Try SpotterConfigure BGP in Fortinet's FortiOS and FortiGate.
| "added in version" 2.8 of fortinet.fortios"
Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Hongbin Lu (@fgtdev-hblu), Frank Shen (@frankshen01), Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico)
preview | supported by community
Install with ansible-galaxy collection install fortinet.fortios:==1.1.7
collections:
- name: fortinet.fortios
version: 1.1.7This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify router feature and bgp category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.4.0
- hosts: fortigates
collections:
- fortinet.fortios
connection: httpapi
vars:
vdom: "root"
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
tasks:
- name: Configure BGP.
fortios_router_bgp:
vdom: "{{ vdom }}"
router_bgp:
additional_path: "enable"
additional_path_select: "4"
additional_path_select6: "5"
additional_path6: "enable"
admin_distance:
-
distance: "8"
id: "9"
neighbour_prefix: "<your_own_value>"
route_list: "<your_own_value> (source router.access-list.name)"
aggregate_address:
-
as_set: "enable"
id: "14"
prefix: "<your_own_value>"
summary_only: "enable"
aggregate_address6:
-
as_set: "enable"
id: "19"
prefix6: "<your_own_value>"
summary_only: "enable"
always_compare_med: "enable"
as: "23"
bestpath_as_path_ignore: "enable"
bestpath_cmp_confed_aspath: "enable"
bestpath_cmp_routerid: "enable"
bestpath_med_confed: "enable"
bestpath_med_missing_as_worst: "enable"
client_to_client_reflection: "enable"
cluster_id: "<your_own_value>"
confederation_identifier: "31"
confederation_peers:
-
peer: "<your_own_value>"
dampening: "enable"
dampening_max_suppress_time: "35"
dampening_reachability_half_life: "36"
dampening_reuse: "37"
dampening_route_map: "<your_own_value> (source router.route-map.name)"
dampening_suppress: "39"
dampening_unreachability_half_life: "40"
default_local_preference: "41"
deterministic_med: "enable"
distance_external: "43"
distance_internal: "44"
distance_local: "45"
ebgp_multipath: "enable"
enforce_first_as: "enable"
fast_external_failover: "enable"
graceful_end_on_timer: "enable"
graceful_restart: "enable"
graceful_restart_time: "51"
graceful_stalepath_time: "52"
graceful_update_delay: "53"
holdtime_timer: "54"
ibgp_multipath: "enable"
ignore_optional_capability: "enable"
keepalive_timer: "57"
log_neighbour_changes: "enable"
neighbor:
-
activate: "enable"
activate6: "enable"
additional_path: "send"
additional_path6: "send"
adv_additional_path: "64"
adv_additional_path6: "65"
advertisement_interval: "66"
allowas_in: "67"
allowas_in_enable: "enable"
allowas_in_enable6: "enable"
allowas_in6: "70"
as_override: "enable"
as_override6: "enable"
attribute_unchanged: "as-path"
attribute_unchanged6: "as-path"
bfd: "enable"
capability_default_originate: "enable"
capability_default_originate6: "enable"
capability_dynamic: "enable"
capability_graceful_restart: "enable"
capability_graceful_restart6: "enable"
capability_orf: "none"
capability_orf6: "none"
capability_route_refresh: "enable"
conditional_advertise:
-
advertise_routemap: "<your_own_value> (source router.route-map.name)"
condition_routemap: "<your_own_value> (source router.route-map.name)"
condition_type: "exist"
connect_timer: "88"
default_originate_routemap: "<your_own_value> (source router.route-map.name)"
default_originate_routemap6: "<your_own_value> (source router.route-map.name)"
description: "<your_own_value>"
distribute_list_in: "<your_own_value> (source router.access-list.name)"
distribute_list_in6: "<your_own_value> (source router.access-list6.name)"
distribute_list_out: "<your_own_value> (source router.access-list.name)"
distribute_list_out6: "<your_own_value> (source router.access-list6.name)"
dont_capability_negotiate: "enable"
ebgp_enforce_multihop: "enable"
ebgp_multihop_ttl: "98"
filter_list_in: "<your_own_value> (source router.aspath-list.name)"
filter_list_in6: "<your_own_value> (source router.aspath-list.name)"
filter_list_out: "<your_own_value> (source router.aspath-list.name)"
filter_list_out6: "<your_own_value> (source router.aspath-list.name)"
holdtime_timer: "103"
interface: "<your_own_value> (source system.interface.name)"
ip: "<your_own_value>"
keep_alive_timer: "106"
link_down_failover: "enable"
local_as: "108"
local_as_no_prepend: "enable"
local_as_replace_as: "enable"
maximum_prefix: "111"
maximum_prefix_threshold: "112"
maximum_prefix_threshold6: "113"
maximum_prefix_warning_only: "enable"
maximum_prefix_warning_only6: "enable"
maximum_prefix6: "116"
next_hop_self: "enable"
next_hop_self6: "enable"
override_capability: "enable"
passive: "enable"
password: "<your_own_value>"
prefix_list_in: "<your_own_value> (source router.prefix-list.name)"
prefix_list_in6: "<your_own_value> (source router.prefix-list6.name)"
prefix_list_out: "<your_own_value> (source router.prefix-list.name)"
prefix_list_out6: "<your_own_value> (source router.prefix-list6.name)"
remote_as: "126"
remove_private_as: "enable"
remove_private_as6: "enable"
restart_time: "129"
retain_stale_time: "130"
route_map_in: "<your_own_value> (source router.route-map.name)"
route_map_in6: "<your_own_value> (source router.route-map.name)"
route_map_out: "<your_own_value> (source router.route-map.name)"
route_map_out_preferable: "<your_own_value> (source router.route-map.name)"
route_map_out6: "<your_own_value> (source router.route-map.name)"
route_map_out6_preferable: "<your_own_value> (source router.route-map.name)"
route_reflector_client: "enable"
route_reflector_client6: "enable"
route_server_client: "enable"
route_server_client6: "enable"
send_community: "standard"
send_community6: "standard"
shutdown: "enable"
soft_reconfiguration: "enable"
soft_reconfiguration6: "enable"
stale_route: "enable"
strict_capability_match: "enable"
unsuppress_map: "<your_own_value> (source router.route-map.name)"
unsuppress_map6: "<your_own_value> (source router.route-map.name)"
update_source: "<your_own_value> (source system.interface.name)"
weight: "151"
neighbor_group:
-
activate: "enable"
activate6: "enable"
additional_path: "send"
additional_path6: "send"
adv_additional_path: "157"
adv_additional_path6: "158"
advertisement_interval: "159"
allowas_in: "160"
allowas_in_enable: "enable"
allowas_in_enable6: "enable"
allowas_in6: "163"
as_override: "enable"
as_override6: "enable"
attribute_unchanged: "as-path"
attribute_unchanged6: "as-path"
bfd: "enable"
capability_default_originate: "enable"
capability_default_originate6: "enable"
capability_dynamic: "enable"
capability_graceful_restart: "enable"
capability_graceful_restart6: "enable"
capability_orf: "none"
capability_orf6: "none"
capability_route_refresh: "enable"
connect_timer: "177"
default_originate_routemap: "<your_own_value> (source router.route-map.name)"
default_originate_routemap6: "<your_own_value> (source router.route-map.name)"
description: "<your_own_value>"
distribute_list_in: "<your_own_value> (source router.access-list.name)"
distribute_list_in6: "<your_own_value> (source router.access-list6.name)"
distribute_list_out: "<your_own_value> (source router.access-list.name)"
distribute_list_out6: "<your_own_value> (source router.access-list6.name)"
dont_capability_negotiate: "enable"
ebgp_enforce_multihop: "enable"
ebgp_multihop_ttl: "187"
filter_list_in: "<your_own_value> (source router.aspath-list.name)"
filter_list_in6: "<your_own_value> (source router.aspath-list.name)"
filter_list_out: "<your_own_value> (source router.aspath-list.name)"
filter_list_out6: "<your_own_value> (source router.aspath-list.name)"
holdtime_timer: "192"
interface: "<your_own_value> (source system.interface.name)"
keep_alive_timer: "194"
link_down_failover: "enable"
local_as: "196"
local_as_no_prepend: "enable"
local_as_replace_as: "enable"
maximum_prefix: "199"
maximum_prefix_threshold: "200"
maximum_prefix_threshold6: "201"
maximum_prefix_warning_only: "enable"
maximum_prefix_warning_only6: "enable"
maximum_prefix6: "204"
name: "default_name_205"
next_hop_self: "enable"
next_hop_self6: "enable"
override_capability: "enable"
passive: "enable"
prefix_list_in: "<your_own_value> (source router.prefix-list.name)"
prefix_list_in6: "<your_own_value> (source router.prefix-list6.name)"
prefix_list_out: "<your_own_value> (source router.prefix-list.name)"
prefix_list_out6: "<your_own_value> (source router.prefix-list6.name)"
remote_as: "214"
remove_private_as: "enable"
remove_private_as6: "enable"
restart_time: "217"
retain_stale_time: "218"
route_map_in: "<your_own_value> (source router.route-map.name)"
route_map_in6: "<your_own_value> (source router.route-map.name)"
route_map_out: "<your_own_value> (source router.route-map.name)"
route_map_out_preferable: "<your_own_value> (source router.route-map.name)"
route_map_out6: "<your_own_value> (source router.route-map.name)"
route_map_out6_preferable: "<your_own_value> (source router.route-map.name)"
route_reflector_client: "enable"
route_reflector_client6: "enable"
route_server_client: "enable"
route_server_client6: "enable"
send_community: "standard"
send_community6: "standard"
shutdown: "enable"
soft_reconfiguration: "enable"
soft_reconfiguration6: "enable"
stale_route: "enable"
strict_capability_match: "enable"
unsuppress_map: "<your_own_value> (source router.route-map.name)"
unsuppress_map6: "<your_own_value> (source router.route-map.name)"
update_source: "<your_own_value> (source system.interface.name)"
weight: "239"
neighbor_range:
-
id: "241"
max_neighbor_num: "242"
neighbor_group: "<your_own_value> (source router.bgp.neighbor-group.name)"
prefix: "<your_own_value>"
neighbor_range6:
-
id: "246"
max_neighbor_num: "247"
neighbor_group: "<your_own_value> (source router.bgp.neighbor-group.name)"
prefix6: "<your_own_value>"
network:
-
backdoor: "enable"
id: "252"
prefix: "<your_own_value>"
route_map: "<your_own_value> (source router.route-map.name)"
network_import_check: "enable"
network6:
-
backdoor: "enable"
id: "258"
prefix6: "<your_own_value>"
route_map: "<your_own_value> (source router.route-map.name)"
redistribute:
-
name: "default_name_262"
route_map: "<your_own_value> (source router.route-map.name)"
status: "enable"
redistribute6:
-
name: "default_name_266"
route_map: "<your_own_value> (source router.route-map.name)"
status: "enable"
router_id: "<your_own_value>"
scan_time: "270"
synchronization: "enable"
vrf_leak:
-
target:
-
interface: "<your_own_value> (source system.interface.name)"
route_map: "<your_own_value> (source router.route-map.name)"
vrf: "<your_own_value>"
vrf: "<your_own_value>"
vdom:
default: root
description:
- Virtual domain, among those defined previously. A vdom is a virtual instance of
the FortiGate that can be configured and used as a different unit.
type: str
router_bgp:
default: null
description:
- Configure BGP.
suboptions:
additional_path:
choices:
- enable
- disable
description:
- Enable/disable selection of BGP IPv4 additional paths.
type: str
additional_path6:
choices:
- enable
- disable
description:
- Enable/disable selection of BGP IPv6 additional paths.
type: str
additional_path_select:
description:
- Number of additional paths to be selected for each IPv4 NLRI.
type: int
additional_path_select6:
description:
- Number of additional paths to be selected for each IPv6 NLRI.
type: int
admin_distance:
description:
- Administrative distance modifications.
suboptions:
distance:
description:
- Administrative distance to apply (1 - 255).
type: int
id:
description:
- ID.
required: true
type: int
neighbour_prefix:
description:
- Neighbor address prefix.
type: str
route_list:
description:
- Access list of routes to apply new distance to. Source router.access-list.name.
type: str
type: list
aggregate_address:
description:
- BGP aggregate address table.
suboptions:
as_set:
choices:
- enable
- disable
description:
- Enable/disable generate AS set path information.
type: str
id:
description:
- ID.
required: true
type: int
prefix:
description:
- Aggregate prefix.
type: str
summary_only:
choices:
- enable
- disable
description:
- Enable/disable filter more specific routes from updates.
type: str
type: list
aggregate_address6:
description:
- BGP IPv6 aggregate address table.
suboptions:
as_set:
choices:
- enable
- disable
description:
- Enable/disable generate AS set path information.
type: str
id:
description:
- ID.
required: true
type: int
prefix6:
description:
- Aggregate IPv6 prefix.
type: str
summary_only:
choices:
- enable
- disable
description:
- Enable/disable filter more specific routes from updates.
type: str
type: list
always_compare_med:
choices:
- enable
- disable
description:
- Enable/disable always compare MED.
type: str
as:
description:
- Router AS number, valid from 1 to 4294967295, 0 to disable BGP.
type: int
bestpath_as_path_ignore:
choices:
- enable
- disable
description:
- Enable/disable ignore AS path.
type: str
bestpath_cmp_confed_aspath:
choices:
- enable
- disable
description:
- Enable/disable compare federation AS path length.
type: str
bestpath_cmp_routerid:
choices:
- enable
- disable
description:
- Enable/disable compare router ID for identical EBGP paths.
type: str
bestpath_med_confed:
choices:
- enable
- disable
description:
- Enable/disable compare MED among confederation paths.
type: str
bestpath_med_missing_as_worst:
choices:
- enable
- disable
description:
- Enable/disable treat missing MED as least preferred.
type: str
client_to_client_reflection:
choices:
- enable
- disable
description:
- Enable/disable client-to-client route reflection.
type: str
cluster_id:
description:
- Route reflector cluster ID.
type: str
confederation_identifier:
description:
- Confederation identifier.
type: int
confederation_peers:
description:
- Confederation peers.
suboptions:
peer:
description:
- Peer ID.
required: true
type: str
type: list
dampening:
choices:
- enable
- disable
description:
- Enable/disable route-flap dampening.
type: str
dampening_max_suppress_time:
description:
- Maximum minutes a route can be suppressed.
type: int
dampening_reachability_half_life:
description:
- Reachability half-life time for penalty (min).
type: int
dampening_reuse:
description:
- Threshold to reuse routes.
type: int
dampening_route_map:
description:
- Criteria for dampening. Source router.route-map.name.
type: str
dampening_suppress:
description:
- Threshold to suppress routes.
type: int
dampening_unreachability_half_life:
description:
- Unreachability half-life time for penalty (min).
type: int
default_local_preference:
description:
- Default local preference.
type: int
deterministic_med:
choices:
- enable
- disable
description:
- Enable/disable enforce deterministic comparison of MED.
type: str
distance_external:
description:
- Distance for routes external to the AS.
type: int
distance_internal:
description:
- Distance for routes internal to the AS.
type: int
distance_local:
description:
- Distance for routes local to the AS.
type: int
ebgp_multipath:
choices:
- enable
- disable
description:
- Enable/disable EBGP multi-path.
type: str
enforce_first_as:
choices:
- enable
- disable
description:
- Enable/disable enforce first AS for EBGP routes.
type: str
fast_external_failover:
choices:
- enable
- disable
description:
- Enable/disable reset peer BGP session if link goes down.
type: str
graceful_end_on_timer:
choices:
- enable
- disable
description:
- Enable/disable to exit graceful restart on timer only.
type: str
graceful_restart:
choices:
- enable
- disable
description:
- Enable/disable BGP graceful restart capabilities.
type: str
graceful_restart_time:
description:
- Time needed for neighbors to restart (sec).
type: int
graceful_stalepath_time:
description:
- Time to hold stale paths of restarting neighbor (sec).
type: int
graceful_update_delay:
description:
- Route advertisement/selection delay after restart (sec).
type: int
holdtime_timer:
description:
- Number of seconds to mark peer as dead.
type: int
ibgp_multipath:
choices:
- enable
- disable
description:
- Enable/disable IBGP multi-path.
type: str
ignore_optional_capability:
choices:
- enable
- disable
description:
- Don"t send unknown optional capability notification message
type: str
keepalive_timer:
description:
- Frequency to send keep alive requests.
type: int
log_neighbour_changes:
choices:
- enable
- disable
description:
- Enable logging of BGP neighbour"s changes
type: str
neighbor:
description:
- BGP neighbor table.
suboptions:
activate:
choices:
- enable
- disable
description:
- Enable/disable address family IPv4 for this neighbor.
type: str
activate6:
choices:
- enable
- disable
description:
- Enable/disable address family IPv6 for this neighbor.
type: str
additional_path:
choices:
- send
- receive
- both
- disable
description:
- Enable/disable IPv4 additional-path capability.
type: str
additional_path6:
choices:
- send
- receive
- both
- disable
description:
- Enable/disable IPv6 additional-path capability.
type: str
adv_additional_path:
description:
- Number of IPv4 additional paths that can be advertised to this neighbor.
type: int
adv_additional_path6:
description:
- Number of IPv6 additional paths that can be advertised to this neighbor.
type: int
advertisement_interval:
description:
- Minimum interval (sec) between sending updates.
type: int
allowas_in:
description:
- IPv4 The maximum number of occurrence of my AS number allowed.
type: int
allowas_in6:
description:
- IPv6 The maximum number of occurrence of my AS number allowed.
type: int
allowas_in_enable:
choices:
- enable
- disable
description:
- Enable/disable IPv4 Enable to allow my AS in AS path.
type: str
allowas_in_enable6:
choices:
- enable
- disable
description:
- Enable/disable IPv6 Enable to allow my AS in AS path.
type: str
as_override:
choices:
- enable
- disable
description:
- Enable/disable replace peer AS with own AS for IPv4.
type: str
as_override6:
choices:
- enable
- disable
description:
- Enable/disable replace peer AS with own AS for IPv6.
type: str
attribute_unchanged:
choices:
- as-path
- med
- next-hop
description:
- IPv4 List of attributes that should be unchanged.
type: str
attribute_unchanged6:
choices:
- as-path
- med
- next-hop
description:
- IPv6 List of attributes that should be unchanged.
type: str
bfd:
choices:
- enable
- disable
description:
- Enable/disable BFD for this neighbor.
type: str
capability_default_originate:
choices:
- enable
- disable
description:
- Enable/disable advertise default IPv4 route to this neighbor.
type: str
capability_default_originate6:
choices:
- enable
- disable
description:
- Enable/disable advertise default IPv6 route to this neighbor.
type: str
capability_dynamic:
choices:
- enable
- disable
description:
- Enable/disable advertise dynamic capability to this neighbor.
type: str
capability_graceful_restart:
choices:
- enable
- disable
description:
- Enable/disable advertise IPv4 graceful restart capability to this neighbor.
type: str
capability_graceful_restart6:
choices:
- enable
- disable
description:
- Enable/disable advertise IPv6 graceful restart capability to this neighbor.
type: str
capability_orf:
choices:
- none
- receive
- send
- both
description:
- Accept/Send IPv4 ORF lists to/from this neighbor.
type: str
capability_orf6:
choices:
- none
- receive
- send
- both
description:
- Accept/Send IPv6 ORF lists to/from this neighbor.
type: str
capability_route_refresh:
choices:
- enable
- disable
description:
- Enable/disable advertise route refresh capability to this neighbor.
type: str
conditional_advertise:
description:
- Conditional advertisement.
suboptions:
advertise_routemap:
description:
- Name of advertising route map. Source router.route-map.name.
type: str
condition_routemap:
description:
- Name of condition route map. Source router.route-map.name.
type: str
condition_type:
choices:
- exist
- non-exist
description:
- Type of condition.
type: str
type: list
connect_timer:
description:
- Interval (sec) for connect timer.
type: int
default_originate_routemap:
description:
- Route map to specify criteria to originate IPv4 default. Source router.route-map.name.
type: str
default_originate_routemap6:
description:
- Route map to specify criteria to originate IPv6 default. Source router.route-map.name.
type: str
description:
description:
- Description.
type: str
distribute_list_in:
description:
- Filter for IPv4 updates from this neighbor. Source router.access-list.name.
type: str
distribute_list_in6:
description:
- Filter for IPv6 updates from this neighbor. Source router.access-list6.name.
type: str
distribute_list_out:
description:
- Filter for IPv4 updates to this neighbor. Source router.access-list.name.
type: str
distribute_list_out6:
description:
- Filter for IPv6 updates to this neighbor. Source router.access-list6.name.
type: str
dont_capability_negotiate:
choices:
- enable
- disable
description:
- Don"t negotiate capabilities with this neighbor
type: str
ebgp_enforce_multihop:
choices:
- enable
- disable
description:
- Enable/disable allow multi-hop EBGP neighbors.
type: str
ebgp_multihop_ttl:
description:
- EBGP multihop TTL for this peer.
type: int
filter_list_in:
description:
- BGP filter for IPv4 inbound routes. Source router.aspath-list.name.
type: str
filter_list_in6:
description:
- BGP filter for IPv6 inbound routes. Source router.aspath-list.name.
type: str
filter_list_out:
description:
- BGP filter for IPv4 outbound routes. Source router.aspath-list.name.
type: str
filter_list_out6:
description:
- BGP filter for IPv6 outbound routes. Source router.aspath-list.name.
type: str
holdtime_timer:
description:
- Interval (sec) before peer considered dead.
type: int
interface:
description:
- Specify outgoing interface for peer connection. For IPv6 peer, the interface
should have link-local address. Source system .interface.name.
type: str
ip:
description:
- IP/IPv6 address of neighbor.
required: true
type: str
keep_alive_timer:
description:
- Keep alive timer interval (sec).
type: int
link_down_failover:
choices:
- enable
- disable
description:
- Enable/disable failover upon link down.
type: str
local_as:
description:
- Local AS number of neighbor.
type: int
local_as_no_prepend:
choices:
- enable
- disable
description:
- Do not prepend local-as to incoming updates.
type: str
local_as_replace_as:
choices:
- enable
- disable
description:
- Replace real AS with local-as in outgoing updates.
type: str
maximum_prefix:
description:
- Maximum number of IPv4 prefixes to accept from this peer.
type: int
maximum_prefix6:
description:
- Maximum number of IPv6 prefixes to accept from this peer.
type: int
maximum_prefix_threshold:
description:
- Maximum IPv4 prefix threshold value (1 - 100 percent).
type: int
maximum_prefix_threshold6:
description:
- Maximum IPv6 prefix threshold value (1 - 100 percent).
type: int
maximum_prefix_warning_only:
choices:
- enable
- disable
description:
- Enable/disable IPv4 Only give warning message when limit is exceeded.
type: str
maximum_prefix_warning_only6:
choices:
- enable
- disable
description:
- Enable/disable IPv6 Only give warning message when limit is exceeded.
type: str
next_hop_self:
choices:
- enable
- disable
description:
- Enable/disable IPv4 next-hop calculation for this neighbor.
type: str
next_hop_self6:
choices:
- enable
- disable
description:
- Enable/disable IPv6 next-hop calculation for this neighbor.
type: str
override_capability:
choices:
- enable
- disable
description:
- Enable/disable override result of capability negotiation.
type: str
passive:
choices:
- enable
- disable
description:
- Enable/disable sending of open messages to this neighbor.
type: str
password:
description:
- Password used in MD5 authentication.
type: str
prefix_list_in:
description:
- IPv4 Inbound filter for updates from this neighbor. Source router.prefix-list.name.
type: str
prefix_list_in6:
description:
- IPv6 Inbound filter for updates from this neighbor. Source router.prefix-list6.name.
type: str
prefix_list_out:
description:
- IPv4 Outbound filter for updates to this neighbor. Source router.prefix-list.name.
type: str
prefix_list_out6:
description:
- IPv6 Outbound filter for updates to this neighbor. Source router.prefix-list6.name.
type: str
remote_as:
description:
- AS number of neighbor.
type: int
remove_private_as:
choices:
- enable
- disable
description:
- Enable/disable remove private AS number from IPv4 outbound updates.
type: str
remove_private_as6:
choices:
- enable
- disable
description:
- Enable/disable remove private AS number from IPv6 outbound updates.
type: str
restart_time:
description:
- Graceful restart delay time (sec, 0 = global default).
type: int
retain_stale_time:
description:
- Time to retain stale routes.
type: int
route_map_in:
description:
- IPv4 Inbound route map filter. Source router.route-map.name.
type: str
route_map_in6:
description:
- IPv6 Inbound route map filter. Source router.route-map.name.
type: str
route_map_out:
description:
- IPv4 outbound route map filter. Source router.route-map.name.
type: str
route_map_out6:
description:
- IPv6 Outbound route map filter. Source router.route-map.name.
type: str
route_map_out6_preferable:
description:
- IPv6 outbound route map filter if the peer is preferred. Source router.route-map.name.
type: str
route_map_out_preferable:
description:
- IPv4 outbound route map filter if the peer is preferred. Source router.route-map.name.
type: str
route_reflector_client:
choices:
- enable
- disable
description:
- Enable/disable IPv4 AS route reflector client.
type: str
route_reflector_client6:
choices:
- enable
- disable
description:
- Enable/disable IPv6 AS route reflector client.
type: str
route_server_client:
choices:
- enable
- disable
description:
- Enable/disable IPv4 AS route server client.
type: str
route_server_client6:
choices:
- enable
- disable
description:
- Enable/disable IPv6 AS route server client.
type: str
send_community:
choices:
- standard
- extended
- both
- disable
description:
- IPv4 Send community attribute to neighbor.
type: str
send_community6:
choices:
- standard
- extended
- both
- disable
description:
- IPv6 Send community attribute to neighbor.
type: str
shutdown:
choices:
- enable
- disable
description:
- Enable/disable shutdown this neighbor.
type: str
soft_reconfiguration:
choices:
- enable
- disable
description:
- Enable/disable allow IPv4 inbound soft reconfiguration.
type: str
soft_reconfiguration6:
choices:
- enable
- disable
description:
- Enable/disable allow IPv6 inbound soft reconfiguration.
type: str
stale_route:
choices:
- enable
- disable
description:
- Enable/disable stale route after neighbor down.
type: str
strict_capability_match:
choices:
- enable
- disable
description:
- Enable/disable strict capability matching.
type: str
unsuppress_map:
description:
- IPv4 Route map to selectively unsuppress suppressed routes. Source router.route-map.name.
type: str
unsuppress_map6:
description:
- IPv6 Route map to selectively unsuppress suppressed routes. Source router.route-map.name.
type: str
update_source:
description:
- Interface to use as source IP/IPv6 address of TCP connections. Source system.interface.name.
type: str
weight:
description:
- Neighbor weight.
type: int
type: list
neighbor_group:
description:
- BGP neighbor group table.
suboptions:
activate:
choices:
- enable
- disable
description:
- Enable/disable address family IPv4 for this neighbor.
type: str
activate6:
choices:
- enable
- disable
description:
- Enable/disable address family IPv6 for this neighbor.
type: str
additional_path:
choices:
- send
- receive
- both
- disable
description:
- Enable/disable IPv4 additional-path capability.
type: str
additional_path6:
choices:
- send
- receive
- both
- disable
description:
- Enable/disable IPv6 additional-path capability.
type: str
adv_additional_path:
description:
- Number of IPv4 additional paths that can be advertised to this neighbor.
type: int
adv_additional_path6:
description:
- Number of IPv6 additional paths that can be advertised to this neighbor.
type: int
advertisement_interval:
description:
- Minimum interval (sec) between sending updates.
type: int
allowas_in:
description:
- IPv4 The maximum number of occurrence of my AS number allowed.
type: int
allowas_in6:
description:
- IPv6 The maximum number of occurrence of my AS number allowed.
type: int
allowas_in_enable:
choices:
- enable
- disable
description:
- Enable/disable IPv4 Enable to allow my AS in AS path.
type: str
allowas_in_enable6:
choices:
- enable
- disable
description:
- Enable/disable IPv6 Enable to allow my AS in AS path.
type: str
as_override:
choices:
- enable
- disable
description:
- Enable/disable replace peer AS with own AS for IPv4.
type: str
as_override6:
choices:
- enable
- disable
description:
- Enable/disable replace peer AS with own AS for IPv6.
type: str
attribute_unchanged:
choices:
- as-path
- med
- next-hop
description:
- IPv4 List of attributes that should be unchanged.
type: str
attribute_unchanged6:
choices:
- as-path
- med
- next-hop
description:
- IPv6 List of attributes that should be unchanged.
type: str
bfd:
choices:
- enable
- disable
description:
- Enable/disable BFD for this neighbor.
type: str
capability_default_originate:
choices:
- enable
- disable
description:
- Enable/disable advertise default IPv4 route to this neighbor.
type: str
capability_default_originate6:
choices:
- enable
- disable
description:
- Enable/disable advertise default IPv6 route to this neighbor.
type: str
capability_dynamic:
choices:
- enable
- disable
description:
- Enable/disable advertise dynamic capability to this neighbor.
type: str
capability_graceful_restart:
choices:
- enable
- disable
description:
- Enable/disable advertise IPv4 graceful restart capability to this neighbor.
type: str
capability_graceful_restart6:
choices:
- enable
- disable
description:
- Enable/disable advertise IPv6 graceful restart capability to this neighbor.
type: str
capability_orf:
choices:
- none
- receive
- send
- both
description:
- Accept/Send IPv4 ORF lists to/from this neighbor.
type: str
capability_orf6:
choices:
- none
- receive
- send
- both
description:
- Accept/Send IPv6 ORF lists to/from this neighbor.
type: str
capability_route_refresh:
choices:
- enable
- disable
description:
- Enable/disable advertise route refresh capability to this neighbor.
type: str
connect_timer:
description:
- Interval (sec) for connect timer.
type: int
default_originate_routemap:
description:
- Route map to specify criteria to originate IPv4 default. Source router.route-map.name.
type: str
default_originate_routemap6:
description:
- Route map to specify criteria to originate IPv6 default. Source router.route-map.name.
type: str
description:
description:
- Description.
type: str
distribute_list_in:
description:
- Filter for IPv4 updates from this neighbor. Source router.access-list.name.
type: str
distribute_list_in6:
description:
- Filter for IPv6 updates from this neighbor. Source router.access-list6.name.
type: str
distribute_list_out:
description:
- Filter for IPv4 updates to this neighbor. Source router.access-list.name.
type: str
distribute_list_out6:
description:
- Filter for IPv6 updates to this neighbor. Source router.access-list6.name.
type: str
dont_capability_negotiate:
choices:
- enable
- disable
description:
- Don"t negotiate capabilities with this neighbor
type: str
ebgp_enforce_multihop:
choices:
- enable
- disable
description:
- Enable/disable allow multi-hop EBGP neighbors.
type: str
ebgp_multihop_ttl:
description:
- EBGP multihop TTL for this peer.
type: int
filter_list_in:
description:
- BGP filter for IPv4 inbound routes. Source router.aspath-list.name.
type: str
filter_list_in6:
description:
- BGP filter for IPv6 inbound routes. Source router.aspath-list.name.
type: str
filter_list_out:
description:
- BGP filter for IPv4 outbound routes. Source router.aspath-list.name.
type: str
filter_list_out6:
description:
- BGP filter for IPv6 outbound routes. Source router.aspath-list.name.
type: str
holdtime_timer:
description:
- Interval (sec) before peer considered dead.
type: int
interface:
description:
- Specify outgoing interface for peer connection. For IPv6 peer, the interface
should have link-local address. Source system .interface.name.
type: str
keep_alive_timer:
description:
- Keep alive timer interval (sec).
type: int
link_down_failover:
choices:
- enable
- disable
description:
- Enable/disable failover upon link down.
type: str
local_as:
description:
- Local AS number of neighbor.
type: int
local_as_no_prepend:
choices:
- enable
- disable
description:
- Do not prepend local-as to incoming updates.
type: str
local_as_replace_as:
choices:
- enable
- disable
description:
- Replace real AS with local-as in outgoing updates.
type: str
maximum_prefix:
description:
- Maximum number of IPv4 prefixes to accept from this peer.
type: int
maximum_prefix6:
description:
- Maximum number of IPv6 prefixes to accept from this peer.
type: int
maximum_prefix_threshold:
description:
- Maximum IPv4 prefix threshold value (1 - 100 percent).
type: int
maximum_prefix_threshold6:
description:
- Maximum IPv6 prefix threshold value (1 - 100 percent).
type: int
maximum_prefix_warning_only:
choices:
- enable
- disable
description:
- Enable/disable IPv4 Only give warning message when limit is exceeded.
type: str
maximum_prefix_warning_only6:
choices:
- enable
- disable
description:
- Enable/disable IPv6 Only give warning message when limit is exceeded.
type: str
name:
description:
- Neighbor group name.
required: true
type: str
next_hop_self:
choices:
- enable
- disable
description:
- Enable/disable IPv4 next-hop calculation for this neighbor.
type: str
next_hop_self6:
choices:
- enable
- disable
description:
- Enable/disable IPv6 next-hop calculation for this neighbor.
type: str
override_capability:
choices:
- enable
- disable
description:
- Enable/disable override result of capability negotiation.
type: str
passive:
choices:
- enable
- disable
description:
- Enable/disable sending of open messages to this neighbor.
type: str
prefix_list_in:
description:
- IPv4 Inbound filter for updates from this neighbor. Source router.prefix-list.name.
type: str
prefix_list_in6:
description:
- IPv6 Inbound filter for updates from this neighbor. Source router.prefix-list6.name.
type: str
prefix_list_out:
description:
- IPv4 Outbound filter for updates to this neighbor. Source router.prefix-list.name.
type: str
prefix_list_out6:
description:
- IPv6 Outbound filter for updates to this neighbor. Source router.prefix-list6.name.
type: str
remote_as:
description:
- AS number of neighbor.
type: int
remove_private_as:
choices:
- enable
- disable
description:
- Enable/disable remove private AS number from IPv4 outbound updates.
type: str
remove_private_as6:
choices:
- enable
- disable
description:
- Enable/disable remove private AS number from IPv6 outbound updates.
type: str
restart_time:
description:
- Graceful restart delay time (sec, 0 = global default).
type: int
retain_stale_time:
description:
- Time to retain stale routes.
type: int
route_map_in:
description:
- IPv4 Inbound route map filter. Source router.route-map.name.
type: str
route_map_in6:
description:
- IPv6 Inbound route map filter. Source router.route-map.name.
type: str
route_map_out:
description:
- IPv4 outbound route map filter. Source router.route-map.name.
type: str
route_map_out6:
description:
- IPv6 Outbound route map filter. Source router.route-map.name.
type: str
route_map_out6_preferable:
description:
- IPv6 outbound route map filter if the peer is preferred. Source router.route-map.name.
type: str
route_map_out_preferable:
description:
- IPv4 outbound route map filter if the peer is preferred. Source router.route-map.name.
type: str
route_reflector_client:
choices:
- enable
- disable
description:
- Enable/disable IPv4 AS route reflector client.
type: str
route_reflector_client6:
choices:
- enable
- disable
description:
- Enable/disable IPv6 AS route reflector client.
type: str
route_server_client:
choices:
- enable
- disable
description:
- Enable/disable IPv4 AS route server client.
type: str
route_server_client6:
choices:
- enable
- disable
description:
- Enable/disable IPv6 AS route server client.
type: str
send_community:
choices:
- standard
- extended
- both
- disable
description:
- IPv4 Send community attribute to neighbor.
type: str
send_community6:
choices:
- standard
- extended
- both
- disable
description:
- IPv6 Send community attribute to neighbor.
type: str
shutdown:
choices:
- enable
- disable
description:
- Enable/disable shutdown this neighbor.
type: str
soft_reconfiguration:
choices:
- enable
- disable
description:
- Enable/disable allow IPv4 inbound soft reconfiguration.
type: str
soft_reconfiguration6:
choices:
- enable
- disable
description:
- Enable/disable allow IPv6 inbound soft reconfiguration.
type: str
stale_route:
choices:
- enable
- disable
description:
- Enable/disable stale route after neighbor down.
type: str
strict_capability_match:
choices:
- enable
- disable
description:
- Enable/disable strict capability matching.
type: str
unsuppress_map:
description:
- IPv4 Route map to selectively unsuppress suppressed routes. Source router.route-map.name.
type: str
unsuppress_map6:
description:
- IPv6 Route map to selectively unsuppress suppressed routes. Source router.route-map.name.
type: str
update_source:
description:
- Interface to use as source IP/IPv6 address of TCP connections. Source system.interface.name.
type: str
weight:
description:
- Neighbor weight.
type: int
type: list
neighbor_range:
description:
- BGP neighbor range table.
suboptions:
id:
description:
- Neighbor range ID.
required: true
type: int
max_neighbor_num:
description:
- Maximum number of neighbors.
type: int
neighbor_group:
description:
- Neighbor group name. Source router.bgp.neighbor-group.name.
type: str
prefix:
description:
- Neighbor range prefix.
type: str
type: list
neighbor_range6:
description:
- BGP IPv6 neighbor range table.
suboptions:
id:
description:
- IPv6 neighbor range ID.
required: true
type: int
max_neighbor_num:
description:
- Maximum number of neighbors.
type: int
neighbor_group:
description:
- Neighbor group name. Source router.bgp.neighbor-group.name.
type: str
prefix6:
description:
- IPv6 prefix.
type: str
type: list
network:
description:
- BGP network table.
suboptions:
backdoor:
choices:
- enable
- disable
description:
- Enable/disable route as backdoor.
type: str
id:
description:
- ID.
required: true
type: int
prefix:
description:
- Network prefix.
type: str
route_map:
description:
- Route map to modify generated route. Source router.route-map.name.
type: str
type: list
network6:
description:
- BGP IPv6 network table.
suboptions:
backdoor:
choices:
- enable
- disable
description:
- Enable/disable route as backdoor.
type: str
id:
description:
- ID.
required: true
type: int
prefix6:
description:
- Network IPv6 prefix.
type: str
route_map:
description:
- Route map to modify generated route. Source router.route-map.name.
type: str
type: list
network_import_check:
choices:
- enable
- disable
description:
- Enable/disable ensure BGP network route exists in IGP.
type: str
redistribute:
description:
- BGP IPv4 redistribute table.
suboptions:
name:
description:
- Distribute list entry name.
required: true
type: str
route_map:
description:
- Route map name. Source router.route-map.name.
type: str
status:
choices:
- enable
- disable
description:
- Status
type: str
type: list
redistribute6:
description:
- BGP IPv6 redistribute table.
suboptions:
name:
description:
- Distribute list entry name.
required: true
type: str
route_map:
description:
- Route map name. Source router.route-map.name.
type: str
status:
choices:
- enable
- disable
description:
- Status
type: str
type: list
router_id:
description:
- Router ID.
type: str
scan_time:
description:
- Background scanner interval (sec), 0 to disable it.
type: int
synchronization:
choices:
- enable
- disable
description:
- Enable/disable only advertise routes from iBGP if routes present in an IGP.
type: str
vrf_leak:
description:
- BGP VRF leaking table.
suboptions:
target:
description:
- Target VRF table.
suboptions:
interface:
description:
- Interface which is used to leak routes to target VRF. Source system.interface.name.
type: str
route_map:
description:
- Route map of VRF leaking. Source router.route-map.name.
type: str
vrf:
description:
- Target VRF ID <0 - 31>.
required: true
type: str
type: list
vrf:
description:
- Origin VRF ID <0 - 31>.
required: true
type: str
type: list
type: dict
access_token:
description:
- Token-based authentication. Generated from GUI of Fortigate.
required: false
type: str
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str