Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PAC and HOSTAPD YANG files. #16036

Open
wants to merge 13 commits into
base: master
Choose a base branch
from
Open

PAC and HOSTAPD YANG files. #16036

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
dffcb08
PAC and HOSTAPD YANG files.
shdasari Aug 4, 2023
13f079f
PAC and HOSTAPD YANG files.
shdasari Aug 4, 2023
7f6f62f
PAC and HOSTAPD YANG files.
shdasari Aug 4, 2023
79ad3ab
PAC and HOSTAPD YANG files.
shdasari Aug 4, 2023
c905a16
PAC and HOSTAPD YANG files.
shdasari Aug 4, 2023
31fa468
Update sample_config_db.json
shdasari Mar 26, 2024
13f591f
Merge branch 'master' into pac_yang_files
shdasari Mar 26, 2024
5f29d64
Update sample_config_db.json
shdasari Mar 26, 2024
8919f06
Update sample_config_db.json
shdasari Mar 27, 2024
ca2fa6a
PAC_PORT_CONFIG in sample_config_db.json
shdasari Apr 2, 2024
25f71b7
Update sample_config_db.json
shdasari Apr 2, 2024
cc8f0f4
Update sample_config_db.json
shdasari Apr 3, 2024
4b6487b
Update sample_config_db.json, YANG files.
shdasari Apr 3, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
39 changes: 39 additions & 0 deletions src/sonic-yang-models/doc/Configuration.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -89,6 +89,7 @@ Table of Contents
* [SYSTEM_DEFAULTS table](#systemdefaults-table)
* [RADIUS](#radius)
* [Static DNS](#static-dns)
* [PAC](#pac)
* [For Developers](#for-developers)
* [Generating Application Config by Jinja2 Template](#generating-application-config-by-jinja2-template)
* [Incremental Configuration by Subscribing to ConfigDB](#incremental-configuration-by-subscribing-to-configdb)
Expand Down Expand Up @@ -2770,6 +2771,44 @@ The DPUS table introduces the information on the DPUs (Data Processing Unit) ava
}
```

### PAC

The PAC and HOSTAPD tables define the PAC configuration parameters.

```
"PAC_PORT_CONFIG": {
"Ethernet1": {
"method_list": [
"dot1x",
"mab"
],
"priority_list": [
"dot1x",
"mab"
],
"port_pae_role": "authenticator",
"port_control_mode": "auto",
"host_control_mode": "multi_auth",
"reauth_period": 60,
"reauth_enable": "true",
"max_users_per_port": 16,
}
}

"HOSTAPD_GLOBAL_CONFIG": {
"global": {
"dot1x_system_auth_control": "enable"
}
}

"MAB_PORT_CONFIG": {
"Ethernet1": {
"mab": "enable",
"mab_auth_type": "eap-md5",
}
}
```

#### 5.2.3 Update value directly in db memory

For Developers
Expand Down
2 changes: 2 additions & 0 deletions src/sonic-yang-models/setup.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,8 @@ def run(self):
'./yang-models/sonic-system-aaa.yang',
'./yang-models/sonic-system-tacacs.yang',
'./yang-models/sonic-system-radius.yang',
'./yang-models/sonic-pac.yang',
'./yang-models/sonic-hostapd.yang',
'./yang-models/sonic-telemetry.yang',
'./yang-models/sonic-telemetry_client.yang',
'./yang-models/sonic-gnmi.yang',
Expand Down
29 changes: 29 additions & 0 deletions src/sonic-yang-models/tests/files/sample_config_db.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2612,6 +2612,35 @@
"link": "PortChannel2"
}
},
"PAC_PORT_CONFIG": {
"Ethernet1": {
"method_list": [
"dot1x",
"mab"
],
"priority_list": [
"dot1x",
"mab"
],
"port_pae_role": "authenticator",
"port_control_mode": "auto",
"host_control_mode": "multi-auth",
"reauth_period": "60",
"reauth_enable": "true",
"max_users_per_port": "16"
}
},
"MAB_PORT_CONFIG": {
"Ethernet0": {
"mab": "enable",
"mab_auth_type": "eap-md5"
}
},
"HOSTAPD_GLOBAL_CONFIG": {
"GLOBAL": {
"dot1x_system_auth_control": "enable"
}
},
"MID_PLANE_BRIDGE": {
"GLOBAL" : {
"bridge": "bridge_midplane",
Expand Down
5 changes: 5 additions & 0 deletions src/sonic-yang-models/tests/yang_model_tests/tests/hostapd.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
{
"HOSTAPD_TEST": {
"desc": "HOSTAPD configuration in global configuration table."
}
}
16 changes: 16 additions & 0 deletions src/sonic-yang-models/tests/yang_model_tests/tests/pac.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
{
"PAC_PORT_CONFIG_TEST" : {
"desc": "PAC configuration for port."
},
"PAC_PORT_INVALID_REAUTH_TIMER_TEST": {
"desc": "PAC configuration with invalid re-auth timer in PAC_PORT_CONFIG table.",
"eStr": "reauth period value must be in range of 1-65535."
},
"PAC_PORT_INVALID_MAX_USERS_TEST" : {
"desc": "PAC configuration with invalid max users in PAC_PORT_CONFIG table.",
"eStr": "max users per port value must be in range of 1-48."
},
"MAB_PORT_CONFIG_TEST" : {
"desc": "MAB configuration for port."
}
}
14 changes: 14 additions & 0 deletions src/sonic-yang-models/tests/yang_model_tests/tests_config/hostapd.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
{
"HOSTAPD_TEST": {
"sonic-hostapd:sonic-hostapd": {
"sonic-hostapd:HOSTAPD_GLOBAL_CONFIG": {
"sonic-hostapd:HOSTAPD_GLOBAL_CONFIG_LIST": [
{
"global": "GLOBAL",
"dot1x_system_auth_control": "enable"
}
]
}
}
}
}
127 changes: 127 additions & 0 deletions src/sonic-yang-models/tests/yang_model_tests/tests_config/pac.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,127 @@
{
"PAC_PORT_CONFIG_TEST": {
"sonic-port:sonic-port": {
"sonic-port:PORT": {
"PORT_LIST": [
{
"admin_status": "up",
"alias": "eth0",
"description": "Ethernet0",
"lanes": "65",
"mtu": 9000,
"name": "Ethernet0",
"speed": 25000
}
]
}
},
"sonic-pac:sonic-pac": {
"sonic-pac:PAC_PORT_CONFIG": {
"PAC_PORT_CONFIG_LIST": [
{
"port": "Ethernet0",
"port_control_mode": "auto",
"host_control_mode": "single-host",
"reauth_enable": "true",
"reauth_period": 30,
"max_users_per_port": 25,
"method_list": ["dot1x", "mab"],
"priority_list": ["dot1x", "mab"],
"port_pae_role": "authenticator"
}
]
}
}
},
"PAC_PORT_INVALID_REAUTH_TIMER_TEST": {
"sonic-port:sonic-port": {
"sonic-port:PORT": {
"PORT_LIST": [
{
"admin_status": "up",
"alias": "eth0",
"description": "Ethernet0",
"lanes": "65",
"mtu": 9000,
"name": "Ethernet0",
"speed": 25000
}
]
}
},
"sonic-pac:sonic-pac": {
"sonic-pac:PAC_PORT_CONFIG": {
"PAC_PORT_CONFIG_LIST": [
{
"port": "Ethernet0",
"port_control_mode": "auto",
"host_control_mode": "single-host",
"reauth_enable": "true",
"reauth_period": 65573,
"max_users_per_port": 25,
"port_pae_role": "none"
}
]
}
}
},
"PAC_PORT_INVALID_MAX_USERS_TEST": {
"sonic-port:sonic-port": {
"sonic-port:PORT": {
"PORT_LIST": [
{
"admin_status": "up",
"alias": "eth0",
"description": "Ethernet0",
"lanes": "65",
"mtu": 9000,
"name": "Ethernet0",
"speed": 25000
}
]
}
},
"sonic-pac:sonic-pac": {
"sonic-pac:PAC_PORT_CONFIG": {
"PAC_PORT_CONFIG_LIST": [
{
"port": "Ethernet0",
"port_control_mode": "auto",
"host_control_mode": "single-host",
"reauth_enable": "true",
"max_users_per_port": 55,
"port_pae_role": "none"
}
]
}
}
},
"MAB_PORT_CONFIG_TEST": {
"sonic-port:sonic-port": {
"sonic-port:PORT": {
"PORT_LIST": [
{
"admin_status": "up",
"alias": "eth0",
"description": "Ethernet0",
"lanes": "65",
"mtu": 9000,
"name": "Ethernet0",
"speed": 25000
}
]
}
},
"sonic-pac:sonic-pac": {
"sonic-pac:MAB_PORT_CONFIG": {
"MAB_PORT_CONFIG_LIST": [
{
"port": "Ethernet0",
"mab": "enable",
"mab_auth_type": "eap-md5"
}
]
}
}
}
}
42 changes: 42 additions & 0 deletions src/sonic-yang-models/yang-models/sonic-hostapd.yang
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
module sonic-hostapd {
namespace "http://github.com/sonic-net/sonic-hostapd";
prefix shostapd;
yang-version 1.1;

description
"SONiC HOSTAPD";

revision 2023-08-02 {
description "Initial revision.";
}

container sonic-hostapd {
description "HOSTAPD top level container.";

container HOSTAPD_GLOBAL_CONFIG {
description
"Container for hostapd global config.";

list HOSTAPD_GLOBAL_CONFIG_LIST {
key "global";
Copy link
Collaborator

@venkatmahalingam venkatmahalingam Oct 7, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Follow the below approach for this global table as well.

https://github.com/sonic-net/sonic-buildimage/blob/master/src/sonic-yang-models/yang-models/sonic-lldp.yang#L49


leaf global {
type enumeration {
enum GLOBAL;
}
description
"Configure dot1x/hostapd global configuration.";
}

leaf dot1x_system_auth_control {
type enumeration {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

https://github.com/sonic-net/sonic-buildimage/blob/master/src/sonic-yang-models/yang-templates/sonic-types.yang.j2#L179
Can you use this type?

enum enable;
enum disable;
}
description
"Indicates whether dot1x/hostapd is enabled/disabled on the switch.";
}
}
}
}
}
Loading
Loading