API Reference

Magic Transit

Copy Markdown

Open in Claude

Open in ChatGPT

Open in Cursor

---

Copy Markdown

View as Markdown

GRE Tunnels

List GRE tunnels

magic_transit.gre_tunnels.list(GRETunnelListParams**kwargs) -> GRETunnelListResponse

GET/accounts/{account_id}/magic/gre_tunnels

List GRE Tunnel Details

magic_transit.gre_tunnels.get(strgre_tunnel_id, GRETunnelGetParams**kwargs) -> GRETunnelGetResponse

GET/accounts/{account_id}/magic/gre_tunnels/{gre_tunnel_id}

Create a GRE tunnel

magic_transit.gre_tunnels.create(GRETunnelCreateParams**kwargs) -> GRETunnelCreateResponse

POST/accounts/{account_id}/magic/gre_tunnels

Update GRE Tunnel

magic_transit.gre_tunnels.update(strgre_tunnel_id, GRETunnelUpdateParams**kwargs) -> GRETunnelUpdateResponse

PUT/accounts/{account_id}/magic/gre_tunnels/{gre_tunnel_id}

Delete GRE Tunnel

magic_transit.gre_tunnels.delete(strgre_tunnel_id, GRETunnelDeleteParams**kwargs) -> GRETunnelDeleteResponse

DELETE/accounts/{account_id}/magic/gre_tunnels/{gre_tunnel_id}

Update multiple GRE tunnels

magic_transit.gre_tunnels.bulk_update(GRETunnelBulkUpdateParams**kwargs) -> GRETunnelBulkUpdateResponse

PUT/accounts/{account_id}/magic/gre_tunnels

ModelsExpand Collapse

class GRETunnelListResponse: …

gre_tunnels: Optional[List[GRETunnel]]

id: str

Identifier

maxLength32

cloudflare_gre_endpoint: str

The IP address assigned to the Cloudflare side of the GRE tunnel.

customer_gre_endpoint: str

The IP address assigned to the customer side of the GRE tunnel.

interface_address: str

A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255.

name: str

The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel.

automatic_return_routing: Optional[bool]

True if automatic stateful return routing should be enabled for a tunnel, false otherwise.

bgp: Optional[GRETunnelBGP]

customer_asn: int

ASN used on the customer end of the BGP session

formatint32

minimum0

extra_prefixes: Optional[List[str]]

Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table.

md5_key: Optional[str]

MD5 key to use for session authentication.

Note that this is not a security measure. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is only supported for preventing misconfiguration, not for defending against malicious attacks.

The MD5 key, if set, must be of non-zero length and consist only of the following types of character:

• ASCII alphanumerics: [a-zA-Z0-9]
• Special characters in the set '!@#$%^&*()+[]{}<>/.,;:_-~= |`

In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark ("), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (?). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected.

bgp_status: Optional[GRETunnelBGPStatus]

state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]

One of the following:

"BGP_DOWN"

"BGP_UP"

"BGP_ESTABLISHING"

tcp_established: bool

updated_at: datetime

formatdate-time

bgp_state: Optional[str]

cf_speaker_ip: Optional[str]

formatipv4

cf_speaker_port: Optional[int]

maximum65535

minimum1

customer_speaker_ip: Optional[str]

formatipv4

customer_speaker_port: Optional[int]

maximum65535

minimum1

created_on: Optional[datetime]

The date and time the tunnel was created.

formatdate-time

description: Optional[str]

An optional description of the GRE tunnel.

health_check: Optional[GRETunnelHealthCheck]

direction: Optional[Literal["unidirectional", "bidirectional"]]

The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel.

One of the following:

"unidirectional"

"bidirectional"

enabled: Optional[bool]

Determines whether to run healthchecks for a tunnel.

rate: Optional[HealthCheckRate]

How frequent the health check is run. The default value is mid.

target: Optional[GRETunnelHealthCheckTarget]

The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to customer_gre_endpoint address. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false.

One of the following:

class GRETunnelHealthCheckTargetMagicHealthCheckTarget: …

The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to customer_gre_endpoint address. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target.

effective: Optional[str]

The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests.

saved: Optional[str]

The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used.

str

type: Optional[HealthCheckType]

The type of healthcheck to run, reply or request. The default value is reply.

interface_address6: Optional[str]

A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127

modified_on: Optional[datetime]

The date and time the tunnel was last modified.

formatdate-time

mtu: Optional[int]

Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576.

ttl: Optional[int]

Time To Live (TTL) in number of hops of the GRE tunnel.

class GRETunnelGetResponse: …

gre_tunnel: Optional[GRETunnel]

id: str

Identifier

maxLength32

cloudflare_gre_endpoint: str

The IP address assigned to the Cloudflare side of the GRE tunnel.

customer_gre_endpoint: str

The IP address assigned to the customer side of the GRE tunnel.

interface_address: str

A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255.

name: str

The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel.

automatic_return_routing: Optional[bool]

True if automatic stateful return routing should be enabled for a tunnel, false otherwise.

bgp: Optional[GRETunnelBGP]

customer_asn: int

ASN used on the customer end of the BGP session

formatint32

minimum0

extra_prefixes: Optional[List[str]]

Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table.

md5_key: Optional[str]

MD5 key to use for session authentication.

Note that this is not a security measure. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is only supported for preventing misconfiguration, not for defending against malicious attacks.

The MD5 key, if set, must be of non-zero length and consist only of the following types of character:

• ASCII alphanumerics: [a-zA-Z0-9]
• Special characters in the set '!@#$%^&*()+[]{}<>/.,;:_-~= |`

In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark ("), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (?). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected.

bgp_status: Optional[GRETunnelBGPStatus]

state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]

One of the following:

"BGP_DOWN"

"BGP_UP"

"BGP_ESTABLISHING"

tcp_established: bool

updated_at: datetime

formatdate-time

bgp_state: Optional[str]

cf_speaker_ip: Optional[str]

formatipv4

cf_speaker_port: Optional[int]

maximum65535

minimum1

customer_speaker_ip: Optional[str]

formatipv4

customer_speaker_port: Optional[int]

maximum65535

minimum1

created_on: Optional[datetime]

The date and time the tunnel was created.

formatdate-time

description: Optional[str]

An optional description of the GRE tunnel.

health_check: Optional[GRETunnelHealthCheck]

direction: Optional[Literal["unidirectional", "bidirectional"]]

The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel.

One of the following:

"unidirectional"

"bidirectional"

enabled: Optional[bool]

Determines whether to run healthchecks for a tunnel.

rate: Optional[HealthCheckRate]

How frequent the health check is run. The default value is mid.

target: Optional[GRETunnelHealthCheckTarget]

The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to customer_gre_endpoint address. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false.

One of the following:

class GRETunnelHealthCheckTargetMagicHealthCheckTarget: …

The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to customer_gre_endpoint address. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target.

effective: Optional[str]

The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests.

saved: Optional[str]

The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used.

str

type: Optional[HealthCheckType]

The type of healthcheck to run, reply or request. The default value is reply.

interface_address6: Optional[str]

A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127

modified_on: Optional[datetime]

The date and time the tunnel was last modified.

formatdate-time

mtu: Optional[int]

Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576.

ttl: Optional[int]

Time To Live (TTL) in number of hops of the GRE tunnel.

class GRETunnelCreateResponse: …

id: str

Identifier

maxLength32

cloudflare_gre_endpoint: str

The IP address assigned to the Cloudflare side of the GRE tunnel.

customer_gre_endpoint: str

The IP address assigned to the customer side of the GRE tunnel.

interface_address: str

A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255.

name: str

The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel.

automatic_return_routing: Optional[bool]

True if automatic stateful return routing should be enabled for a tunnel, false otherwise.

bgp: Optional[BGP]

customer_asn: int

ASN used on the customer end of the BGP session

formatint32

minimum0

extra_prefixes: Optional[List[str]]

Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table.

md5_key: Optional[str]

MD5 key to use for session authentication.

Note that this is not a security measure. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is only supported for preventing misconfiguration, not for defending against malicious attacks.

The MD5 key, if set, must be of non-zero length and consist only of the following types of character:

• ASCII alphanumerics: [a-zA-Z0-9]
• Special characters in the set '!@#$%^&*()+[]{}<>/.,;:_-~= |`

In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark ("), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (?). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected.

bgp_status: Optional[BGPStatus]

state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]

One of the following:

"BGP_DOWN"

"BGP_UP"

"BGP_ESTABLISHING"

tcp_established: bool

updated_at: datetime

formatdate-time

bgp_state: Optional[str]

cf_speaker_ip: Optional[str]

formatipv4

cf_speaker_port: Optional[int]

maximum65535

minimum1

customer_speaker_ip: Optional[str]

formatipv4

customer_speaker_port: Optional[int]

maximum65535

minimum1

created_on: Optional[datetime]

The date and time the tunnel was created.

formatdate-time

description: Optional[str]

An optional description of the GRE tunnel.

health_check: Optional[HealthCheck]

direction: Optional[Literal["unidirectional", "bidirectional"]]

The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel.

One of the following:

"unidirectional"

"bidirectional"

enabled: Optional[bool]

Determines whether to run healthchecks for a tunnel.

rate: Optional[HealthCheckRate]

How frequent the health check is run. The default value is mid.

target: Optional[HealthCheckTarget]

The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to customer_gre_endpoint address. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false.

One of the following:

class HealthCheckTargetMagicHealthCheckTarget: …

The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to customer_gre_endpoint address. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target.

effective: Optional[str]

The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests.

saved: Optional[str]

The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used.

str

type: Optional[HealthCheckType]

The type of healthcheck to run, reply or request. The default value is reply.

interface_address6: Optional[str]

A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127

modified_on: Optional[datetime]

The date and time the tunnel was last modified.

formatdate-time

mtu: Optional[int]

Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576.

ttl: Optional[int]

Time To Live (TTL) in number of hops of the GRE tunnel.

class GRETunnelUpdateResponse: …

modified: Optional[bool]

modified_gre_tunnel: Optional[ModifiedGRETunnel]

id: str

Identifier

maxLength32

cloudflare_gre_endpoint: str

The IP address assigned to the Cloudflare side of the GRE tunnel.

customer_gre_endpoint: str

The IP address assigned to the customer side of the GRE tunnel.

interface_address: str

A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255.

name: str

The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel.

automatic_return_routing: Optional[bool]

True if automatic stateful return routing should be enabled for a tunnel, false otherwise.

bgp: Optional[ModifiedGRETunnelBGP]

customer_asn: int

ASN used on the customer end of the BGP session

formatint32

minimum0

extra_prefixes: Optional[List[str]]

Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table.

md5_key: Optional[str]

MD5 key to use for session authentication.

Note that this is not a security measure. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is only supported for preventing misconfiguration, not for defending against malicious attacks.

The MD5 key, if set, must be of non-zero length and consist only of the following types of character:

• ASCII alphanumerics: [a-zA-Z0-9]
• Special characters in the set '!@#$%^&*()+[]{}<>/.,;:_-~= |`

In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark ("), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (?). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected.

bgp_status: Optional[ModifiedGRETunnelBGPStatus]

state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]

One of the following:

"BGP_DOWN"

"BGP_UP"

"BGP_ESTABLISHING"

tcp_established: bool

updated_at: datetime

formatdate-time

bgp_state: Optional[str]

cf_speaker_ip: Optional[str]

formatipv4

cf_speaker_port: Optional[int]

maximum65535

minimum1

customer_speaker_ip: Optional[str]

formatipv4

customer_speaker_port: Optional[int]

maximum65535

minimum1

created_on: Optional[datetime]

The date and time the tunnel was created.

formatdate-time

description: Optional[str]

An optional description of the GRE tunnel.

health_check: Optional[ModifiedGRETunnelHealthCheck]

direction: Optional[Literal["unidirectional", "bidirectional"]]

The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel.

One of the following:

"unidirectional"

"bidirectional"

enabled: Optional[bool]

Determines whether to run healthchecks for a tunnel.

rate: Optional[HealthCheckRate]

How frequent the health check is run. The default value is mid.

target: Optional[ModifiedGRETunnelHealthCheckTarget]

The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to customer_gre_endpoint address. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false.

One of the following:

class ModifiedGRETunnelHealthCheckTargetMagicHealthCheckTarget: …

The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to customer_gre_endpoint address. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target.

effective: Optional[str]

The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests.

saved: Optional[str]

The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used.

str

type: Optional[HealthCheckType]

The type of healthcheck to run, reply or request. The default value is reply.

interface_address6: Optional[str]

A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127

modified_on: Optional[datetime]

The date and time the tunnel was last modified.

formatdate-time

mtu: Optional[int]

Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576.

ttl: Optional[int]

Time To Live (TTL) in number of hops of the GRE tunnel.

class GRETunnelDeleteResponse: …

deleted: Optional[bool]

deleted_gre_tunnel: Optional[DeletedGRETunnel]

id: str

Identifier

maxLength32

cloudflare_gre_endpoint: str

The IP address assigned to the Cloudflare side of the GRE tunnel.

customer_gre_endpoint: str

The IP address assigned to the customer side of the GRE tunnel.

interface_address: str

A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255.

name: str

The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel.

automatic_return_routing: Optional[bool]

True if automatic stateful return routing should be enabled for a tunnel, false otherwise.

bgp: Optional[DeletedGRETunnelBGP]

customer_asn: int

ASN used on the customer end of the BGP session

formatint32

minimum0

extra_prefixes: Optional[List[str]]

Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table.

md5_key: Optional[str]

MD5 key to use for session authentication.

Note that this is not a security measure. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is only supported for preventing misconfiguration, not for defending against malicious attacks.

The MD5 key, if set, must be of non-zero length and consist only of the following types of character:

• ASCII alphanumerics: [a-zA-Z0-9]
• Special characters in the set '!@#$%^&*()+[]{}<>/.,;:_-~= |`

In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark ("), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (?). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected.

bgp_status: Optional[DeletedGRETunnelBGPStatus]

state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]

One of the following:

"BGP_DOWN"

"BGP_UP"

"BGP_ESTABLISHING"

tcp_established: bool

updated_at: datetime

formatdate-time

bgp_state: Optional[str]

cf_speaker_ip: Optional[str]

formatipv4

cf_speaker_port: Optional[int]

maximum65535

minimum1

customer_speaker_ip: Optional[str]

formatipv4

customer_speaker_port: Optional[int]

maximum65535

minimum1

created_on: Optional[datetime]

The date and time the tunnel was created.

formatdate-time

description: Optional[str]

An optional description of the GRE tunnel.

health_check: Optional[DeletedGRETunnelHealthCheck]

direction: Optional[Literal["unidirectional", "bidirectional"]]

The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel.

One of the following:

"unidirectional"

"bidirectional"

enabled: Optional[bool]

Determines whether to run healthchecks for a tunnel.

rate: Optional[HealthCheckRate]

How frequent the health check is run. The default value is mid.

target: Optional[DeletedGRETunnelHealthCheckTarget]

The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to customer_gre_endpoint address. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false.

One of the following:

class DeletedGRETunnelHealthCheckTargetMagicHealthCheckTarget: …

The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to customer_gre_endpoint address. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target.

effective: Optional[str]

The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests.

saved: Optional[str]

The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used.

str

type: Optional[HealthCheckType]

The type of healthcheck to run, reply or request. The default value is reply.

interface_address6: Optional[str]

A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127

modified_on: Optional[datetime]

The date and time the tunnel was last modified.

formatdate-time

mtu: Optional[int]

Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576.

ttl: Optional[int]

Time To Live (TTL) in number of hops of the GRE tunnel.

class GRETunnelBulkUpdateResponse: …

modified: Optional[bool]

modified_gre_tunnels: Optional[List[ModifiedGRETunnel]]

id: str

Identifier

maxLength32

cloudflare_gre_endpoint: str

The IP address assigned to the Cloudflare side of the GRE tunnel.

customer_gre_endpoint: str

The IP address assigned to the customer side of the GRE tunnel.

interface_address: str

A 31-bit prefix (/31 in CIDR notation) supporting two hosts, one for each side of the tunnel. Select the subnet from the following private IP space: 10.0.0.0–10.255.255.255, 172.16.0.0–172.31.255.255, 192.168.0.0–192.168.255.255.

name: str

The name of the tunnel. The name cannot contain spaces or special characters, must be 15 characters or less, and cannot share a name with another GRE tunnel.

automatic_return_routing: Optional[bool]

True if automatic stateful return routing should be enabled for a tunnel, false otherwise.

bgp: Optional[ModifiedGRETunnelBGP]

customer_asn: int

ASN used on the customer end of the BGP session

formatint32

minimum0

extra_prefixes: Optional[List[str]]

Prefixes in this list will be advertised to the customer device, in addition to the routes in the Magic routing table.

md5_key: Optional[str]

MD5 key to use for session authentication.

Note that this is not a security measure. MD5 is not a valid security mechanism, and the key is not treated as a secret value. This is only supported for preventing misconfiguration, not for defending against malicious attacks.

The MD5 key, if set, must be of non-zero length and consist only of the following types of character:

• ASCII alphanumerics: [a-zA-Z0-9]
• Special characters in the set '!@#$%^&*()+[]{}<>/.,;:_-~= |`

In other words, MD5 keys may contain any printable ASCII character aside from newline (0x0A), quotation mark ("), vertical tab (0x0B), carriage return (0x0D), tab (0x09), form feed (0x0C), and the question mark (?). Requests specifying an MD5 key with one or more of these disallowed characters will be rejected.

bgp_status: Optional[ModifiedGRETunnelBGPStatus]

state: Literal["BGP_DOWN", "BGP_UP", "BGP_ESTABLISHING"]

One of the following:

"BGP_DOWN"

"BGP_UP"

"BGP_ESTABLISHING"

tcp_established: bool

updated_at: datetime

formatdate-time

bgp_state: Optional[str]

cf_speaker_ip: Optional[str]

formatipv4

cf_speaker_port: Optional[int]

maximum65535

minimum1

customer_speaker_ip: Optional[str]

formatipv4

customer_speaker_port: Optional[int]

maximum65535

minimum1

created_on: Optional[datetime]

The date and time the tunnel was created.

formatdate-time

description: Optional[str]

An optional description of the GRE tunnel.

health_check: Optional[ModifiedGRETunnelHealthCheck]

direction: Optional[Literal["unidirectional", "bidirectional"]]

The direction of the flow of the healthcheck. Either unidirectional, where the probe comes to you via the tunnel and the result comes back to Cloudflare via the open Internet, or bidirectional where both the probe and result come and go via the tunnel.

One of the following:

"unidirectional"

"bidirectional"

enabled: Optional[bool]

Determines whether to run healthchecks for a tunnel.

rate: Optional[HealthCheckRate]

How frequent the health check is run. The default value is mid.

target: Optional[ModifiedGRETunnelHealthCheckTarget]

The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to customer_gre_endpoint address. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target. Must be in object form if the x-magic-new-hc-target header is set to true and string form if x-magic-new-hc-target is absent or set to false.

One of the following:

class ModifiedGRETunnelHealthCheckTargetMagicHealthCheckTarget: …

The destination address in a request type health check. After the healthcheck is decapsulated at the customer end of the tunnel, the ICMP echo will be forwarded to this address. This field defaults to customer_gre_endpoint address. This field is ignored for bidirectional healthchecks as the interface_address (not assigned to the Cloudflare side of the tunnel) is used as the target.

effective: Optional[str]

The effective health check target. If 'saved' is empty, then this field will be populated with the calculated default value on GET requests. Ignored in POST, PUT, and PATCH requests.

saved: Optional[str]

The saved health check target. Setting the value to the empty string indicates that the calculated default value will be used.

str

type: Optional[HealthCheckType]

The type of healthcheck to run, reply or request. The default value is reply.

interface_address6: Optional[str]

A 127 bit IPV6 prefix from within the virtual_subnet6 prefix space with the address being the first IP of the subnet and not same as the address of virtual_subnet6. Eg if virtual_subnet6 is 2606:54c1:7:0:a9fe:12d2::/127 , interface_address6 could be 2606:54c1:7:0:a9fe:12d2:1:200/127

modified_on: Optional[datetime]

The date and time the tunnel was last modified.

formatdate-time

mtu: Optional[int]

Maximum Transmission Unit (MTU) in bytes for the GRE tunnel. The minimum value is 576.

ttl: Optional[int]

Time To Live (TTL) in number of hops of the GRE tunnel.