Nis-Options

These scenarios check DHCP server NIS/NIS+ options. NIS (Network Information Service) provides centralized authentication and configuration management for UNIX/Linux networks. NIS+ is the enhanced version with improved security. This includes: nis-domain (option 40), nis-server (option 41), nisplus-domain (option 64), and nisplus-server (option 65).

Test NIS-Domain

Description

This scenario checks the nis-domain option. The DHCP server configures the NIS domain name, and the client receives it. The NIS domain is used by UNIX/Linux systems for centralized authentication (Option 40).

Scenario

Step 1: Set the following configuration in DUT0 :

set interfaces ethernet eth0 address 10.0.0.1/24
set service dhcp-server shared-network nis-domain subnet 10.0.0.0/24 options nis-domain example.nis
set service dhcp-server shared-network nis-domain subnet 10.0.0.0/24 start 10.0.0.5 stop 10.0.0.5
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 2: Set the following configuration in DUT1 :

set interfaces ethernet eth0 address dhcp
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 3: Run command interfaces ethernet eth0 show at DUT1 and check if output contains the following tokens:

10.0.0.5

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

Step 4: Run command interfaces ethernet eth0 show at DUT1 and expect this output:

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

---

Test NIS-Server Single

Description

This scenario checks the nis-server option with a single NIS server. The DHCP server configures one NIS server IP address, and the client receives it. NIS servers provide centralized user/group management for UNIX networks (Option 41).

Scenario

Step 1: Set the following configuration in DUT0 :

set interfaces ethernet eth0 address 10.0.0.1/24
set service dhcp-server shared-network nis-single subnet 10.0.0.0/24 options nis-server 10.0.0.10
set service dhcp-server shared-network nis-single subnet 10.0.0.0/24 start 10.0.0.5 stop 10.0.0.5
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 2: Set the following configuration in DUT1 :

set interfaces ethernet eth0 address dhcp
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 3: Run command interfaces ethernet eth0 show at DUT1 and check if output contains the following tokens:

10.0.0.5

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

Step 4: Run command interfaces ethernet eth0 show at DUT1 and expect this output:

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

---

Test NIS-Server Multiple

Description

This scenario checks the nis-server option with multiple NIS servers. The DHCP server configures three NIS servers, and the client receives all of them. Multiple NIS servers provide redundancy for authentication services.

Scenario

Step 1: Set the following configuration in DUT0 :

set interfaces ethernet eth0 address 10.0.0.1/24
set service dhcp-server shared-network nis-multiple subnet 10.0.0.0/24 options nis-server 10.0.0.10
set service dhcp-server shared-network nis-multiple subnet 10.0.0.0/24 options nis-server 10.0.0.11
set service dhcp-server shared-network nis-multiple subnet 10.0.0.0/24 options nis-server 10.0.0.12
set service dhcp-server shared-network nis-multiple subnet 10.0.0.0/24 start 10.0.0.5 stop 10.0.0.5
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 2: Set the following configuration in DUT1 :

set interfaces ethernet eth0 address dhcp
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 3: Run command interfaces ethernet eth0 show at DUT1 and check if output contains the following tokens:

10.0.0.5

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

Step 4: Run command interfaces ethernet eth0 show at DUT1 and expect this output:

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

---

Test NIS-Server VRF

Description

This scenario checks the nis-server option when the DHCP server is configured with VRF. Multiple NIS servers are configured in a VRF environment, and the client receives them correctly.

Scenario

Step 1: Set the following configuration in DUT0 :

set interfaces ethernet eth0 address 10.0.0.1/24
set interfaces ethernet eth0 vrf VRF0
set service dhcp-server shared-network nis-vrf local-vrf VRF0
set service dhcp-server shared-network nis-vrf subnet 10.0.0.0/24 options nis-server 10.0.0.10
set service dhcp-server shared-network nis-vrf subnet 10.0.0.0/24 options nis-server 10.0.0.11
set service dhcp-server shared-network nis-vrf subnet 10.0.0.0/24 start 10.0.0.5 stop 10.0.0.5
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
set system vrf VRF0

Step 2: Set the following configuration in DUT1 :

set interfaces ethernet eth0 address dhcp
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 3: Run command interfaces ethernet eth0 show at DUT1 and check if output contains the following tokens:

10.0.0.5

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

Step 4: Run command interfaces ethernet eth0 show at DUT1 and expect this output:

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

---

Test NIS Combined Options

Description

This scenario checks NIS domain and servers configured together. The DHCP server configures both nis-domain and multiple nis-servers. This is the typical configuration for a UNIX network with NIS authentication.

Scenario

Step 1: Set the following configuration in DUT0 :

set interfaces ethernet eth0 address 10.0.0.1/24
set service dhcp-server shared-network nis-combined subnet 10.0.0.0/24 options nis-domain example.nis
set service dhcp-server shared-network nis-combined subnet 10.0.0.0/24 options nis-server 10.0.0.10
set service dhcp-server shared-network nis-combined subnet 10.0.0.0/24 options nis-server 10.0.0.11
set service dhcp-server shared-network nis-combined subnet 10.0.0.0/24 start 10.0.0.5 stop 10.0.0.5
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 2: Set the following configuration in DUT1 :

set interfaces ethernet eth0 address dhcp
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 3: Run command interfaces ethernet eth0 show at DUT1 and check if output contains the following tokens:

10.0.0.5

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

Step 4: Run command interfaces ethernet eth0 show at DUT1 and expect this output:

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

---

Test Change NIS-Domain

Description

This scenario checks that the NIS domain can be changed dynamically. Configure an initial NIS domain, then change it and verify the client receives the new value.

Scenario

Step 1: Set the following configuration in DUT0 :

set interfaces ethernet eth0 address 10.0.0.1/24
set service dhcp-server shared-network nis-domain subnet 10.0.0.0/24 options nis-domain example.nis
set service dhcp-server shared-network nis-domain subnet 10.0.0.0/24 start 10.0.0.5 stop 10.0.0.5
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 2: Set the following configuration in DUT1 :

set interfaces ethernet eth0 address dhcp
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 3: Run command interfaces ethernet eth0 show at DUT1 and check if output contains the following tokens:

10.0.0.5

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

Step 4: Run command interfaces ethernet eth0 show at DUT1 and expect this output:

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

Step 5: Modify the following configuration lines in DUT0 :

set service dhcp-server shared-network nis-domain subnet 10.0.0.0/24 options nis-domain test.nis

Step 6: Run command interfaces ethernet eth0 show at DUT1 and expect this output:

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

---

Test Remove NIS-Server

Description

This scenario checks that NIS servers can be removed. Configure NIS servers, then remove them and verify they are no longer sent to the client.

Scenario

Step 1: Set the following configuration in DUT0 :

set interfaces ethernet eth0 address 10.0.0.1/24
set service dhcp-server shared-network nis-multiple subnet 10.0.0.0/24 options nis-server 10.0.0.10
set service dhcp-server shared-network nis-multiple subnet 10.0.0.0/24 options nis-server 10.0.0.11
set service dhcp-server shared-network nis-multiple subnet 10.0.0.0/24 options nis-server 10.0.0.12
set service dhcp-server shared-network nis-multiple subnet 10.0.0.0/24 start 10.0.0.5 stop 10.0.0.5
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 2: Set the following configuration in DUT1 :

set interfaces ethernet eth0 address dhcp
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 3: Run command interfaces ethernet eth0 show at DUT1 and check if output contains the following tokens:

10.0.0.5

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

Step 4: Run command interfaces ethernet eth0 show at DUT1 and expect this output:

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

Step 5: Modify the following configuration lines in DUT0 :

delete service dhcp-server shared-network nis-multiple subnet 10.0.0.0/24 options

Step 6: Run command interfaces ethernet eth0 show at DUT1 and expect this output:

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

---

Test NISplus-Domain

Description

This scenario checks the nisplus-domain option. The DHCP server configures the NIS+ domain name, and the client receives it. NIS+ is the enhanced version of NIS with improved security (Option 64).

Scenario

Step 1: Set the following configuration in DUT0 :

set interfaces ethernet eth0 address 10.0.0.1/24
set service dhcp-server shared-network nisp-domain subnet 10.0.0.0/24 options nisplus-domain example.nisplus
set service dhcp-server shared-network nisp-domain subnet 10.0.0.0/24 start 10.0.0.5 stop 10.0.0.5
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 2: Set the following configuration in DUT1 :

set interfaces ethernet eth0 address dhcp
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 3: Run command interfaces ethernet eth0 show at DUT1 and check if output contains the following tokens:

10.0.0.5

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

Step 4: Run command interfaces ethernet eth0 show at DUT1 and expect this output:

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

---

Test NISplus-Server Single

Description

This scenario checks the nisplus-server option with a single NIS+ server. The DHCP server configures one NIS+ server, and the client receives it. NIS+ provides enhanced security over standard NIS (Option 65).

Scenario

Step 1: Set the following configuration in DUT0 :

set interfaces ethernet eth0 address 10.0.0.1/24
set service dhcp-server shared-network nisp-single subnet 10.0.0.0/24 options nisplus-server 10.0.0.20
set service dhcp-server shared-network nisp-single subnet 10.0.0.0/24 start 10.0.0.5 stop 10.0.0.5
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 2: Set the following configuration in DUT1 :

set interfaces ethernet eth0 address dhcp
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 3: Run command interfaces ethernet eth0 show at DUT1 and check if output contains the following tokens:

10.0.0.5

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

Step 4: Run command interfaces ethernet eth0 show at DUT1 and expect this output:

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

---

Test NISplus-Server Multiple

Description

This scenario checks the nisplus-server option with multiple NIS+ servers. The DHCP server configures three NIS+ servers for redundancy.

Scenario

Step 1: Set the following configuration in DUT0 :

set interfaces ethernet eth0 address 10.0.0.1/24
set service dhcp-server shared-network nisp-multiple subnet 10.0.0.0/24 options nisplus-server 10.0.0.20
set service dhcp-server shared-network nisp-multiple subnet 10.0.0.0/24 options nisplus-server 10.0.0.21
set service dhcp-server shared-network nisp-multiple subnet 10.0.0.0/24 options nisplus-server 10.0.0.22
set service dhcp-server shared-network nisp-multiple subnet 10.0.0.0/24 start 10.0.0.5 stop 10.0.0.5
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 2: Set the following configuration in DUT1 :

set interfaces ethernet eth0 address dhcp
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 3: Run command interfaces ethernet eth0 show at DUT1 and check if output contains the following tokens:

10.0.0.5

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

Step 4: Run command interfaces ethernet eth0 show at DUT1 and expect this output:

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

---

Test NISplus Combined Options

Description

This scenario checks NIS+ domain and servers configured together. The DHCP server configures both nisplus-domain and multiple nisplus-servers.

Scenario

Step 1: Set the following configuration in DUT0 :

set interfaces ethernet eth0 address 10.0.0.1/24
set service dhcp-server shared-network nisp-combined subnet 10.0.0.0/24 options nisplus-domain example.nisplus
set service dhcp-server shared-network nisp-combined subnet 10.0.0.0/24 options nisplus-server 10.0.0.20
set service dhcp-server shared-network nisp-combined subnet 10.0.0.0/24 options nisplus-server 10.0.0.21
set service dhcp-server shared-network nisp-combined subnet 10.0.0.0/24 start 10.0.0.5 stop 10.0.0.5
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 2: Set the following configuration in DUT1 :

set interfaces ethernet eth0 address dhcp
set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'

Step 3: Run command interfaces ethernet eth0 show at DUT1 and check if output contains the following tokens:

10.0.0.5

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

Step 4: Run command interfaces ethernet eth0 show at DUT1 and expect this output:

Show output

-----------------------------------------------------------------
Name           IP Address           Admin  Oper  Vrf  Description
-----------------------------------------------------------------
eth0  10.0.0.5/24                   up     up
      fe80::dcad:beff:feef:6c10/64

---