Feat(eos_designs): Add support to enable ISIS authentication at globa…

…l level (#4102)

ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG-ISIS-L3LEAF1A.cfg

@@ -0,0 +1,141 @@
+!
+no enable password
+no aaa root
+!
+vlan internal order ascending range 1006 1199
+!
+transceiver qsfp default-mode 4x10G
+!
+service routing protocols model multi-agent
+!
+hostname MLAG-ISIS-L3LEAF1A
+!
+no spanning-tree vlan-id 4094
+!
+vlan 4094
+   name MLAG
+   trunk group MLAG
+!
+vrf instance MGMT
+!
+management api http-commands
+   protocol https
+   no shutdown
+   !
+   vrf MGMT
+      no shutdown
+!
+interface Port-Channel5
+   description MLAG_MLAG-ISIS-L3LEAF1B_Port-Channel5
+   no shutdown
+   switchport mode trunk
+   switchport trunk group MLAG
+   switchport
+!
+interface Ethernet1
+   description P2P_MLAG-ISIS-SPINE_Ethernet30
+   no shutdown
+   mtu 9214
+   no switchport
+   ip address 10.10.101.7/31
+   isis enable EVPN_UNDERLAY
+   isis circuit-type level-2
+   isis metric 50
+   isis network point-to-point
+   isis authentication mode md5
+   isis authentication key 7 $1c$sTNAlR6rKSw=
+!
+interface Ethernet5
+   description MLAG_MLAG-ISIS-L3LEAF1B_Ethernet5
+   no shutdown
+   channel-group 5 mode active
+!
+interface Ethernet6
+   description MLAG_MLAG-ISIS-L3LEAF1B_Ethernet6
+   no shutdown
+   channel-group 5 mode active
+!
+interface Loopback0
+   description ROUTER_ID
+   no shutdown
+   ip address 192.168.255.36/32
+   isis enable EVPN_UNDERLAY
+   isis passive
+!
+interface Loopback1
+   description VXLAN_TUNNEL_SOURCE
+   no shutdown
+   ip address 192.168.254.36/32
+   isis enable EVPN_UNDERLAY
+   isis passive
+!
+interface Management1
+   description OOB_MANAGEMENT
+   no shutdown
+   vrf MGMT
+   ip address 192.168.201.116/24
+!
+interface Vlan4094
+   description MLAG
+   no shutdown
+   mtu 9214
+   no autostate
+   ip address 10.10.255.6/31
+   isis enable EVPN_UNDERLAY
+   isis metric 50
+   isis network point-to-point
+   isis authentication mode md5
+   isis authentication key 7 $1c$sTNAlR6rKSw=
+!
+interface Vxlan1
+   description MLAG-ISIS-L3LEAF1A_VTEP
+   vxlan source-interface Loopback1
+   vxlan virtual-router encapsulation mac-address mlag-system-id
+   vxlan udp-port 4789
+!
+ip routing
+no ip routing vrf MGMT
+!
+mlag configuration
+   domain-id MLAG_ISIS_L3LEAF1
+   local-interface Vlan4094
+   peer-address 10.10.255.7
+   peer-link Port-Channel5
+   reload-delay mlag 300
+   reload-delay non-mlag 330
+!
+router bfd
+   multihop interval 300 min-rx 300 multiplier 3
+!
+router bgp 65161
+   router-id 192.168.255.36
+   update wait-install
+   no bgp default ipv4-unicast
+   maximum-paths 4 ecmp 4
+   neighbor EVPN-OVERLAY-PEERS peer group
+   neighbor EVPN-OVERLAY-PEERS update-source Loopback0
+   neighbor EVPN-OVERLAY-PEERS bfd
+   neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3
+   neighbor EVPN-OVERLAY-PEERS send-community
+   neighbor EVPN-OVERLAY-PEERS maximum-routes 0
+   neighbor 10.10.10.1 peer group EVPN-OVERLAY-PEERS
+   neighbor 10.10.10.1 remote-as 65000
+   neighbor 10.10.10.1 description MLAG-ISIS-SPINE_Loopback0
+   !
+   address-family evpn
+      neighbor EVPN-OVERLAY-PEERS activate
+   !
+   address-family ipv4
+      no neighbor EVPN-OVERLAY-PEERS activate
+!
+router isis EVPN_UNDERLAY
+   net 49.0001.1921.6825.5036.00
+   router-id ipv4 192.168.255.36
+   is-type level-2
+   log-adjacency-changes
+   !
+   address-family ipv4 unicast
+      maximum-paths 4
+   !
+!
+end

ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG-ISIS-L3LEAF1B.cfg

@@ -0,0 +1,141 @@
+!
+no enable password
+no aaa root
+!
+vlan internal order ascending range 1006 1199
+!
+transceiver qsfp default-mode 4x10G
+!
+service routing protocols model multi-agent
+!
+hostname MLAG-ISIS-L3LEAF1B
+!
+no spanning-tree vlan-id 4094
+!
+vlan 4094
+   name MLAG
+   trunk group MLAG
+!
+vrf instance MGMT
+!
+management api http-commands
+   protocol https
+   no shutdown
+   !
+   vrf MGMT
+      no shutdown
+!
+interface Port-Channel5
+   description MLAG_MLAG-ISIS-L3LEAF1A_Port-Channel5
+   no shutdown
+   switchport mode trunk
+   switchport trunk group MLAG
+   switchport
+!
+interface Ethernet1
+   description P2P_MLAG-ISIS-SPINE_Ethernet31
+   no shutdown
+   mtu 9214
+   no switchport
+   ip address 10.10.101.9/31
+   isis enable EVPN_UNDERLAY
+   isis circuit-type level-2
+   isis metric 50
+   isis network point-to-point
+   isis authentication mode md5
+   isis authentication key 7 $1c$sTNAlR6rKSw=
+!
+interface Ethernet5
+   description MLAG_MLAG-ISIS-L3LEAF1A_Ethernet5
+   no shutdown
+   channel-group 5 mode active
+!
+interface Ethernet6
+   description MLAG_MLAG-ISIS-L3LEAF1A_Ethernet6
+   no shutdown
+   channel-group 5 mode active
+!
+interface Loopback0
+   description ROUTER_ID
+   no shutdown
+   ip address 192.168.255.37/32
+   isis enable EVPN_UNDERLAY
+   isis passive
+!
+interface Loopback1
+   description VXLAN_TUNNEL_SOURCE
+   no shutdown
+   ip address 192.168.254.36/32
+   isis enable EVPN_UNDERLAY
+   isis passive
+!
+interface Management1
+   description OOB_MANAGEMENT
+   no shutdown
+   vrf MGMT
+   ip address 192.168.201.117/24
+!
+interface Vlan4094
+   description MLAG
+   no shutdown
+   mtu 9214
+   no autostate
+   ip address 10.10.255.7/31
+   isis enable EVPN_UNDERLAY
+   isis metric 50
+   isis network point-to-point
+   isis authentication mode md5
+   isis authentication key 7 $1c$sTNAlR6rKSw=
+!
+interface Vxlan1
+   description MLAG-ISIS-L3LEAF1B_VTEP
+   vxlan source-interface Loopback1
+   vxlan virtual-router encapsulation mac-address mlag-system-id
+   vxlan udp-port 4789
+!
+ip routing
+no ip routing vrf MGMT
+!
+mlag configuration
+   domain-id MLAG_ISIS_L3LEAF1
+   local-interface Vlan4094
+   peer-address 10.10.255.6
+   peer-link Port-Channel5
+   reload-delay mlag 300
+   reload-delay non-mlag 330
+!
+router bfd
+   multihop interval 300 min-rx 300 multiplier 3
+!
+router bgp 65161
+   router-id 192.168.255.37
+   update wait-install
+   no bgp default ipv4-unicast
+   maximum-paths 4 ecmp 4
+   neighbor EVPN-OVERLAY-PEERS peer group
+   neighbor EVPN-OVERLAY-PEERS update-source Loopback0
+   neighbor EVPN-OVERLAY-PEERS bfd
+   neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3
+   neighbor EVPN-OVERLAY-PEERS send-community
+   neighbor EVPN-OVERLAY-PEERS maximum-routes 0
+   neighbor 10.10.10.1 peer group EVPN-OVERLAY-PEERS
+   neighbor 10.10.10.1 remote-as 65000
+   neighbor 10.10.10.1 description MLAG-ISIS-SPINE_Loopback0
+   !
+   address-family evpn
+      neighbor EVPN-OVERLAY-PEERS activate
+   !
+   address-family ipv4
+      no neighbor EVPN-OVERLAY-PEERS activate
+!
+router isis EVPN_UNDERLAY
+   net 49.0001.1921.6825.5037.00
+   router-id ipv4 192.168.255.37
+   is-type level-2
+   log-adjacency-changes
+   !
+   address-family ipv4 unicast
+      maximum-paths 4
+   !
+!
+end

ansible_collections/arista/avd/molecule/eos_designs_unit_tests/intended/configs/MLAG-ISIS-SPINE.cfg

@@ -0,0 +1,98 @@
+!
+no enable password
+no aaa root
+!
+vlan internal order ascending range 1006 1199
+!
+transceiver qsfp default-mode 4x10G
+!
+service routing protocols model multi-agent
+!
+hostname MLAG-ISIS-SPINE
+!
+spanning-tree mode none
+!
+vrf instance MGMT
+!
+management api http-commands
+   protocol https
+   no shutdown
+   !
+   vrf MGMT
+      no shutdown
+!
+interface Ethernet30
+   description P2P_MLAG-ISIS-L3LEAF1A_Ethernet1
+   no shutdown
+   mtu 9214
+   no switchport
+   ip address 10.10.101.6/31
+   isis enable EVPN_UNDERLAY
+   isis circuit-type level-2
+   isis metric 50
+   isis network point-to-point
+   isis authentication mode md5
+   isis authentication key 7 $1c$sTNAlR6rKSw=
+!
+interface Ethernet31
+   description P2P_MLAG-ISIS-L3LEAF1B_Ethernet1
+   no shutdown
+   mtu 9214
+   no switchport
+   ip address 10.10.101.8/31
+   isis enable EVPN_UNDERLAY
+   isis circuit-type level-2
+   isis metric 50
+   isis network point-to-point
+   isis authentication mode md5
+   isis authentication key 7 $1c$sTNAlR6rKSw=
+!
+interface Loopback0
+   description ROUTER_ID
+   no shutdown
+   ip address 10.10.10.1/32
+   isis enable EVPN_UNDERLAY
+   isis passive
+!
+ip routing
+no ip routing vrf MGMT
+!
+router bfd
+   multihop interval 300 min-rx 300 multiplier 3
+!
+router bgp 65000
+   router-id 10.10.10.1
+   update wait-install
+   no bgp default ipv4-unicast
+   maximum-paths 4 ecmp 4
+   neighbor EVPN-OVERLAY-PEERS peer group
+   neighbor EVPN-OVERLAY-PEERS next-hop-unchanged
+   neighbor EVPN-OVERLAY-PEERS update-source Loopback0
+   neighbor EVPN-OVERLAY-PEERS bfd
+   neighbor EVPN-OVERLAY-PEERS ebgp-multihop 3
+   neighbor EVPN-OVERLAY-PEERS send-community
+   neighbor EVPN-OVERLAY-PEERS maximum-routes 0
+   neighbor 192.168.255.36 peer group EVPN-OVERLAY-PEERS
+   neighbor 192.168.255.36 remote-as 65161
+   neighbor 192.168.255.36 description MLAG-ISIS-L3LEAF1A_Loopback0
+   neighbor 192.168.255.37 peer group EVPN-OVERLAY-PEERS
+   neighbor 192.168.255.37 remote-as 65161
+   neighbor 192.168.255.37 description MLAG-ISIS-L3LEAF1B_Loopback0
+   !
+   address-family evpn
+      neighbor EVPN-OVERLAY-PEERS activate
+   !
+   address-family ipv4
+      no neighbor EVPN-OVERLAY-PEERS activate
+!
+router isis EVPN_UNDERLAY
+   net 49.0001.0100.1001.0001.00
+   router-id ipv4 10.10.10.1
+   is-type level-2
+   log-adjacency-changes
+   !
+   address-family ipv4 unicast
+      maximum-paths 4
+   !
+!
+end