cisco.nxos.nxos_bgp_global – BGP Global resource module.

From Get docs
Ansible/docs/2.11/collections/cisco/nxos/nxos bgp global module


cisco.nxos.nxos_bgp_global – BGP Global resource module.

Note

This plugin is part of the cisco.nxos collection (version 1.4.0).

To install it use: ansible-galaxy collection install cisco.nxos.

To use it in a playbook, specify: cisco.nxos.nxos_bgp_global.


New in version 1.4.0: of cisco.nxos


Synopsis

  • This module manages global BGP configuration on devices running Cisco NX-OS.

Note

This module has a corresponding action plugin.


Parameters

Parameter Choices/Defaults Comments

config

dictionary

A list of BGP process configuration.

affinity_group

dictionary

Configure an affinity group.

group_id

integer

Affinity Group ID.

as_number

string

Autonomous System Number of the router.

bestpath

dictionary

Define the default bestpath selection algorithm.

always_compare_med

boolean

  • no
  • yes

Compare MED on paths from different AS.

as_path

dictionary

AS-Path.

ignore

boolean

  • no
  • yes

Ignore AS-Path during bestpath selection.

multipath_relax

boolean

  • no
  • yes

Relax AS-Path restriction when choosing multipaths.

compare_neighborid

boolean

  • no
  • yes

When more paths are available than max path config, use neighborid as tie-breaker.

compare_routerid

boolean

  • no
  • yes

Compare router-id for identical EBGP paths.

cost_community_ignore

boolean

  • no
  • yes

Ignore cost communities in bestpath selection.

igp_metric_ignore

boolean

  • no
  • yes

Ignore IGP metric for next-hop during bestpath selection.

med

dictionary

MED

confed

boolean

  • no
  • yes

Compare MED only from paths originated from within a confederation.

missing_as_worst

boolean

  • no
  • yes

Treat missing MED as highest MED.

non_deterministic

boolean

  • no
  • yes

Not always pick the best-MED path among paths from same AS.

cluster_id

string

Configure Route Reflector Cluster-ID.

confederation

dictionary

AS confederation parameters.

identifier

string

Set routing domain confederation AS.

peers

list / elements=string

Peer ASs in BGP confederation.

disable_policy_batching

dictionary

Disable batching evaluation of outbound policy for a peer.

ipv4

dictionary

IPv4 address-family settings.

prefix_list

string

Name of prefix-list to apply.

ipv6

dictionary

IPv6 address-family settings.

prefix_list

string

Name of prefix-list to apply.

nexthop

boolean

  • no
  • yes

Batching based on nexthop.

set

boolean

  • no
  • yes

Set policy batching.

dynamic_med_interval

integer

Sets the interval for dampening of med changes.

enforce_first_as

boolean

  • no
  • yes

Enforce neighbor AS is the first AS in AS-PATH attribute (EBGP).

enhanced_error

boolean

  • no
  • yes

Enable BGP Enhanced error handling.

fabric_soo

string

Fabric site of origin.

fast_external_fallover

boolean

  • no
  • yes

Immediately reset the session if the link to a directly connected BGP peer goes down.

flush_routes

boolean

  • no
  • yes

Flush routes in RIB upon controlled restart.

graceful_restart

dictionary

Configure Graceful Restart functionality.

helper

boolean

  • no
  • yes

Configure Graceful Restart Helper mode functionality.

restart_time

integer

Maximum time for restart advertised to peers.

set

boolean

  • no
  • yes

Enable graceful-restart.

stalepath_time

integer

Maximum time to keep a restarting peer's stale routes.

graceful_shutdown

dictionary

Graceful-shutdown for BGP protocol.

activate

dictionary

Send graceful-shutdown community on all routes.

route_map

string

Apply route-map to modify attributes for outbound.

set

boolean

  • no
  • yes

Activiate graceful-shutdown.

aware

boolean

  • no
  • yes

Lower preference of routes carrying graceful-shutdown community.

isolate

dictionary

Isolate this router from BGP perspective.

include_local

boolean

  • no
  • yes

Withdraw both local and remote BGP routes.

set

boolean

  • no
  • yes

Withdraw remote BGP routes to isolate this router.

log_neighbor_changes

boolean

  • no
  • yes

Log a message for neighbor up/down event.

maxas_limit

integer

Allow AS-PATH attribute from EBGP neighbor imposing a limit on number of ASes.

neighbor_down

dictionary

Handle BGP neighbor down event, due to various reasons.

fib_accelerate

boolean

  • no
  • yes

Accelerate the hardware updates for IP/IPv6 adjacencies for neighbor.

neighbors

list / elements=dictionary

Configure BGP neighbors.

bmp_activate_server

integer

Specify server ID for activating BMP monitoring for the peer.

capability

dictionary

Capability.

suppress_4_byte_as

boolean

  • no
  • yes

Suppress 4-byte AS Capability.

description

string

Neighbor specific descripion.

disable_connected_check

boolean

  • no
  • yes

Disable check for directly connected peer.

dont_capability_negotiate

boolean

  • no
  • yes

Don't negotiate capability with this neighbor.

dscp

string

Set dscp value for tcp transport.

dynamic_capability

boolean

  • no
  • yes

Dynamic Capability

ebgp_multihop

integer

Specify multihop TTL for remote peer.

graceful_shutdown

dictionary

Graceful-shutdown for this neighbor.

activate

dictionary

Send graceful-shutdown community.

route_map

string

Apply route-map to modify attributes for outbound.

set

boolean

  • no
  • yes

Set activate.

inherit

dictionary

Inherit a template.

peer

string

Peer template to inherit.

peer_session

string

Peer-session template to inherit.

local_as

string

Specify the local-as number for the eBGP neighbor.

log_neighbor_changes

dictionary

Log message for neighbor up/down event.

disable

boolean

  • no
  • yes

Disable logging of neighbor up/down event.

set

boolean

  • no
  • yes

Set log-neighbor-changes.

low_memory

dictionary

Behaviour in low memory situations.

exempt

boolean

  • no
  • yes

Do not shutdown this peer when under memory pressure.

neighbor_address

string / required

IP address/Prefix of the neighbor or interface.

neighbor_affinity_group

dictionary

Configure an affinity group.

group_id

integer

Affinity Group ID.

password

dictionary

Configure a password for neighbor.

encryption

integer

0 specifies an UNENCRYPTED neighbor password.

3 specifies an 3DES ENCRYPTED neighbor password will follow.

7 specifies a Cisco type 7 ENCRYPTED neighbor password will follow.

key

string

Authentication password.

path_attribute

list / elements=dictionary

BGP path attribute optional filtering.

action

string

  • discard
  • treat-as-withdraw

Action.

range

dictionary

Path attribute range.

end

integer

Path attribute range end value.

start

integer

Path attribute range start value.

type

integer

Path attribute type

peer_type

string

  • fabric-border-leaf
  • fabric-external

Neighbor facing

remote_as

string

Specify Autonomous System Number of the neighbor.

remove_private_as

dictionary

Remove private AS number from outbound updates.

all

boolean

  • no
  • yes

All.

replace_as

boolean

  • no
  • yes

Replace.

set

boolean

  • no
  • yes

Remove private AS.

shutdown

boolean

  • no
  • yes

Administratively shutdown this neighbor.

timers

dictionary

Configure keepalive and hold timers.

holdtime

integer

Holdtime (seconds).

keepalive

integer

Keepalive interval (seconds).

transport

dictionary

BGP transport connection.

connection_mode

dictionary

Specify type of connection.

passive

boolean

  • no
  • yes

Allow passive connection setup only.

ttl_security

dictionary

Enable TTL Security Mechanism.

hops

integer

Specify hop count for remote peer.

update_source

string

Specify source of BGP session and updates.

nexthop

dictionary

Nexthop resolution options.

suppress_default_resolution

boolean

  • no
  • yes

Prohibit use of default route for nexthop address resolution.

rd

dictionary

Secondary Route Distinguisher for vxlan multisite border gateway.

dual

boolean

  • no
  • yes

Generate Secondary RD for all VRFs and L2VNIs.

id

integer

Specify 2 byte value for ID.

reconnect_interval

integer

Configure connection reconnect interval.

router_id

string

Specify the IP address to use as router-id.

shutdown

boolean

  • no
  • yes

Administratively shutdown BGP protocol.

suppress_fib_pending

boolean

  • no
  • yes

Advertise only routes that are programmed in hardware to peers.

timers

dictionary

Configure bgp related timers.

bestpath_limit

dictionary

Configure timeout for first bestpath after restart.

always

boolean

  • no
  • yes

Configure update-delay-always option.

timeout

integer

Bestpath timeout (seconds).

bgp

dictionary

Configure different bgp keepalive and holdtimes.

holdtime

integer

Holdtime (seconds).

keepalive

integer

Keepalive interval (seconds).

prefix_peer_timeout

integer

Prefix Peer timeout (seconds).

prefix_peer_wait

integer

Configure wait timer for a prefix peer.

vrfs

list / elements=dictionary

Virtual Router Context configurations.

allocate_index

integer

Configure allocate-index.

bestpath

dictionary

Define the default bestpath selection algorithm.

always_compare_med

boolean

  • no
  • yes

Compare MED on paths from different AS.

as_path

dictionary

AS-Path.

ignore

boolean

  • no
  • yes

Ignore AS-Path during bestpath selection.

multipath_relax

boolean

  • no
  • yes

Relax AS-Path restriction when choosing multipaths.

compare_neighborid

boolean

  • no
  • yes

When more paths are available than max path config, use neighborid as tie-breaker.

compare_routerid

boolean

  • no
  • yes

Compare router-id for identical EBGP paths.

cost_community_ignore

boolean

  • no
  • yes

Ignore cost communities in bestpath selection.

igp_metric_ignore

boolean

  • no
  • yes

Ignore IGP metric for next-hop during bestpath selection.

med

dictionary

MED

confed

boolean

  • no
  • yes

Compare MED only from paths originated from within a confederation.

missing_as_worst

boolean

  • no
  • yes

Treat missing MED as highest MED.

non_deterministic

boolean

  • no
  • yes

Not always pick the best-MED path among paths from same AS.

cluster_id

string

Configure Route Reflector Cluster-ID.

confederation

dictionary

AS confederation parameters.

identifier

string

Set routing domain confederation AS.

peers

list / elements=string

Peer ASs in BGP confederation.

graceful_restart

dictionary

Configure Graceful Restart functionality.

helper

boolean

  • no
  • yes

Configure Graceful Restart Helper mode functionality.

restart_time

integer

Maximum time for restart advertised to peers.

set

boolean

  • no
  • yes

Enable graceful-restart.

stalepath_time

integer

Maximum time to keep a restarting peer's stale routes.

local_as

string

Specify the local-as for this vrf.

log_neighbor_changes

boolean

  • no
  • yes

Log a message for neighbor up/down event.

maxas_limit

integer

Allow AS-PATH attribute from EBGP neighbor imposing a limit on number of ASes.

neighbor_down

dictionary

Handle BGP neighbor down event, due to various reasons.

fib_accelerate

boolean

  • no
  • yes

Accelerate the hardware updates for IP/IPv6 adjacencies for neighbor.

neighbors

list / elements=dictionary

Configure BGP neighbors.

bmp_activate_server

integer

Specify server ID for activating BMP monitoring for the peer.

capability

dictionary

Capability.

suppress_4_byte_as

boolean

  • no
  • yes

Suppress 4-byte AS Capability.

description

string

Neighbor specific descripion.

disable_connected_check

boolean

  • no
  • yes

Disable check for directly connected peer.

dont_capability_negotiate

boolean

  • no
  • yes

Don't negotiate capability with this neighbor.

dscp

string

Set dscp value for tcp transport.

dynamic_capability

boolean

  • no
  • yes

Dynamic Capability

ebgp_multihop

integer

Specify multihop TTL for remote peer.

graceful_shutdown

dictionary

Graceful-shutdown for this neighbor.

activate

dictionary

Send graceful-shutdown community.

route_map

string

Apply route-map to modify attributes for outbound.

set

boolean

  • no
  • yes

Set activate.

inherit

dictionary

Inherit a template.

peer

string

Peer template to inherit.

peer_session

string

Peer-session template to inherit.

local_as

string

Specify the local-as number for the eBGP neighbor.

log_neighbor_changes

dictionary

Log message for neighbor up/down event.

disable

boolean

  • no
  • yes

Disable logging of neighbor up/down event.

set

boolean

  • no
  • yes

Set log-neighbor-changes.

low_memory

dictionary

Behaviour in low memory situations.

exempt

boolean

  • no
  • yes

Do not shutdown this peer when under memory pressure.

neighbor_address

string / required

IP address/Prefix of the neighbor or interface.

neighbor_affinity_group

dictionary

Configure an affinity group.

group_id

integer

Affinity Group ID.

password

dictionary

Configure a password for neighbor.

encryption

integer

0 specifies an UNENCRYPTED neighbor password.

3 specifies an 3DES ENCRYPTED neighbor password will follow.

7 specifies a Cisco type 7 ENCRYPTED neighbor password will follow.

key

string

Authentication password.

path_attribute

list / elements=dictionary

BGP path attribute optional filtering.

action

string

  • discard
  • treat-as-withdraw

Action.

range

dictionary

Path attribute range.

end

integer

Path attribute range end value.

start

integer

Path attribute range start value.

type

integer

Path attribute type

peer_type

string

  • fabric-border-leaf
  • fabric-external

Neighbor facing

remote_as

string

Specify Autonomous System Number of the neighbor.

remove_private_as

dictionary

Remove private AS number from outbound updates.

all

boolean

  • no
  • yes

All.

replace_as

boolean

  • no
  • yes

Replace.

set

boolean

  • no
  • yes

Remove private AS.

shutdown

boolean

  • no
  • yes

Administratively shutdown this neighbor.

timers

dictionary

Configure keepalive and hold timers.

holdtime

integer

Holdtime (seconds).

keepalive

integer

Keepalive interval (seconds).

transport

dictionary

BGP transport connection.

connection_mode

dictionary

Specify type of connection.

passive

boolean

  • no
  • yes

Allow passive connection setup only.

ttl_security

dictionary

Enable TTL Security Mechanism.

hops

integer

Specify hop count for remote peer.

update_source

string

Specify source of BGP session and updates.

reconnect_interval

integer

Configure connection reconnect interval.

router_id

string

Specify the IP address to use as router-id.

timers

dictionary

Configure bgp related timers.

bestpath_limit

dictionary

Configure timeout for first bestpath after restart.

always

boolean

  • no
  • yes

Configure update-delay-always option.

timeout

integer

Bestpath timeout (seconds).

bgp

dictionary

Configure different bgp keepalive and holdtimes.

holdtime

integer

Holdtime (seconds).

keepalive

integer

Keepalive interval (seconds).

prefix_peer_timeout

integer

Prefix Peer timeout (seconds).

prefix_peer_wait

integer

Configure wait timer for a prefix peer.

vrf

string

VRF name.

running_config

string

This option is used only with state parsed.

The value of this option should be the output received from the NX-OS device by executing the command show running-config | section '^router bgp'.

The state parsed reads the configuration from running_config option and transforms it into Ansible structured data as per the resource module's argspec and the value is then returned in the parsed key within the result.

state

string

  • merged

  • replaced
  • deleted
  • purged
  • parsed
  • gathered
  • rendered

The state the configuration should be left in.

State purged removes all the BGP configurations from the target device. Use caution with this state.

State deleted only removes BGP attributes that this modules manages and does not negate the BGP process completely. Thereby, preserving address-family related configurations under BGP context.

Running states deleted and replaced will result in an error if there are address-family configuration lines present under a neighbor, or a vrf context that is to be removed. Please use the cisco.nxos.nxos_bgp_af or cisco.nxos.nxos_bgp_neighbor_af modules for prior cleanup.

Refer to examples for more details.



Notes

Note

  • Tested against NX-OS 9.3.6.
  • This module works with connection network_cli and httpapi.


Examples

# Using merged

# Before state:
# -------------
# Nexus9000v# show running-config | section "^router bgp"
# Nexus9000v#

- name: Merge the provided configuration with the exisiting running configuration
  cisco.nxos.nxos_bgp_global:
    config:
      as_number: 65563
      router_id: 192.168.1.1
      bestpath:
        as_path:
          multipath_relax: True
        compare_neighborid: True
        cost_community_ignore: True
      confederation:
        identifier: 42
        peers:
          - 65020
          - 65030
          - 65040
      log_neighbor_changes: True
      maxas_limit: 20
      neighbors:
        - neighbor_address: 192.168.1.100
          neighbor_affinity_group:
            group_id: 160
          bmp_activate_server: 1
          remote_as: 65563
          description: NBR-1
          low_memory:
            exempt: True
        - neighbor_address: 192.168.1.101
          remote_as: 65563
          password:
            encryption: 7
            key: 12090404011C03162E
      neighbor_down:
        fib_accelerate: True
      vrfs:
        - vrf: site-1
          allocate_index: 5000
          local_as: 200
          log_neighbor_changes: True
          neighbors:
            - neighbor_address: 198.51.100.1
              description: site-1-nbr-1
              password:
                encryption: 3
                key: 13D4D3549493D2877B1DC116EE27A6BE
              remote_as: 65562
            - neighbor_address: 198.51.100.2
              remote_as: 65562
              description: site-1-nbr-2
        - vrf: site-2
          local_as: 300
          log_neighbor_changes: True
          neighbors:
            - neighbor_address: 203.0.113.2
              description: site-2-nbr-1
              password:
                encryption: 3
                key: AF92F4C16A0A0EC5BDF56CF58BC030F6
              remote_as: 65568
          neighbor_down:
            fib_accelerate: True

# Task output
# -------------
# before: {}
#
# commands:
#  - router bgp 65563
#  - bestpath as-path multipath-relax
#  - bestpath compare-neighborid
#  - bestpath cost-community ignore
#  - confederation identifier 42
#  - log-neighbor-changes
#  - maxas-limit 20
#  - neighbor-down fib-accelerate
#  - router-id 192.168.1.1
#  - confederation peers 65020 65030 65040
#  - neighbor 192.168.1.100
#  - remote-as 65563
#  - affinity-group 160
#  - bmp-activate-server 1
#  - description NBR-1
#  - low-memory exempt
#  - neighbor 192.168.1.101
#  - remote-as 65563
#  - password 7 12090404011C03162E
#  - vrf site-1
#  - allocate-index 5000
#  - local-as 200
#  - log-neighbor-changes
#  - neighbor 198.51.100.1
#  - remote-as 65562
#  - description site-1-nbr-1
#  - password 3 13D4D3549493D2877B1DC116EE27A6BE
#  - neighbor 198.51.100.2
#  - remote-as 65562
#  - description site-1-nbr-2
#  - vrf site-2
#  - local-as 300
#  - log-neighbor-changes
#  - neighbor-down fib-accelerate
#  - neighbor 203.0.113.2
#  - remote-as 65568
#  - description site-2-nbr-1
#  - password 3 AF92F4C16A0A0EC5BDF56CF58BC030F6
#
# after:
#    as_number: '65563'
#    bestpath:
#      as_path:
#        multipath_relax: true
#      compare_neighborid: true
#      cost_community_ignore: true
#    confederation:
#      identifier: '42'
#      peers:
#      - '65020'
#      - '65030'
#      - '65040'
#    log_neighbor_changes: true
#    maxas_limit: 20
#    neighbor_down:
#      fib_accelerate: true
#    neighbors:
#    - bmp_activate_server: 1
#      description: NBR-1
#      low_memory:
#        exempt: true
#      neighbor_address: 192.168.1.100
#      neighbor_affinity_group:
#        group_id: 160
#      remote_as: '65563'
#    - neighbor_address: 192.168.1.101
#      password:
#        encryption: 7
#        key: 12090404011C03162E
#      remote_as: '65563'
#    router_id: 192.168.1.1
#    vrfs:
#    - allocate_index: 5000
#      local_as: '200'
#      log_neighbor_changes: true
#      neighbors:
#      - description: site-1-nbr-1
#        neighbor_address: 198.51.100.1
#        password:
#          encryption: 3
#          key: 13D4D3549493D2877B1DC116EE27A6BE
#        remote_as: '65562'
#      - description: site-1-nbr-2
#        neighbor_address: 198.51.100.2
#        remote_as: '65562'
#      vrf: site-1
#    - local_as: '300'
#      log_neighbor_changes: true
#      neighbor_down:
#        fib_accelerate: true
#      neighbors:
#      - description: site-2-nbr-1
#        neighbor_address: 203.0.113.2
#        password:
#          encryption: 3
#          key: AF92F4C16A0A0EC5BDF56CF58BC030F6
#        remote_as: '65568'
#      vrf: site-2


# After state:
# -------------
# Nexus9000v# show running-config | section "^router bgp"
# router bgp 65563
#   router-id 192.168.1.1
#   confederation identifier 42
#   confederation peers 65020 65030 65040
#   bestpath as-path multipath-relax
#   bestpath cost-community ignore
#   bestpath compare-neighborid
#   neighbor-down fib-accelerate
#   maxas-limit 20
#   log-neighbor-changes
#   neighbor 192.168.1.100
#     low-memory exempt
#     bmp-activate-server 1
#     remote-as 65563
#     description NBR-1
#     affinity-group 160
#   neighbor 192.168.1.101
#     remote-as 65563
#     password 7 12090404011C03162E
#   vrf site-1
#     local-as 200
#     log-neighbor-changes
#     allocate-index 5000
#     neighbor 198.51.100.1
#       remote-as 65562
#       description site-1-nbr-1
#       password 3 13D4D3549493D2877B1DC116EE27A6BE
#     neighbor 198.51.100.2
#       remote-as 65562
#       description site-1-nbr-2
#   vrf site-2
#     local-as 300
#     neighbor-down fib-accelerate
#     log-neighbor-changes
#     neighbor 203.0.113.2
#       remote-as 65568
#       description site-2-nbr-1
#       password 3 AF92F4C16A0A0EC5BDF56CF58BC030F6

# Using replaced

# Before state:
# -------------
# Nexus9000v# show running-config | section "^router bgp"
# router bgp 65563
#   router-id 192.168.1.1
#   confederation identifier 42
#   confederation peers 65020 65030 65040
#   bestpath as-path multipath-relax
#   bestpath cost-community ignore
#   bestpath compare-neighborid
#   neighbor-down fib-accelerate
#   maxas-limit 20
#   log-neighbor-changes
#   neighbor 192.168.1.100
#     low-memory exempt
#     bmp-activate-server 1
#     remote-as 65563
#     description NBR-1
#     affinity-group 160
#   neighbor 192.168.1.101
#     remote-as 65563
#     password 7 12090404011C03162E
#   vrf site-1
#     local-as 200
#     log-neighbor-changes
#     allocate-index 5000
#     neighbor 198.51.100.1
#       remote-as 65562
#       description site-1-nbr-1
#       password 3 13D4D3549493D2877B1DC116EE27A6BE
#     neighbor 198.51.100.2
#       remote-as 65562
#       description site-1-nbr-2
#   vrf site-2
#     local-as 300
#     neighbor-down fib-accelerate
#     log-neighbor-changes
#     neighbor 203.0.113.2
#       remote-as 65568
#       description site-2-nbr-1
#       password 3 AF92F4C16A0A0EC5BDF56CF58BC030F6

- name: Replace BGP configuration with provided configuration
  cisco.nxos.nxos_bgp_global:
    config:
      as_number: 65563
      router_id: 192.168.1.1
      bestpath:
        compare_neighborid: True
        cost_community_ignore: True
      confederation:
        identifier: 42
        peers:
          - 65020
          - 65030
          - 65050
      maxas_limit: 40
      neighbors:
        - neighbor_address: 192.168.1.100
          neighbor_affinity_group:
            group_id: 160
          bmp_activate_server: 1
          remote_as: 65563
          description: NBR-1
          low_memory:
            exempt: True
      neighbor_down:
        fib_accelerate: True
      vrfs:
        - vrf: site-2
          local_as: 300
          log_neighbor_changes: True
          neighbors:
            - neighbor_address: 203.0.113.2
              password:
                encryption: 7
                key: 12090404011C03162E
          neighbor_down:
            fib_accelerate: True
    state: replaced

# Task output
# -------------
#  before:
#    as_number: '65563'
#    bestpath:
#      as_path:
#        multipath_relax: true
#      compare_neighborid: true
#      cost_community_ignore: true
#    confederation:
#      identifier: '42'
#      peers:
#      - '65020'
#      - '65030'
#      - '65040'
#    log_neighbor_changes: true
#    maxas_limit: 20
#    neighbor_down:
#      fib_accelerate: true
#    neighbors:
#    - bmp_activate_server: 1
#      description: NBR-1
#      low_memory:
#        exempt: true
#      neighbor_address: 192.168.1.100
#      neighbor_affinity_group:
#        group_id: 160
#      remote_as: '65563'
#    - neighbor_address: 192.168.1.101
#      password:
#        encryption: 7
#        key: 12090404011C03162E
#      remote_as: '65563'
#    router_id: 192.168.1.1
#    vrfs:
#    - allocate_index: 5000
#      local_as: '200'
#      log_neighbor_changes: true
#      neighbors:
#      - description: site-1-nbr-1
#        neighbor_address: 198.51.100.1
#        password:
#          encryption: 3
#          key: 13D4D3549493D2877B1DC116EE27A6BE
#        remote_as: '65562'
#      - description: site-1-nbr-2
#        neighbor_address: 198.51.100.2
#        remote_as: '65562'
#      vrf: site-1
#    - local_as: '300'
#      log_neighbor_changes: true
#      neighbor_down:
#        fib_accelerate: true
#      neighbors:
#      - description: site-2-nbr-1
#        neighbor_address: 203.0.113.2
#        password:
#          encryption: 3
#          key: AF92F4C16A0A0EC5BDF56CF58BC030F6
#        remote_as: '65568'
#      vrf: site-2
#
# commands:
#  - router bgp 65563
#  - no bestpath as-path multipath-relax
#  - no log-neighbor-changes
#  - maxas-limit 40
#  - no confederation peers 65020 65030 65040
#  - confederation peers 65020 65030 65050
#  - no neighbor 192.168.1.101
#  - vrf site-2
#  - neighbor 203.0.113.2
#  - no remote-as 65568
#  - no description site-2-nbr-1
#  - password 7 12090404011C03162E
#  - no vrf site-1

#  after:
#    as_number: '65563'
#    bestpath:
#      compare_neighborid: true
#      cost_community_ignore: true
#    confederation:
#      identifier: '42'
#      peers:
#      - '65020'
#      - '65030'
#      - '65050'
#    maxas_limit: 40
#    neighbor_down:
#      fib_accelerate: true
#    neighbors:
#    - bmp_activate_server: 1
#      description: NBR-1
#      low_memory:
#        exempt: true
#      neighbor_address: 192.168.1.100
#      neighbor_affinity_group:
#        group_id: 160
#      remote_as: '65563'
#    router_id: 192.168.1.1
#    vrfs:
#    - local_as: '300'
#      log_neighbor_changes: true
#      neighbor_down:
#        fib_accelerate: true
#      neighbors:
#      - neighbor_address: 203.0.113.2
#        password:
#          encryption: 7
#          key: 12090404011C03162E
#      vrf: site-2
#
# After state:
# -------------
# Nexus9000v# show running-config | section "^router bgp"
# router bgp 65563
#   router-id 192.168.1.1
#   confederation identifier 42
#   confederation peers 65020 65030 65050
#   bestpath cost-community ignore
#   bestpath compare-neighborid
#   neighbor-down fib-accelerate
#   maxas-limit 40
#   neighbor 192.168.1.100
#     low-memory exempt
#     bmp-activate-server 1
#     remote-as 65563
#     description NBR-1
#     affinity-group 160
#   vrf site-2
#     local-as 300
#     neighbor-down fib-accelerate
#     log-neighbor-changes
#     neighbor 203.0.113.2
#       password 7 12090404011C03162E

# Using deleted

# Before state:
# -------------
# Nexus9000v# show running-config | section "^router bgp"
# router bgp 65563
#   router-id 192.168.1.1
#   confederation identifier 42
#   confederation peers 65020 65030 65040
#   bestpath as-path multipath-relax
#   bestpath cost-community ignore
#   bestpath compare-neighborid
#   neighbor-down fib-accelerate
#   maxas-limit 20
#   log-neighbor-changes
#   address-family ipv4 unicast
#     default-metric 400
#     suppress-inactive
#     default-information originate
#   address-family ipv6 multicast
#     wait-igp-convergence
#     redistribute eigrp eigrp-1 route-map site-1-rmap
#   neighbor 192.168.1.100
#     low-memory exempt
#     bmp-activate-server 1
#     remote-as 65563
#     description NBR-1
#     affinity-group 160
#   neighbor 192.168.1.101
#     remote-as 65563
#     password 7 12090404011C03162E
#   vrf site-1
#     local-as 200
#     log-neighbor-changes
#     allocate-index 5000
#     address-family ipv4 multicast
#       maximum-paths 40
#       dampen-igp-metric 1200
#     neighbor 198.51.100.1
#       remote-as 65562
#       description site-1-nbr-1
#       password 3 13D4D3549493D2877B1DC116EE27A6BE
#     neighbor 198.51.100.2
#       remote-as 65562
#       description site-1-nbr-2
#   vrf site-2
#     local-as 300
#     neighbor-down fib-accelerate
#     log-neighbor-changes
#     neighbor 203.0.113.2
#       remote-as 65568
#       description site-1-nbr-1
#       password 3 AF92F4C16A0A0EC5BDF56CF58BC030F6

- name: Delete BGP configurations handled by this module
  cisco.nxos.nxos_bgp_global:
    state: deleted

# Task output
# -------------

# before:
#    as_number: '65563'
#    bestpath:
#      as_path:
#        multipath_relax: true
#      compare_neighborid: true
#      cost_community_ignore: true
#    confederation:
#      identifier: '42'
#      peers:
#      - '65020'
#      - '65030'
#      - '65040'
#    log_neighbor_changes: true
#    maxas_limit: 20
#    neighbor_down:
#      fib_accelerate: true
#    neighbors:
#    - bmp_activate_server: 1
#      description: NBR-1
#      low_memory:
#        exempt: true
#      neighbor_address: 192.168.1.100
#      neighbor_affinity_group:
#        group_id: 160
#      remote_as: '65563'
#    - neighbor_address: 192.168.1.101
#      password:
#        encryption: 7
#        key: 12090404011C03162E
#      remote_as: '65563'
#    router_id: 192.168.1.1
#    vrfs:
#    - allocate_index: 5000
#      local_as: '200'
#      log_neighbor_changes: true
#      neighbors:
#      - description: site-1-nbr-1
#        neighbor_address: 198.51.100.1
#        password:
#          encryption: 3
#          key: 13D4D3549493D2877B1DC116EE27A6BE
#        remote_as: '65562'
#      - description: site-1-nbr-2
#        neighbor_address: 198.51.100.2
#        remote_as: '65562'
#      vrf: site-1
#    - local_as: '300'
#      log_neighbor_changes: true
#      neighbor_down:
#        fib_accelerate: true
#      neighbors:
#      - description: site-1-nbr-1
#        neighbor_address: 203.0.113.2
#        password:
#          encryption: 3
#          key: AF92F4C16A0A0EC5BDF56CF58BC030F6
#        remote_as: '65568'
#      vrf: site-2
#
# commands:
#   - router bgp 65563
#   - no bestpath as-path multipath-relax
#   - no bestpath compare-neighborid
#   - no bestpath cost-community ignore
#   - no confederation identifier 42
#   - no log-neighbor-changes
#   - no maxas-limit 20
#   - no neighbor-down fib-accelerate
#   - no router-id 192.168.1.1
#   - no confederation peers 65020 65030 65040
#   - no neighbor 192.168.1.100
#   - no neighbor 192.168.1.101
#   - no vrf site-1
#   - no vrf site-2
#
#  after:
#    as_number: '65563'
#
# After state:
# -------------
# Nexus9000v# show running-config | section "^router bgp"
# router bgp 65563
#   address-family ipv4 unicast
#     default-metric 400
#     suppress-inactive
#     default-information originate
#   address-family ipv6 multicast
#     wait-igp-convergence
#     redistribute eigrp eigrp-1 route-map site-1-rmap
#

# Using purged

# Before state:
# -------------
# Nexus9000v# show running-config | section "^router bgp"
# router bgp 65563
#   router-id 192.168.1.1
#   confederation identifier 42
#   confederation peers 65020 65030 65040
#   bestpath as-path multipath-relax
#   bestpath cost-community ignore
#   bestpath compare-neighborid
#   neighbor-down fib-accelerate
#   maxas-limit 20
#   log-neighbor-changes
#   address-family ipv4 unicast
#     default-metric 400
#     suppress-inactive
#     default-information originate
#   address-family ipv6 multicast
#     wait-igp-convergence
#     redistribute eigrp eigrp-1 route-map site-1-rmap
#   neighbor 192.168.1.100
#     low-memory exempt
#     bmp-activate-server 1
#     remote-as 65563
#     description NBR-1
#     affinity-group 160
#   neighbor 192.168.1.101
#     remote-as 65563
#     password 7 12090404011C03162E
#   vrf site-1
#     local-as 200
#     log-neighbor-changes
#     allocate-index 5000
#     address-family ipv4 multicast
#       maximum-paths 40
#       dampen-igp-metric 1200
#     neighbor 198.51.100.1
#       remote-as 65562
#       description site-1-nbr-1
#       password 3 13D4D3549493D2877B1DC116EE27A6BE
#     neighbor 198.51.100.2
#       remote-as 65562
#       description site-1-nbr-2
#   vrf site-2
#     local-as 300
#     neighbor-down fib-accelerate
#     log-neighbor-changes
#     neighbor 203.0.113.2
#       remote-as 65568
#       description site-1-nbr-1
#       password 3 AF92F4C16A0A0EC5BDF56CF58BC030F6

- name: Purge all BGP configurations from the device
  cisco.nxos.nxos_bgp_global:
    state: purged

# Task output
# -------------

# before:
#    as_number: '65563'
#    bestpath:
#      as_path:
#        multipath_relax: true
#      compare_neighborid: true
#      cost_community_ignore: true
#    confederation:
#      identifier: '42'
#      peers:
#      - '65020'
#      - '65030'
#      - '65040'
#    log_neighbor_changes: true
#    maxas_limit: 20
#    neighbor_down:
#      fib_accelerate: true
#    neighbors:
#    - bmp_activate_server: 1
#      description: NBR-1
#      low_memory:
#        exempt: true
#      neighbor_address: 192.168.1.100
#      neighbor_affinity_group:
#        group_id: 160
#      remote_as: '65563'
#    - neighbor_address: 192.168.1.101
#      password:
#        encryption: 7
#        key: 12090404011C03162E
#      remote_as: '65563'
#    router_id: 192.168.1.1
#    vrfs:
#    - allocate_index: 5000
#      local_as: '200'
#      log_neighbor_changes: true
#      neighbors:
#      - description: site-1-nbr-1
#        neighbor_address: 198.51.100.1
#        password:
#          encryption: 3
#          key: 13D4D3549493D2877B1DC116EE27A6BE
#        remote_as: '65562'
#      - description: site-1-nbr-2
#        neighbor_address: 198.51.100.2
#        remote_as: '65562'
#      vrf: site-1
#    - local_as: '300'
#      log_neighbor_changes: true
#      neighbor_down:
#        fib_accelerate: true
#      neighbors:
#      - description: site-1-nbr-1
#        neighbor_address: 203.0.113.2
#        password:
#          encryption: 3
#          key: AF92F4C16A0A0EC5BDF56CF58BC030F6
#        remote_as: '65568'
#      vrf: site-2
#
# commands:
#   - no router bgp 65563
#
#  after: {}
#
# After state:
# -------------
# Nexus9000v# show running-config | section "^router bgp"
# Nexus9000v#

# Using rendered

- name: Render platform specific configuration lines (without connecting to the device)
  cisco.nxos.nxos_bgp_global:
    config:
      as_number: 65563
      router_id: 192.168.1.1
      bestpath:
        as_path:
          multipath_relax: True
        compare_neighborid: True
        cost_community_ignore: True
      confederation:
        identifier: 42
        peers:
          - 65020
          - 65030
          - 65040
      log_neighbor_changes: True
      maxas_limit: 20
      neighbors:
        - neighbor_address: 192.168.1.100
          neighbor_affinity_group:
            group_id: 160
          bmp_activate_server: 1
          remote_as: 65563
          description: NBR-1
          low_memory:
            exempt: True
        - neighbor_address: 192.168.1.101
          remote_as: 65563
          password:
            encryption: 7
            key: 12090404011C03162E
      neighbor_down:
        fib_accelerate: True
      vrfs:
        - vrf: site-1
          allocate_index: 5000
          local_as: 200
          log_neighbor_changes: True
          neighbors:
            - neighbor_address: 198.51.100.1
              description: site-1-nbr-1
              password:
                encryption: 3
                key: 13D4D3549493D2877B1DC116EE27A6BE
              remote_as: 65562
            - neighbor_address: 198.51.100.2
              remote_as: 65562
              description: site-1-nbr-2
        - vrf: site-2
          local_as: 300
          log_neighbor_changes: True
          neighbors:
            - neighbor_address: 203.0.113.2
              description: site-1-nbr-1
              password:
                encryption: 3
                key: AF92F4C16A0A0EC5BDF56CF58BC030F6
              remote_as: 65568
          neighbor_down:
            fib_accelerate: True

# Task Output (redacted)
# -----------------------
# rendered:
#   - router bgp 65563
#   - bestpath as-path multipath-relax
#   - bestpath compare-neighborid
#   - bestpath cost-community ignore
#   - confederation identifier 42
#   - log-neighbor-changes
#   - maxas-limit 20
#   - neighbor-down fib-accelerate
#   - router-id 192.168.1.1
#   - confederation peers 65020 65030 65040
#   - neighbor 192.168.1.100
#   - remote-as 65563
#   - affinity-group 160
#   - bmp-activate-server 1
#   - description NBR-1
#   - low-memory exempt
#   - neighbor 192.168.1.101
#   - remote-as 65563
#   - password 7 12090404011C03162E
#   - vrf site-1
#   - allocate-index 5000
#   - local-as 200
#   - log-neighbor-changes
#   - neighbor 198.51.100.1
#   - remote-as 65562
#   - description site-1-nbr-1
#   - password 3 13D4D3549493D2877B1DC116EE27A6BE
#   - neighbor 198.51.100.2
#   - remote-as 65562
#   - description site-1-nbr-2
#   - vrf site-2
#   - local-as 300
#   - log-neighbor-changes
#   - neighbor-down fib-accelerate
#   - neighbor 203.0.113.2
#   - remote-as 65568
#   - description site-1-nbr-1
#   - password 3 AF92F4C16A0A0EC5BDF56CF58BC030F6

# Using parsed

# parsed.cfg
# ------------
# router bgp 65563
#   router-id 192.168.1.1
#   confederation identifier 42
#   confederation peers 65020 65030 65040
#   bestpath as-path multipath-relax
#   bestpath cost-community ignore
#   bestpath compare-neighborid
#   neighbor-down fib-accelerate
#   maxas-limit 20
#   log-neighbor-changes
#   neighbor 192.168.1.100
#     low-memory exempt
#     bmp-activate-server 1
#     remote-as 65563
#     description NBR-1
#     affinity-group 160
#   neighbor 192.168.1.101
#     remote-as 65563
#     password 7 12090404011C03162E
#   vrf site-1
#     local-as 200
#     log-neighbor-changes
#     allocate-index 5000
#     neighbor 198.51.100.1
#       remote-as 65562
#       description site-1-nbr-1
#       password 3 13D4D3549493D2877B1DC116EE27A6BE
#     neighbor 198.51.100.2
#       remote-as 65562
#       description site-1-nbr-2
#   vrf site-2
#     local-as 300
#     neighbor-down fib-accelerate
#     log-neighbor-changes
#     neighbor 203.0.113.2
#       remote-as 65568
#       description site-1-nbr-1
#       password 3 AF92F4C16A0A0EC5BDF56CF58BC030F6

- name: Parse externally provided BGP config
  cisco.nxos.nxos_bgp_global:
    running_config: "{{ lookup('file', 'parsed.cfg') }}"
    state: parsed

# Task output (redacted)
# -----------------------
#  parsed:
#    as_number: '65563'
#    bestpath:
#      as_path:
#        multipath_relax: true
#      compare_neighborid: true
#      cost_community_ignore: true
#    confederation:
#      identifier: '42'
#      peers:
#      - '65020'
#      - '65030'
#      - '65040'
#    log_neighbor_changes: true
#    maxas_limit: 20
#    neighbor_down:
#      fib_accelerate: true
#    neighbors:
#    - bmp_activate_server: 1
#      description: NBR-1
#      low_memory:
#        exempt: true
#      neighbor_address: 192.168.1.100
#      neighbor_affinity_group:
#        group_id: 160
#      remote_as: '65563'
#    - neighbor_address: 192.168.1.101
#      password:
#        encryption: 7
#        key: 12090404011C03162E
#      remote_as: '65563'
#    router_id: 192.168.1.1
#    vrfs:
#    - allocate_index: 5000
#      local_as: '200'
#      log_neighbor_changes: true
#      neighbors:
#      - description: site-1-nbr-1
#        neighbor_address: 198.51.100.1
#        password:
#          encryption: 3
#          key: 13D4D3549493D2877B1DC116EE27A6BE
#        remote_as: '65562'
#      - description: site-1-nbr-2
#        neighbor_address: 198.51.100.2
#        remote_as: '65562'
#      vrf: site-1
#    - local_as: '300'
#      log_neighbor_changes: true
#      neighbor_down:
#        fib_accelerate: true
#      neighbors:
#      - description: site-1-nbr-1
#        neighbor_address: 203.0.113.2
#        password:
#          encryption: 3
#          key: AF92F4C16A0A0EC5BDF56CF58BC030F6
#        remote_as: '65568'
#      vrf: site-2

# Using gathered

# existing config
#
# Nexus9000v# show running-config | section "^router bgp"
# router bgp 65563
#   router-id 192.168.1.1
#   confederation identifier 42
#   confederation peers 65020 65030 65050
#   bestpath cost-community ignore
#   bestpath compare-neighborid
#   neighbor-down fib-accelerate
#   maxas-limit 40
#   neighbor 192.168.1.100
#     low-memory exempt
#     bmp-activate-server 1
#     remote-as 65563
#     description NBR-1
#     affinity-group 160
#   vrf site-1
#   vrf site-2
#     local-as 300
#     neighbor-down fib-accelerate
#     log-neighbor-changes
#     neighbor 203.0.113.2
#       password 7 12090404011C03162E

- name: Gather BGP facts using gathered
  cisco.nxos.nxos_bgp_global:
    state: gathered

# Task output (redacted)
# -----------------------
#  gathered:
#    as_number: '65563'
#    bestpath:
#      compare_neighborid: true
#      cost_community_ignore: true
#    confederation:
#      identifier: '42'
#      peers:
#      - '65020'
#      - '65030'
#      - '65050'
#    maxas_limit: 40
#    neighbor_down:
#      fib_accelerate: true
#    neighbors:
#    - bmp_activate_server: 1
#      description: NBR-1
#      low_memory:
#        exempt: true
#      neighbor_address: 192.168.1.100
#      neighbor_affinity_group:
#        group_id: 160
#      remote_as: '65563'
#    router_id: 192.168.1.1
#    vrfs:
#    - vrf: site-1
#    - local_as: '300'
#      log_neighbor_changes: true
#      neighbor_down:
#        fib_accelerate: true
#      neighbors:
#      - neighbor_address: 203.0.113.2
#        password:
#          encryption: 7
#          key: 12090404011C03162E
#      vrf: site-2

# Remove a neighbor having AF configurations with state replaced (will fail)

# Before state:
# -------------
# Nexus9000v# show running-config | section "^router bgp"
# router bgp 65536
#   log-neighbor-changes
#   maxas-limit 20
#   router-id 198.51.100.2
#   neighbor 203.0.113.2
#     address-family ipv4 unicast
#       next-hop-self
#     remote-as 65538
#     affinity-group 160
#     description NBR-1
#     low-memory exempt
#   neighbor 192.0.2.1
#     remote-as 65537
#     password 7 12090404011C03162E

- name: Remove a neighbor having AF configurations (should fail)
  cisco.nxos.nxos_bgp_global:
    config:
      as_number: 65536
      router_id: 198.51.100.2
      maxas_limit: 20
      log_neighbor_changes: True
      neighbors:
        - neighbor_address: 192.0.2.1
          remote_as: 65537
          password:
            encryption: 7
            key: 12090404011C03162E
    state: replaced

# Task output (redacted)
# -----------------------
# fatal: [Nexus9000v]: FAILED! => changed=false
#    msg: Neighbor 203.0.113.2 has address-family configurations.
#         Please use the nxos_bgp_neighbor_af module to remove those first.

# Remove a VRF having AF configurations with state replaced (will fail)

# Before state:
# -------------
# Nexus9000v# show running-config | section "^router bgp"
# router bgp 65536
#   log-neighbor-changes
#   maxas-limit 20
#   router-id 198.51.100.2
#   neighbor 192.0.2.1
#     remote-as 65537
#     password 7 12090404011C03162E
#   vrf site-1
#     address-family ipv4 unicast
#       default-information originate
#     neighbor 203.0.113.2
#       remote-as 65538
#       affinity-group 160
#       description NBR-1
#       low-memory exempt
#   vrf site-2
#     neighbor-down fib-accelerate

- name: Remove a VRF having AF configurations (should fail)
  cisco.nxos.nxos_bgp_global:
    config:
      as_number: 65536
      router_id: 198.51.100.2
      maxas_limit: 20
      log_neighbor_changes: True
      neighbors:
        - neighbor_address: 192.0.2.1
          remote_as: 65537
          password:
            encryption: 7
            key: 12090404011C03162E
      vrfs:
        - vrf: site-2
          neighbor_down:
            fib_accelerate: True
    state: replaced

# Task output (redacted)
# -----------------------
# fatal: [Nexus9000v]: FAILED! => changed=false
#    msg: VRF site-1 has address-family configurations.
#         Please use the nxos_bgp_af module to remove those first.

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description

after

dictionary

when changed

The resulting configuration model invocation.


Sample:

The configuration returned will always be in the same format of the parameters above.

before

dictionary

always

The configuration prior to the model invocation.


Sample:

The configuration returned will always be in the same format of the parameters above.

commands

list / elements=string

always

The set of commands pushed to the remote device.


Sample:

['router bgp 65563', 'maxas-limit 20', 'router-id 192.168.1.1', 'confederation peers 65020 65030 65040', 'neighbor 192.168.1.100', 'remote-as 65563', 'affinity-group 160', 'bmp-activate-server 1', 'description NBR-1', 'low-memory exempt', 'vrf site-1', 'log-neighbor-changes', 'neighbor 198.51.100.1', 'remote-as 65562', 'description site-1-nbr-1', 'password 3 13D4D3549493D2877B1DC116EE27A6BE']




Authors

  • Nilashish Chakraborty (@NilashishC)

© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.11/collections/cisco/nxos/nxos_bgp_global_module.html