authentication-type parameter for ospf protocol seems incomplete

[shashu89]

Hi Team,

Looks like authentication-type parameter doesn't seem to not have corresponding authentication-key attribute for ospf protocol
public/release/models/ospf/openconfig-ospfv2-area-interface.yang

leaf authentication-type {
  type string;
  description
    "The type of authentication that should be used on this
    interface";
}

So, Is there something I have missed here?

[dplore]

Agreed, this does look like this is ambiguous. Seems like OSPF should have a crypto-type just like we have for ISIS: /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/authentication/state/crypto-type

and then a separate leaf for the authentication-key, like we have in ISIS:
/network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/authentication/state/ authentication-key

Is this the problem you're looking to resolve?

[shashu89]

Yes, exactly, we need a crypto-type and authentication-key and even existing authentication-type parameter is not clear about the standard values it can hold.

[shashu89]

I am proposing as below if we can add a new authentication section under interfaces:

          |  +--rw areas
          |     +--rw area* [identifier]
          |        +--rw identifier       -> ../config/identifier
          |        +--rw config
          |        |  +--rw identifier?   oc-ospf-types:ospf-area-identifier
          |        +--rw interfaces
          |        |  +--rw interface* [id]
          |        |     +--rw id               -> ../config/id
          |        |     +--rw authentication
          |        |           +--rw config
          |        |           |  +--rw authentication-mode?   identityref
          |        |           |  +--rw simple-password?       string
          |        |           |  +--rw message-digest* [message-digest-keyid]
          |        |           |     +--rw message-digest-keyid         uint8
          |        |           |     +--rw message-digest-encryption?   MESSAGE_DIGEST_ENCRYPTION
          |        |           |     +--rw message-digest-password?     string
          |        |           +--ro state
          |        |           |  +--ro authentication-mode?   identityref
          |        |           |  +--ro simple-password?       string
          |        |           |  +--ro message-digest* [message-digest-keyid]
          |        |           |      +--ro message-digest-keyid         uint8
          |        |           |      +--ro message-digest-encryption?   MESSAGE_DIGEST_ENCRYPTION
          |        |           |      +--ro message-digest-password?     string

[missaesasaya]

Was there any progress on this issue? We are also having the same problem on our project. Also, this seems related to issue #116.

[dplore]

@shashu89 please do send a pull request for your change.

[dplore]

This is also reported via #868 and #116

[Shashank-arista]

(Posting from official account)
@dplore, I had actually implemented the above as an internal augmentation. I am in the process of raising a PR for the same. Will share it in a couple of days.

[Shashank-arista]

@dplore please find the pull request raised here: #1127