Try SpotterConfigure route maps in Fortinet's FortiOS and FortiGate.
| "added in version" 2.0.0 of fortinet.fortios"
Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Hongbin Lu (@fgtdev-hblu), Frank Shen (@frankshen01), Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico)
preview | supported by community
Install with ansible-galaxy collection install fortinet.fortios:==2.3.6
collections:
- name: fortinet.fortios
version: 2.3.6This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify router feature and route_map category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
- name: Configure route maps.
fortinet.fortios.fortios_router_route_map:
vdom: "{{ vdom }}"
state: "present"
access_token: "<your_own_value>"
router_route_map:
comments: "<your_own_value>"
name: "default_name_4"
rule:
-
action: "permit"
id: "7"
match_as_path: "<your_own_value> (source router.aspath-list.name)"
match_community: "<your_own_value> (source router.community-list.name)"
match_community_exact: "enable"
match_extcommunity: "<your_own_value> (source router.extcommunity-list.name)"
match_extcommunity_exact: "enable"
match_flags: "32767"
match_interface: "<your_own_value> (source system.interface.name)"
match_ip_address: "<your_own_value> (source router.access-list.name router.prefix-list.name)"
match_ip_nexthop: "<your_own_value> (source router.access-list.name router.prefix-list.name)"
match_ip6_address: "<your_own_value> (source router.access-list6.name router.prefix-list6.name)"
match_ip6_nexthop: "<your_own_value> (source router.access-list6.name router.prefix-list6.name)"
match_metric: ""
match_origin: "none"
match_route_type: "external-type1"
match_tag: ""
match_vrf: ""
set_aggregator_as: "0"
set_aggregator_ip: "<your_own_value>"
set_aspath:
-
as: "<your_own_value>"
set_aspath_action: "prepend"
set_atomic_aggregate: "enable"
set_community:
-
community: "<your_own_value>"
set_community_additive: "enable"
set_community_delete: "<your_own_value> (source router.community-list.name)"
set_dampening_max_suppress: "0"
set_dampening_reachability_half_life: "0"
set_dampening_reuse: "0"
set_dampening_suppress: "0"
set_dampening_unreachability_half_life: "0"
set_extcommunity_rt:
-
community: "<your_own_value>"
set_extcommunity_soo:
-
community: "<your_own_value>"
set_flags: "32767"
set_ip_nexthop: "<your_own_value>"
set_ip_prefsrc: "<your_own_value>"
set_ip6_nexthop: "<your_own_value>"
set_ip6_nexthop_local: "<your_own_value>"
set_local_preference: ""
set_metric: ""
set_metric_type: "external-type1"
set_origin: "none"
set_originator_id: "<your_own_value>"
set_priority: ""
set_route_tag: ""
set_tag: ""
set_vpnv4_nexthop: "<your_own_value>"
set_vpnv6_nexthop: "<your_own_value>"
set_vpnv6_nexthop_local: "<your_own_value>"
set_weight: ""
vdom:
default: root
description:
- Virtual domain, among those defined previously. A vdom is a virtual instance of
the FortiGate that can be configured and used as a different unit.
type: str
state:
choices:
- present
- absent
description:
- Indicates whether to create or remove the object.
required: true
type: str
enable_log:
default: false
description:
- Enable/Disable logging for task.
required: false
type: bool
member_path:
description:
- Member attribute path to operate on.
- Delimited by a slash character if there are more than one attribute.
- Parameter marked with member_path is legitimate for doing member operation.
type: str
access_token:
description:
- Token-based authentication. Generated from GUI of Fortigate.
required: false
type: str
member_state:
choices:
- present
- absent
description:
- Add or delete a member under specified attribute path.
- When member_state is specified, the state option is ignored.
type: str
router_route_map:
default: null
description:
- Configure route maps.
suboptions:
comments:
description:
- Optional comments.
type: str
name:
description:
- Name.
required: true
type: str
rule:
description:
- Rule.
elements: dict
suboptions:
action:
choices:
- permit
- deny
description:
- Action.
type: str
id:
description:
- Rule ID. see <a href='#notes'>Notes</a>.
required: true
type: int
match_as_path:
description:
- Match BGP AS path list. Source router.aspath-list.name.
type: str
match_community:
description:
- Match BGP community list. Source router.community-list.name.
type: str
match_community_exact:
choices:
- enable
- disable
description:
- Enable/disable exact matching of communities.
type: str
match_extcommunity:
description:
- Match BGP extended community list. Source router.extcommunity-list.name.
type: str
match_extcommunity_exact:
choices:
- enable
- disable
description:
- Enable/disable exact matching of extended communities.
type: str
match_flags:
description:
- BGP flag value to match (0 - 65535)
type: int
match_interface:
description:
- Match interface configuration. Source system.interface.name.
type: str
match_ip6_address:
description:
- Match IPv6 address permitted by access-list6 or prefix-list6. Source router.access-list6.name
router.prefix-list6.name.
type: str
match_ip6_nexthop:
description:
- Match next hop IPv6 address passed by access-list6 or prefix-list6. Source
router.access-list6.name router.prefix-list6.name.
type: str
match_ip_address:
description:
- Match IP address permitted by access-list or prefix-list. Source router.access-list.name
router.prefix-list.name.
type: str
match_ip_nexthop:
description:
- Match next hop IP address passed by access-list or prefix-list. Source router.access-list.name
router.prefix-list.name.
type: str
match_metric:
description:
- Match metric for redistribute routes.
type: int
match_origin:
choices:
- none
- egp
- igp
- incomplete
description:
- Match BGP origin code.
type: str
match_route_type:
choices:
- external-type1
- external-type2
- none
- '1'
- '2'
description:
- Match route type.
type: str
match_tag:
description:
- Match tag.
type: int
match_vrf:
description:
- Match VRF ID.
type: int
set_aggregator_as:
description:
- BGP aggregator AS.
type: int
set_aggregator_ip:
description:
- BGP aggregator IP.
type: str
set_aspath:
description:
- Prepend BGP AS path attribute.
elements: dict
suboptions:
as:
description:
- AS number (0 - 4294967295). Use quotes for repeating numbers, For example,
"1 1 2".
required: true
type: str
type: list
set_aspath_action:
choices:
- prepend
- replace
description:
- Specify preferred action of set-aspath.
type: str
set_atomic_aggregate:
choices:
- enable
- disable
description:
- Enable/disable BGP atomic aggregate attribute.
type: str
set_community:
description:
- BGP community attribute.
elements: dict
suboptions:
community:
description:
- 'Attribute: AA|AA:NN|internet|local-AS|no-advertise|no-export.'
required: true
type: str
type: list
set_community_additive:
choices:
- enable
- disable
description:
- Enable/disable adding set-community to existing community.
type: str
set_community_delete:
description:
- Delete communities matching community list. Source router.community-list.name.
type: str
set_dampening_max_suppress:
description:
- Maximum duration to suppress a route (1 - 255 min, 0 = unset).
type: int
set_dampening_reachability_half_life:
description:
- Reachability half-life time for the penalty (1 - 45 min, 0 = unset).
type: int
set_dampening_reuse:
description:
- Value to start reusing a route (1 - 20000, 0 = unset).
type: int
set_dampening_suppress:
description:
- Value to start suppressing a route (1 - 20000, 0 = unset).
type: int
set_dampening_unreachability_half_life:
description:
- Unreachability Half-life time for the penalty (1 - 45 min, 0 = unset).
type: int
set_extcommunity_rt:
description:
- Route Target extended community.
elements: dict
suboptions:
community:
description:
- AA:NN.
required: true
type: str
type: list
set_extcommunity_soo:
description:
- Site-of-Origin extended community.
elements: dict
suboptions:
community:
description:
- Community (format = AA:NN).
required: true
type: str
type: list
set_flags:
description:
- BGP flags value (0 - 65535)
type: int
set_ip6_nexthop:
description:
- IPv6 global address of next hop.
type: str
set_ip6_nexthop_local:
description:
- IPv6 local address of next hop.
type: str
set_ip_nexthop:
description:
- IP address of next hop.
type: str
set_ip_prefsrc:
description:
- IP address of preferred source.
type: str
set_local_preference:
description:
- BGP local preference path attribute.
type: int
set_metric:
description:
- Metric value.
type: int
set_metric_type:
choices:
- external-type1
- external-type2
- none
- '1'
- '2'
description:
- Metric type.
type: str
set_origin:
choices:
- none
- egp
- igp
- incomplete
description:
- BGP origin code.
type: str
set_originator_id:
description:
- BGP originator ID attribute.
type: str
set_priority:
description:
- Priority for routing table.
type: int
set_route_tag:
description:
- Route tag for routing table.
type: int
set_tag:
description:
- Tag value.
type: int
set_vpnv4_nexthop:
description:
- IP address of VPNv4 next-hop.
type: str
set_vpnv6_nexthop:
description:
- IPv6 global address of VPNv6 next-hop.
type: str
set_vpnv6_nexthop_local:
description:
- IPv6 link-local address of VPNv6 next-hop.
type: str
set_weight:
description:
- BGP weight for routing table.
type: int
type: list
type: dict
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str