Skip to content

Commit

Permalink
Feat(eos_cli_config_gen): Add support for additional modes and featur…
Browse files Browse the repository at this point in the history
…e in isis authentication under `port-channel-interfaces` (#4353)
  • Loading branch information
laxmikantchintakindi authored Nov 15, 2024
1 parent 40626f7 commit c1b10f2
Show file tree
Hide file tree
Showing 14 changed files with 581 additions and 28 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -2542,7 +2542,12 @@ interface Dps1
| Ethernet21 | - | - | - | - | - | - | - | Level-1: md5 |
| Ethernet22 | - | - | - | - | - | - | - | Level-2: sha |
| Ethernet23 | - | - | - | - | - | - | - | Level-2: shared-secret |
| Ethernet81/10 | 110 | *ISIS_TEST | True | *99 | *point-to-point | *level-2 | *True | *text |
| Ethernet74 | 3 | *EVPN_UNDERLAY | - | *- | *- | *- | *- | *sha |
| Ethernet75 | 3 | *EVPN_UNDERLAY | - | *- | *- | *- | *- | *sha |
| Ethernet77 | 8 | *EVPN_UNDERLAY | - | *- | *- | *- | *- | *Level-1: md5<br>Level-2: md5 |
| Ethernet78 | 15 | *- | - | *- | *- | *- | *- | *md5 |
| Ethernet79 | 16 | *EVPN_UNDERLAY | - | *- | *- | *- | *- | *md5 |
| Ethernet81/10 | 110 | *ISIS_TEST | True | *99 | *point-to-point | *level-2 | *True | *- |

*Inherited from Port-Channel Interface

Expand Down Expand Up @@ -3667,9 +3672,21 @@ interface Ethernet81/10

##### ISIS

| Interface | ISIS Instance | ISIS BFD | ISIS Metric | Mode | ISIS Circuit Type | Hello Padding | Authentication Mode |
| --------- | ------------- | -------- | ----------- | ---- | ----------------- | ------------- | ------------------- |
| Port-Channel110 | ISIS_TEST | True | 99 | point-to-point | level-2 | True | text |
| Interface | ISIS Instance | ISIS BFD | ISIS Metric | Mode | ISIS Circuit Type | Hello Padding | ISIS Authentication Mode |
| --------- | ------------- | -------- | ----------- | ---- | ----------------- | ------------- | ------------------------ |
| Port-Channel3 | EVPN_UNDERLAY | - | - | - | - | - | sha |
| Port-Channel8 | EVPN_UNDERLAY | - | - | - | - | - | Level-1: md5<br>Level-2: md5 |
| Port-Channel9 | - | - | - | - | - | - | Level-2: text |
| Port-Channel10 | EVPN_UNDERLAY | - | - | - | - | - | sha |
| Port-Channel12 | EVPN_UNDERLAY | - | - | - | - | - | Level-1: sha |
| Port-Channel13 | - | - | - | - | - | - | - |
| Port-Channel15 | - | - | - | - | - | - | md5 |
| Port-Channel16 | EVPN_UNDERLAY | - | - | - | - | - | md5 |
| Port-Channel20 | EVPN_UNDERLAY | - | - | - | - | - | Level-1: shared-secret<br>Level-2: shared-secret |
| Port-Channel50 | EVPN_UNDERLAY | - | - | - | - | - | shared-secret |
| Port-Channel51 | EVPN_UNDERLAY | - | - | - | - | - | shared-secret |
| Port-Channel100 | EVPN_UNDERLAY | - | - | - | - | - | Level-1: md5<br>Level-2: text |
| Port-Channel110 | ISIS_TEST | True | 99 | point-to-point | level-2 | True | - |

#### Port-Channel Interfaces Device Configuration

Expand All @@ -3684,6 +3701,9 @@ interface Port-Channel3
switchport
no snmp trap link-change
shape rate 200000 kbps
isis enable EVPN_UNDERLAY
isis authentication mode sha key-id 2 rx-disabled
isis authentication key 0 <removed>
!
interface Port-Channel5
description DC1_L2LEAF1_Po1
Expand Down Expand Up @@ -3722,6 +3742,11 @@ interface Port-Channel8
description to Dev02 Port-channel 8
no switchport
switchport port-security violation protect
isis enable EVPN_UNDERLAY
isis authentication mode md5 level-1
isis authentication mode md5 level-2
isis authentication key 0 <removed> level-1
isis authentication key 0 <removed> level-2
!
interface Port-Channel8.101
description to Dev02 Port-Channel8.101 - VRF-C1
Expand All @@ -3735,6 +3760,8 @@ interface Port-Channel9
bfd echo
bfd neighbor 10.1.2.4
bfd per-link rfc-7130
isis authentication mode text rx-disabled level-2
isis authentication key 0 <removed> level-2
spanning-tree guard root
!
interface Port-Channel10
Expand All @@ -3747,6 +3774,9 @@ interface Port-Channel10
identifier 0000:0000:0404:0404:0303
route-target import 04:04:03:03:02:02
shape rate 50 percent
isis enable EVPN_UNDERLAY
isis authentication mode sha key-id 2
isis authentication key 0 <removed>
!
interface Port-Channel12
description interface_in_mode_access_with_voice
Expand All @@ -3755,6 +3785,8 @@ interface Port-Channel12
switchport phone trunk untagged
switchport mode trunk phone
switchport
isis enable EVPN_UNDERLAY
isis authentication mode sha key-id 5 level-1
!
interface Port-Channel13
description EVPN-Vxlan single-active redundancy
Expand All @@ -3767,6 +3799,13 @@ interface Port-Channel13
designated-forwarder election hold-time 10
designated-forwarder election candidate reachability required
route-target import 00:00:01:02:03:04
isis authentication key-id 2 algorithm sha-512 key 0 <removed>
isis authentication key-id 3 algorithm sha-512 rfc-5310 key 0 <removed>
isis authentication key-id 1 algorithm sha-1 key 0 <removed> level-1
isis authentication key-id 4 algorithm sha-1 rfc-5310 key 0 <removed> level-1
isis authentication key-id 5 algorithm sha-1 key 0 <removed> level-1
isis authentication key-id 1 algorithm sha-1 key 0 <removed> level-2
isis authentication key-id 5 algorithm sha-1 rfc-5310 key 0 <removed> level-2
!
interface Port-Channel14
description EVPN-MPLS multihoming
Expand All @@ -3784,6 +3823,8 @@ interface Port-Channel15
switchport mode trunk
switchport
mlag 15
isis authentication mode md5 rx-disabled
isis authentication key 0 <removed>
spanning-tree guard loop
link tracking group EVPN_MH_ES2 upstream
!
Expand All @@ -3799,6 +3840,9 @@ interface Port-Channel16
mlag 16
switchport port-security violation protect log
switchport port-security mac-address maximum 100
isis enable EVPN_UNDERLAY
isis authentication mode md5
isis authentication key 0 <removed>
spanning-tree guard none
switchport backup-link Port-Channel100.102 prefer vlan 20
!
Expand All @@ -3814,6 +3858,9 @@ interface Port-Channel20
switchport mode access
switchport
l2-protocol encapsulation dot1q vlan 200
isis enable EVPN_UNDERLAY
isis authentication mode shared-secret profile profile1 algorithm sha-256 rx-disabled level-1
isis authentication mode shared-secret profile profile2 algorithm sha-1 rx-disabled level-2
!
interface Port-Channel50
description SRV-POD03_PortChanne1
Expand All @@ -3825,6 +3872,8 @@ interface Port-Channel50
identifier 0000:0000:0303:0202:0101
route-target import 03:03:02:02:01:01
lacp system-id 0303.0202.0101
isis enable EVPN_UNDERLAY
isis authentication mode shared-secret profile profile1 algorithm sha-1 rx-disabled
!
interface Port-Channel51
description ipv6_prefix
Expand All @@ -3838,6 +3887,8 @@ interface Port-Channel51
switchport port-security vlan 2 mac-address maximum 3
switchport port-security vlan 3 mac-address maximum 3
switchport port-security vlan default mac-address maximum 2
isis enable EVPN_UNDERLAY
isis authentication mode shared-secret profile profile1 algorithm sha-1
!
interface Port-Channel99
description MCAST
Expand Down Expand Up @@ -3880,6 +3931,11 @@ interface Port-Channel100
switchport pvlan mapping 20-30
switchport port-security
switchport port-security mac-address maximum disabled
isis enable EVPN_UNDERLAY
isis authentication mode md5 rx-disabled level-1
isis authentication mode text rx-disabled level-2
isis authentication key 0 <removed> level-1
isis authentication key 0 <removed> level-2
switchport backup-link Port-channel51
switchport backup preemption-delay 35
switchport backup mac-move-burst 20
Expand Down Expand Up @@ -3977,8 +4033,6 @@ interface Port-Channel110
isis metric 99
isis hello padding
isis network point-to-point
isis authentication mode text
isis authentication key 7 <removed>
!
interface Port-Channel111
description Flexencap Port-Channel
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -133,8 +133,8 @@ interface Ethernet6

##### ISIS

| Interface | ISIS Instance | ISIS BFD | ISIS Metric | Mode | ISIS Circuit Type | Hello Padding | Authentication Mode |
| --------- | ------------- | -------- | ----------- | ---- | ----------------- | ------------- | ------------------- |
| Interface | ISIS Instance | ISIS BFD | ISIS Metric | Mode | ISIS Circuit Type | Hello Padding | ISIS Authentication Mode |
| --------- | ------------- | -------- | ----------- | ---- | ----------------- | ------------- | ------------------------ |
| Port-Channel4 | EVPN_UNDERLAY | - | 50 | point-to-point | level-2 | - | - |
| Port-Channel5 | EVPN_UNDERLAY | - | 50 | passive | - | - | - |
| Port-Channel6 | EVPN_UNDERLAY | - | 100 | - | level-1-2 | - | - |
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -916,6 +916,9 @@ interface Port-Channel3
switchport
no snmp trap link-change
shape rate 200000 kbps
isis enable EVPN_UNDERLAY
isis authentication mode sha key-id 2 rx-disabled
isis authentication key 0 password
!
interface Port-Channel5
description DC1_L2LEAF1_Po1
Expand Down Expand Up @@ -954,6 +957,11 @@ interface Port-Channel8
description to Dev02 Port-channel 8
no switchport
switchport port-security violation protect
isis enable EVPN_UNDERLAY
isis authentication mode md5 level-1
isis authentication mode md5 level-2
isis authentication key 0 password level-1
isis authentication key 0 password1 level-2
!
interface Port-Channel8.101
description to Dev02 Port-Channel8.101 - VRF-C1
Expand All @@ -967,6 +975,8 @@ interface Port-Channel9
bfd echo
bfd neighbor 10.1.2.4
bfd per-link rfc-7130
isis authentication mode text rx-disabled level-2
isis authentication key 0 password level-2
spanning-tree guard root
!
interface Port-Channel10
Expand All @@ -979,6 +989,9 @@ interface Port-Channel10
identifier 0000:0000:0404:0404:0303
route-target import 04:04:03:03:02:02
shape rate 50 percent
isis enable EVPN_UNDERLAY
isis authentication mode sha key-id 2
isis authentication key 0 password
!
interface Port-Channel12
description interface_in_mode_access_with_voice
Expand All @@ -987,6 +1000,8 @@ interface Port-Channel12
switchport phone trunk untagged
switchport mode trunk phone
switchport
isis enable EVPN_UNDERLAY
isis authentication mode sha key-id 5 level-1
!
interface Port-Channel13
description EVPN-Vxlan single-active redundancy
Expand All @@ -999,6 +1014,13 @@ interface Port-Channel13
designated-forwarder election hold-time 10
designated-forwarder election candidate reachability required
route-target import 00:00:01:02:03:04
isis authentication key-id 2 algorithm sha-512 key 0 password
isis authentication key-id 3 algorithm sha-512 rfc-5310 key 0 password1
isis authentication key-id 1 algorithm sha-1 key 0 password level-1
isis authentication key-id 4 algorithm sha-1 rfc-5310 key 0 password level-1
isis authentication key-id 5 algorithm sha-1 key 0 password3 level-1
isis authentication key-id 1 algorithm sha-1 key 0 password level-2
isis authentication key-id 5 algorithm sha-1 rfc-5310 key 0 password level-2
!
interface Port-Channel14
description EVPN-MPLS multihoming
Expand All @@ -1016,6 +1038,8 @@ interface Port-Channel15
switchport mode trunk
switchport
mlag 15
isis authentication mode md5 rx-disabled
isis authentication key 0 password
spanning-tree guard loop
link tracking group EVPN_MH_ES2 upstream
!
Expand All @@ -1031,6 +1055,9 @@ interface Port-Channel16
mlag 16
switchport port-security violation protect log
switchport port-security mac-address maximum 100
isis enable EVPN_UNDERLAY
isis authentication mode md5
isis authentication key 0 password
spanning-tree guard none
switchport backup-link Port-Channel100.102 prefer vlan 20
!
Expand All @@ -1046,6 +1073,9 @@ interface Port-Channel20
switchport mode access
switchport
l2-protocol encapsulation dot1q vlan 200
isis enable EVPN_UNDERLAY
isis authentication mode shared-secret profile profile1 algorithm sha-256 rx-disabled level-1
isis authentication mode shared-secret profile profile2 algorithm sha-1 rx-disabled level-2
!
interface Port-Channel50
description SRV-POD03_PortChanne1
Expand All @@ -1057,6 +1087,8 @@ interface Port-Channel50
identifier 0000:0000:0303:0202:0101
route-target import 03:03:02:02:01:01
lacp system-id 0303.0202.0101
isis enable EVPN_UNDERLAY
isis authentication mode shared-secret profile profile1 algorithm sha-1 rx-disabled
!
interface Port-Channel51
description ipv6_prefix
Expand All @@ -1070,6 +1102,8 @@ interface Port-Channel51
switchport port-security vlan 2 mac-address maximum 3
switchport port-security vlan 3 mac-address maximum 3
switchport port-security vlan default mac-address maximum 2
isis enable EVPN_UNDERLAY
isis authentication mode shared-secret profile profile1 algorithm sha-1
!
interface Port-Channel99
description MCAST
Expand Down Expand Up @@ -1112,6 +1146,11 @@ interface Port-Channel100
switchport pvlan mapping 20-30
switchport port-security
switchport port-security mac-address maximum disabled
isis enable EVPN_UNDERLAY
isis authentication mode md5 rx-disabled level-1
isis authentication mode text rx-disabled level-2
isis authentication key 0 password level-1
isis authentication key 0 password level-2
switchport backup-link Port-channel51
switchport backup preemption-delay 35
switchport backup mac-move-burst 20
Expand Down Expand Up @@ -1209,8 +1248,6 @@ interface Port-Channel110
isis metric 99
isis hello padding
isis network point-to-point
isis authentication mode text
isis authentication key 7 asfddja23452
!
interface Port-Channel111
description Flexencap Port-Channel
Expand Down
Loading

0 comments on commit c1b10f2

Please sign in to comment.