-# $OpenBSD: Makefile,v 1.14 2024/04/09 09:33:46 claudio Exp $
+# $OpenBSD: Makefile,v 1.15 2024/10/10 14:02:47 claudio Exp $
-BGPDTESTS=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
+BGPDTESTS=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
.for n in ${BGPDTESTS}
BGPD_TARGETS+=bgpd${n}
--- /dev/null
+# $OpenBSD: bgpd.conf.17.in,v 1.1 2024/10/10 14:02:47 claudio Exp $
+# Test various authentication statements
+
+AS 1
+
+rtr 127.0.1.2 {
+ tcp md5sig password secret
+}
+
+rtr 127.0.1.3 {
+ tcp md5sig key deadbeef
+}
+
+rtr 127.0.1.4 {
+ ipsec ah ike
+}
+
+rtr 127.0.1.5 {
+ ipsec esp ike
+}
+
+rtr 127.0.1.6 {
+ ipsec ah in spi 12706 sha1 deadbeefdeadbeefdeadbeefdeadbeef01c0ffee
+ ipsec ah out spi 12707 sha1 deadbeefdeadbeefdeadbeefdeadbeef02c0ffee
+}
+
+rtr 127.0.1.7 {
+ ipsec esp in spi 12742 sha1 deadbeefdeadbeefdeadbeefdeadbeef01c0ffee \
+ aes deadbeefdeadbeefdeadbeefdeadbeef
+ ipsec esp out spi 12743 sha1 deadbeefdeadbeefdeadbeefdeadbeef02c0ffee \
+ aes deadbeefdeadbeefdeadbeefdeadbeef
+}
+
+neighbor 127.0.0.2 {
+ remote-as 2
+ tcp md5sig password secret
+}
+
+neighbor 127.0.0.3 {
+ remote-as 3
+ tcp md5sig key deadbeef
+}
+
+neighbor 127.0.0.4 {
+ remote-as 4
+ local-address 127.0.0.1
+ ipsec ah ike
+}
+
+neighbor 127.0.0.5 {
+ remote-as 5
+ local-address 127.0.0.1
+ ipsec esp ike
+}
+
+neighbor 127.0.0.6 {
+ remote-as 6
+ local-address 127.0.0.1
+ ipsec ah in spi 12706 sha1 deadbeefdeadbeefdeadbeefdeadbeef01c0ffee
+ ipsec ah out spi 12707 sha1 deadbeefdeadbeefdeadbeefdeadbeef02c0ffee
+}
+
+neighbor 127.0.0.7 {
+ remote-as 7
+ local-address 127.0.0.1
+ ipsec esp in spi 12742 sha1 deadbeefdeadbeefdeadbeefdeadbeef01c0ffee \
+ aes deadbeefdeadbeefdeadbeefdeadbeef
+ ipsec esp out spi 12743 sha1 deadbeefdeadbeefdeadbeefdeadbeef02c0ffee \
+ aes deadbeefdeadbeefdeadbeefdeadbeef
+}
--- /dev/null
+AS 1
+router-id 127.0.0.1
+socket "/var/run/bgpd.sock.0"
+listen on 0.0.0.0
+listen on ::
+
+rtr 127.0.1.2 {
+ descr "127.0.1.2"
+ port 323
+ tcp md5sig
+}
+
+rtr 127.0.1.3 {
+ descr "127.0.1.3"
+ port 323
+ tcp md5sig
+}
+
+rtr 127.0.1.4 {
+ descr "127.0.1.4"
+ port 323
+ ipsec ah ike
+}
+
+rtr 127.0.1.5 {
+ descr "127.0.1.5"
+ port 323
+ ipsec esp ike
+}
+
+rtr 127.0.1.6 {
+ descr "127.0.1.6"
+ port 323
+ ipsec ah in spi 12706 sha1 XXXXXX
+ ipsec ah out spi 12707 sha1 XXXXXX
+}
+
+rtr 127.0.1.7 {
+ descr "127.0.1.7"
+ port 323
+ ipsec esp in spi 12742 sha1 XXXXXX aes XXXXXX
+ ipsec esp out spi 12743 sha1 XXXXXX aes XXXXXX
+}
+
+
+rde rib Adj-RIB-In no evaluate
+rde rib Loc-RIB rtable 0 fib-update yes
+
+neighbor 127.0.0.2 {
+ remote-as 2
+ enforce neighbor-as yes
+ enforce local-as yes
+ tcp md5sig
+ announce IPv4 unicast
+ announce policy no
+}
+neighbor 127.0.0.3 {
+ remote-as 3
+ enforce neighbor-as yes
+ enforce local-as yes
+ tcp md5sig
+ announce IPv4 unicast
+ announce policy no
+}
+neighbor 127.0.0.4 {
+ remote-as 4
+ local-address 127.0.0.1
+ enforce neighbor-as yes
+ enforce local-as yes
+ ipsec ah ike
+ announce IPv4 unicast
+ announce policy no
+}
+neighbor 127.0.0.5 {
+ remote-as 5
+ local-address 127.0.0.1
+ enforce neighbor-as yes
+ enforce local-as yes
+ ipsec esp ike
+ announce IPv4 unicast
+ announce policy no
+}
+neighbor 127.0.0.6 {
+ remote-as 6
+ local-address 127.0.0.1
+ enforce neighbor-as yes
+ enforce local-as yes
+ ipsec ah in spi 12706 sha1 XXXXXX
+ ipsec ah out spi 12707 sha1 XXXXXX
+ announce IPv4 unicast
+ announce policy no
+}
+neighbor 127.0.0.7 {
+ remote-as 7
+ local-address 127.0.0.1
+ enforce neighbor-as yes
+ enforce local-as yes
+ ipsec esp in spi 12742 sha1 XXXXXX aes XXXXXX
+ ipsec esp out spi 12743 sha1 XXXXXX aes XXXXXX
+ announce IPv4 unicast
+ announce policy no
+}