Try SpotterManage a BGP neighbor and its parameters
| "added in version" 1.0.0 of dellemc.enterprise_sonic"
Authors: Abirami N (@abirami-n)
This plugin has a corresponding action plugin.
Install with ansible-galaxy collection install dellemc.enterprise_sonic:==2.4.0
collections:
- name: dellemc.enterprise_sonic
version: 2.4.0This module provides configuration management of global BGP_NEIGHBORS parameters on devices running Enterprise SONiC.
bgp_as and vrf_name must be created on the device in advance.
# Using deleted
#
# Before state:
# -------------
#router bgp 11 vrf VrfCheck2
# network import-check
# timers 60 180
#!
#router bgp 51 vrf VrfReg1
# network import-check
# timers 60 180
# !
# neighbor interface Eth1/3
#!
#router bgp 11
# network import-check
# timers 60 180
# !
# neighbor 192.168.1.4
# !
# peer-group SP1
# bfd
# capability dynamic
# !
# peer-group SP2
# !
#
- name: Deletes all BGP neighbors
dellemc.enterprise_sonic.sonic_bgp_neighbors:
config:
state: deleted
#
# After state:
# -------------
#router bgp 11 vrf VrfCheck2
# network import-check
# timers 60 180
#!
#router bgp 51 vrf VrfReg1
# network import-check
# timers 60 180
#!
#router bgp 11
# network import-check
# timers 60 180
# !
#
# Using merged
#
# Before state:
# ------------
#router bgp 11 vrf VrfCheck2
# network import-check
# timers 60 180
#!
#router bgp 51 vrf VrfReg1
# network import-check
# timers 60 180
#!
#router bgp 11
# network import-check
# timers 60 180
# !
- name: "Adds sonic_bgp_neighbors"
dellemc.enterprise_sonic.sonic_bgp_neighbors:
config:
- bgp_as: 51
neighbors:
- neighbor: Eth1/2
auth_pwd:
pwd: 'pw123'
encrypted: false
dont_negotiate_capability: true
ebgp_multihop:
enabled: true
multihop_ttl: 1
enforce_first_as: true
enforce_multihop: true
local_address: 'Ethernet4'
local_as:
as: 2
no_prepend: true
replace_as: true
nbr_description: "description 1"
override_capability: true
passive: true
port: 3
shutdown_msg: 'msg1'
solo: true
- neighbor: 1.1.1.1
disable_connected_check: true
ttl_security: 5
- bgp_as: 51
vrf_name: VrfReg1
peer_group:
- name: SPINE
bfd:
check_failure: true
enabled: true
profile: 'profile 1'
capability:
dynamic: true
extended_nexthop: true
auth_pwd:
pwd: 'U2FsdGVkX1/4sRsZ624wbAJfDmagPLq2LsGDOcW/47M='
encrypted: true
dont_negotiate_capability: true
ebgp_multihop:
enabled: true
multihop_ttl: 1
enforce_first_as: true
enforce_multihop: true
local_address: 'Ethernet4'
local_as:
as: 2
no_prepend: true
replace_as: true
pg_description: 'description 1'
override_capability: true
passive: true
solo: true
remote_as:
peer_as: 4
- name: SPINE1
disable_connected_check: true
shutdown_msg: "msg1"
strict_capability_match: true
timers:
keepalive: 30
holdtime: 15
connect_retry: 25
ttl_security: 5
address_family:
afis:
- afi: ipv4
safi: unicast
activate: true
allowas_in:
origin: true
- afi: ipv6
safi: unicast
activate: true
allowas_in:
value: 5
neighbors:
- neighbor: Eth1/3
remote_as:
peer_as: 10
peer_group: SPINE
advertisement_interval: 15
timers:
keepalive: 30
holdtime: 15
connect_retry: 25
bfd:
check_failure: true
enabled: true
profile: 'profile 1'
capability:
dynamic: true
extended_nexthop: true
auth_pwd:
pwd: 'U2FsdGVkX199MZ7YOPkOR9O6wEZmtGSgiDfnlcN9hBg='
encrypted: true
nbr_description: 'description 2'
strict_capability_match: true
v6only: true
- neighbor: 192.168.1.4
state: merged
#
# After state:
# ------------
#!
#router bgp 11 vrf VrfCheck2
# network import-check
# timers 60 180
#!
#router bgp 51 vrf VrfReg1
# network import-check
# timers 60 180
# !
# peer-group SPINE1
# timers 15 30
# timers connect 25
# shutdown message msg1
# disable-connected-check
# strict-capability-match
# ttl-security hops 5
# !
# peer-group SPINE
# description "description 1"
# ebgp-multihop 1
# remote-as 4
# bfd check-control-plane-failure profile "profile 1"
# update-source interface Ethernet4
# capability dynamic
# capability extended-nexthop
# dont-capability-negotiate
# enforce-first-as
# enforce-multihop
# local-as 2 no-prepend replace-as
# override-capability
# passive
# password U2FsdGVkX1/4sRsZ624wbAJfDmagPLq2LsGDOcW/47M= encrypted
# solo
# address-family ipv4 unicast
# activate
# allowas-in origin
# send-community both
# !
# address-family ipv6 unicast
# activate
# allowas-in 5
# send-community both
# !
# neighbor interface Eth1/3
# description "description 2"
# peer-group SPINE
# remote-as 10
# timers 15 30
# timers connect 25
# bfd check-control-plane-failure profile "profile 1"
# advertisement-interval 15
# capability extended-nexthop
# capability dynamic
# v6only
# password U2FsdGVkX199MZ7YOPkOR9O6wEZmtGSgiDfnlcN9hBg= encrypted
# strict-capability-match
# !
# neighbor 192.168.1.4
#!
# router bgp 51
# timers 60 180
# neighbor interface Eth1/2
# description "description 1"
# shutdown message msg1
# ebgp-multihop 1
# remote-as external
# update-source interface Ethernet4
# dont-capability-negotiate
# enforce-first-as
# enforce-multihop
# local-as 2 no-prepend replace-as
# override-capability
# passive
# password U2FsdGVkX1+bxMf9TKOhaXRNNaHmywiEVDF2lJ2c000= encrypted
# port 3
# solo
# neighbor 1.1.1.1
# disable-connected-check
# ttl-security hops 5
#router bgp 11
# network import-check
# timers 60 180
#
# Using deleted
#
# Before state:
# ------------
#!
#router bgp 11 vrf VrfCheck2
# network import-check
# timers 60 180
#!
#router bgp 51 vrf VrfReg1
# network import-check
# timers 60 180
# !
# peer-group SPINE
# bfd
# remote-as 4
# !
# neighbor interface Eth1/3
# peer-group SPINE
# remote-as 10
# timers 15 30
# advertisement-interval 15
# bfd
# capability extended-nexthop
# capability dynamic
# !
# neighbor 192.168.1.4
#!
#router bgp 11
# network import-check
# timers 60 18
# !
# peer-group SP
# !
# neighbor interface Eth1/3
#
- name: "Deletes sonic_bgp_neighbors and peer-groups specific to vrfname"
dellemc.enterprise_sonic.sonic_bgp_neighbors:
config:
- bgp_as: 51
vrf_name: VrfReg1
state: deleted
# After state:
# ------------
#!
#router bgp 11 vrf VrfCheck2
# network import-check
# timers 60 180
#!
#router bgp 51 vrf VrfReg1
# network import-check
# timers 60 180
# !
#router bgp 11
# network import-check
# timers 60 18
# !
# peer-group SP
# !
# neighbor interface Eth1/3
#
# Using deleted
#
# Before state:
# -------------
#
#router bgp 51 vrf VrfReg1
# network import-check
# timers 60 180
# !
# peer-group SPINE
# bfd
# remote-as 4
# !
# neighbor interface Eth1/3
# peer-group SPINE
# remote-as 10
# timers 15 30
# advertisement-interval 15
# bfd
# capability extended-nexthop
# capability dynamic
# !
# neighbor 192.168.1.4
# !
- name: "Deletes specific sonic_bgp_neighbors"
dellemc.enterprise_sonic.sonic_bgp_neighbors:
config:
- bgp_as: 51
neighbors:
- neighbor: Eth1/2
auth_pwd:
pwd: 'pw123'
encrypted: false
dont_negotiate_capability: true
ebgp_multihop:
enabled: true
multihop_ttl: 1
enforce_first_as: true
enforce_multihop: true
local_address: 'Ethernet4'
local_as:
as: 2
no_prepend: true
replace_as: true
nbr_description: 'description 1'
override_capability: true
passive: true
port: 3
shutdown_msg: 'msg1'
solo: true
- neighbor: 1.1.1.1
disable_connected_check: true
ttl_security: 5
- bgp_as: 51
vrf_name: VrfReg1
peer_group:
- name: SPINE
bfd:
check_failure: true
enabled: true
profile: 'profile 1'
capability:
dynamic: true
extended_nexthop: true
auth_pwd:
pwd: 'U2FsdGVkX1/4sRsZ624wbAJfDmagPLq2LsGDOcW/47M='
encrypted: true
dont_negotiate_capability: true
ebgp_multihop:
enabled: true
multihop_ttl: 1
enforce_first_as: true
enforce_multihop: true
local_address: 'Ethernet4'
local_as:
as: 2
no_prepend: true
replace_as: true
pg_description: 'description 1'
override_capability: true
passive: true
solo: true
remote_as:
peer_as: 4
- name: SPINE1
disable_connected_check: true
shutdown_msg: "msg1"
strict_capability_match: true
timers:
keepalive: 30
holdtime: 15
connect_retry: 25
ttl_security: 5
neighbors:
- neighbor: Eth1/3
remote_as:
peer_as: 10
peer_group: SPINE
advertisement_interval: 15
timers:
keepalive: 30
holdtime: 15
connect_retry: 25
bfd:
check_failure: true
enabled: true
profile: 'profile 1'
capability:
dynamic: true
extended_nexthop: true
auth_pwd:
pwd: 'U2FsdGVkX199MZ7YOPkOR9O6wEZmtGSgiDfnlcN9hBg='
encrypted: true
nbr_description: 'description 2'
strict_capability_match: true
v6only: true
- neighbor: 192.168.1.4
state: deleted
#
# After state:
# -------------
#
#router bgp 51 vrf VrfReg1
# network import-check
# timers 60 180
# !
# peer-group SPINE1
# !
# peer-group SPINE
# !
# neighbor interface Eth1/3
# !
# neighbor interface Eth1/2
# neighbor 1.1.1.1
#
# Using merged
#
# Before state:
# -------------
#
# sonic# show running-configuration bgp peer-group vrf default
# (No bgp peer-group configuration present)
- name: "Configure BGP peer-group prefix-list attributes"
dellemc.enterprise_sonic.sonic_bgp_neighbors:
config:
- bgp_as: 51
peer_group:
- name: SPINE
address_family:
afis:
- afi: ipv4
safi: unicast
ip_afi:
default_policy_name: rmap_reg1
send_default_route: true
prefix_limit:
max_prefixes: 1
prevent_teardown: true
warning_threshold: 80
prefix_list_in: p1
prefix_list_out: p2
state: merged
# After state:
# ------------
#
# sonic# show running-configuration bgp peer-group vrf default
# !
# peer-group SPINE
# !
# address-family ipv4 unicast
# default-originate route-map rmap_reg1
# prefix-list p1 in
# prefix-list p2 out
# send-community both
# maximum-prefix 1 80 warning-only
#
# Using deleted
#
# Before state:
# -------------
#
# sonic# show running-configuration bgp peer-group vrf default
# !
# peer-group SPINE
# !
# address-family ipv6 unicast
# default-originate route-map rmap_reg2
# prefix-list p1 in
# prefix-list p2 out
# send-community both
# maximum-prefix 5 90 restart 2
- name: "Delete BGP peer-group prefix-list attributes"
dellemc.enterprise_sonic.sonic_bgp_neighbors:
config:
- bgp_as: 51
peer_group:
- name: SPINE
address_family:
afis:
- afi: ipv6
safi: unicast
ip_afi:
default_policy_name: rmap_reg2
send_default_route: true
prefix_limit:
max_prefixes: 5
warning_threshold: 90
restart-timer: 2
prefix_list_in: p1
prefix_list_out: p2
state: deleted
state:
choices:
- merged
- deleted
default: merged
description:
- Specifies the operation to be performed on the BGP process that is configured on
the device.
- In case of merged, the input configuration is merged with the existing BGP configuration
on the device.
- In case of deleted, the existing BGP configuration is removed from the device.
type: str
config:
description: Specifies the BGP neighbors related configuration.
elements: dict
suboptions:
bgp_as:
description:
- Specifies the BGP autonomous system (AS) number which is already configured
on the device.
required: true
type: str
neighbors:
description: Specifies BGP neighbor-related configurations.
elements: dict
suboptions:
advertisement_interval:
description:
- Specifies the minimum interval between sending BGP routing updates.
- The range is from 0 to 600.
type: int
auth_pwd:
description:
- Configuration for neighbor group authentication password.
suboptions:
encrypted:
default: false
description:
- Indicates whether the password is encrypted text.
type: bool
pwd:
description:
- Authentication password for the neighbor group.
required: true
type: str
type: dict
bfd:
description:
- Enables or disables BFD.
suboptions:
check_failure:
description:
- Link dataplane status with control plane.
type: bool
enabled:
description:
- Enables BFD liveliness check for a BGP neighbor.
type: bool
profile:
description:
- BFD Profile name.
type: str
type: dict
capability:
description:
- Specifies capability attributes to this neighbor.
suboptions:
dynamic:
description:
- Enables or disables dynamic capability to this neighbor.
type: bool
extended_nexthop:
description:
- Enables or disables advertise extended next-hop capability to the peer.
type: bool
type: dict
disable_connected_check:
description:
- Disables EBGP conntected route check.
type: bool
dont_negotiate_capability:
description:
- Disables capability negotiation.
type: bool
ebgp_multihop:
description:
- Allow EBGP neighbors not on directly connected networks.
suboptions:
enabled:
default: false
description:
- Enables the referenced group or neighbors to be indirectly connected.
type: bool
multihop_ttl:
description:
- Time-to-live value to use when packets are sent to the referenced group
or neighbors and ebgp-multihop is enabled.
type: int
type: dict
enforce_first_as:
description:
- Enforces the first AS for EBGP routes.
type: bool
enforce_multihop:
description:
- Enforces EBGP multihop performance for neighbor.
type: bool
local_address:
description:
- Set the local IP address to use for the session when sending BGP update
messages.
type: str
local_as:
description:
- Specifies local autonomous system number.
suboptions:
as:
description:
- Local autonomous system number.
required: true
type: int
no_prepend:
description:
- Do not prepend the local-as number in AS-Path advertisements.
type: bool
replace_as:
description:
- Replace the configured AS Number with the local-as number in AS-Path
advertisements.
type: bool
type: dict
nbr_description:
description:
- A textual description of the neighbor.
type: str
neighbor:
description:
- Neighbor router address.
required: true
type: str
override_capability:
description:
- Override capability negotiation result.
type: bool
passive:
default: false
description:
- Do not send open messages to this neighbor.
type: bool
peer_group:
description:
- The name of the peer group that the neighbor is a member of.
type: str
port:
description:
- Neighbor's BGP port.
type: int
remote_as:
description:
- Remote AS of the BGP neighbor to configure.
- peer_as and peer_type are mutually exclusive.
suboptions:
peer_as:
description:
- Specifies remote AS number.
- The range is from 1 to 4294967295.
type: int
peer_type:
choices:
- internal
- external
description:
- Specifies the type of BGP peer.
type: str
type: dict
shutdown_msg:
description:
- Add a shutdown message.
type: str
solo:
description:
- Indicates that routes advertised by the peer should not be reflected back
to the peer.
type: bool
strict_capability_match:
description:
- Enables strict capability negotiation match.
type: bool
timers:
description:
- Specifies BGP neighbor timer-related configurations.
suboptions:
connect_retry:
description:
- Time interval in seconds between attempts to establish a session with
the peer.
- The range is from 1 to 65535.
type: int
holdtime:
description:
- Interval after not receiving a keepalive message that SONiC declares
a peer dead, in seconds.
- The range is from 0 to 65535.
type: int
keepalive:
description:
- Frequency with which the device sends keepalive messages to its peer,
in seconds.
- The range is from 0 to 65535.
type: int
type: dict
ttl_security:
description:
- Enforces only the neighbors that are specified number of hops away will
be allowed to become neighbors.
type: int
v6only:
description:
- Enables BGP with v6 link-local only.
type: bool
type: list
peer_group:
description: Specifies the list of peer groups.
elements: dict
suboptions:
address_family:
description:
- Holds of list of address families associated to the peergroup.
suboptions:
afis:
description:
- List of address families with afi, safi, activate and allowas-in parameters.
- afi and safi are required together.
elements: dict
suboptions:
activate:
description:
- Enable or disable activate.
type: bool
afi:
choices:
- ipv4
- ipv6
- l2vpn
description:
- Holds afi mode.
type: str
allowas_in:
description:
- Holds AS value.
- The origin and value are mutually exclusive.
suboptions:
origin:
description:
- Set AS as the origin.
type: bool
value:
description:
- Holds AS number in the range 1-10.
type: int
type: dict
ip_afi:
description:
- Common configuration attributes for IPv4 and IPv6 unicast address
families.
suboptions:
default_policy_name:
description:
- Specifies routing policy definition.
type: str
send_default_route:
default: false
description:
- Enable or disable sending of default-route to the peer.
type: bool
type: dict
prefix_limit:
description:
- Specifies prefix limit attributes for ipv4-unicast and ipv6-unicast.
suboptions:
max_prefixes:
description:
- Maximum number of prefixes that will be accepted from the peer.
type: int
prevent_teardown:
default: false
description:
- Enable or disable teardown of BGP session when maximum prefix
limit is exceeded.
type: bool
restart_timer:
description:
- Time interval in seconds after which the BGP session is re-established
after being torn down.
type: int
warning_threshold:
description:
- Threshold on number of prefixes that can be received from a
peer before generation of warning messages.
- Expressed as a percentage of max-prefixes.
type: int
type: dict
prefix_list_in:
description:
- Inbound route filtering policy for a peer.
type: str
prefix_list_out:
description:
- Outbound route filtering policy for a peer.
type: str
safi:
choices:
- unicast
- evpn
description:
- Holds safi mode.
type: str
type: list
type: dict
advertisement_interval:
description:
- Specifies the minimum interval between sending BGP routing updates.
- The range is from 0 to 600.
type: int
auth_pwd:
description:
- Configuration for peer group authentication password.
suboptions:
encrypted:
default: false
description:
- Indicates whether the password is encrypted text.
type: bool
pwd:
description:
- Authentication password for the peer group.
required: true
type: str
type: dict
bfd:
description:
- Enables or disables BFD.
suboptions:
check_failure:
description:
- Link dataplane status with control plane.
type: bool
enabled:
description:
- Enables BFD liveliness check for a BGP peer.
type: bool
profile:
description:
- BFD Profile name.
type: str
type: dict
capability:
description:
- Specifies capability attributes to this peer group.
suboptions:
dynamic:
description:
- Enables or disables dynamic capability to this peer group.
type: bool
extended_nexthop:
description:
- Enables or disables advertise extended next-hop capability to the peer.
type: bool
type: dict
disable_connected_check:
description:
- Disables EBGP conntected route check.
type: bool
dont_negotiate_capability:
description:
- Disables capability negotiation.
type: bool
ebgp_multihop:
description:
- Allow EBGP peers not on directly connected networks.
suboptions:
enabled:
default: false
description:
- Enables the referenced group or peers to be indirectly connected.
type: bool
multihop_ttl:
description:
- Time-to-live value to use when packets are sent to the referenced group
or peers and ebgp-multihop is enabled.
type: int
type: dict
enforce_first_as:
description:
- Enforces the first AS for EBGP routes.
type: bool
enforce_multihop:
description:
- Enforces EBGP multihop performance for peer.
type: bool
local_address:
description:
- Set the local IP address to use for the session when sending BGP update
messages.
type: str
local_as:
description:
- Specifies local autonomous system number.
suboptions:
as:
description:
- Local autonomous system number.
required: true
type: int
no_prepend:
description:
- Do not prepend the local-as number in AS-Path advertisements.
type: bool
replace_as:
description:
- Replace the configured AS Number with the local-as number in AS-Path
advertisements.
type: bool
type: dict
name:
description: Name of the peer group.
required: true
type: str
override_capability:
description:
- Override capability negotiation result.
type: bool
passive:
default: false
description:
- Do not send open messages to this peer.
type: bool
pg_description:
description:
- A textual description of the peer group.
type: str
remote_as:
description:
- Remote AS of the BGP peer group to configure.
- peer_as and peer_type are mutually exclusive.
suboptions:
peer_as:
description:
- Specifies remote AS number.
- The range is from 1 to 4294967295.
type: int
peer_type:
choices:
- internal
- external
description:
- Specifies the type of BGP peer.
type: str
type: dict
shutdown_msg:
description:
- Add a shutdown message.
type: str
solo:
description:
- Indicates that routes advertised by the peer should not be reflected back
to the peer.
type: bool
strict_capability_match:
description:
- Enables strict capability negotiation match.
type: bool
timers:
description:
- Specifies BGP peer group timer related configurations.
suboptions:
connect_retry:
description:
- Time interval in seconds between attempts to establish a session with
the peer.
- The range is from 1 to 65535.
type: int
holdtime:
description:
- Interval after not receiving a keepalive message that Enterprise SONiC
declares a peer dead, in seconds.
- The range is from 0 to 65535.
type: int
keepalive:
description:
- Frequency with which the device sends keepalive messages to its peer,
in seconds.
- The range is from 0 to 65535.
type: int
type: dict
ttl_security:
description:
- Enforces only the peers that are specified number of hops away will be allowed
to become peers.
type: int
type: list
vrf_name:
default: default
description:
- Specifies the VRF name which is already configured on the device.
type: str
type: list
after:
description: The resulting configuration model invocation.
returned: when changed
sample: 'The configuration returned is always in the same format of the parameters
above.
'
type: list
before:
description: The configuration prior to the model invocation.
returned: always
sample: 'The configuration returned is always in the same format of the parameters
above.
'
type: list
commands:
description: The set of commands pushed to the remote device.
returned: always
sample:
- command 1
- command 2
- command 3
type: list