Try SpotterConfigures the BIG-IP DNS system to answer TCP or UDP DNS requests
| "added in version" 1.4.0 of f5networks.f5_modules"
Authors: Andrey Kashcheev (@andreykashcheev)
Install with ansible-galaxy collection install f5networks.f5_modules:==1.28.0
collections:
- name: f5networks.f5_modules
version: 1.28.0Defines one or more Listener objects to control which protocols are available for the BIG-IP DNS system to process DNS requests.
BIG-IP DNS Listeners allow TCP and UDP protocols.
- name: 'Create DNS Listener'
bigip_gtm_dns_listener:
address: '192.0.1.0'
advertise: false
auto_lasthop: default
description: 'this is a test DNS listener'
enabled_vlans:
- /Common/external
ip_protocol: tcp
irules:
- /Common/irule1
mask: '255.255.255.0'
pool: /Common/webpool
name: test-dns-listener
port: 30025
provider:
password: secret
server: lb.mydomain.com
user: admin
source_port: preserve
state: present
translate_address: true
translate_port: true
delegate_to: localhost
- name: 'Disable a DNS Listener'
bigip_gtm_dns_listener:
address: '192.0.1.0'
state: disabled
name: test-dns-listener
provider:
password: secret
server: lb.mydomain.com
user: admin
delegate_to: localhost
mask:
description:
- Specifies the netmask for a network Listener only.
- Netmask clarifies whether the host bit is an actual zero or a wildcard representation.
type: str
name:
description:
- Specifies the name of the DNS Listener.
required: true
type: str
pool:
description:
- Specifies a default pool to which the Listener automatically directs traffic.
type: str
port:
description:
- Specifies the port on which the Listener listens for connections.
- Valid range of values is between C(0) and C(65535) inclusive.
type: int
state:
choices:
- present
- absent
- enabled
- disabled
default: present
description:
- DNS Listener state.
- When C(present), ensures the pool is created and enabled.
- When C(absent), ensures the pool is removed from the system.
- When C(enabled) or C(disabled), ensures the pool is enabled or disabled respectively)
on the remote device.
type: str
irules:
description:
- Specifies list of iRules to run on the Listener.
- iRules help automate the intercepting, processing, and routing of application traffic.
- If you want to remove existing iRules, provide an empty list value; C([]). See the
documentation for an example.
elements: str
type: list
address:
description:
- Specifies the IP address on which the system listens.
required: true
type: str
provider:
description:
- A dict object containing connection details.
suboptions:
auth_provider:
description:
- Configures the auth provider for to obtain authentication tokens from the remote
device.
- This option is really used when working with BIG-IQ devices.
type: str
no_f5_teem:
default: false
description:
- If C(yes), TEEM telemetry data is not sent to F5.
- You may omit this option by setting the environment variable C(F5_TELEMETRY_OFF).
- Previously used variable C(F5_TEEM) is deprecated as its name was confusing.
type: bool
password:
aliases:
- pass
- pwd
description:
- The password for the user account used to connect to the BIG-IP or the BIG-IQ.
- You may omit this option by setting the environment variable C(F5_PASSWORD).
required: true
type: str
server:
description:
- The BIG-IP host or the BIG-IQ host.
- You may omit this option by setting the environment variable C(F5_SERVER).
required: true
type: str
server_port:
default: 443
description:
- The BIG-IP server port.
- You may omit this option by setting the environment variable C(F5_SERVER_PORT).
type: int
timeout:
description:
- Specifies the timeout in seconds for communicating with the network device for
either connecting or sending commands. If the timeout is exceeded before the
operation is completed, the module will error.
type: int
transport:
choices:
- rest
default: rest
description:
- Configures the transport connection to use when connecting to the remote device.
type: str
user:
description:
- The username to connect to the BIG-IP or the BIG-IQ. This user must have administrative
privileges on the device.
- You may omit this option by setting the environment variable C(F5_USER).
required: true
type: str
validate_certs:
default: true
description:
- If C(no), SSL certificates are not validated. Use this only on personally controlled
sites using self-signed certificates.
- You may omit this option by setting the environment variable C(F5_VALIDATE_CERTS).
type: bool
type: dict
version_added: 1.0.0
version_added_collection: f5networks.f5_modules
advertise:
description:
- Specifies whether this Listener's address is advertised to surrounding routers.
type: bool
partition:
default: Common
description:
- Device partition to manage resources on.
type: str
description:
description:
- Provides a brief description for DNS Listener.
type: str
ip_protocol:
description:
- Specifies the protocol on which this Listener receives network traffic.
type: str
source_port:
description:
- Specifies whether the system preserves the source port of the connection.
type: str
auto_lasthop:
description:
- Specifies whether to automatically map the last hop for pools or not.
type: str
enabled_vlans:
description:
- List of VLANs to be enabled. When a VLAN named C(all) is used, all VLANs will be
allowed. VLANs can be specified with or without the leading partition. If the partition
is not specified in the VLAN, then the C(partition) option of this module will be
used.
- This parameter is mutually exclusive with the C(disabled_vlans) parameter.
elements: str
type: list
last_hop_pool:
description:
- Specifies the name of the last hop pool that you want the Listener to use to direct
reply traffic to the last hop router.
type: str
disabled_vlans:
description:
- List of VLANs to be disabled. If the partition is not specified in the VLAN, then
the C(partition) option of this module will be used.
- This parameter is mutually exclusive with the C(enabled_vlans) parameters.
elements: str
type: list
translate_port:
description:
- Enables or disables port translation.
type: bool
translate_address:
description:
- Enables or disables address translation for the Listener.
type: bool
fallback_persistence:
description:
- Specifies a fallback persistence profile for the Listener to use when the default
persistence profile is not available.
type: str
address:
description: IP address on which the system listens.
returned: changed
sample: 10.0.0.2
type: str
advertise:
description: Specifies if the Listener advertises to surrounding routers.
returned: changed
sample: true
type: bool
auto_lasthop:
description: Shows whether the system automatically maps the last hop for pools.
returned: changed
sample: default
type: str
disabled_vlans:
description: List of VLANs the virtual is disabled for.
returned: changed
sample:
- /Common/vlan1
- /Common/vlan2
type: list
enabled:
description: Provides DNS Listener state.
returned: changed
sample: true
type: bool
enabled_vlans:
description: List of VLANs the virtual is enabled for.
returned: changed
sample:
- /Common/vlan5
- /Common/vlan6
type: list
fallback_persistence:
description: Fallback persistence profile for the Listener to use when the default
persistence profile is not available.
returned: changed
sample: /Common/fallback-profile
type: str
ip_protocol:
description: IP protocol used by the DNS Listener.
returned: changed
sample: tcp
type: str
irules:
description: List of rules run by the DNS Listener.
returned: changed
sample:
- /Common/rule1
- /Common/rule2
type: list
mask:
description: Subnet mask used by the Listener to identify address range.
returned: changed
sample: 255.255.0.0
type: str
name:
description: DNS Listener name.
returned: changed
sample: test-dns-listener
type: str
port:
description: Port on which the system listens.
returned: changed
sample: 53
type: int
source_port:
description: Specifies if system preserves the source port of the connection.
returned: changed
sample: preserve
type: str
translate_address:
description: Specifies if address translation is enabled.
returned: changed
sample: enabled
type: str
translate_port:
description: Specifies if port translation is enabled.
returned: changed
sample: enabled
type: str