Try SpotterManage VLANs on a BIG-IP system
| "added in version" 1.0.0 of f5networks.f5_modules"
Authors: Tim Rupp (@caphrim007), Wojciech Wypior (@wojtek0806)
Install with ansible-galaxy collection install f5networks.f5_modules:==1.28.0
collections:
- name: f5networks.f5_modules
version: 1.28.0Manage VLANs on a BIG-IP system
- name: Create VLAN
bigip_vlan:
name: net1
provider:
password: secret
server: lb.mydomain.com
user: admin
delegate_to: localhost
- name: Set VLAN tag
bigip_vlan:
name: net1
tag: 2345
provider:
user: admin
password: secret
server: lb.mydomain.com
delegate_to: localhost
- name: Add VLAN 2345 as tagged to interface 1.1
bigip_vlan:
tagged_interface: 1.1
name: net1
tag: 2345
provider:
password: secret
server: lb.mydomain.com
user: admin
delegate_to: localhost
- name: Add VLAN 1234 as tagged to interfaces 1.1 and 1.2
bigip_vlan:
tagged_interfaces:
- 1.1
- 1.2
name: net1
tag: 1234
provider:
user: admin
password: secret
server: lb.mydomain.com
delegate_to: localhost
mtu:
description:
- Specifies the maximum transmission unit (MTU) for traffic on this VLAN. When creating
a new VLAN, if this parameter is not specified, the default value used is C(1500).
- This number must be between 576 to 9198.
type: int
tag:
description:
- Tag number for the VLAN. The tag number can be any integer between 1 and 4094. The
system automatically assigns a tag number if you do not specify a value.
type: int
name:
description:
- The VLAN to manage. If the special VLAN C(ALL) is specified with the C(state) value
of C(absent), all VLANs will be removed.
required: true
type: str
state:
choices:
- absent
- present
default: present
description:
- The state of the VLAN on the system. When C(present), guarantees the VLAN exists
with the provided attributes. When C(absent), removes the VLAN from the system.
type: str
cmp_hash:
choices:
- default
- destination-address
- source-address
- dst-ip
- src-ip
- dest
- destination
- source
- dst
- src
description:
- Specifies how the traffic on the VLAN is disaggregated. The value you select determines
the traffic disaggregation method. You can choose to disaggregate traffic based
on C(source-address) (the source IP address), C(destination-address) (destination
IP address), or C(default), which specifies the default CMP hash uses L4 ports.
- When creating a new VLAN, if this parameter is not specified, the default is C(default).
type: str
provider:
description:
- A dict object containing connection details.
suboptions:
auth_provider:
description:
- Configures the auth provider for to obtain authentication tokens from the remote
device.
- This option is really used when working with BIG-IQ devices.
type: str
no_f5_teem:
default: false
description:
- If C(yes), TEEM telemetry data is not sent to F5.
- You may omit this option by setting the environment variable C(F5_TELEMETRY_OFF).
- Previously used variable C(F5_TEEM) is deprecated as its name was confusing.
type: bool
password:
aliases:
- pass
- pwd
description:
- The password for the user account used to connect to the BIG-IP or the BIG-IQ.
- You may omit this option by setting the environment variable C(F5_PASSWORD).
required: true
type: str
server:
description:
- The BIG-IP host or the BIG-IQ host.
- You may omit this option by setting the environment variable C(F5_SERVER).
required: true
type: str
server_port:
default: 443
description:
- The BIG-IP server port.
- You may omit this option by setting the environment variable C(F5_SERVER_PORT).
type: int
timeout:
description:
- Specifies the timeout in seconds for communicating with the network device for
either connecting or sending commands. If the timeout is exceeded before the
operation is completed, the module will error.
type: int
transport:
choices:
- rest
default: rest
description:
- Configures the transport connection to use when connecting to the remote device.
type: str
user:
description:
- The username to connect to the BIG-IP or the BIG-IQ. This user must have administrative
privileges on the device.
- You may omit this option by setting the environment variable C(F5_USER).
required: true
type: str
validate_certs:
default: true
description:
- If C(no), SSL certificates are not validated. Use this only on personally controlled
sites using self-signed certificates.
- You may omit this option by setting the environment variable C(F5_VALIDATE_CERTS).
type: bool
type: dict
version_added: 1.0.0
version_added_collection: f5networks.f5_modules
fail_safe:
description:
- When C(true), specifies the VLAN takes the specified C(fail_safe_action) if the
system detects a loss of traffic on this VLAN's interfaces.
type: bool
partition:
default: Common
description:
- Device partition to manage resources on.
type: str
dag_tunnel:
choices:
- inner
- outer
description:
- Specifies how the disaggregator (DAG) distributes received tunnel-encapsulated packets
to TMM instances. Select C(inner) to distribute packets based on information in
inner headers. Select C(outer) to distribute packets based on information in outer
headers without inspecting inner headers.
- When creating a new VLAN, if this parameter is not specified, the default is C(outer).
- This parameter is not supported on Virtual Editions (VEs) of BIG-IP.
type: str
interfaces:
description:
- Interfaces you want to add to the VLAN. This can include both tagged and untagged
interfaces, as the C(tagging) parameter specifies.
- This parameter is mutually exclusive with the C(untagged_interfaces) and C(tagged_interfaces)
parameters.
elements: dict
suboptions:
interface:
description:
- The name of the interface
type: str
tagging:
choices:
- tagged
- untagged
description:
- Whether the interface is C(tagged) or C(untagged).
type: str
type: list
description:
description:
- The description of the VLAN.
type: str
source_check:
description:
- When C(true), specifies the system verifies the return route to an initial packet
is the same VLAN from which the packet originated.
- The system performs this verification only if the C(auto_last_hop) option is C(false).
type: bool
hw_syn_cookie:
description:
- Enables hardware syncookie mode on a VLAN.
- When C(true), the hardware per-VLAN SYN cookie protection is triggered when the
certain traffic threshold is reached on supported platforms.
type: bool
version_added: 1.3.0
version_added_collection: f5networks.f5_modules
dag_round_robin:
description:
- Specifies whether some of the stateless traffic on the VLAN should be disaggregated
in a round-robin order instead of using a static hash. The stateless traffic includes
non-IP L2 traffic, ICMP, some UDP protocols, and so on.
- When creating a new VLAN, if this parameter is not specified, the default is (false).
type: bool
fail_safe_action:
choices:
- reboot
- restart-all
- failover
description:
- Specifies the action the system takes when it does not detect any traffic on this
VLAN, and the C(fail_safe_timeout) has expired.
type: str
fail_safe_timeout:
description:
- Specifies the number of seconds a system can run without detecting network traffic
on this VLAN before it takes the C(fail_safe_action).
type: int
tagged_interfaces:
aliases:
- tagged_interface
description:
- Specifies a list of tagged interfaces and trunks you want to configure for the VLAN.
Use tagged interfaces or trunks when you want to assign a single interface or trunk
to multiple VLANs.
- This parameter is mutually exclusive with the C(untagged_interfaces) and C(interfaces)
parameters.
elements: str
type: list
sflow_poll_interval:
description:
- Specifies the maximum interval in seconds between two pollings.
type: int
sflow_sampling_rate:
description:
- Specifies the ratio of packets observed to the samples generated.
type: int
untagged_interfaces:
aliases:
- untagged_interface
description:
- Specifies a list of untagged interfaces and trunks you want to configure for the
VLAN.
- This parameter is mutually exclusive with the C(tagged_interfaces) and C(interfaces)
parameters.
elements: str
type: list
cmp_hash: description: New traffic disaggregation method. returned: changed sample: source-address type: str dag_tunnel: description: The new DAG tunnel setting. returned: changed sample: outer type: str description: description: The description set on the VLAN. returned: changed sample: foo VLAN type: str fail_safe: description: The new Fail Safe setting. returned: changed sample: false type: bool fail_safe_action: description: The new Fail Safe Action setting. returned: changed sample: reboot type: str fail_safe_timeout: description: The new Fail Safe Timeout setting. returned: changed sample: 90 type: int hw_syn_cookie: description: Enables hardware syncookie mode on a VLAN. returned: changed sample: false type: bool interfaces: description: Interfaces the VLAN is assigned to. returned: changed sample: - '1.1' - '1.2' type: list partition: description: The partition the VLAN was created on. returned: changed sample: Common type: str sflow_poll_interval: description: The new sFlow Polling Interval setting. returned: changed sample: 10 type: int sflow_sampling_rate: description: The new sFlow Sampling Rate setting. returned: changed sample: 20 type: int source_check: description: The new Source Check setting. returned: changed sample: true type: bool tag: description: The ID of the VLAN. returned: changed sample: 2345 type: int