authentication-type parameter for ospf protocol seems incomplete

Question

authentication-type parameter for ospf protocol seems incomplete

Opened this issue a year ago · 8 comments

Hi Team,

Looks like authentication-type parameter doesn't seem to not have corresponding authentication-key attribute for ospf protocol
public/release/models/ospf/openconfig-ospfv2-area-interface.yang

leaf authentication-type {
  type string;
  description
    "The type of authentication that should be used on this
    interface";
}

So, Is there something I have missed here?

Answer 1 · 2023-08-08T16:38:50.000Z

Agreed, this does look like this is ambiguous. Seems like OSPF should have a crypto-type just like we have for ISIS: /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/authentication/state/crypto-type

and then a separate leaf for the authentication-key, like we have in ISIS:
/network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/authentication/state/ authentication-key

Is this the problem you're looking to resolve?

Answer 2 · 2023-08-09T08:17:14.000Z

Yes, exactly, we need a crypto-type and authentication-key and even existing authentication-type parameter is not clear about the standard values it can hold.

Answer 3 · 2023-08-09T13:17:43.000Z

I am proposing as below if we can add a new authentication section under interfaces:

          |  +--rw areas
          |     +--rw area* [identifier]
          |        +--rw identifier       -> ../config/identifier
          |        +--rw config
          |        |  +--rw identifier?   oc-ospf-types:ospf-area-identifier
          |        +--rw interfaces
          |        |  +--rw interface* [id]
          |        |     +--rw id               -> ../config/id
          |        |     +--rw authentication
          |        |           +--rw config
          |        |           |  +--rw authentication-mode?   identityref
          |        |           |  +--rw simple-password?       string
          |        |           |  +--rw message-digest* [message-digest-keyid]
          |        |           |     +--rw message-digest-keyid         uint8
          |        |           |     +--rw message-digest-encryption?   MESSAGE_DIGEST_ENCRYPTION
          |        |           |     +--rw message-digest-password?     string
          |        |           +--ro state
          |        |           |  +--ro authentication-mode?   identityref
          |        |           |  +--ro simple-password?       string
          |        |           |  +--ro message-digest* [message-digest-keyid]
          |        |           |      +--ro message-digest-keyid         uint8
          |        |           |      +--ro message-digest-encryption?   MESSAGE_DIGEST_ENCRYPTION
          |        |           |      +--ro message-digest-password?     string

Answer 4 · 2024-01-15T22:25:57.000Z

Was there any progress on this issue? We are also having the same problem on our project. Also, this seems related to issue #116.

Answer 5 · 2024-06-04T16:30:55.000Z

@shashu89 please do send a pull request for your change.

Answer 6 · 2024-06-04T16:33:31.000Z

This is also reported via #868 and #116

Answer 7 · 2024-06-05T05:06:32.000Z

(Posting from official account)
@dplore, I had actually implemented the above as an internal augmentation. I am in the process of raising a PR for the same. Will share it in a couple of days.

Answer 8 · 2024-06-12T07:42:10.000Z

@dplore please find the pull request raised here: #1127