fortios_router_isis – Configure IS-IS in Fortinet’s FortiOS and FortiGate
fortios_router_isis – Configure IS-IS in Fortinet’s FortiOS and FortiGate
New in version 2.9.
Synopsis
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify router feature and isis category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.5
Requirements
The below requirements are needed on the host that executes this module.
- fortiosapi>=0.9.8
Parameters
| Parameter | Choices/Defaults | Comments | ||
|---|---|---|---|---|
|
host string |
FortiOS or FortiGate IP address. | |||
|
https boolean |
|
Indicates if the requests towards FortiGate must use HTTPS protocol. | ||
|
password string |
Default: "" |
FortiOS or FortiGate password. | ||
|
router_isis dictionary |
Default: null |
Configure IS-IS. | ||
|
adjacency_check string |
|
Enable/disable adjacency check. | ||
|
adjacency_check6 string |
|
Enable/disable IPv6 adjacency check. | ||
|
adv_passive_only string |
|
Enable/disable IS-IS advertisement of passive interfaces only. | ||
|
adv_passive_only6 string |
|
Enable/disable IPv6 IS-IS advertisement of passive interfaces only. | ||
|
auth_keychain_l1 string |
Authentication key-chain for level 1 PDUs. Source router.key-chain.name. | |||
|
auth_keychain_l2 string |
Authentication key-chain for level 2 PDUs. Source router.key-chain.name. | |||
|
auth_mode_l1 string |
|
Level 1 authentication mode. | ||
|
auth_mode_l2 string |
|
Level 2 authentication mode. | ||
|
auth_password_l1 string |
Authentication password for level 1 PDUs. | |||
|
auth_password_l2 string |
Authentication password for level 2 PDUs. | |||
|
auth_sendonly_l1 string |
|
Enable/disable level 1 authentication send-only. | ||
|
auth_sendonly_l2 string |
|
Enable/disable level 2 authentication send-only. | ||
|
default_originate string |
|
Enable/disable distribution of default route information. | ||
|
default_originate6 string |
|
Enable/disable distribution of default IPv6 route information. | ||
|
dynamic_hostname string |
|
Enable/disable dynamic hostname. | ||
|
ignore_lsp_errors string |
|
Enable/disable ignoring of LSP errors with bad checksums. | ||
|
is_type string |
|
IS type. | ||
|
isis_interface list |
IS-IS interface configuration. | |||
|
auth_keychain_l1 string |
Authentication key-chain for level 1 PDUs. Source router.key-chain.name. | |||
|
auth_keychain_l2 string |
Authentication key-chain for level 2 PDUs. Source router.key-chain.name. | |||
|
auth_mode_l1 string |
|
Level 1 authentication mode. | ||
|
auth_mode_l2 string |
|
Level 2 authentication mode. | ||
|
auth_password_l1 string |
Authentication password for level 1 PDUs. | |||
|
auth_password_l2 string |
Authentication password for level 2 PDUs. | |||
|
auth_send_only_l1 string |
|
Enable/disable authentication send-only for level 1 PDUs. | ||
|
auth_send_only_l2 string |
|
Enable/disable authentication send-only for level 2 PDUs. | ||
|
circuit_type string |
|
IS-IS interface's circuit type | ||
|
csnp_interval_l1 integer |
Level 1 CSNP interval. | |||
|
csnp_interval_l2 integer |
Level 2 CSNP interval. | |||
|
hello_interval_l1 integer |
Level 1 hello interval. | |||
|
hello_interval_l2 integer |
Level 2 hello interval. | |||
|
hello_multiplier_l1 integer |
Level 1 multiplier for Hello holding time. | |||
|
hello_multiplier_l2 integer |
Level 2 multiplier for Hello holding time. | |||
|
hello_padding string |
|
Enable/disable padding to IS-IS hello packets. | ||
|
lsp_interval integer |
LSP transmission interval (milliseconds). | |||
|
lsp_retransmit_interval integer |
LSP retransmission interval (sec). | |||
|
mesh_group string |
|
Enable/disable IS-IS mesh group. | ||
|
mesh_group_id integer |
Mesh group ID <0-4294967295>, 0: mesh-group blocked. | |||
|
metric_l1 integer |
Level 1 metric for interface. | |||
|
metric_l2 integer |
Level 2 metric for interface. | |||
|
name string / required |
IS-IS interface name. Source system.interface.name. | |||
|
network_type string |
|
IS-IS interface's network type | ||
|
priority_l1 integer |
Level 1 priority. | |||
|
priority_l2 integer |
Level 2 priority. | |||
|
status string |
|
Enable/disable interface for IS-IS. | ||
|
status6 string |
|
Enable/disable IPv6 interface for IS-IS. | ||
|
wide_metric_l1 integer |
Level 1 wide metric for interface. | |||
|
wide_metric_l2 integer |
Level 2 wide metric for interface. | |||
|
isis_net list |
IS-IS net configuration. | |||
|
id integer / required |
isis-net ID. | |||
|
net string |
IS-IS net xx.xxxx. ... .xxxx.xx. | |||
|
lsp_gen_interval_l1 integer |
Minimum interval for level 1 LSP regenerating. | |||
|
lsp_gen_interval_l2 integer |
Minimum interval for level 2 LSP regenerating. | |||
|
lsp_refresh_interval integer |
LSP refresh time in seconds. | |||
|
max_lsp_lifetime integer |
Maximum LSP lifetime in seconds. | |||
|
metric_style string |
|
Use old-style (ISO 10589) or new-style packet formats | ||
|
overload_bit string |
|
Enable/disable signal other routers not to use us in SPF. | ||
|
overload_bit_on_startup integer |
Overload-bit only temporarily after reboot. | |||
|
overload_bit_suppress string |
|
Suppress overload-bit for the specific prefixes. | ||
|
redistribute list |
IS-IS redistribute protocols. | |||
|
level string |
|
Level. | ||
|
metric integer |
Metric. | |||
|
metric_type string |
|
Metric type. | ||
|
protocol string / required |
Protocol name. | |||
|
routemap string |
Route map name. Source router.route-map.name. | |||
|
status string |
|
Status. | ||
|
redistribute6 list |
IS-IS IPv6 redistribution for routing protocols. | |||
|
level string |
|
Level. | ||
|
metric integer |
Metric. | |||
|
metric_type string |
|
Metric type. | ||
|
protocol string / required |
Protocol name. | |||
|
routemap string |
Route map name. Source router.route-map.name. | |||
|
status string |
|
Enable/disable redistribution. | ||
|
redistribute6_l1 string |
|
Enable/disable redistribution of level 1 IPv6 routes into level 2. | ||
|
redistribute6_l1_list string |
Access-list for IPv6 route redistribution from l1 to l2. Source router.access-list6.name. | |||
|
redistribute6_l2 string |
|
Enable/disable redistribution of level 2 IPv6 routes into level 1. | ||
|
redistribute6_l2_list string |
Access-list for IPv6 route redistribution from l2 to l1. Source router.access-list6.name. | |||
|
redistribute_l1 string |
|
Enable/disable redistribution of level 1 routes into level 2. | ||
|
redistribute_l1_list string |
Access-list for route redistribution from l1 to l2. Source router.access-list.name. | |||
|
redistribute_l2 string |
|
Enable/disable redistribution of level 2 routes into level 1. | ||
|
redistribute_l2_list string |
Access-list for route redistribution from l2 to l1. Source router.access-list.name. | |||
|
spf_interval_exp_l1 string |
Level 1 SPF calculation delay. | |||
|
spf_interval_exp_l2 string |
Level 2 SPF calculation delay. | |||
|
summary_address list |
IS-IS summary addresses. | |||
|
id integer / required |
Summary address entry ID. | |||
|
level string |
|
Level. | ||
|
prefix string |
Prefix. | |||
|
summary_address6 list |
IS-IS IPv6 summary address. | |||
|
id integer / required |
Prefix entry ID. | |||
|
level string |
|
Level. | ||
|
prefix6 string |
IPv6 prefix. | |||
|
ssl_verify boolean |
|
Ensures FortiGate certificate must be verified by a proper CA. | ||
|
username string |
FortiOS or FortiGate username. | |||
|
vdom string |
Default: "root" |
Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. |
Notes
Note
- Requires fortiosapi library developed by Fortinet
- Run as a local_action in your playbook
Examples
- hosts: localhost
vars:
host: "192.168.122.40"
username: "admin"
password: ""
vdom: "root"
ssl_verify: "False"
tasks:
- name: Configure IS-IS.
fortios_router_isis:
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "{{ vdom }}"
https: "False"
router_isis:
adjacency_check: "enable"
adjacency_check6: "enable"
adv_passive_only: "enable"
adv_passive_only6: "enable"
auth_keychain_l1: "<your_own_value> (source router.key-chain.name)"
auth_keychain_l2: "<your_own_value> (source router.key-chain.name)"
auth_mode_l1: "password"
auth_mode_l2: "password"
auth_password_l1: "<your_own_value>"
auth_password_l2: "<your_own_value>"
auth_sendonly_l1: "enable"
auth_sendonly_l2: "enable"
default_originate: "enable"
default_originate6: "enable"
dynamic_hostname: "enable"
ignore_lsp_errors: "enable"
is_type: "level-1-2"
isis_interface:
-
auth_keychain_l1: "<your_own_value> (source router.key-chain.name)"
auth_keychain_l2: "<your_own_value> (source router.key-chain.name)"
auth_mode_l1: "md5"
auth_mode_l2: "md5"
auth_password_l1: "<your_own_value>"
auth_password_l2: "<your_own_value>"
auth_send_only_l1: "enable"
auth_send_only_l2: "enable"
circuit_type: "level-1-2"
csnp_interval_l1: "30"
csnp_interval_l2: "31"
hello_interval_l1: "32"
hello_interval_l2: "33"
hello_multiplier_l1: "34"
hello_multiplier_l2: "35"
hello_padding: "enable"
lsp_interval: "37"
lsp_retransmit_interval: "38"
mesh_group: "enable"
mesh_group_id: "40"
metric_l1: "41"
metric_l2: "42"
name: "default_name_43 (source system.interface.name)"
network_type: "broadcast"
priority_l1: "45"
priority_l2: "46"
status: "enable"
status6: "enable"
wide_metric_l1: "49"
wide_metric_l2: "50"
isis_net:
-
id: "52"
net: "<your_own_value>"
lsp_gen_interval_l1: "54"
lsp_gen_interval_l2: "55"
lsp_refresh_interval: "56"
max_lsp_lifetime: "57"
metric_style: "narrow"
overload_bit: "enable"
overload_bit_on_startup: "60"
overload_bit_suppress: "external"
redistribute:
-
level: "level-1-2"
metric: "64"
metric_type: "external"
protocol: "<your_own_value>"
routemap: "<your_own_value> (source router.route-map.name)"
status: "enable"
redistribute_l1: "enable"
redistribute_l1_list: "<your_own_value> (source router.access-list.name)"
redistribute_l2: "enable"
redistribute_l2_list: "<your_own_value> (source router.access-list.name)"
redistribute6:
-
level: "level-1-2"
metric: "75"
metric_type: "external"
protocol: "<your_own_value>"
routemap: "<your_own_value> (source router.route-map.name)"
status: "enable"
redistribute6_l1: "enable"
redistribute6_l1_list: "<your_own_value> (source router.access-list6.name)"
redistribute6_l2: "enable"
redistribute6_l2_list: "<your_own_value> (source router.access-list6.name)"
spf_interval_exp_l1: "<your_own_value>"
spf_interval_exp_l2: "<your_own_value>"
summary_address:
-
id: "87"
level: "level-1-2"
prefix: "<your_own_value>"
summary_address6:
-
id: "91"
level: "level-1-2"
prefix6: "<your_own_value>"Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
|
build string |
always |
Build number of the fortigate image
Sample: 1547 |
|
http_method string |
always |
Last method used to provision the content into FortiGate
Sample: PUT |
|
http_status string |
always |
Last result given by FortiGate on last operation applied
Sample: 200 |
|
mkey string |
success |
Master key (id) used in the last call to FortiGate
Sample: id |
|
name string |
always |
Name of the table used to fulfill the request
Sample: urlfilter |
|
path string |
always |
Path of the table used to fulfill the request
Sample: webfilter |
|
revision string |
always |
Internal revision number
Sample: 17.0.2.10658 |
|
serial string |
always |
Serial number of the unit
Sample: FGVMEVYYQT3AB5352 |
|
status string |
always |
Indication of the operation's result
Sample: success |
|
vdom string |
always |
Virtual domain used
Sample: root |
|
version string |
always |
Version of the FortiGate
Sample: v5.6.3 |
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Miguel Angel Munoz (@mamunozgonzalez)
- Nicolas Thomas (@thomnico)
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/fortios_router_isis_module.html
