fortinet.fortios.fortios_router_ospf – Configure OSPF in Fortinet’s FortiOS and FortiGate.

Note

This plugin is part of the fortinet.fortios collection (version 1.1.8).

To install it use: ansible-galaxy collection install fortinet.fortios.

To use it in a playbook, specify: fortinet.fortios.fortios_router_ospf.

New in version 2.8: of fortinet.fortios

Synopsis
Requirements
Parameters
Notes
Examples
Return Values

Synopsis

This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify router feature and ospf category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0

Requirements

The below requirements are needed on the host that executes this module.

ansible>=2.9.0

Parameters

Parameter				Choices/Defaults	Comments
access_token string					Token-based authentication. Generated from GUI of Fortigate.
router_ospf dictionary					Configure OSPF.
	abr_type string			cisco ibm shortcut standard	Area border router type.
	area list / elements=string				OSPF area configuration.
		authentication string		none text md5	Authentication type.
		default_cost integer			Summary default cost of stub or NSSA area.
		filter_list list / elements=string			OSPF area filter-list configuration.
			direction string	in out	Direction.
			id integer / required		Filter list entry ID.
			list string		Access-list or prefix-list name. Source router.access-list.name router.prefix-list.name.
		id string / required			Area entry IP address.
		nssa_default_information_originate string		enable always disable	Redistribute, advertise, or do not originate Type-7 default route into NSSA area.
		nssa_default_information_originate_metric integer			OSPF default metric.
		nssa_default_information_originate_metric_type string		1 2	OSPF metric type for default routes.
		nssa_redistribution string		enable disable	Enable/disable redistribute into NSSA area.
		nssa_translator_role string		candidate never always	NSSA translator role type.
		range list / elements=string			OSPF area range configuration.
			advertise string	disable enable	Enable/disable advertise status.
			id integer / required		Range entry ID.
			prefix string		Prefix.
			substitute string		Substitute prefix.
			substitute_status string	enable disable	Enable/disable substitute status.
		shortcut string		disable enable default	Enable/disable shortcut option.
		stub_type string		no-summary summary	Stub summary setting.
		type string		regular nssa stub	Area type setting.
		virtual_link list / elements=string			OSPF virtual link configuration.
			authentication string	none text md5	Authentication type.
			authentication_key string		Authentication key.
			dead_interval integer		Dead interval.
			hello_interval integer		Hello interval.
			md5_key string		MD5 key.
			name string / required		Virtual link entry name.
			peer string		Peer IP.
			retransmit_interval integer		Retransmit interval.
			transmit_delay integer		Transmit delay.
	auto_cost_ref_bandwidth integer				Reference bandwidth in terms of megabits per second.
	bfd string			enable disable	Bidirectional Forwarding Detection (BFD).
	database_overflow string			enable disable	Enable/disable database overflow.
	database_overflow_max_lsas integer				Database overflow maximum LSAs.
	database_overflow_time_to_recover integer				Database overflow time to recover (sec).
	default_information_metric integer				Default information metric.
	default_information_metric_type string			1 2	Default information metric type.
	default_information_originate string			enable always disable	Enable/disable generation of default route.
	default_information_route_map string				Default information route map. Source router.route-map.name.
	default_metric integer				Default metric of redistribute routes.
	distance integer				Distance of the route.
	distance_external integer				Administrative external distance.
	distance_inter_area integer				Administrative inter-area distance.
	distance_intra_area integer				Administrative intra-area distance.
	distribute_list list / elements=string				Distribute list configuration.
		access_list string			Access list name. Source router.access-list.name.
		id integer / required			Distribute list entry ID.
		protocol string		connected static rip	Protocol type.
	distribute_list_in string				Filter incoming routes. Source router.access-list.name router.prefix-list.name.
	distribute_route_map_in string				Filter incoming external routes by route-map. Source router.route-map.name.
	log_neighbour_changes string			enable disable	Enable logging of OSPF neighbour"s changes
	neighbor list / elements=string				OSPF neighbor configuration are used when OSPF runs on non-broadcast media
		cost integer			Cost of the interface, value range from 0 to 65535, 0 means auto-cost.
		id integer / required			Neighbor entry ID.
		ip string			Interface IP address of the neighbor.
		poll_interval integer			Poll interval time in seconds.
		priority integer			Priority.
	network list / elements=string				OSPF network configuration.
		area string			Attach the network to area.
		id integer / required			Network entry ID.
		prefix string			Prefix.
	ospf_interface list / elements=string				OSPF interface configuration.
		authentication string		none text md5	Authentication type.
		authentication_key string			Authentication key.
		bfd string		global enable disable	Bidirectional Forwarding Detection (BFD).
		cost integer			Cost of the interface, value range from 0 to 65535, 0 means auto-cost.
		database_filter_out string		enable disable	Enable/disable control of flooding out LSAs.
		dead_interval integer			Dead interval.
		hello_interval integer			Hello interval.
		hello_multiplier integer			Number of hello packets within dead interval.
		interface string			Configuration interface name. Source system.interface.name.
		ip string			IP address.
		md5_key string			MD5 key.
		mtu integer			MTU for database description packets.
		mtu_ignore string		enable disable	Enable/disable ignore MTU.
		name string / required			Interface entry name.
		network_type string		broadcast non-broadcast point-to-point point-to-multipoint point-to-multipoint-non-broadcast	Network type.
		prefix_length integer			Prefix length.
		priority integer			Priority.
		resync_timeout integer			Graceful restart neighbor resynchronization timeout.
		retransmit_interval integer			Retransmit interval.
		status string		disable enable	Enable/disable status.
		transmit_delay integer			Transmit delay.
	passive_interface list / elements=string				Passive interface configuration.
		name string / required			Passive interface name. Source system.interface.name.
	redistribute list / elements=string				Redistribute configuration.
		metric integer			Redistribute metric setting.
		metric_type string		1 2	Metric type.
		name string / required			Redistribute name.
		routemap string			Route map name. Source router.route-map.name.
		status string		enable disable	status
		tag integer			Tag value.
	restart_mode string			none lls graceful-restart	OSPF restart mode (graceful or LLS).
	restart_period integer				Graceful restart period.
	rfc1583_compatible string			enable disable	Enable/disable RFC1583 compatibility.
	router_id string				Router ID.
	spf_timers string				SPF calculation frequency.
	summary_address list / elements=string				IP address summary configuration.
		advertise string		disable enable	Enable/disable advertise status.
		id integer / required			Summary address entry ID.
		prefix string			Prefix.
		tag integer			Tag value.
vdom string				Default: "root"	Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.

Notes

Note

Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks

Examples

- hosts: fortigates
  collections:
    - fortinet.fortios
  connection: httpapi
  vars:
   vdom: "root"
   ansible_httpapi_use_ssl: yes
   ansible_httpapi_validate_certs: no
   ansible_httpapi_port: 443
  tasks:
  - name: Configure OSPF.
    fortios_router_ospf:
      vdom:  "{{ vdom }}"
      router_ospf:
        abr_type: "cisco"
        area:
         -
            authentication: "none"
            default_cost: "6"
            filter_list:
             -
                direction: "in"
                id:  "9"
                list: "<your_own_value> (source router.access-list.name router.prefix-list.name)"
            id:  "11"
            nssa_default_information_originate: "enable"
            nssa_default_information_originate_metric: "13"
            nssa_default_information_originate_metric_type: "1"
            nssa_redistribution: "enable"
            nssa_translator_role: "candidate"
            range:
             -
                advertise: "disable"
                id:  "19"
                prefix: "<your_own_value>"
                substitute: "<your_own_value>"
                substitute_status: "enable"
            shortcut: "disable"
            stub_type: "no-summary"
            type: "regular"
            virtual_link:
             -
                authentication: "none"
                authentication_key: "<your_own_value>"
                dead_interval: "29"
                hello_interval: "30"
                md5_key: "<your_own_value>"
                name: "default_name_32"
                peer: "<your_own_value>"
                retransmit_interval: "34"
                transmit_delay: "35"
        auto_cost_ref_bandwidth: "36"
        bfd: "enable"
        database_overflow: "enable"
        database_overflow_max_lsas: "39"
        database_overflow_time_to_recover: "40"
        default_information_metric: "41"
        default_information_metric_type: "1"
        default_information_originate: "enable"
        default_information_route_map: "<your_own_value> (source router.route-map.name)"
        default_metric: "45"
        distance: "46"
        distance_external: "47"
        distance_inter_area: "48"
        distance_intra_area: "49"
        distribute_list:
         -
            access_list: "<your_own_value> (source router.access-list.name)"
            id:  "52"
            protocol: "connected"
        distribute_list_in: "<your_own_value> (source router.access-list.name router.prefix-list.name)"
        distribute_route_map_in: "<your_own_value> (source router.route-map.name)"
        log_neighbour_changes: "enable"
        neighbor:
         -
            cost: "58"
            id:  "59"
            ip: "<your_own_value>"
            poll_interval: "61"
            priority: "62"
        network:
         -
            area: "<your_own_value>"
            id:  "65"
            prefix: "<your_own_value>"
        ospf_interface:
         -
            authentication: "none"
            authentication_key: "<your_own_value>"
            bfd: "global"
            cost: "71"
            database_filter_out: "enable"
            dead_interval: "73"
            hello_interval: "74"
            hello_multiplier: "75"
            interface: "<your_own_value> (source system.interface.name)"
            ip: "<your_own_value>"
            md5_key: "<your_own_value>"
            mtu: "79"
            mtu_ignore: "enable"
            name: "default_name_81"
            network_type: "broadcast"
            prefix_length: "83"
            priority: "84"
            resync_timeout: "85"
            retransmit_interval: "86"
            status: "disable"
            transmit_delay: "88"
        passive_interface:
         -
            name: "default_name_90 (source system.interface.name)"
        redistribute:
         -
            metric: "92"
            metric_type: "1"
            name: "default_name_94"
            routemap: "<your_own_value> (source router.route-map.name)"
            status: "enable"
            tag: "97"
        restart_mode: "none"
        restart_period: "99"
        rfc1583_compatible: "enable"
        router_id: "<your_own_value>"
        spf_timers: "<your_own_value>"
        summary_address:
         -
            advertise: "disable"
            id:  "105"
            prefix: "<your_own_value>"
            tag: "107"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
build string	always	Build number of the fortigate image Sample: 1547
http_method string	always	Last method used to provision the content into FortiGate Sample: PUT
http_status string	always	Last result given by FortiGate on last operation applied Sample: 200
mkey string	success	Master key (id) used in the last call to FortiGate Sample: id
name string	always	Name of the table used to fulfill the request Sample: urlfilter
path string	always	Path of the table used to fulfill the request Sample: webfilter
revision string	always	Internal revision number Sample: 17.0.2.10658
serial string	always	Serial number of the unit Sample: FGVMEVYYQT3AB5352
status string	always	Indication of the operation's result Sample: success
vdom string	always	Virtual domain used Sample: root
version string	always	Version of the FortiGate Sample: v5.6.3

Authors

Link Zheng (@chillancezen)
Jie Xue (@JieX19)
Hongbin Lu (@fgtdev-hblu)
Frank Shen (@frankshen01)
Miguel Angel Munoz (@mamunozgonzalez)
Nicolas Thomas (@thomnico)

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/fortinet/fortios/fortios_router_ospf_module.html