From 2b115f775dc9da147a51657a44404e3a001ee166 Mon Sep 17 00:00:00 2001
From: Mahesh Kumar <122076792+MaheshGSLAB@users.noreply.github.com>
Date: Mon, 28 Oct 2024 15:18:32 +0530
Subject: [PATCH] Feat(eos_cli_config_gen): Added dot1x radius av-pair `lldp`
and `dhcp` command support (#4618)
---
.../intended/configs/dot1x.cfg | 5 ++
.../inventory/host_vars/dot1x.yml | 17 +++++++
.../eos_cli_config_gen/docs/tables/dot1x.md | 44 ++++++++++++++++
.../j2templates/eos/dot1x.j2 | 47 +++++++++++++++--
.../schema/eos_cli_config_gen.schema.yml | 51 +++++++++++++++++++
.../schema/schema_fragments/dot1x.schema.yml | 51 +++++++++++++++++++
6 files changed, 210 insertions(+), 5 deletions(-)
diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/dot1x.cfg b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/dot1x.cfg
index deb70a6b28c..f821f5f1db9 100644
--- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/dot1x.cfg
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/intended/configs/dot1x.cfg
@@ -25,6 +25,11 @@ dot1x
captive-portal url http://portal-nacm08/captiveredirect/ ssl profile Profile1
captive-portal access-list ipv4 ACL
captive-portal start limit infinite
+ radius av-pair lldp system-name auth-only
+ radius av-pair lldp system-description auth-only
+ radius av-pair dhcp hostname auth-only
+ radius av-pair dhcp parameter-request-list auth-only
+ radius av-pair dhcp vendor-class-id auth-only
supplicant logging
!
interface Management1
diff --git a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/dot1x.yml b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/dot1x.yml
index 2e0fd5e5da2..72db9385f88 100644
--- a/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/dot1x.yml
+++ b/ansible_collections/arista/avd/molecule/eos_cli_config_gen/inventory/host_vars/dot1x.yml
@@ -10,6 +10,23 @@ dot1x:
radius_av_pair:
service_type: true
framed_mtu: 1500
+ lldp:
+ system_name:
+ enabled: true
+ auth_only: true
+ system_description:
+ enabled: true
+ auth_only: true
+ dhcp:
+ hostname:
+ enabled: true
+ auth_only: true
+ parameter_request_list:
+ enabled: true
+ auth_only: true
+ vendor_class_id:
+ enabled: true
+ auth_only: true
aaa:
unresponsive:
eap_response: success
diff --git a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/dot1x.md b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/dot1x.md
index da9c6cb982a..b9603e12f94 100644
--- a/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/dot1x.md
+++ b/ansible_collections/arista/avd/roles/eos_cli_config_gen/docs/tables/dot1x.md
@@ -21,6 +21,23 @@
| [ radius_av_pair](## "dot1x.radius_av_pair") | Dictionary | | | | |
| [ service_type](## "dot1x.radius_av_pair.service_type") | Boolean | | | | |
| [ framed_mtu](## "dot1x.radius_av_pair.framed_mtu") | Integer | | | Min: 68
Max: 9236 | |
+ | [ lldp](## "dot1x.radius_av_pair.lldp") | Dictionary | | | | |
+ | [ system_name](## "dot1x.radius_av_pair.lldp.system_name") | Dictionary | | | | LLDP system name (LLDP TLV 5) av-pair. |
+ | [ enabled](## "dot1x.radius_av_pair.lldp.system_name.enabled") | Boolean | Required | | | |
+ | [ auth_only](## "dot1x.radius_av_pair.lldp.system_name.auth_only") | Boolean | | | | |
+ | [ system_description](## "dot1x.radius_av_pair.lldp.system_description") | Dictionary | | | | LLDP system description (LLDP TLV 6) av-pair. |
+ | [ enabled](## "dot1x.radius_av_pair.lldp.system_description.enabled") | Boolean | Required | | | |
+ | [ auth_only](## "dot1x.radius_av_pair.lldp.system_description.auth_only") | Boolean | | | | |
+ | [ dhcp](## "dot1x.radius_av_pair.dhcp") | Dictionary | | | | |
+ | [ hostname](## "dot1x.radius_av_pair.dhcp.hostname") | Dictionary | | | | Hostname (DHCP Option 12). |
+ | [ enabled](## "dot1x.radius_av_pair.dhcp.hostname.enabled") | Boolean | Required | | | |
+ | [ auth_only](## "dot1x.radius_av_pair.dhcp.hostname.auth_only") | Boolean | | | | |
+ | [ parameter_request_list](## "dot1x.radius_av_pair.dhcp.parameter_request_list") | Dictionary | | | | Parameters requested by host (DHCP Option 55). |
+ | [ enabled](## "dot1x.radius_av_pair.dhcp.parameter_request_list.enabled") | Boolean | Required | | | |
+ | [ auth_only](## "dot1x.radius_av_pair.dhcp.parameter_request_list.auth_only") | Boolean | | | | |
+ | [ vendor_class_id](## "dot1x.radius_av_pair.dhcp.vendor_class_id") | Dictionary | | | | Vendor class identifier (DHCP Option 60). |
+ | [ enabled](## "dot1x.radius_av_pair.dhcp.vendor_class_id.enabled") | Boolean | Required | | | |
+ | [ auth_only](## "dot1x.radius_av_pair.dhcp.vendor_class_id.auth_only") | Boolean | | | | |
| [ aaa](## "dot1x.aaa") | Dictionary | | | | Configure AAA parameters. |
| [ unresponsive](## "dot1x.aaa.unresponsive") | Dictionary | | | | Configure AAA timeout options. |
| [ eap_response](## "dot1x.aaa.unresponsive.eap_response") | String | | | Valid Values:
- success
- disabled | EAP response to send. |
@@ -81,6 +98,33 @@
radius_av_pair:
service_type:
framed_mtu:
+ lldp:
+
+ # LLDP system name (LLDP TLV 5) av-pair.
+ system_name:
+ enabled:
+ auth_only:
+
+ # LLDP system description (LLDP TLV 6) av-pair.
+ system_description:
+ enabled:
+ auth_only:
+ dhcp:
+
+ # Hostname (DHCP Option 12).
+ hostname:
+ enabled:
+ auth_only:
+
+ # Parameters requested by host (DHCP Option 55).
+ parameter_request_list:
+ enabled:
+ auth_only:
+
+ # Vendor class identifier (DHCP Option 60).
+ vendor_class_id:
+ enabled:
+ auth_only:
# Configure AAA parameters.
aaa:
diff --git a/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/dot1x.j2 b/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/dot1x.j2
index 0e206c75f8c..fd41b6b1997 100644
--- a/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/dot1x.j2
+++ b/python-avd/pyavd/_eos_cli_config_gen/j2templates/eos/dot1x.j2
@@ -75,13 +75,11 @@ dot1x
mac based authentication hold period {{ dot1x.mac_based_authentication.hold_period }} seconds
{% endif %}
{% endif %}
-{% if dot1x.radius_av_pair is arista.avd.defined %}
-{% if dot1x.radius_av_pair.service_type is arista.avd.defined(true) %}
+{% if dot1x.radius_av_pair.service_type is arista.avd.defined(true) %}
radius av-pair service-type
-{% endif %}
-{% if dot1x.radius_av_pair.framed_mtu is arista.avd.defined %}
+{% endif %}
+{% if dot1x.radius_av_pair.framed_mtu is arista.avd.defined %}
radius av-pair framed-mtu {{ dot1x.radius_av_pair.framed_mtu }}
-{% endif %}
{% endif %}
{% if dot1x.radius_av_pair_username_format.delimiter is arista.avd.defined and dot1x.radius_av_pair_username_format.mac_string_case is arista.avd.defined %}
mac-based-auth radius av-pair user-name delimiter {{ dot1x.radius_av_pair_username_format.delimiter }} {{ dot1x.radius_av_pair_username_format.mac_string_case }}
@@ -108,6 +106,45 @@ dot1x
captive-portal start limit infinite
{% endif %}
{% endif %}
+{% if dot1x.radius_av_pair.lldp is arista.avd.defined %}
+{% if dot1x.radius_av_pair.lldp.system_name.enabled is arista.avd.defined(true) %}
+{% set av_pair_lldp = "radius av-pair lldp system-name" %}
+{% if dot1x.radius_av_pair.lldp.system_name.auth_only is arista.avd.defined(true) %}
+{% set av_pair_lldp = av_pair_lldp ~ " auth-only" %}
+{% endif %}
+ {{ av_pair_lldp }}
+{% endif %}
+{% if dot1x.radius_av_pair.lldp.system_description.enabled is arista.avd.defined(true) %}
+{% set av_pair_lldp = "radius av-pair lldp system-description" %}
+{% if dot1x.radius_av_pair.lldp.system_description.auth_only is arista.avd.defined(true) %}
+{% set av_pair_lldp = av_pair_lldp ~ " auth-only" %}
+{% endif %}
+ {{ av_pair_lldp }}
+{% endif %}
+{% endif %}
+{% if dot1x.radius_av_pair.dhcp is arista.avd.defined %}
+{% if dot1x.radius_av_pair.dhcp.hostname.enabled is arista.avd.defined(true) %}
+{% set av_pair_dhcp = "radius av-pair dhcp hostname" %}
+{% if dot1x.radius_av_pair.dhcp.hostname.auth_only is arista.avd.defined(true) %}
+{% set av_pair_dhcp = av_pair_dhcp ~ " auth-only" %}
+{% endif %}
+ {{ av_pair_dhcp }}
+{% endif %}
+{% if dot1x.radius_av_pair.dhcp.parameter_request_list.enabled is arista.avd.defined(true) %}
+{% set av_pair_dhcp = "radius av-pair dhcp parameter-request-list" %}
+{% if dot1x.radius_av_pair.dhcp.parameter_request_list.auth_only is arista.avd.defined(true) %}
+{% set av_pair_dhcp = av_pair_dhcp ~ " auth-only" %}
+{% endif %}
+ {{ av_pair_dhcp }}
+{% endif %}
+{% if dot1x.radius_av_pair.dhcp.vendor_class_id.enabled is arista.avd.defined(true) %}
+{% set av_pair_dhcp = "radius av-pair dhcp vendor-class-id" %}
+{% if dot1x.radius_av_pair.dhcp.vendor_class_id.auth_only is arista.avd.defined(true) %}
+{% set av_pair_dhcp = av_pair_dhcp ~ " auth-only" %}
+{% endif %}
+ {{ av_pair_dhcp }}
+{% endif %}
+{% endif %}
{% if dot1x.supplicant.logging is arista.avd.defined(true) %}
supplicant logging
{% endif %}
diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml
index e37451c1077..975852d3880 100644
--- a/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml
+++ b/python-avd/pyavd/_eos_cli_config_gen/schema/eos_cli_config_gen.schema.yml
@@ -1589,6 +1589,57 @@ keys:
max: 9236
convert_types:
- str
+ lldp:
+ type: dict
+ keys:
+ system_name:
+ description: LLDP system name (LLDP TLV 5) av-pair.
+ type: dict
+ keys:
+ enabled:
+ type: bool
+ required: true
+ auth_only:
+ type: bool
+ system_description:
+ description: LLDP system description (LLDP TLV 6) av-pair.
+ type: dict
+ keys:
+ enabled:
+ type: bool
+ required: true
+ auth_only:
+ type: bool
+ dhcp:
+ type: dict
+ keys:
+ hostname:
+ description: Hostname (DHCP Option 12).
+ type: dict
+ keys:
+ enabled:
+ type: bool
+ required: true
+ auth_only:
+ type: bool
+ parameter_request_list:
+ description: Parameters requested by host (DHCP Option 55).
+ type: dict
+ keys:
+ enabled:
+ type: bool
+ required: true
+ auth_only:
+ type: bool
+ vendor_class_id:
+ description: Vendor class identifier (DHCP Option 60).
+ type: dict
+ keys:
+ enabled:
+ type: bool
+ required: true
+ auth_only:
+ type: bool
aaa:
type: dict
description: Configure AAA parameters.
diff --git a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/dot1x.schema.yml b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/dot1x.schema.yml
index a864a30020d..b14301768b3 100644
--- a/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/dot1x.schema.yml
+++ b/python-avd/pyavd/_eos_cli_config_gen/schema/schema_fragments/dot1x.schema.yml
@@ -64,6 +64,57 @@ keys:
max: 9236
convert_types:
- str
+ lldp:
+ type: dict
+ keys:
+ system_name:
+ description: LLDP system name (LLDP TLV 5) av-pair.
+ type: dict
+ keys:
+ enabled:
+ type: bool
+ required: true
+ auth_only:
+ type: bool
+ system_description:
+ description: LLDP system description (LLDP TLV 6) av-pair.
+ type: dict
+ keys:
+ enabled:
+ type: bool
+ required: true
+ auth_only:
+ type: bool
+ dhcp:
+ type: dict
+ keys:
+ hostname:
+ description: Hostname (DHCP Option 12).
+ type: dict
+ keys:
+ enabled:
+ type: bool
+ required: true
+ auth_only:
+ type: bool
+ parameter_request_list:
+ description: Parameters requested by host (DHCP Option 55).
+ type: dict
+ keys:
+ enabled:
+ type: bool
+ required: true
+ auth_only:
+ type: bool
+ vendor_class_id:
+ description: Vendor class identifier (DHCP Option 60).
+ type: dict
+ keys:
+ enabled:
+ type: bool
+ required: true
+ auth_only:
+ type: bool
aaa:
type: dict
description: Configure AAA parameters.