fortios_router_bgp – Configure BGP in Fortinet’s FortiOS and FortiGate
fortios_router_bgp – Configure BGP in Fortinet’s FortiOS and FortiGate
New in version 2.8.
Synopsis
- This module is able to configure a FortiGate or FortiOS by allowing the user to set and modify router feature and bgp category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.2
Requirements
The below requirements are needed on the host that executes this module.
- fortiosapi>=0.9.8
Parameters
| Parameter | Choices/Defaults | Comments | |||
|---|---|---|---|---|---|
|
host - / required |
FortiOS or FortiGate ip address. | ||||
|
https boolean |
|
Indicates if the requests towards FortiGate must use HTTPS protocol | |||
|
password - |
Default: "" |
FortiOS or FortiGate password. | |||
|
router_bgp - |
Default: null |
Configure BGP. | |||
|
admin-distance - |
Administrative distance modifications. | ||||
|
distance - |
Administrative distance to apply (1 - 255). | ||||
|
id - / required |
ID. | ||||
|
neighbour-prefix - |
Neighbor address prefix. | ||||
|
route-list - |
Access list of routes to apply new distance to. Source router.access-list.name. | ||||
|
aggregate-address - |
BGP aggregate address table. | ||||
|
as-set - |
|
Enable/disable generate AS set path information. | |||
|
id - / required |
ID. | ||||
|
prefix - |
Aggregate prefix. | ||||
|
summary-only - |
|
Enable/disable filter more specific routes from updates. | |||
|
aggregate-address6 - |
BGP IPv6 aggregate address table. | ||||
|
as-set - |
|
Enable/disable generate AS set path information. | |||
|
id - / required |
ID. | ||||
|
prefix6 - |
Aggregate IPv6 prefix. | ||||
|
summary-only - |
|
Enable/disable filter more specific routes from updates. | |||
|
always-compare-med - |
|
Enable/disable always compare MED. | |||
|
as - |
Router AS number, valid from 1 to 4294967295, 0 to disable BGP. | ||||
|
bestpath-as-path-ignore - |
|
Enable/disable ignore AS path. | |||
|
bestpath-cmp-confed-aspath - |
|
Enable/disable compare federation AS path length. | |||
|
bestpath-cmp-routerid - |
|
Enable/disable compare router ID for identical EBGP paths. | |||
|
bestpath-med-confed - |
|
Enable/disable compare MED among confederation paths. | |||
|
bestpath-med-missing-as-worst - |
|
Enable/disable treat missing MED as least preferred. | |||
|
client-to-client-reflection - |
|
Enable/disable client-to-client route reflection. | |||
|
cluster-id - |
Route reflector cluster ID. | ||||
|
confederation-identifier - |
Confederation identifier. | ||||
|
confederation-peers - |
Confederation peers. | ||||
|
peer - / required |
Peer ID. | ||||
|
dampening - |
|
Enable/disable route-flap dampening. | |||
|
dampening-max-suppress-time - |
Maximum minutes a route can be suppressed. | ||||
|
dampening-reachability-half-life - |
Reachability half-life time for penalty (min). | ||||
|
dampening-reuse - |
Threshold to reuse routes. | ||||
|
dampening-route-map - |
Criteria for dampening. Source router.route-map.name. | ||||
|
dampening-suppress - |
Threshold to suppress routes. | ||||
|
dampening-unreachability-half-life - |
Unreachability half-life time for penalty (min). | ||||
|
default-local-preference - |
Default local preference. | ||||
|
deterministic-med - |
|
Enable/disable enforce deterministic comparison of MED. | |||
|
distance-external - |
Distance for routes external to the AS. | ||||
|
distance-internal - |
Distance for routes internal to the AS. | ||||
|
distance-local - |
Distance for routes local to the AS. | ||||
|
ebgp-multipath - |
|
Enable/disable EBGP multi-path. | |||
|
enforce-first-as - |
|
Enable/disable enforce first AS for EBGP routes. | |||
|
fast-external-failover - |
|
Enable/disable reset peer BGP session if link goes down. | |||
|
graceful-end-on-timer - |
|
Enable/disable to exit graceful restart on timer only. | |||
|
graceful-restart - |
|
Enable/disable BGP graceful restart capabilities. | |||
|
graceful-restart-time - |
Time needed for neighbors to restart (sec). | ||||
|
graceful-stalepath-time - |
Time to hold stale paths of restarting neighbor (sec). | ||||
|
graceful-update-delay - |
Route advertisement/selection delay after restart (sec). | ||||
|
holdtime-timer - |
Number of seconds to mark peer as dead. | ||||
|
ibgp-multipath - |
|
Enable/disable IBGP multi-path. | |||
|
ignore-optional-capability - |
|
Don't send unknown optional capability notification message | |||
|
keepalive-timer - |
Frequency to send keep alive requests. | ||||
|
log-neighbour-changes - |
|
Enable logging of BGP neighbour's changes | |||
|
neighbor - |
BGP neighbor table. | ||||
|
activate - |
|
Enable/disable address family IPv4 for this neighbor. | |||
|
activate6 - |
|
Enable/disable address family IPv6 for this neighbor. | |||
|
advertisement-interval - |
Minimum interval (sec) between sending updates. | ||||
|
allowas-in - |
IPv4 The maximum number of occurrence of my AS number allowed. | ||||
|
allowas-in-enable - |
|
Enable/disable IPv4 Enable to allow my AS in AS path. | |||
|
allowas-in-enable6 - |
|
Enable/disable IPv6 Enable to allow my AS in AS path. | |||
|
allowas-in6 - |
IPv6 The maximum number of occurrence of my AS number allowed. | ||||
|
as-override - |
|
Enable/disable replace peer AS with own AS for IPv4. | |||
|
as-override6 - |
|
Enable/disable replace peer AS with own AS for IPv6. | |||
|
attribute-unchanged - |
|
IPv4 List of attributes that should be unchanged. | |||
|
attribute-unchanged6 - |
|
IPv6 List of attributes that should be unchanged. | |||
|
bfd - |
|
Enable/disable BFD for this neighbor. | |||
|
capability-default-originate - |
|
Enable/disable advertise default IPv4 route to this neighbor. | |||
|
capability-default-originate6 - |
|
Enable/disable advertise default IPv6 route to this neighbor. | |||
|
capability-dynamic - |
|
Enable/disable advertise dynamic capability to this neighbor. | |||
|
capability-graceful-restart - |
|
Enable/disable advertise IPv4 graceful restart capability to this neighbor. | |||
|
capability-graceful-restart6 - |
|
Enable/disable advertise IPv6 graceful restart capability to this neighbor. | |||
|
capability-orf - |
|
Accept/Send IPv4 ORF lists to/from this neighbor. | |||
|
capability-orf6 - |
|
Accept/Send IPv6 ORF lists to/from this neighbor. | |||
|
capability-route-refresh - |
|
Enable/disable advertise route refresh capability to this neighbor. | |||
|
conditional-advertise - |
Conditional advertisement. | ||||
|
advertise-routemap - / required |
Name of advertising route map. Source router.route-map.name. | ||||
|
condition-routemap - |
Name of condition route map. Source router.route-map.name. | ||||
|
condition-type - |
|
Type of condition. | |||
|
connect-timer - |
Interval (sec) for connect timer. | ||||
|
default-originate-routemap - |
Route map to specify criteria to originate IPv4 default. Source router.route-map.name. | ||||
|
default-originate-routemap6 - |
Route map to specify criteria to originate IPv6 default. Source router.route-map.name. | ||||
|
description - |
Description. | ||||
|
distribute-list-in - |
Filter for IPv4 updates from this neighbor. Source router.access-list.name. | ||||
|
distribute-list-in6 - |
Filter for IPv6 updates from this neighbor. Source router.access-list6.name. | ||||
|
distribute-list-out - |
Filter for IPv4 updates to this neighbor. Source router.access-list.name. | ||||
|
distribute-list-out6 - |
Filter for IPv6 updates to this neighbor. Source router.access-list6.name. | ||||
|
dont-capability-negotiate - |
|
Don't negotiate capabilities with this neighbor | |||
|
ebgp-enforce-multihop - |
|
Enable/disable allow multi-hop EBGP neighbors. | |||
|
ebgp-multihop-ttl - |
EBGP multihop TTL for this peer. | ||||
|
filter-list-in - |
BGP filter for IPv4 inbound routes. Source router.aspath-list.name. | ||||
|
filter-list-in6 - |
BGP filter for IPv6 inbound routes. Source router.aspath-list.name. | ||||
|
filter-list-out - |
BGP filter for IPv4 outbound routes. Source router.aspath-list.name. | ||||
|
filter-list-out6 - |
BGP filter for IPv6 outbound routes. Source router.aspath-list.name. | ||||
|
holdtime-timer - |
Interval (sec) before peer considered dead. | ||||
|
interface - |
Interface Source system.interface.name. | ||||
|
ip - / required |
IP/IPv6 address of neighbor. | ||||
|
keep-alive-timer - |
Keep alive timer interval (sec). | ||||
|
link-down-failover - |
|
Enable/disable failover upon link down. | |||
|
local-as - |
Local AS number of neighbor. | ||||
|
local-as-no-prepend - |
|
Do not prepend local-as to incoming updates. | |||
|
local-as-replace-as - |
|
Replace real AS with local-as in outgoing updates. | |||
|
maximum-prefix - |
Maximum number of IPv4 prefixes to accept from this peer. | ||||
|
maximum-prefix-threshold - |
Maximum IPv4 prefix threshold value (1 - 100 percent). | ||||
|
maximum-prefix-threshold6 - |
Maximum IPv6 prefix threshold value (1 - 100 percent). | ||||
|
maximum-prefix-warning-only - |
|
Enable/disable IPv4 Only give warning message when limit is exceeded. | |||
|
maximum-prefix-warning-only6 - |
|
Enable/disable IPv6 Only give warning message when limit is exceeded. | |||
|
maximum-prefix6 - |
Maximum number of IPv6 prefixes to accept from this peer. | ||||
|
next-hop-self - |
|
Enable/disable IPv4 next-hop calculation for this neighbor. | |||
|
next-hop-self6 - |
|
Enable/disable IPv6 next-hop calculation for this neighbor. | |||
|
override-capability - |
|
Enable/disable override result of capability negotiation. | |||
|
passive - |
|
Enable/disable sending of open messages to this neighbor. | |||
|
password - |
Password used in MD5 authentication. | ||||
|
prefix-list-in - |
IPv4 Inbound filter for updates from this neighbor. Source router.prefix-list.name. | ||||
|
prefix-list-in6 - |
IPv6 Inbound filter for updates from this neighbor. Source router.prefix-list6.name. | ||||
|
prefix-list-out - |
IPv4 Outbound filter for updates to this neighbor. Source router.prefix-list.name. | ||||
|
prefix-list-out6 - |
IPv6 Outbound filter for updates to this neighbor. Source router.prefix-list6.name. | ||||
|
remote-as - |
AS number of neighbor. | ||||
|
remove-private-as - |
|
Enable/disable remove private AS number from IPv4 outbound updates. | |||
|
remove-private-as6 - |
|
Enable/disable remove private AS number from IPv6 outbound updates. | |||
|
restart-time - |
Graceful restart delay time (sec, 0 = global default). | ||||
|
retain-stale-time - |
Time to retain stale routes. | ||||
|
route-map-in - |
IPv4 Inbound route map filter. Source router.route-map.name. | ||||
|
route-map-in6 - |
IPv6 Inbound route map filter. Source router.route-map.name. | ||||
|
route-map-out - |
IPv4 Outbound route map filter. Source router.route-map.name. | ||||
|
route-map-out6 - |
IPv6 Outbound route map filter. Source router.route-map.name. | ||||
|
route-reflector-client - |
|
Enable/disable IPv4 AS route reflector client. | |||
|
route-reflector-client6 - |
|
Enable/disable IPv6 AS route reflector client. | |||
|
route-server-client - |
|
Enable/disable IPv4 AS route server client. | |||
|
route-server-client6 - |
|
Enable/disable IPv6 AS route server client. | |||
|
send-community - |
|
IPv4 Send community attribute to neighbor. | |||
|
send-community6 - |
|
IPv6 Send community attribute to neighbor. | |||
|
shutdown - |
|
Enable/disable shutdown this neighbor. | |||
|
soft-reconfiguration - |
|
Enable/disable allow IPv4 inbound soft reconfiguration. | |||
|
soft-reconfiguration6 - |
|
Enable/disable allow IPv6 inbound soft reconfiguration. | |||
|
stale-route - |
|
Enable/disable stale route after neighbor down. | |||
|
strict-capability-match - |
|
Enable/disable strict capability matching. | |||
|
unsuppress-map - |
IPv4 Route map to selectively unsuppress suppressed routes. Source router.route-map.name. | ||||
|
unsuppress-map6 - |
IPv6 Route map to selectively unsuppress suppressed routes. Source router.route-map.name. | ||||
|
update-source - |
Interface to use as source IP/IPv6 address of TCP connections. Source system.interface.name. | ||||
|
weight - |
Neighbor weight. | ||||
|
neighbor-group - |
BGP neighbor group table. | ||||
|
activate - |
|
Enable/disable address family IPv4 for this neighbor. | |||
|
activate6 - |
|
Enable/disable address family IPv6 for this neighbor. | |||
|
advertisement-interval - |
Minimum interval (sec) between sending updates. | ||||
|
allowas-in - |
IPv4 The maximum number of occurrence of my AS number allowed. | ||||
|
allowas-in-enable - |
|
Enable/disable IPv4 Enable to allow my AS in AS path. | |||
|
allowas-in-enable6 - |
|
Enable/disable IPv6 Enable to allow my AS in AS path. | |||
|
allowas-in6 - |
IPv6 The maximum number of occurrence of my AS number allowed. | ||||
|
as-override - |
|
Enable/disable replace peer AS with own AS for IPv4. | |||
|
as-override6 - |
|
Enable/disable replace peer AS with own AS for IPv6. | |||
|
attribute-unchanged - |
|
IPv4 List of attributes that should be unchanged. | |||
|
attribute-unchanged6 - |
|
IPv6 List of attributes that should be unchanged. | |||
|
bfd - |
|
Enable/disable BFD for this neighbor. | |||
|
capability-default-originate - |
|
Enable/disable advertise default IPv4 route to this neighbor. | |||
|
capability-default-originate6 - |
|
Enable/disable advertise default IPv6 route to this neighbor. | |||
|
capability-dynamic - |
|
Enable/disable advertise dynamic capability to this neighbor. | |||
|
capability-graceful-restart - |
|
Enable/disable advertise IPv4 graceful restart capability to this neighbor. | |||
|
capability-graceful-restart6 - |
|
Enable/disable advertise IPv6 graceful restart capability to this neighbor. | |||
|
capability-orf - |
|
Accept/Send IPv4 ORF lists to/from this neighbor. | |||
|
capability-orf6 - |
|
Accept/Send IPv6 ORF lists to/from this neighbor. | |||
|
capability-route-refresh - |
|
Enable/disable advertise route refresh capability to this neighbor. | |||
|
connect-timer - |
Interval (sec) for connect timer. | ||||
|
default-originate-routemap - |
Route map to specify criteria to originate IPv4 default. Source router.route-map.name. | ||||
|
default-originate-routemap6 - |
Route map to specify criteria to originate IPv6 default. Source router.route-map.name. | ||||
|
description - |
Description. | ||||
|
distribute-list-in - |
Filter for IPv4 updates from this neighbor. Source router.access-list.name. | ||||
|
distribute-list-in6 - |
Filter for IPv6 updates from this neighbor. Source router.access-list6.name. | ||||
|
distribute-list-out - |
Filter for IPv4 updates to this neighbor. Source router.access-list.name. | ||||
|
distribute-list-out6 - |
Filter for IPv6 updates to this neighbor. Source router.access-list6.name. | ||||
|
dont-capability-negotiate - |
|
Don't negotiate capabilities with this neighbor | |||
|
ebgp-enforce-multihop - |
|
Enable/disable allow multi-hop EBGP neighbors. | |||
|
ebgp-multihop-ttl - |
EBGP multihop TTL for this peer. | ||||
|
filter-list-in - |
BGP filter for IPv4 inbound routes. Source router.aspath-list.name. | ||||
|
filter-list-in6 - |
BGP filter for IPv6 inbound routes. Source router.aspath-list.name. | ||||
|
filter-list-out - |
BGP filter for IPv4 outbound routes. Source router.aspath-list.name. | ||||
|
filter-list-out6 - |
BGP filter for IPv6 outbound routes. Source router.aspath-list.name. | ||||
|
holdtime-timer - |
Interval (sec) before peer considered dead. | ||||
|
interface - |
Interface Source system.interface.name. | ||||
|
keep-alive-timer - |
Keep alive timer interval (sec). | ||||
|
link-down-failover - |
|
Enable/disable failover upon link down. | |||
|
local-as - |
Local AS number of neighbor. | ||||
|
local-as-no-prepend - |
|
Do not prepend local-as to incoming updates. | |||
|
local-as-replace-as - |
|
Replace real AS with local-as in outgoing updates. | |||
|
maximum-prefix - |
Maximum number of IPv4 prefixes to accept from this peer. | ||||
|
maximum-prefix-threshold - |
Maximum IPv4 prefix threshold value (1 - 100 percent). | ||||
|
maximum-prefix-threshold6 - |
Maximum IPv6 prefix threshold value (1 - 100 percent). | ||||
|
maximum-prefix-warning-only - |
|
Enable/disable IPv4 Only give warning message when limit is exceeded. | |||
|
maximum-prefix-warning-only6 - |
|
Enable/disable IPv6 Only give warning message when limit is exceeded. | |||
|
maximum-prefix6 - |
Maximum number of IPv6 prefixes to accept from this peer. | ||||
|
name - / required |
Neighbor group name. | ||||
|
next-hop-self - |
|
Enable/disable IPv4 next-hop calculation for this neighbor. | |||
|
next-hop-self6 - |
|
Enable/disable IPv6 next-hop calculation for this neighbor. | |||
|
override-capability - |
|
Enable/disable override result of capability negotiation. | |||
|
passive - |
|
Enable/disable sending of open messages to this neighbor. | |||
|
prefix-list-in - |
IPv4 Inbound filter for updates from this neighbor. Source router.prefix-list.name. | ||||
|
prefix-list-in6 - |
IPv6 Inbound filter for updates from this neighbor. Source router.prefix-list6.name. | ||||
|
prefix-list-out - |
IPv4 Outbound filter for updates to this neighbor. Source router.prefix-list.name. | ||||
|
prefix-list-out6 - |
IPv6 Outbound filter for updates to this neighbor. Source router.prefix-list6.name. | ||||
|
remote-as - |
AS number of neighbor. | ||||
|
remove-private-as - |
|
Enable/disable remove private AS number from IPv4 outbound updates. | |||
|
remove-private-as6 - |
|
Enable/disable remove private AS number from IPv6 outbound updates. | |||
|
restart-time - |
Graceful restart delay time (sec, 0 = global default). | ||||
|
retain-stale-time - |
Time to retain stale routes. | ||||
|
route-map-in - |
IPv4 Inbound route map filter. Source router.route-map.name. | ||||
|
route-map-in6 - |
IPv6 Inbound route map filter. Source router.route-map.name. | ||||
|
route-map-out - |
IPv4 Outbound route map filter. Source router.route-map.name. | ||||
|
route-map-out6 - |
IPv6 Outbound route map filter. Source router.route-map.name. | ||||
|
route-reflector-client - |
|
Enable/disable IPv4 AS route reflector client. | |||
|
route-reflector-client6 - |
|
Enable/disable IPv6 AS route reflector client. | |||
|
route-server-client - |
|
Enable/disable IPv4 AS route server client. | |||
|
route-server-client6 - |
|
Enable/disable IPv6 AS route server client. | |||
|
send-community - |
|
IPv4 Send community attribute to neighbor. | |||
|
send-community6 - |
|
IPv6 Send community attribute to neighbor. | |||
|
shutdown - |
|
Enable/disable shutdown this neighbor. | |||
|
soft-reconfiguration - |
|
Enable/disable allow IPv4 inbound soft reconfiguration. | |||
|
soft-reconfiguration6 - |
|
Enable/disable allow IPv6 inbound soft reconfiguration. | |||
|
stale-route - |
|
Enable/disable stale route after neighbor down. | |||
|
strict-capability-match - |
|
Enable/disable strict capability matching. | |||
|
unsuppress-map - |
IPv4 Route map to selectively unsuppress suppressed routes. Source router.route-map.name. | ||||
|
unsuppress-map6 - |
IPv6 Route map to selectively unsuppress suppressed routes. Source router.route-map.name. | ||||
|
update-source - |
Interface to use as source IP/IPv6 address of TCP connections. Source system.interface.name. | ||||
|
weight - |
Neighbor weight. | ||||
|
neighbor-range - |
BGP neighbor range table. | ||||
|
id - / required |
Neighbor range ID. | ||||
|
max-neighbor-num - |
Maximum number of neighbors. | ||||
|
neighbor-group - |
Neighbor group name. Source router.bgp.neighbor-group.name. | ||||
|
prefix - |
Neighbor range prefix. | ||||
|
network - |
BGP network table. | ||||
|
backdoor - |
|
Enable/disable route as backdoor. | |||
|
id - / required |
ID. | ||||
|
prefix - |
Network prefix. | ||||
|
route-map - |
Route map to modify generated route. Source router.route-map.name. | ||||
|
network-import-check - |
|
Enable/disable ensure BGP network route exists in IGP. | |||
|
network6 - |
BGP IPv6 network table. | ||||
|
backdoor - |
|
Enable/disable route as backdoor. | |||
|
id - / required |
ID. | ||||
|
prefix6 - |
Network IPv6 prefix. | ||||
|
route-map - |
Route map to modify generated route. Source router.route-map.name. | ||||
|
redistribute - |
BGP IPv4 redistribute table. | ||||
|
name - / required |
Distribute list entry name. | ||||
|
route-map - |
Route map name. Source router.route-map.name. | ||||
|
status - |
|
Status | |||
|
redistribute6 - |
BGP IPv6 redistribute table. | ||||
|
name - / required |
Distribute list entry name. | ||||
|
route-map - |
Route map name. Source router.route-map.name. | ||||
|
status - |
|
Status | |||
|
router-id - |
Router ID. | ||||
|
scan-time - |
Background scanner interval (sec), 0 to disable it. | ||||
|
synchronization - |
|
Enable/disable only advertise routes from iBGP if routes present in an IGP. | |||
|
username - / required |
FortiOS or FortiGate username. | ||||
|
vdom - |
Default: "root" |
Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. |
Notes
Note
- Requires fortiosapi library developed by Fortinet
- Run as a local_action in your playbook
Examples
- hosts: localhost
vars:
host: "192.168.122.40"
username: "admin"
password: ""
vdom: "root"
tasks:
- name: Configure BGP.
fortios_router_bgp:
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "{{ vdom }}"
https: "False"
router_bgp:
admin-distance:
-
distance: "4"
id: "5"
neighbour-prefix: "<your_own_value>"
route-list: "<your_own_value> (source router.access-list.name)"
aggregate-address:
-
as-set: "enable"
id: "10"
prefix: "<your_own_value>"
summary-only: "enable"
aggregate-address6:
-
as-set: "enable"
id: "15"
prefix6: "<your_own_value>"
summary-only: "enable"
always-compare-med: "enable"
as: "19"
bestpath-as-path-ignore: "enable"
bestpath-cmp-confed-aspath: "enable"
bestpath-cmp-routerid: "enable"
bestpath-med-confed: "enable"
bestpath-med-missing-as-worst: "enable"
client-to-client-reflection: "enable"
cluster-id: "<your_own_value>"
confederation-identifier: "27"
confederation-peers:
-
peer: "<your_own_value>"
dampening: "enable"
dampening-max-suppress-time: "31"
dampening-reachability-half-life: "32"
dampening-reuse: "33"
dampening-route-map: "<your_own_value> (source router.route-map.name)"
dampening-suppress: "35"
dampening-unreachability-half-life: "36"
default-local-preference: "37"
deterministic-med: "enable"
distance-external: "39"
distance-internal: "40"
distance-local: "41"
ebgp-multipath: "enable"
enforce-first-as: "enable"
fast-external-failover: "enable"
graceful-end-on-timer: "enable"
graceful-restart: "enable"
graceful-restart-time: "47"
graceful-stalepath-time: "48"
graceful-update-delay: "49"
holdtime-timer: "50"
ibgp-multipath: "enable"
ignore-optional-capability: "enable"
keepalive-timer: "53"
log-neighbour-changes: "enable"
neighbor:
-
activate: "enable"
activate6: "enable"
advertisement-interval: "58"
allowas-in: "59"
allowas-in-enable: "enable"
allowas-in-enable6: "enable"
allowas-in6: "62"
as-override: "enable"
as-override6: "enable"
attribute-unchanged: "as-path"
attribute-unchanged6: "as-path"
bfd: "enable"
capability-default-originate: "enable"
capability-default-originate6: "enable"
capability-dynamic: "enable"
capability-graceful-restart: "enable"
capability-graceful-restart6: "enable"
capability-orf: "none"
capability-orf6: "none"
capability-route-refresh: "enable"
conditional-advertise:
-
advertise-routemap: "<your_own_value> (source router.route-map.name)"
condition-routemap: "<your_own_value> (source router.route-map.name)"
condition-type: "exist"
connect-timer: "80"
default-originate-routemap: "<your_own_value> (source router.route-map.name)"
default-originate-routemap6: "<your_own_value> (source router.route-map.name)"
description: "<your_own_value>"
distribute-list-in: "<your_own_value> (source router.access-list.name)"
distribute-list-in6: "<your_own_value> (source router.access-list6.name)"
distribute-list-out: "<your_own_value> (source router.access-list.name)"
distribute-list-out6: "<your_own_value> (source router.access-list6.name)"
dont-capability-negotiate: "enable"
ebgp-enforce-multihop: "enable"
ebgp-multihop-ttl: "90"
filter-list-in: "<your_own_value> (source router.aspath-list.name)"
filter-list-in6: "<your_own_value> (source router.aspath-list.name)"
filter-list-out: "<your_own_value> (source router.aspath-list.name)"
filter-list-out6: "<your_own_value> (source router.aspath-list.name)"
holdtime-timer: "95"
interface: "<your_own_value> (source system.interface.name)"
ip: "<your_own_value>"
keep-alive-timer: "98"
link-down-failover: "enable"
local-as: "100"
local-as-no-prepend: "enable"
local-as-replace-as: "enable"
maximum-prefix: "103"
maximum-prefix-threshold: "104"
maximum-prefix-threshold6: "105"
maximum-prefix-warning-only: "enable"
maximum-prefix-warning-only6: "enable"
maximum-prefix6: "108"
next-hop-self: "enable"
next-hop-self6: "enable"
override-capability: "enable"
passive: "enable"
password: "<your_own_value>"
prefix-list-in: "<your_own_value> (source router.prefix-list.name)"
prefix-list-in6: "<your_own_value> (source router.prefix-list6.name)"
prefix-list-out: "<your_own_value> (source router.prefix-list.name)"
prefix-list-out6: "<your_own_value> (source router.prefix-list6.name)"
remote-as: "118"
remove-private-as: "enable"
remove-private-as6: "enable"
restart-time: "121"
retain-stale-time: "122"
route-map-in: "<your_own_value> (source router.route-map.name)"
route-map-in6: "<your_own_value> (source router.route-map.name)"
route-map-out: "<your_own_value> (source router.route-map.name)"
route-map-out6: "<your_own_value> (source router.route-map.name)"
route-reflector-client: "enable"
route-reflector-client6: "enable"
route-server-client: "enable"
route-server-client6: "enable"
send-community: "standard"
send-community6: "standard"
shutdown: "enable"
soft-reconfiguration: "enable"
soft-reconfiguration6: "enable"
stale-route: "enable"
strict-capability-match: "enable"
unsuppress-map: "<your_own_value> (source router.route-map.name)"
unsuppress-map6: "<your_own_value> (source router.route-map.name)"
update-source: "<your_own_value> (source system.interface.name)"
weight: "141"
neighbor-group:
-
activate: "enable"
activate6: "enable"
advertisement-interval: "145"
allowas-in: "146"
allowas-in-enable: "enable"
allowas-in-enable6: "enable"
allowas-in6: "149"
as-override: "enable"
as-override6: "enable"
attribute-unchanged: "as-path"
attribute-unchanged6: "as-path"
bfd: "enable"
capability-default-originate: "enable"
capability-default-originate6: "enable"
capability-dynamic: "enable"
capability-graceful-restart: "enable"
capability-graceful-restart6: "enable"
capability-orf: "none"
capability-orf6: "none"
capability-route-refresh: "enable"
connect-timer: "163"
default-originate-routemap: "<your_own_value> (source router.route-map.name)"
default-originate-routemap6: "<your_own_value> (source router.route-map.name)"
description: "<your_own_value>"
distribute-list-in: "<your_own_value> (source router.access-list.name)"
distribute-list-in6: "<your_own_value> (source router.access-list6.name)"
distribute-list-out: "<your_own_value> (source router.access-list.name)"
distribute-list-out6: "<your_own_value> (source router.access-list6.name)"
dont-capability-negotiate: "enable"
ebgp-enforce-multihop: "enable"
ebgp-multihop-ttl: "173"
filter-list-in: "<your_own_value> (source router.aspath-list.name)"
filter-list-in6: "<your_own_value> (source router.aspath-list.name)"
filter-list-out: "<your_own_value> (source router.aspath-list.name)"
filter-list-out6: "<your_own_value> (source router.aspath-list.name)"
holdtime-timer: "178"
interface: "<your_own_value> (source system.interface.name)"
keep-alive-timer: "180"
link-down-failover: "enable"
local-as: "182"
local-as-no-prepend: "enable"
local-as-replace-as: "enable"
maximum-prefix: "185"
maximum-prefix-threshold: "186"
maximum-prefix-threshold6: "187"
maximum-prefix-warning-only: "enable"
maximum-prefix-warning-only6: "enable"
maximum-prefix6: "190"
name: "default_name_191"
next-hop-self: "enable"
next-hop-self6: "enable"
override-capability: "enable"
passive: "enable"
prefix-list-in: "<your_own_value> (source router.prefix-list.name)"
prefix-list-in6: "<your_own_value> (source router.prefix-list6.name)"
prefix-list-out: "<your_own_value> (source router.prefix-list.name)"
prefix-list-out6: "<your_own_value> (source router.prefix-list6.name)"
remote-as: "200"
remove-private-as: "enable"
remove-private-as6: "enable"
restart-time: "203"
retain-stale-time: "204"
route-map-in: "<your_own_value> (source router.route-map.name)"
route-map-in6: "<your_own_value> (source router.route-map.name)"
route-map-out: "<your_own_value> (source router.route-map.name)"
route-map-out6: "<your_own_value> (source router.route-map.name)"
route-reflector-client: "enable"
route-reflector-client6: "enable"
route-server-client: "enable"
route-server-client6: "enable"
send-community: "standard"
send-community6: "standard"
shutdown: "enable"
soft-reconfiguration: "enable"
soft-reconfiguration6: "enable"
stale-route: "enable"
strict-capability-match: "enable"
unsuppress-map: "<your_own_value> (source router.route-map.name)"
unsuppress-map6: "<your_own_value> (source router.route-map.name)"
update-source: "<your_own_value> (source system.interface.name)"
weight: "223"
neighbor-range:
-
id: "225"
max-neighbor-num: "226"
neighbor-group: "<your_own_value> (source router.bgp.neighbor-group.name)"
prefix: "<your_own_value>"
network:
-
backdoor: "enable"
id: "231"
prefix: "<your_own_value>"
route-map: "<your_own_value> (source router.route-map.name)"
network-import-check: "enable"
network6:
-
backdoor: "enable"
id: "237"
prefix6: "<your_own_value>"
route-map: "<your_own_value> (source router.route-map.name)"
redistribute:
-
name: "default_name_241"
route-map: "<your_own_value> (source router.route-map.name)"
status: "enable"
redistribute6:
-
name: "default_name_245"
route-map: "<your_own_value> (source router.route-map.name)"
status: "enable"
router-id: "<your_own_value>"
scan-time: "249"
synchronization: "enable"Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
|
build string |
always |
Build number of the fortigate image
Sample: 1547 |
|
http_method string |
always |
Last method used to provision the content into FortiGate
Sample: PUT |
|
http_status string |
always |
Last result given by FortiGate on last operation applied
Sample: 200 |
|
mkey string |
success |
Master key (id) used in the last call to FortiGate
Sample: id |
|
name string |
always |
Name of the table used to fulfill the request
Sample: urlfilter |
|
path string |
always |
Path of the table used to fulfill the request
Sample: webfilter |
|
revision string |
always |
Internal revision number
Sample: 17.0.2.10658 |
|
serial string |
always |
Serial number of the unit
Sample: FGVMEVYYQT3AB5352 |
|
status string |
always |
Indication of the operation's result
Sample: success |
|
vdom string |
always |
Virtual domain used
Sample: root |
|
version string |
always |
Version of the FortiGate
Sample: v5.6.3 |
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Miguel Angel Munoz (@mamunozgonzalez)
- Nicolas Thomas (@thomnico)
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/fortios_router_bgp_module.html
