Try SpotterRoute Maps resource module.
| "added in version" 2.2.0 of cisco.nxos"
Authors: Nilashish Chakraborty (@NilashishC)
Install with ansible-galaxy collection install cisco.nxos:==7.0.0
collections:
- name: cisco.nxos
version: 7.0.0This module manages route maps configuration on devices running Cisco NX-OS.
# Using merged
# Before state:
# -------------
# nxos-9k-rdo# show running-config | section "^route-map"
# nxos-9k-rdo#
- name: Merge the provided configuration with the existing running configuration
cisco.nxos.nxos_route_maps:
config:
- route_map: rmap1
entries:
- sequence: 10
action: permit
description: rmap1-10-permit
match:
ip:
address:
access_list: acl_1
as_path: Allow40
as_number:
asn: 65564
- sequence: 20
action: deny
description: rmap1-20-deny
match:
community:
community_list:
- BGPCommunity1
- BGPCommunity2
ip:
address:
prefix_lists:
- AllowPrefix1
- AllowPrefix2
set:
dampening:
half_life: 30
start_reuse_route: 1500
start_suppress_route: 10000
max_suppress_time: 120
- route_map: rmap2
entries:
- sequence: 20
action: permit
description: rmap2-20-permit
continue_sequence: 40
match:
ipv6:
address:
prefix_lists: AllowIPv6Prefix
interfaces: "{{ nxos_int1 }}"
set:
as_path:
prepend:
as_number:
- 65563
- 65568
- 65569
comm_list: BGPCommunity
- sequence: 40
action: deny
description: rmap2-40-deny
match:
route_types:
- level-1
- level-2
tags: 2
ip:
multicast:
rp:
prefix: 192.0.2.0/24
rp_type: ASM
source: 203.0.113.0/24
group_range:
first: 239.0.0.1
last: 239.255.255.255
- route_map: rmap3
entries:
- sequence: 10
description: "*** first stanza ***"
action: permit
set:
ip:
next_hop:
verify_availability:
- address: 3.3.3.3
track: 1
- address: 4.4.4.4
track: 3
- sequence: 20
description: "*** second stanza ***"
action: permit
set:
ip:
next_hop:
address: 6.6.6.6 2.2.2.2
load_share: true
drop_on_fail: true
- sequence: 30
description: "*** third stanza ***"
action: permit
set:
ip:
next_hop:
peer_address: true
- sequence: 40
description: "*** fourth stanza ***"
action: permit
set:
ip:
next_hop:
unchanged: true
redist_unchanged: true
state: merged
# Task output
# -------------
# before: []
#
# commands:
# - "route-map rmap1 permit 10"
# - "match as-number 65564"
# - "match as-path Allow40"
# - "match ip address acl_1"
# - "description rmap1-10-permit"
# - "route-map rmap1 deny 20"
# - "match community BGPCommunity1 BGPCommunity2"
# - "match ip address prefix-list AllowPrefix1 AllowPrefix2"
# - "description rmap1-20-deny"
# - "set dampening 30 1500 10000 120"
# - "route-map rmap2 permit 20"
# - "match interface Ethernet1/1"
# - "match ipv6 address prefix-list AllowIPv6Prefix"
# - "set as-path prepend 65563 65568 65569"
# - "description rmap2-20-permit"
# - "continue 40"
# - "set comm-list BGPCommunity delete"
# - "route-map rmap2 deny 40"
# - "match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM"
# - "match route-type level-1 level-2"
# - "match tag 2"
# - "description rmap2-40-deny"
# - "route-map rmap3 permit 10"
# - "description *** first stanza ***"
# - "set ip next-hop verify-availability 3.3.3.3 track 1"
# - "set ip next-hop verify-availability 4.4.4.4 track 3"
# - "route-map rmap3 permit 20"
# - "description *** second stanza ***"
# - "set ip next-hop 6.6.6.6 2.2.2.2 load-share drop-on-fail"
# - "route-map rmap3 permit 30"
# - "description *** third stanza ***"
# - "set ip next-hop peer-address"
# - "route-map rmap3 permit 40"
# - "description *** fourth stanza ***"
# - "set ip next-hop unchanged"
# - "set ip next-hop redist-unchanged"
#
# after:
# - route_map: rmap1
# entries:
# - action: permit
# description: rmap1-10-permit
# match:
# as_number:
# asn:
# - '65564'
# as_path:
# - Allow40
# ip:
# address:
# access_list: acl_1
# sequence: 10
#
# - action: deny
# description: rmap1-20-deny
# match:
# community:
# community_list:
# - BGPCommunity1
# - BGPCommunity2
# ip:
# address:
# prefix_lists:
# - AllowPrefix1
# - AllowPrefix2
# sequence: 20
# set:
# dampening:
# half_life: 30
# max_suppress_time: 120
# start_reuse_route: 1500
# start_suppress_route: 10000
#
# - route_map: rmap2
# entries:
# - action: permit
# continue_sequence: 40
# description: rmap2-20-permit
# match:
# interfaces:
# - Ethernet1/1
# ipv6:
# address:
# prefix_lists:
# - AllowIPv6Prefix
# sequence: 20
# set:
# as_path:
# prepend:
# as_number:
# - '65563'
# - '65568'
# - '65569'
# comm_list: BGPCommunity
#
# - action: deny
# description: rmap2-40-deny
# match:
# ip:
# multicast:
# group_range:
# first: 239.0.0.1
# last: 239.255.255.255
# rp:
# prefix: 192.0.2.0/24
# rp_type: ASM
# source: 203.0.113.0/24
# route_types:
# - level-1
# - level-2
# tags:
# - 2
# sequence: 40
#
# - route_map: rmap3
# entries:
# - sequence: 10
# description: "*** first stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# verify_availability:
# - address: 3.3.3.3
# track: 1
# - address: 4.4.4.4
# track: 3
#
# - sequence: 20
# description: "*** second stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# address: 6.6.6.6 2.2.2.2
# load_share: true
# drop_on_fail: true
#
# - sequence: 30
# description: "*** third stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# peer_address: true
#
# - sequence: 40
# description: "*** fourth stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# unchanged: true
# redist_unchanged: true
# After state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
# match as-number 65564
# match as-path Allow40
# match ip address acl_1
# description rmap1-10-permit
# route-map rmap1 deny 20
# match community BGPCommunity1 BGPCommunity2
# match ip address prefix-list AllowPrefix1 AllowPrefix2
# description rmap1-20-deny
# set dampening 30 1500 10000 120
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
# route-map rmap2 deny 40
# match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
# match route-type level-1 level-2
# match tag 2
# description rmap2-40-deny
# route-map rmap3 permit 10
# description *** first stanza ***
# set ip next-hop verify-availability 3.3.3.3 track 1
# set ip next-hop verify-availability 4.4.4.4 track 3
# route-map rmap3 permit 20
# description *** second stanza ***
# set ip next-hop 6.6.6.6 2.2.2.2 load-share drop-on-fail
# route-map rmap3 permit 30
# description *** third stanza ***
# set ip next-hop peer-address
# route-map rmap3 permit 40
# description *** fourth stanza ***
# set ip next-hop unchanged
# set ip next-hop redist-unchanged
#
# Using replaced
# (for the listed route-map(s), sequences that are in running-config but not in the task are negated)
# Before state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
# match as-number 65564
# match as-path Allow40
# match ip address acl_1
# description rmap1-10-permit
# route-map rmap1 deny 20
# match community BGPCommunity1 BGPCommunity2
# match ip address prefix-list AllowPrefix1 AllowPrefix2
# description rmap1-20-deny
# set dampening 30 1500 10000 120
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
# route-map rmap2 deny 40
# match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
# match route-type level-1 level-2
# match tag 2
# description rmap2-40-deny
# route-map rmap3 permit 10
# description *** first stanza ***
# set ip next-hop verify-availability 3.3.3.3 track 1
# set ip next-hop verify-availability 4.4.4.4 track 3
# route-map rmap3 permit 20
# description *** second stanza ***
# set ip next-hop 6.6.6.6 2.2.2.2 load-share drop-on-fail
# route-map rmap3 permit 30
# description *** third stanza ***
# set ip next-hop peer-address
# route-map rmap3 permit 40
# description *** fourth stanza ***
# set ip next-hop unchanged
# set ip next-hop redist-unchanged
#
- name: Replace route-maps configurations of listed route-maps with provided configurations
cisco.nxos.nxos_route_maps:
config:
- route_map: rmap1
entries:
- sequence: 20
action: deny
description: rmap1-20-deny
match:
community:
community_list:
- BGPCommunity4
- BGPCommunity5
ip:
address:
prefix_lists:
- AllowPrefix1
set:
community:
local_as: true
- route_map: rmap3
entries:
- sequence: 10
description: "*** first stanza ***"
action: permit
set:
ip:
next_hop:
verify_availability:
- address: 3.3.3.3
track: 1
- sequence: 20
description: "*** second stanza ***"
action: permit
set:
ip:
next_hop:
peer_address: true
- sequence: 30
description: "*** third stanza ***"
action: permit
set:
ip:
next_hop:
address: 6.6.6.6 2.2.2.2
load_share: true
drop_on_fail: true
state: replaced
# Task output
# -------------
# before:
# - route_map: rmap1
# entries:
# - action: permit
# description: rmap1-10-permit
# match:
# as_number:
# asn:
# - '65564'
# as_path:
# - Allow40
# ip:
# address:
# access_list: acl_1
# sequence: 10
#
# - action: deny
# description: rmap1-20-deny
# match:
# community:
# community_list:
# - BGPCommunity1
# - BGPCommunity2
# ip:
# address:
# prefix_lists:
# - AllowPrefix1
# - AllowPrefix2
# sequence: 20
# set:
# dampening:
# half_life: 30
# max_suppress_time: 120
# start_reuse_route: 1500
# start_suppress_route: 10000
#
# - route_map: rmap2
# entries:
# - action: permit
# continue_sequence: 40
# description: rmap2-20-permit
# match:
# interfaces:
# - Ethernet1/1
# ipv6:
# address:
# prefix_lists:
# - AllowIPv6Prefix
# sequence: 20
# set:
# as_path:
# prepend:
# as_number:
# - '65563'
# - '65568'
# - '65569'
# comm_list: BGPCommunity
#
# - action: deny
# description: rmap2-40-deny
# match:
# ip:
# multicast:
# group_range:
# first: 239.0.0.1
# last: 239.255.255.255
# rp:
# prefix: 192.0.2.0/24
# rp_type: ASM
# source: 203.0.113.0/24
# route_types:
# - level-1
# - level-2
# tags:
# - 2
# sequence: 40
#
# - route_map: rmap3
# entries:
# - sequence: 10
# description: "*** first stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# verify_availability:
# - address: 3.3.3.3
# track: 1
# - address: 4.4.4.4
# track: 3
#
# - sequence: 20
# description: "*** second stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# address: 6.6.6.6 2.2.2.2
# load_share: true
# drop_on_fail: true
#
# - sequence: 30
# description: "*** third stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# peer_address: true
#
# - sequence: 40
# description: "*** fourth stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# unchanged: true
# redist_unchanged: true
#
# commands:
# - no route-map rmap1 permit 10
# - route-map rmap1 deny 20
# - no match community BGPCommunity1 BGPCommunity2
# - match community BGPCommunity4 BGPCommunity5
# - no match ip address prefix-list AllowPrefix1 AllowPrefix2
# - match ip address prefix-list AllowPrefix1
# - no set dampening 30 1500 10000 120
# - set community local-AS
# - route-map rmap3 permit 10
# - no set ip next-hop verify-availability 4.4.4.4 track 3
# - route-map rmap3 permit 20
# - no set ip next-hop 6.6.6.6 2.2.2.2 load-share drop-on-fail
# - set ip next-hop peer-address
# - route-map rmap3 permit 30
# - no set ip next-hop peer-address
# - set ip next-hop 6.6.6.6 2.2.2.2 load-share drop-on-fail
# - no route-map rmap3 permit 40
#
# after:
# - route_map: rmap1
# entries:
# - sequence: 20
# action: deny
# description: rmap1-20-deny
# match:
# community:
# community_list:
# - BGPCommunity4
# - BGPCommunity5
# ip:
# address:
# prefix_lists:
# - AllowPrefix1
# set:
# community:
# local_as: true
#
# - route_map: rmap2
# entries:
# - action: permit
# continue_sequence: 40
# description: rmap2-20-permit
# match:
# interfaces:
# - Ethernet1/1
# ipv6:
# address:
# prefix_lists:
# - AllowIPv6Prefix
# sequence: 20
# set:
# as_path:
# prepend:
# as_number:
# - '65563'
# - '65568'
# - '65569'
# comm_list: BGPCommunity
#
# - action: deny
# description: rmap2-40-deny
# match:
# ip:
# multicast:
# group_range:
# first: 239.0.0.1
# last: 239.255.255.255
# rp:
# prefix: 192.0.2.0/24
# rp_type: ASM
# source: 203.0.113.0/24
# route_types:
# - level-1
# - level-2
# tags:
# - 2
# sequence: 40
#
# - route_map: rmap3
# entries:
# - sequence: 10
# description: "*** first stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# verify_availability:
# - address: 3.3.3.3
# track: 1
# - sequence: 20
# description: "*** second stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# peer_address: true
# - sequence: 30
# description: "*** third stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# address: 6.6.6.6 2.2.2.2
# load_share: true
# drop_on_fail: true
# After state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 deny 20
# description rmap1-20-deny
# match community BGPCommunity4 BGPCommunity5
# match ip address prefix-list AllowPrefix1
# set community local-AS
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
# route-map rmap2 deny 40
# match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
# match route-type level-1 level-2
# match tag 2
# description rmap2-40-deny
# route-map rmap3 permit 10
# description *** first stanza ***
# set ip next-hop verify-availability 3.3.3.3 track 1
# route-map rmap3 permit 20
# description *** second stanza ***
# set ip next-hop peer-address
# route-map rmap3 permit 30
# description *** third stanza ***
# set ip next-hop 6.6.6.6 2.2.2.2 load-share drop-on-fail
# Using overridden
# Before state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
# match as-number 65564
# match as-path Allow40
# match ip address acl_1
# description rmap1-10-permit
# route-map rmap1 deny 20
# match community BGPCommunity1 BGPCommunity2
# match ip address prefix-list AllowPrefix1 AllowPrefix2
# description rmap1-20-deny
# set dampening 30 1500 10000 120
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
# route-map rmap2 deny 40
# match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
# match route-type level-1 level-2
# match tag 2
# description rmap2-40-deny
- name: Override all route-maps configuration with provided configuration
cisco.nxos.nxos_route_maps:
config:
- route_map: rmap1
entries:
- sequence: 20
action: deny
description: rmap1-20-deny
match:
community:
community_list:
- BGPCommunity4
- BGPCommunity5
ip:
address:
prefix_lists:
- AllowPrefix1
set:
community:
local_as: true
state: overridden
# Task output
# -------------
# before:
# - route_map: rmap1
# entries:
# - action: permit
# description: rmap1-10-permit
# match:
# as_number:
# asn:
# - '65564'
# as_path:
# - Allow40
# ip:
# address:
# access_list: acl_1
# sequence: 10
#
# - action: deny
# description: rmap1-20-deny
# match:
# community:
# community_list:
# - BGPCommunity1
# - BGPCommunity2
# ip:
# address:
# prefix_lists:
# - AllowPrefix1
# - AllowPrefix2
# sequence: 20
# set:
# dampening:
# half_life: 30
# max_suppress_time: 120
# start_reuse_route: 1500
# start_suppress_route: 10000
#
# - route_map: rmap2
# entries:
# - action: permit
# continue_sequence: 40
# description: rmap2-20-permit
# match:
# interfaces:
# - Ethernet1/1
# ipv6:
# address:
# prefix_lists:
# - AllowIPv6Prefix
# sequence: 20
# set:
# as_path:
# prepend:
# as_number:
# - '65563'
# - '65568'
# - '65569'
# comm_list: BGPCommunity
#
# - action: deny
# description: rmap2-40-deny
# match:
# ip:
# multicast:
# group_range:
# first: 239.0.0.1
# last: 239.255.255.255
# rp:
# prefix: 192.0.2.0/24
# rp_type: ASM
# source: 203.0.113.0/24
# route_types:
# - level-1
# - level-2
# tags:
# - 2
# sequence: 40
#
# commands:
# - no route-map rmap1 permit 10
# - route-map rmap1 deny 20
# - no match community BGPCommunity1 BGPCommunity2
# - match community BGPCommunity4 BGPCommunity5
# - no match ip address prefix-list AllowPrefix1 AllowPrefix2
# - match ip address prefix-list AllowPrefix1
# - no set dampening 30 1500 10000 120
# - set community local-AS
# - no route-map rmap2 permit 20
# - no route-map rmap2 deny 40
#
# after:
# - route_map: rmap1
# entries:
# - sequence: 20
# action: deny
# description: rmap1-20-deny
# match:
# community:
# community_list:
# - BGPCommunity4
# - BGPCommunity5
# ip:
# address:
# prefix_lists:
# - AllowPrefix1
# set:
# community:
# local_as: true
#
# After state:
# ------------
# nxos-9k-rdo# sh running-config | section "^route-map"
# route-map rmap1 deny 20
# description rmap1-20-deny
# match community BGPCommunity4 BGPCommunity5
# match ip address prefix-list AllowPrefix1
# set community local-AS
# Using deleted to delete a single route-map
# Before state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
# match as-number 65564
# match as-path Allow40
# match ip address acl_1
# description rmap1-10-permit
# route-map rmap1 deny 20
# match community BGPCommunity1 BGPCommunity2
# match ip address prefix-list AllowPrefix1 AllowPrefix2
# description rmap1-20-deny
# set dampening 30 1500 10000 120
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
# route-map rmap2 deny 40
# match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
# match route-type level-1 level-2
# match tag 2
# description rmap2-40-deny
- name: Delete single route-map
cisco.nxos.nxos_route_maps:
config:
- route_map: rmap1
state: deleted
# Task output
# -------------
# before:
# - route_map: rmap1
# entries:
# - action: permit
# description: rmap1-10-permit
# match:
# as_number:
# asn:
# - '65564'
# as_path:
# - Allow40
# ip:
# address:
# access_list: acl_1
# sequence: 10
#
# - action: deny
# description: rmap1-20-deny
# match:
# community:
# community_list:
# - BGPCommunity1
# - BGPCommunity2
# ip:
# address:
# prefix_lists:
# - AllowPrefix1
# - AllowPrefix2
# sequence: 20
# set:
# dampening:
# half_life: 30
# max_suppress_time: 120
# start_reuse_route: 1500
# start_suppress_route: 10000
#
# - route_map: rmap2
# entries:
# - action: permit
# continue_sequence: 40
# description: rmap2-20-permit
# match:
# interfaces:
# - Ethernet1/1
# ipv6:
# address:
# prefix_lists:
# - AllowIPv6Prefix
# sequence: 20
# set:
# as_path:
# prepend:
# as_number:
# - '65563'
# - '65568'
# - '65569'
# comm_list: BGPCommunity
#
# - action: deny
# description: rmap2-40-deny
# match:
# ip:
# multicast:
# group_range:
# first: 239.0.0.1
# last: 239.255.255.255
# rp:
# prefix: 192.0.2.0/24
# rp_type: ASM
# source: 203.0.113.0/24
# route_types:
# - level-1
# - level-2
# tags:
# - 2
# sequence: 40
#
# commands:
# - no route-map rmap1 permit 10
# - no route-map rmap1 deny 20
#
# after:
# - route_map: rmap2
# entries:
# - action: permit
# continue_sequence: 40
# description: rmap2-20-permit
# match:
# interfaces:
# - Ethernet1/1
# ipv6:
# address:
# prefix_lists:
# - AllowIPv6Prefix
# sequence: 20
# set:
# as_path:
# prepend:
# as_number:
# - '65563'
# - '65568'
# - '65569'
# comm_list: BGPCommunity
#
# - action: deny
# description: rmap2-40-deny
# match:
# ip:
# multicast:
# group_range:
# first: 239.0.0.1
# last: 239.255.255.255
# rp:
# prefix: 192.0.2.0/24
# rp_type: ASM
# source: 203.0.113.0/24
# route_types:
# - level-1
# - level-2
# tags:
# - 2
# sequence: 40
#
# After state:
# ------------
# nxos-9k-rdo# sh running-config | section "^route-map"
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
# route-map rmap2 deny 40
# match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
# match route-type level-1 level-2
# match tag 2
# description rmap2-40-deny
# Using deleted to delete all route-maps from the device running-config
# Before state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
# match as-number 65564
# match as-path Allow40
# match ip address acl_1
# description rmap1-10-permit
# route-map rmap1 deny 20
# match community BGPCommunity1 BGPCommunity2
# match ip address prefix-list AllowPrefix1 AllowPrefix2
# description rmap1-20-deny
# set dampening 30 1500 10000 120
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
# route-map rmap2 deny 40
# match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
# match route-type level-1 level-2
# match tag 2
# description rmap2-40-deny
- name: Delete all route-maps
cisco.nxos.nxos_route_maps:
state: deleted
# Task output
# -------------
# before:
# - route_map: rmap1
# entries:
# - action: permit
# description: rmap1-10-permit
# match:
# as_number:
# asn:
# - '65564'
# as_path:
# - Allow40
# ip:
# address:
# access_list: acl_1
# sequence: 10
#
# - action: deny
# description: rmap1-20-deny
# match:
# community:
# community_list:
# - BGPCommunity1
# - BGPCommunity2
# ip:
# address:
# prefix_lists:
# - AllowPrefix1
# - AllowPrefix2
# sequence: 20
# set:
# dampening:
# half_life: 30
# max_suppress_time: 120
# start_reuse_route: 1500
# start_suppress_route: 10000
#
# - route_map: rmap2
# entries:
# - action: permit
# continue_sequence: 40
# description: rmap2-20-permit
# match:
# interfaces:
# - Ethernet1/1
# ipv6:
# address:
# prefix_lists:
# - AllowIPv6Prefix
# sequence: 20
# set:
# as_path:
# prepend:
# as_number:
# - '65563'
# - '65568'
# - '65569'
# comm_list: BGPCommunity
#
# - action: deny
# description: rmap2-40-deny
# match:
# ip:
# multicast:
# group_range:
# first: 239.0.0.1
# last: 239.255.255.255
# rp:
# prefix: 192.0.2.0/24
# rp_type: ASM
# source: 203.0.113.0/24
# route_types:
# - level-1
# - level-2
# tags:
# - 2
# sequence: 40
#
# commands:
# - no route-map rmap1 permit 10
# - no route-map rmap1 deny 20
# - no route-map rmap2 permit 20
# - no route-map rmap2 deny 40
#
# after: []
#
# After state:
# ------------
# nxos-9k-rdo# sh running-config | section "^route-map"
- name: Render platform specific configuration lines with state rendered (without connecting to the device)
cisco.nxos.nxos_route_maps:
config:
- route_map: rmap1
entries:
- sequence: 10
action: permit
description: rmap1-10-permit
match:
ip:
address:
access_list: acl_1
as_path: Allow40
as_number:
asn: 65564
- sequence: 20
action: deny
description: rmap1-20-deny
match:
community:
community_list:
- BGPCommunity1
- BGPCommunity2
ip:
address:
prefix_lists:
- AllowPrefix1
- AllowPrefix2
set:
dampening:
half_life: 30
start_reuse_route: 1500
start_suppress_route: 10000
max_suppress_time: 120
- route_map: rmap2
entries:
- sequence: 20
action: permit
description: rmap2-20-permit
continue_sequence: 40
match:
ipv6:
address:
prefix_lists: AllowIPv6Prefix
interfaces: "{{ nxos_int1 }}"
set:
as_path:
prepend:
as_number:
- 65563
- 65568
- 65569
comm_list: BGPCommunity
- sequence: 40
action: deny
description: rmap2-40-deny
match:
route_types:
- level-1
- level-2
tags: 2
ip:
multicast:
rp:
prefix: 192.0.2.0/24
rp_type: ASM
source: 203.0.113.0/24
group_range:
first: 239.0.0.1
last: 239.255.255.255
state: rendered
# Task Output (redacted)
# -----------------------
# rendered:
# - "route-map rmap1 permit 10"
# - "match as-number 65564"
# - "match as-path Allow40"
# - "match ip address acl_1"
# - "description rmap1-10-permit"
# - "route-map rmap1 deny 20"
# - "match community BGPCommunity1 BGPCommunity2"
# - "match ip address prefix-list AllowPrefix1 AllowPrefix2"
# - "description rmap1-20-deny"
# - "set dampening 30 1500 10000 120"
# - "route-map rmap2 permit 20"
# - "match interface Ethernet1/1"
# - "match ipv6 address prefix-list AllowIPv6Prefix"
# - "set as-path prepend 65563 65568 65569"
# - "description rmap2-20-permit"
# - "continue 40"
# - "set comm-list BGPCommunity delete"
# - "route-map rmap2 deny 40"
# - "match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM"
# - "match route-type level-1 level-2"
# - "match tag 2"
# - "description rmap2-40-deny"
# Using parsed
# parsed.cfg
# ------------
# route-map rmap1 permit 10
# match as-number 65564
# match as-path Allow40
# match ip address acl_1
# description rmap1-10-permit
# route-map rmap1 deny 20
# match community BGPCommunity1 BGPCommunity2
# match ip address prefix-list AllowPrefix1 AllowPrefix2
# description rmap1-20-deny
# set dampening 30 1500 10000 120
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
# route-map rmap2 deny 40
# match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
# match route-type level-1 level-2
# match tag 2
# description rmap2-40-deny
- name: Parse externally provided route-maps configuration
cisco.nxos.nxos_route_maps:
running_config: "{{ lookup('file', './fixtures/parsed.cfg') }}"
state: parsed
# Task output (redacted)
# -----------------------
# parsed:
# - route_map: rmap1
# entries:
# - action: permit
# description: rmap1-10-permit
# match:
# as_number:
# asn:
# - '65564'
# as_path:
# - Allow40
# ip:
# address:
# access_list: acl_1
# sequence: 10
#
# - action: deny
# description: rmap1-20-deny
# match:
# community:
# community_list:
# - BGPCommunity1
# - BGPCommunity2
# ip:
# address:
# prefix_lists:
# - AllowPrefix1
# - AllowPrefix2
# sequence: 20
# set:
# dampening:
# half_life: 30
# max_suppress_time: 120
# start_reuse_route: 1500
# start_suppress_route: 10000
#
# - route_map: rmap2
# entries:
# - action: permit
# continue_sequence: 40
# description: rmap2-20-permit
# match:
# interfaces:
# - Ethernet1/1
# ipv6:
# address:
# prefix_lists:
# - AllowIPv6Prefix
# sequence: 20
# set:
# as_path:
# prepend:
# as_number:
# - '65563'
# - '65568'
# - '65569'
# comm_list: BGPCommunity
#
# - action: deny
# description: rmap2-40-deny
# match:
# ip:
# multicast:
# group_range:
# first: 239.0.0.1
# last: 239.255.255.255
# rp:
# prefix: 192.0.2.0/24
# rp_type: ASM
# source: 203.0.113.0/24
# route_types:
# - level-1
# - level-2
# tags:
# - 2
# sequence: 40
# Using gathered
# Existing route-map config
# ---------------------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
# match as-number 65564
# match as-path Allow40
# match ip address acl_1
# description rmap1-10-permit
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
- name: Gather route-maps facts using gathered
cisco.nxos.nxos_route_maps:
state: gathered
state:
choices:
- merged
- replaced
- overridden
- deleted
- parsed
- gathered
- rendered
default: merged
description:
- The state the configuration should be left in.
- With state I(replaced), for the listed route-maps, sequences that are in running-config
but not in the task are negated.
- With state I(overridden), all route-maps that are in running-config but not in the
task are negated.
- Please refer to examples for more details.
type: str
config:
description: A list of route-map configuration.
elements: dict
suboptions:
entries:
description: List of entries (identified by sequence number) for this route-map.
elements: dict
suboptions:
action:
choices:
- deny
- permit
description: Route map denies or permits set operations.
type: str
continue_sequence:
description: Continue on a different entry within the route-map.
type: int
description:
description: Description of the route-map.
type: str
match:
description: Match values from routing table.
suboptions:
as_number:
description: Match BGP peer AS number.
suboptions:
as_path_list:
description: AS path access list name.
elements: str
type: list
asn:
description: AS number.
elements: str
type: list
type: dict
as_path:
description: Match BGP AS path access-list.
elements: str
type: list
community:
description: Match BGP community list.
suboptions:
community_list:
description: Community list.
elements: str
type: list
exact_match:
description: Do exact matching of communities.
type: bool
type: dict
evpn:
description: Match BGP EVPN Routes.
suboptions:
route_types:
description: Match route type for evpn route.
elements: str
type: list
type: dict
extcommunity:
description: Match BGP community list.
suboptions:
exact_match:
description: Do exact matching of extended communities.
type: bool
extcommunity_list:
description: Extended Community list.
elements: str
type: list
type: dict
interfaces:
description: Match first hop interface of route.
elements: str
type: list
ip:
description: Configure IP specific information.
suboptions:
address:
description: Match address of route or match packet.
suboptions:
access_list:
description: IP access-list name (for use in route-maps for PBR
only).
type: str
prefix_lists:
description: Match entries of prefix-lists.
elements: str
type: list
type: dict
multicast:
description: Match multicast attributes.
suboptions:
group:
description:
- Multicast Group prefix.
- Mutually exclusive with group_range.
suboptions:
prefix:
description: IPv4 group prefix.
type: str
type: dict
group_range:
description:
- Multicast Group address range.
- Mutually exclusive with group.
suboptions:
first:
description: First Group address.
type: str
last:
description: Last Group address.
type: str
type: dict
rp:
description: Rendezvous point.
suboptions:
prefix:
description: IPv4 rendezvous prefix.
type: str
rp_type:
choices:
- ASM
- Bidir
description: Multicast rendezvous point type.
type: str
type: dict
source:
description: Multicast source address.
type: str
type: dict
next_hop:
description: Match next-hop address of route.
suboptions:
prefix_lists:
description: Match entries of prefix-lists.
elements: str
type: list
type: dict
route_source:
description: Match advertising source address of route.
suboptions:
prefix_lists:
description: Match entries of prefix-lists.
elements: str
type: list
type: dict
type: dict
ipv6:
description: Configure IPv6 specific information.
suboptions:
address:
description: Match address of route or match packet.
suboptions:
access_list:
description: IP access-list name (for use in route-maps for PBR
only).
type: str
prefix_lists:
description: Match entries of prefix-lists.
elements: str
type: list
type: dict
multicast:
description: Match multicast attributes.
suboptions:
group:
description:
- Multicast Group prefix.
- Mutually exclusive with group_range.
suboptions:
prefix:
description: IPv4 group prefix.
type: str
type: dict
group_range:
description:
- Multicast Group address range.
- Mutually exclusive with group.
suboptions:
first:
description: First Group address.
type: str
last:
description: Last Group address.
type: str
type: dict
rp:
description: Rendezvous point.
suboptions:
prefix:
description: IPv4 rendezvous prefix.
type: str
rp_type:
choices:
- ASM
- Bidir
description: Multicast rendezvous point type.
type: str
type: dict
source:
description: Multicast source address.
type: str
type: dict
next_hop:
description: Match next-hop address of route.
suboptions:
prefix_lists:
description: Match entries of prefix-lists.
elements: str
type: list
type: dict
route_source:
description: Match advertising source address of route.
suboptions:
prefix_lists:
description: Match entries of prefix-lists.
elements: str
type: list
type: dict
type: dict
mac_list:
description: Match entries of mac-lists.
elements: str
type: list
metric:
description: Match metric of route.
elements: int
type: list
ospf_area:
description: Match ospf area.
elements: int
type: list
route_types:
choices:
- external
- inter-area
- internal
- intra-area
- level-1
- level-2
- local
- nssa-external
- type-1
- type-2
description: Match route-type of route.
elements: str
type: list
source_protocol:
description: Match source protocol.
elements: str
type: list
tags:
description: Match tag of route.
elements: int
type: list
type: dict
sequence:
description: Sequence to insert to/delete from existing route-map entry.
type: int
set:
description: Set values in destination routing protocol.
suboptions:
as_path:
description: Prepend string for a BGP AS-path attribute.
suboptions:
prepend:
description: Prepend to the AS-Path.
suboptions:
as_number:
description: AS number.
elements: str
type: list
last_as:
description: Number of last-AS prepends.
type: int
type: dict
tag:
description: Set the tag as an AS-path attribute.
type: bool
type: dict
comm_list:
description: Set BGP community list (for deletion).
type: str
community:
description: Set BGP community attribute.
suboptions:
additive:
description: Add to existing community.
type: bool
graceful_shutdown:
description: Graceful Shutdown (well-known community).
type: bool
internet:
description: Internet (well-known community).
type: bool
local_as:
description: Do not send outside local AS (well-known community).
type: bool
no_advertise:
description: Do not advertise to any peer (well-known community).
type: bool
no_export:
description: Do not export to next AS (well-known community).
type: bool
number:
description: Community number aa:nn format
elements: str
type: list
type: dict
dampening:
description: Set BGP route flap dampening parameters.
suboptions:
half_life:
description: Half-life time for the penalty.
type: int
max_suppress_time:
description: Maximum suppress time for stable route.
type: int
start_reuse_route:
description: Value to start reusing a route.
type: int
start_suppress_route:
description: Value to start suppressing a route.
type: int
type: dict
distance:
description: Configure administrative distance.
suboptions:
igp_ebgp_routes:
description: Administrative distance for IGP or EBGP routes
type: int
internal_routes:
description: Distance for internal routes.
type: int
local_routes:
description: Distance for local routes.
type: int
type: dict
evpn:
description: Set BGP EVPN Routes.
suboptions:
gateway_ip:
description:
- Set gateway IP for type 5 EVPN routes.
- Cannot set ip and use-nexthop in the same route-map sequence.
suboptions:
ip:
description: Gateway IP address.
type: str
use_nexthop:
description: Use nexthop address as gateway IP.
type: bool
type: dict
type: dict
extcomm_list:
description: Set BGP extcommunity list (for deletion).
type: str
extcommunity:
description: Set BGP extcommunity attribute.
suboptions:
rt:
description: Route-Target.
suboptions:
additive:
description: Add to existing rt extcommunity.
type: bool
extcommunity_numbers:
description:
- Extcommunity number.
- Supported formats are ASN2:NN, ASN4:NN, IPV4:NN.
elements: str
type: list
type: dict
type: dict
forwarding_address:
description: Set the forwarding address.
type: bool
ip:
description: Configure IP features.
suboptions:
address:
description: Specify IP address.
suboptions:
prefix_list:
description: Name of prefix list (Max Size 63).
type: str
type: dict
next_hop:
description: Set next-hop IP address (for policy-based routing)
suboptions:
address:
description: Set space-separated list of next-hop IP addresses.
Address ordering is important. Also don`t use unnecessary spaces.
type: str
drop_on_fail:
default: false
description: Drop packets instead of using default routing when
the configured next hop becomes unreachable
type: bool
force_order:
default: false
description: Enable next-hop ordering as specified in the address
parameter.
type: bool
load_share:
default: false
description: Enable traffic load balancing across a maximum of
32 next-hop addresses
type: bool
peer_address:
description:
- BGP prefix next hop is set to the local address of the peer.
- If no next hop is set in the route map, the next hop is set
to the one stored in the path.
type: bool
redist_unchanged:
description:
- Set for next-hop address conservation for non-local generated
routes.
- Used with redistribute command. Available to maintain BGP routing
compliant with RFC 4271 on Nexus OS.
type: bool
unchanged:
description: Set for next-hop address conservation in eBGP outgoing
updates
type: bool
verify_availability:
description: Set next-hop ip address tracking with IP SLA
elements: dict
suboptions:
address:
description: Set one next-hop address
required: true
type: str
drop_on_fail:
default: false
description: Drop packets instead of using default routing
when the configured next hop becomes unreachable
type: bool
force_order:
default: false
description: Enable next-hop ordering as specified in the
address parameter.
type: bool
load_share:
default: false
description: Enable traffic load balancing across a maximum
of 32 next-hop addresses
type: bool
track:
description: Set track number
required: true
type: int
type: list
type: dict
precedence:
description: Set precedence field.
type: str
type: dict
ipv6:
description: Configure IPv6 features.
suboptions:
address:
description: Specify IP address.
suboptions:
prefix_list:
description: Name of prefix list (Max Size 63).
type: str
type: dict
precedence:
description: Set precedence field.
type: str
type: dict
label_index:
description: Set Segment Routing (SR) label index of route.
type: int
level:
choices:
- level-1
- level-1-2
- level-2
description: Where to import route.
type: str
local_preference:
description: BGP local preference path attribute.
type: int
metric:
description: Set metric for destination routing protocol.
suboptions:
bandwidth:
description: Metric value or Bandwidth in Kbits per second (Max Size
11).
type: int
igrp_delay_metric:
description: IGRP delay metric.
type: int
igrp_effective_bandwidth_metric:
description: IGRP Effective bandwidth metric (Loading) 255 is 100%.
type: int
igrp_mtu:
description: IGRP MTU of the path.
type: int
igrp_reliability_metric:
description: IGRP reliability metric where 255 is 100 percent reliable.
type: int
type: dict
metric_type:
choices:
- external
- internal
- type-1
- type-2
description: Type of metric for destination routing protocol.
type: str
nssa_only:
description: OSPF NSSA Areas.
type: bool
null_interface:
description: Output Null interface.
type: str
origin:
choices:
- egp
- igp
- incomplete
description: BGP origin code.
type: str
path_selection:
choices:
- all
- backup
- best2
- multipaths
description: Path selection criteria for BGP.
type: str
tag:
description: Tag value for destination routing protocol.
type: int
weight:
description: BGP weight for routing table.
type: int
type: dict
type: list
route_map:
description: Route-map name.
type: str
type: list
running_config:
description:
- This option is used only with state I(parsed).
- The value of this option should be the output received from the NX-OS device by
executing the command B(show running-config | section '^route-map').
- The state I(parsed) reads the configuration from C(running_config) option and transforms
it into Ansible structured data as per the resource module's argspec and the value
is then returned in the I(parsed) key within the result.
type: str
after:
description: The resulting configuration model invocation.
returned: when changed
sample: "The configuration returned will always be in the same format\n of the parameters\
\ above.\n"
type: dict
before:
description: The configuration prior to the model invocation.
returned: always
sample: "The configuration returned will always be in the same format\n of the parameters\
\ above.\n"
type: dict
commands:
description: The set of commands pushed to the remote device.
returned: always
sample:
- route-map rmap1 permit 10
- match as-number 65564
- match as-path Allow40
- match ip address acl_1
- description rmap1-10-permit
- route-map rmap1 deny 20
- match community BGPCommunity1 BGPCommunity2
type: list