UpdateIPsecSiteConnection(neutronv20.UpdateCommand): class UpdateIPsecSiteConnection(IPsecSiteConnectionMixin,
neutronv20.UpdateCommand):
"""Update a given IPsec site connection.""" """Update a given IPsec site connection."""
resource = 'ipsec_site_connection' resource = 'ipsec_site_connection'
def add_known_arguments(self, parser):
parser.add_argument(
'--dpd',
metavar="action=ACTION,interval=INTERVAL,timeout=TIMEOUT",
type=utils.str2dict,
help=vpn_utils.dpd_help("IPsec connection."))
def args2body(self, parsed_args):
body = {}
if parsed_args.dpd:
vpn_utils.validate_dpd_dict(parsed_args.dpd)
body['dpd'] = parsed_args.dpd
return {'ipsec_site_connection': body}
class DeleteIPsecSiteConnection(neutronv20.DeleteCommand): class DeleteIPsecSiteConnection(neutronv20.DeleteCommand):
"""Delete a given IPsec site connection.""" """Delete a given IPsec site connection."""

11
neutronclient/neutron/v2_0/vpn/vpnservice.py
View File

@ -55,13 +55,16 @@ class CreateVPNService(neutronv20.CreateCommand):
'router', metavar='ROUTER', 'router', metavar='ROUTER',
help=_('Router unique identifier for the VPN service.')) help=_('Router unique identifier for the VPN service.'))
parser.add_argument( parser.add_argument(
'subnet', metavar='SUBNET', 'subnet', nargs='?', metavar='SUBNET',
help=_('Subnet unique identifier for the VPN service deployment.')) help=_('[DEPRECATED in Mitaka] Unique identifier for the local '
'private subnet.'))
def args2body(self, parsed_args): def args2body(self, parsed_args):
if parsed_args.subnet:
_subnet_id = neutronv20.find_resourceid_by_name_or_id( _subnet_id = neutronv20.find_resourceid_by_name_or_id(
self.get_client(), 'subnet', self.get_client(), 'subnet', parsed_args.subnet)
parsed_args.subnet) else:
_subnet_id = None
_router_id = neutronv20.find_resourceid_by_name_or_id( _router_id = neutronv20.find_resourceid_by_name_or_id(
self.get_client(), 'router', self.get_client(), 'router',
parsed_args.router) parsed_args.router)

2
neutronclient/tests/functional/adv-svcs/test_readonly_neutron_vpn.py
View File

@ -50,6 +50,4 @@ class SimpleReadOnlyNeutronVpnClientTest(base.ClientTestBase):
('ipsec-site-connection-list')) ('ipsec-site-connection-list'))
self.assertTableStruct(ipsec_site, ['id', 'name', self.assertTableStruct(ipsec_site, ['id', 'name',
'peer_address', 'peer_address',
'peer_cidrs',
'route_mode',
'auth_mode', 'status']) 'auth_mode', 'status'])

198
neutronclient/tests/unit/vpn/test_cli20_ipsec_site_connection.py
View File

@ -23,8 +23,9 @@ from neutronclient.tests.unit import test_cli20
class CLITestV20IPsecSiteConnectionJSON(test_cli20.CLITestV20Base): class CLITestV20IPsecSiteConnectionJSON(test_cli20.CLITestV20Base):
def test_create_ipsec_site_connection_all_params(self): # TODO(pcm): Remove, once peer-cidr is deprecated completely
"""ipsecsite-connection-create all params.""" def test_create_ipsec_site_connection_all_params_using_peer_cidrs(self):
"""ipsecsite-connection-create all params using peer CIDRs."""
resource = 'ipsec_site_connection' resource = 'ipsec_site_connection'
cmd = ipsec_site_connection.CreateIPsecSiteConnection( cmd = ipsec_site_connection.CreateIPsecSiteConnection(
test_cli20.MyApp(sys.stdout), None test_cli20.MyApp(sys.stdout), None
@ -78,6 +79,63 @@ class CLITestV20IPsecSiteConnectionJSON(test_cli20.CLITestV20Base):
position_names, position_values, position_names, position_values,
extra_body=extra_body) extra_body=extra_body)
def test_create_ipsec_site_conn_all_params(self):
"""ipsecsite-connection-create all params using endpoint groups."""
resource = 'ipsec_site_connection'
cmd = ipsec_site_connection.CreateIPsecSiteConnection(
test_cli20.MyApp(sys.stdout), None
)
tenant_id = 'mytenant_id'
name = 'connection1'
my_id = 'my_id'
peer_address = '192.168.2.10'
peer_id = '192.168.2.10'
psk = 'abcd'
mtu = '1500'
initiator = 'bi-directional'
vpnservice_id = 'vpnservice_id'
ikepolicy_id = 'ikepolicy_id'
ipsecpolicy_id = 'ipsecpolicy_id'
local_ep_group = 'local-epg'
peer_ep_group = 'peer-epg'
admin_state = True
description = 'my-vpn-connection'
dpd = 'action=restart,interval=30,timeout=120'
args = ['--tenant-id', tenant_id,
'--peer-address', peer_address, '--peer-id', peer_id,
'--psk', psk, '--initiator', initiator,
'--vpnservice-id', vpnservice_id,
'--ikepolicy-id', ikepolicy_id, '--name', name,
'--ipsecpolicy-id', ipsecpolicy_id, '--mtu', mtu,
'--description', description,
'--local-ep-group', local_ep_group,
'--peer-ep-group', peer_ep_group,
'--dpd', dpd]
position_names = ['name', 'tenant_id', 'admin_state_up',
'peer_address', 'peer_id', 'psk', 'mtu',
'local_ep_group_id', 'peer_ep_group_id',
'initiator', 'description',
'vpnservice_id', 'ikepolicy_id',
'ipsecpolicy_id']
position_values = [name, tenant_id, admin_state, peer_address,
peer_id, psk, mtu, local_ep_group,
peer_ep_group, initiator, description,
vpnservice_id, ikepolicy_id, ipsecpolicy_id]
extra_body = {
'dpd': {
'action': 'restart',
'interval': 30,
'timeout': 120,
},
}
self._test_create_resource(resource, cmd, name, my_id, args,
position_names, position_values,
extra_body=extra_body)
def test_create_ipsec_site_connection_with_limited_params(self): def test_create_ipsec_site_connection_with_limited_params(self):
"""ipsecsite-connection-create with limited params.""" """ipsecsite-connection-create with limited params."""
resource = 'ipsec_site_connection' resource = 'ipsec_site_connection'
@ -94,7 +152,8 @@ class CLITestV20IPsecSiteConnectionJSON(test_cli20.CLITestV20Base):
vpnservice_id = 'vpnservice_id' vpnservice_id = 'vpnservice_id'
ikepolicy_id = 'ikepolicy_id' ikepolicy_id = 'ikepolicy_id'
ipsecpolicy_id = 'ipsecpolicy_id' ipsecpolicy_id = 'ipsecpolicy_id'
peer_cidrs = ['192.168.3.0/24', '192.168.2.0/24'] local_ep_group = 'local-epg'
peer_ep_group = 'peer-epg'
admin_state = True admin_state = True
args = ['--tenant-id', tenant_id, args = ['--tenant-id', tenant_id,
@ -104,31 +163,30 @@ class CLITestV20IPsecSiteConnectionJSON(test_cli20.CLITestV20Base):
'--vpnservice-id', vpnservice_id, '--vpnservice-id', vpnservice_id,
'--ikepolicy-id', ikepolicy_id, '--ikepolicy-id', ikepolicy_id,
'--ipsecpolicy-id', ipsecpolicy_id, '--ipsecpolicy-id', ipsecpolicy_id,
'--peer-cidr', '192.168.3.0/24', '--local-ep-group', local_ep_group,
'--peer-cidr', '192.168.2.0/24'] '--peer-ep-group', peer_ep_group]
position_names = ['tenant_id', 'admin_state_up', position_names = ['tenant_id', 'admin_state_up',
'peer_address', 'peer_id', 'peer_cidrs', 'peer_address', 'peer_id',
'local_ep_group_id', 'peer_ep_group_id',
'psk', 'mtu', 'initiator', 'psk', 'mtu', 'initiator',
'vpnservice_id', 'ikepolicy_id', 'vpnservice_id', 'ikepolicy_id',
'ipsecpolicy_id'] 'ipsecpolicy_id']
position_values = [tenant_id, admin_state, peer_address, position_values = [tenant_id, admin_state, peer_address, peer_id,
peer_id, peer_cidrs, psk, mtu, local_ep_group, peer_ep_group, psk, mtu, initiator,
initiator,
vpnservice_id, ikepolicy_id, ipsecpolicy_id] vpnservice_id, ikepolicy_id, ipsecpolicy_id]
self._test_create_resource(resource, cmd, None, my_id, args, self._test_create_resource(resource, cmd, None, my_id, args,
position_names, position_values) position_names, position_values)
def _test_dpd_values(self, dpd): def _test_create_failure(self, additional_args=None):
"""ipsecsite-connection-create with invalid dpd values.""" """Helper to test failure of IPSec site-to-site creation failure."""
resource = 'ipsec_site_connection' resource = 'ipsec_site_connection'
cmd = ipsec_site_connection.CreateIPsecSiteConnection( cmd = ipsec_site_connection.CreateIPsecSiteConnection(
test_cli20.MyApp(sys.stdout), None test_cli20.MyApp(sys.stdout), None
) )
tenant_id = 'mytenant_id' tenant_id = 'mytenant_id'
name = 'connection1'
my_id = 'my_id' my_id = 'my_id'
peer_address = '192.168.2.10' peer_address = '192.168.2.10'
peer_id = '192.168.2.10' peer_id = '192.168.2.10'
@ -138,91 +196,61 @@ class CLITestV20IPsecSiteConnectionJSON(test_cli20.CLITestV20Base):
vpnservice_id = 'vpnservice_id' vpnservice_id = 'vpnservice_id'
ikepolicy_id = 'ikepolicy_id' ikepolicy_id = 'ikepolicy_id'
ipsecpolicy_id = 'ipsecpolicy_id' ipsecpolicy_id = 'ipsecpolicy_id'
peer_cidrs = ['192.168.3.0/24', '192.168.2.0/24']
admin_state = True admin_state = True
description = 'my-vpn-connection'
args = ['--tenant-id', tenant_id, args = ['--tenant-id', tenant_id,
'--peer-address', peer_address, '--peer-id', peer_id, '--peer-address', peer_address,
'--psk', psk, '--initiator', initiator, '--peer-id', peer_id,
'--psk', psk,
'--vpnservice-id', vpnservice_id, '--vpnservice-id', vpnservice_id,
'--ikepolicy-id', ikepolicy_id, '--name', name, '--ikepolicy-id', ikepolicy_id,
'--ipsecpolicy-id', ipsecpolicy_id, '--mtu', mtu, '--ipsecpolicy-id', ipsecpolicy_id]
'--description', description, if additional_args is not None:
'--peer-cidr', '192.168.3.0/24', args += additional_args
'--peer-cidr', '192.168.2.0/24', position_names = ['tenant_id', 'admin_state_up', 'peer_address',
'--dpd', dpd] 'peer_id', 'psk', 'mtu', 'initiator',
'local_ep_group_id', 'peer_ep_group_id',
'vpnservice_id', 'ikepolicy_id', 'ipsecpolicy_id']
position_names = ['name', 'tenant_id', 'admin_state_up', position_values = [tenant_id, admin_state, peer_address, peer_id, psk,
'peer_address', 'peer_id', 'peer_cidrs', mtu, initiator, None, None, vpnservice_id,
'psk', 'mtu', 'initiator', 'description', ikepolicy_id, ipsecpolicy_id]
'vpnservice_id', 'ikepolicy_id', self.assertRaises(exceptions.CommandError,
'ipsecpolicy_id']
position_values = [name, tenant_id, admin_state, peer_address,
peer_id, peer_cidrs, psk, mtu,
initiator, description,
vpnservice_id, ikepolicy_id, ipsecpolicy_id]
self.assertRaises(
exceptions.CommandError,
self._test_create_resource, self._test_create_resource,
resource, cmd, name, my_id, args, resource, cmd, None, my_id, args,
position_names, position_values) position_names, position_values)
def test_invalid_mtu(self): def test_fail_create_with_invalid_mtu(self):
"""ipsecsite-connection-create with invalid dpd values.""" """ipsecsite-connection-create with invalid dpd values."""
resource = 'ipsec_site_connection' bad_mtu = ['--mtu', '67']
cmd = ipsec_site_connection.CreateIPsecSiteConnection( self._test_create_failure(bad_mtu)
test_cli20.MyApp(sys.stdout), None
)
tenant_id = 'mytenant_id'
name = 'connection1'
my_id = 'my_id'
peer_address = '192.168.2.10'
peer_id = '192.168.2.10'
psk = 'abcd'
mtu = '67'
initiator = 'bi-directional'
vpnservice_id = 'vpnservice_id'
ikepolicy_id = 'ikepolicy_id'
ipsecpolicy_id = 'ipsecpolicy_id'
peer_cidrs = ['192.168.3.0/24', '192.168.2.0/24']
admin_state = True
description = 'my-vpn-connection'
args = ['--tenant-id', tenant_id, def test_fail_create_with_invalid_dpd_keys(self):
'--peer-address', peer_address, '--peer-id', peer_id, bad_dpd_key = ['--dpd', 'act=restart,interval=30,time=120']
'--psk', psk, '--initiator', initiator, self._test_create_failure(bad_dpd_key)
'--vpnservice-id', vpnservice_id,
'--ikepolicy-id', ikepolicy_id, '--name', name,
'--ipsecpolicy-id', ipsecpolicy_id, '--mtu', mtu,
'--description', description,
'--peer-cidr', '192.168.3.0/24',
'--peer-cidr', '192.168.2.0/24']
position_names = ['name', 'tenant_id', 'admin_state_up', def test_fail_create_with_invalid_dpd_values(self):
'peer_address', 'peer_id', 'peer_cidrs', bad_dpd_values = ['--dpd', 'action=hold,interval=30,timeout=-1']
'psk', 'mtu', 'initiator', 'description', self._test_create_failure(bad_dpd_values)
'vpnservice_id', 'ikepolicy_id',
'ipsecpolicy_id']
position_values = [name, tenant_id, admin_state, peer_address, def test_fail_create_missing_endpoint_groups_or_cidr(self):
peer_id, peer_cidrs, psk, mtu, """Must provide either endpoint groups or peer cidrs."""
initiator, description, self._test_create_failure()
vpnservice_id, ikepolicy_id, ipsecpolicy_id]
self.assertRaises(
exceptions.CommandError,
self._test_create_resource,
resource, cmd, name, my_id, args,
position_names, position_values)
def test_create_ipsec_site_connection_with_invalid_dpd_keys(self): def test_fail_create_missing_peer_endpoint_group(self):
dpd = 'act=restart,interval=30,time=120' """Fails if dont have both endpoint groups - missing peer."""
self._test_dpd_values(dpd) self._test_create_failure(['--local-ep-group', 'local-epg'])
def test_create_ipsec_site_connection_with_invalid_dpd_values(self): def test_fail_create_missing_local_endpoint_group(self):
dpd = 'action=hold,interval=30,timeout=-1' """Fails if dont have both endpoint groups - missing local."""
self._test_dpd_values(dpd) self._test_create_failure(['--peer-ep-group', 'peer-epg'])
def test_fail_create_when_both_endpoints_and_peer_cidr(self):
"""Cannot intermix endpoint groups and peer CIDRs for create."""
additional_args = ['--local-ep-group', 'local-epg',
'--peer-ep-group', 'peer-epg',
'--peer-cidr', '10.2.0.0/24']
self._test_create_failure(additional_args)
def test_list_ipsec_site_connection(self): def test_list_ipsec_site_connection(self):
"""ipsecsite-connection-list.""" """ipsecsite-connection-list."""
@ -300,7 +328,3 @@ class CLITestV20IPsecSiteConnectionJSON(test_cli20.CLITestV20Base):
args = ['--fields', 'id', '--fields', 'name', self.test_id] args = ['--fields', 'id', '--fields', 'name', self.test_id]
self._test_show_resource(resource, cmd, self.test_id, self._test_show_resource(resource, cmd, self.test_id,
args, ['id', 'name']) args, ['id', 'name'])
class CLITestV20IPsecSiteConnectionXML(CLITestV20IPsecSiteConnectionJSON):
format = 'xml'

25
neutronclient/tests/unit/vpn/test_cli20_vpnservice.py
View File

@ -73,6 +73,27 @@ class CLITestV20VpnServiceJSON(test_cli20.CLITestV20Base):
self._test_create_resource(resource, cmd, None, my_id, args, self._test_create_resource(resource, cmd, None, my_id, args,
position_names, position_values) position_names, position_values)
def test_create_vpnservice_without_subnet(self):
"""vpn-service-create with no subnet provided."""
resource = 'vpnservice'
cmd = vpnservice.CreateVPNService(test_cli20.MyApp(sys.stdout), None)
router = 'myrouter-id'
tenant_id = 'mytenant-id'
my_id = 'my-id'
admin_state = True
args = [router,
'--tenant-id', tenant_id]
position_names = ['admin_state_up',
'subnet_id', 'router_id',
'tenant_id']
position_values = [admin_state, None, router, tenant_id]
self._test_create_resource(resource, cmd, None, my_id, args,
position_names, position_values)
def test_list_vpnservice(self): def test_list_vpnservice(self):
"""vpn-service-list.""" """vpn-service-list."""
resources = "vpnservices" resources = "vpnservices"
@ -131,7 +152,3 @@ class CLITestV20VpnServiceJSON(test_cli20.CLITestV20Base):
my_id = 'my-id' my_id = 'my-id'
args = [my_id] args = [my_id]
self._test_delete_resource(resource, cmd, my_id, args) self._test_delete_resource(resource, cmd, my_id, args)
class CLITestV20VpnServiceXML(CLITestV20VpnServiceJSON):
format = 'xml'