public icon indicating copy to clipboard operation
public copied to clipboard

Published 20 hours ago verified publisher icon openconfig

authentication-type parameter for ospf protocol seems incomplete

Open shashu89 opened this issue 1 year ago • 8 comments

Hi Team,

Looks like authentication-type parameter doesn't seem to not have corresponding authentication-key attribute for ospf protocol public/release/models/ospf/openconfig-ospfv2-area-interface.yang

leaf authentication-type {
  type string;
  description
    "The type of authentication that should be used on this
    interface";
}

So, Is there something I have missed here?

shashu89 avatar Jul 24 '23 14:07 shashu89

Agreed, this does look like this is ambiguous. Seems like OSPF should have a crypto-type just like we have for ISIS: /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/authentication/state/crypto-type

and then a separate leaf for the authentication-key, like we have in ISIS: /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/authentication/state/ authentication-key

Is this the problem you're looking to resolve?

dplore avatar Aug 08 '23 16:08 dplore

Yes, exactly, we need a crypto-type and authentication-key and even existing authentication-type parameter is not clear about the standard values it can hold.

shashu89 avatar Aug 09 '23 08:08 shashu89

I am proposing as below if we can add a new authentication section under interfaces:

          |  +--rw areas
          |     +--rw area* [identifier]
          |        +--rw identifier       -> ../config/identifier
          |        +--rw config
          |        |  +--rw identifier?   oc-ospf-types:ospf-area-identifier
          |        +--rw interfaces
          |        |  +--rw interface* [id]
          |        |     +--rw id               -> ../config/id
          |        |     +--rw authentication
          |        |           +--rw config
          |        |           |  +--rw authentication-mode?   identityref
          |        |           |  +--rw simple-password?       string
          |        |           |  +--rw message-digest* [message-digest-keyid]
          |        |           |     +--rw message-digest-keyid         uint8
          |        |           |     +--rw message-digest-encryption?   MESSAGE_DIGEST_ENCRYPTION
          |        |           |     +--rw message-digest-password?     string
          |        |           +--ro state
          |        |           |  +--ro authentication-mode?   identityref
          |        |           |  +--ro simple-password?       string
          |        |           |  +--ro message-digest* [message-digest-keyid]
          |        |           |      +--ro message-digest-keyid         uint8
          |        |           |      +--ro message-digest-encryption?   MESSAGE_DIGEST_ENCRYPTION
          |        |           |      +--ro message-digest-password?     string

shashu89 avatar Aug 09 '23 13:08 shashu89

Was there any progress on this issue? We are also having the same problem on our project. Also, this seems related to issue #116.

missaesasaya avatar Jan 15 '24 22:01 missaesasaya