Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feat(eos_designs): Underlay OSPF authentication #4169

Merged
merged 13 commits into from
Jul 26, 2024
Merged

Feat(eos_designs): Underlay OSPF authentication #4169

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
0799924
Feat(eos_designs): OSPF authentication in underlay
jonxstill Jun 28, 2024
a2140f7
Schema change; error handling; add encryption
jonxstill Jul 1, 2024
3faf353
Molecule tests
jonxstill Jul 1, 2024
e4fb743
Change documentation table
jonxstill Jul 2, 2024
5a62f35
Fix schema desc typo
jonxstill Jul 2, 2024
44abba2
Amendments from reviews
jonxstill Jul 26, 2024
ed8368d
Update python-avd/pyavd/_eos_designs/schema/schema_fragments/underlay…
ClausHolbechArista Jul 26, 2024
9a0fe43
[pre-commit.ci] auto fixes from pre-commit.com hooks
pre-commit-ci[bot] Jul 26, 2024
9f99d44
Add test with two keys
ClausHolbechArista Jul 26, 2024
b7b505a
Update python-avd/pyavd/_eos_designs/schema/schema_fragments/underlay…
ClausHolbechArista Jul 26, 2024
559f45a
[pre-commit.ci] auto fixes from pre-commit.com hooks
pre-commit-ci[bot] Jul 26, 2024
cdd145d
Test: Use valid length in molecule for OSPF message-digest-key
gmuloc Jul 26, 2024
ad2c582
Merge branch 'devel' into underlay_ospf_auth
gmuloc Jul 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions ...ctions/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG-OSPF-L3LEAF1A.cfg
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,10 @@ interface Ethernet1
no switchport
ip address 10.10.101.7/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha512 7 qO39Oo+xVTO7l/La1StOQcW1t7hpfAAH
ip ospf message-digest-key 2 sha512 7 pWGuZ4QaDATcfTOKCkm1p2Rq2A4O9j5j
!
interface Ethernet5
description MLAG_PEER_MLAG-OSPF-L3LEAF1B_Ethernet5
Expand Down
3 changes: 3 additions & 0 deletions ...ctions/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG-OSPF-L3LEAF1B.cfg
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,10 @@ interface Ethernet1
no switchport
ip address 10.10.101.9/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha512 7 qO39Oo+xVTO7l/La1StOQcW1t7hpfAAH
ip ospf message-digest-key 2 sha512 7 pWGuZ4QaDATcfTOKCkm1p2Rq2A4O9j5j
!
interface Ethernet5
description MLAG_PEER_MLAG-OSPF-L3LEAF1A_Ethernet5
Expand Down
8 changes: 8 additions & 0 deletions ...ta/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG-OSPF-L3LEAF1A.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -170,6 +170,14 @@ ethernet_interfaces:
ip_address: 10.10.101.7/31
ospf_network_point_to_point: true
ospf_area: 0.0.0.0
ospf_authentication: message-digest
ospf_message_digest_keys:
- id: 1
hash_algorithm: sha512
key: qO39Oo+xVTO7l/La1StOQcW1t7hpfAAH
- id: 2
hash_algorithm: sha512
key: pWGuZ4QaDATcfTOKCkm1p2Rq2A4O9j5j
mlag_configuration:
domain_id: MLAG_OSPF_L3LEAF1
local_interface: Vlan4094
Expand Down
8 changes: 8 additions & 0 deletions ...ta/avd/molecule/eos_designs_unit_tests/intended/structured_configs/MLAG-OSPF-L3LEAF1B.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -170,6 +170,14 @@ ethernet_interfaces:
ip_address: 10.10.101.9/31
ospf_network_point_to_point: true
ospf_area: 0.0.0.0
ospf_authentication: message-digest
ospf_message_digest_keys:
- id: 1
hash_algorithm: sha512
key: qO39Oo+xVTO7l/La1StOQcW1t7hpfAAH
- id: 2
hash_algorithm: sha512
key: pWGuZ4QaDATcfTOKCkm1p2Rq2A4O9j5j
mlag_configuration:
domain_id: MLAG_OSPF_L3LEAF1
local_interface: Vlan4094
Expand Down
7 changes: 7 additions & 0 deletions ...tions/arista/avd/molecule/eos_designs_unit_tests/inventory/group_vars/MLAG_OSPF_TESTS.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,12 @@
---
underlay_routing_protocol: ospf
underlay_ospf_authentication:
enabled: true
message_digest_keys:
- id: 1
key: arista123arista
- id: 2
key: please_vault_me

type: l3leaf

Expand Down
8 changes: 8 additions & 0 deletions .../avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-BL1A.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -298,7 +298,9 @@ interface Ethernet1
no switchport
ip address 172.31.255.41/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet2
description P2P_LINK_TO_DC1-SPINE2_Ethernet6
Expand All @@ -307,7 +309,9 @@ interface Ethernet2
no switchport
ip address 172.31.255.43/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet3
description P2P_LINK_TO_DC1-SPINE3_Ethernet6
Expand All @@ -316,7 +320,9 @@ interface Ethernet3
no switchport
ip address 172.31.255.45/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet4
description P2P_LINK_TO_DC1-SPINE4_Ethernet6
Expand All @@ -325,7 +331,9 @@ interface Ethernet4
no switchport
ip address 172.31.255.47/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet5
description MLAG_PEER_DC1-BL1B_Ethernet5
Expand Down
8 changes: 8 additions & 0 deletions .../avd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-BL1B.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -298,7 +298,9 @@ interface Ethernet1
no switchport
ip address 172.31.255.49/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet2
description P2P_LINK_TO_DC1-SPINE2_Ethernet7
Expand All @@ -307,7 +309,9 @@ interface Ethernet2
no switchport
ip address 172.31.255.51/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet3
description P2P_LINK_TO_DC1-SPINE3_Ethernet7
Expand All @@ -316,7 +320,9 @@ interface Ethernet3
no switchport
ip address 172.31.255.53/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet4
description P2P_LINK_TO_DC1-SPINE4_Ethernet7
Expand All @@ -325,7 +331,9 @@ interface Ethernet4
no switchport
ip address 172.31.255.55/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet5
description MLAG_PEER_DC1-BL1A_Ethernet5
Expand Down
8 changes: 8 additions & 0 deletions ...vd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-LEAF1A.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -238,7 +238,9 @@ interface Ethernet1
no switchport
ip address 172.31.255.1/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet2
description P2P_LINK_TO_DC1-SPINE2_Ethernet1
Expand All @@ -247,7 +249,9 @@ interface Ethernet2
no switchport
ip address 172.31.255.3/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet3
description P2P_LINK_TO_DC1-SPINE3_Ethernet1
Expand All @@ -256,7 +260,9 @@ interface Ethernet3
no switchport
ip address 172.31.255.5/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet4
description P2P_LINK_TO_DC1-SPINE4_Ethernet1
Expand All @@ -265,7 +271,9 @@ interface Ethernet4
no switchport
ip address 172.31.255.7/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
```

### Loopback Interfaces
Expand Down
8 changes: 8 additions & 0 deletions ...vd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-LEAF2A.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -310,7 +310,9 @@ interface Ethernet1
no switchport
ip address 172.31.255.9/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet2
description P2P_LINK_TO_DC1-SPINE2_Ethernet2
Expand All @@ -319,7 +321,9 @@ interface Ethernet2
no switchport
ip address 172.31.255.11/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet3
description P2P_LINK_TO_DC1-SPINE3_Ethernet2
Expand All @@ -328,7 +332,9 @@ interface Ethernet3
no switchport
ip address 172.31.255.13/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet4
description P2P_LINK_TO_DC1-SPINE4_Ethernet2
Expand All @@ -337,7 +343,9 @@ interface Ethernet4
no switchport
ip address 172.31.255.15/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet5
description MLAG_PEER_DC1-LEAF2B_Ethernet5
Expand Down
8 changes: 8 additions & 0 deletions ...vd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-LEAF2B.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -310,7 +310,9 @@ interface Ethernet1
no switchport
ip address 172.31.255.17/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet2
description P2P_LINK_TO_DC1-SPINE2_Ethernet3
Expand All @@ -319,7 +321,9 @@ interface Ethernet2
no switchport
ip address 172.31.255.19/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet3
description P2P_LINK_TO_DC1-SPINE3_Ethernet3
Expand All @@ -328,7 +332,9 @@ interface Ethernet3
no switchport
ip address 172.31.255.21/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet4
description P2P_LINK_TO_DC1-SPINE4_Ethernet3
Expand All @@ -337,7 +343,9 @@ interface Ethernet4
no switchport
ip address 172.31.255.23/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet5
description MLAG_PEER_DC1-LEAF2A_Ethernet5
Expand Down
14 changes: 14 additions & 0 deletions ...vd/molecule/evpn_underlay_ospf_overlay_ebgp/documentation/devices/DC1-SPINE1.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -230,7 +230,9 @@ interface Ethernet1
no switchport
ip address 172.31.255.0/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet2
description P2P_LINK_TO_DC1-LEAF2A_Ethernet1
Expand All @@ -239,7 +241,9 @@ interface Ethernet2
no switchport
ip address 172.31.255.8/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet3
description P2P_LINK_TO_DC1-LEAF2B_Ethernet1
Expand All @@ -248,7 +252,9 @@ interface Ethernet3
no switchport
ip address 172.31.255.16/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet4
description P2P_LINK_TO_DC1-SVC3A_Ethernet1
Expand All @@ -257,7 +263,9 @@ interface Ethernet4
no switchport
ip address 172.31.255.24/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet5
description P2P_LINK_TO_DC1-SVC3B_Ethernet1
Expand All @@ -266,7 +274,9 @@ interface Ethernet5
no switchport
ip address 172.31.255.32/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet6
description P2P_LINK_TO_DC1-BL1A_Ethernet1
Expand All @@ -275,7 +285,9 @@ interface Ethernet6
no switchport
ip address 172.31.255.40/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
!
interface Ethernet7
description P2P_LINK_TO_DC1-BL1B_Ethernet1
Expand All @@ -284,7 +296,9 @@ interface Ethernet7
no switchport
ip address 172.31.255.48/31
ip ospf network point-to-point
ip ospf authentication message-digest
ip ospf area 0.0.0.0
ip ospf message-digest-key 1 sha256 7 <removed>
```

### Loopback Interfaces
Expand Down
Loading
Loading