Try SpotterConfigure IPv6 OSPF in Fortinet's FortiOS and FortiGate.
| "added in version" 2.0.0 of lix_fortinet.fortios"
Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Hongbin Lu (@fgtdev-hblu), Frank Shen (@frankshen01), Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico)
preview | supported by community
Install with ansible-galaxy collection install lix_fortinet.fortios:==102.2.120
collections:
- name: lix_fortinet.fortios
version: 102.2.120This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify router feature and ospf6 category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
- hosts: fortigates
collections:
- fortinet.fortios
connection: httpapi
vars:
vdom: "root"
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
tasks:
- name: Configure IPv6 OSPF.
fortios_router_ospf6:
vdom: "{{ vdom }}"
router_ospf6:
abr_type: "cisco"
area:
-
authentication: "none"
default_cost: "10"
id: "7"
ipsec_auth_alg: "md5"
ipsec_enc_alg: "null"
ipsec_keys:
-
auth_key: "<your_own_value>"
enc_key: "<your_own_value>"
spi: "0"
key_rollover_interval: "300"
nssa_default_information_originate: "enable"
nssa_default_information_originate_metric: "10"
nssa_default_information_originate_metric_type: "1"
nssa_redistribution: "enable"
nssa_translator_role: "candidate"
range:
-
advertise: "disable"
id: "22"
prefix6: "<your_own_value>"
stub_type: "no-summary"
type: "regular"
virtual_link:
-
authentication: "none"
dead_interval: "40"
hello_interval: "10"
ipsec_auth_alg: "md5"
ipsec_enc_alg: "null"
ipsec_keys:
-
auth_key: "<your_own_value>"
enc_key: "<your_own_value>"
spi: "0"
key_rollover_interval: "300"
name: "default_name_37"
peer: "<your_own_value>"
retransmit_interval: "5"
transmit_delay: "1"
auto_cost_ref_bandwidth: "1000"
bfd: "enable"
default_information_metric: "10"
default_information_metric_type: "1"
default_information_originate: "enable"
default_information_route_map: "<your_own_value> (source router.route-map.name)"
default_metric: "10"
log_neighbour_changes: "enable"
ospf6_interface:
-
area_id: "<your_own_value>"
authentication: "none"
bfd: "global"
cost: "0"
dead_interval: "0"
hello_interval: "0"
interface: "<your_own_value> (source system.interface.name)"
ipsec_auth_alg: "md5"
ipsec_enc_alg: "null"
ipsec_keys:
-
auth_key: "<your_own_value>"
enc_key: "<your_own_value>"
spi: "0"
key_rollover_interval: "300"
mtu: "0"
mtu_ignore: "enable"
name: "default_name_66"
neighbor:
-
cost: "0"
ip6: "<your_own_value>"
poll_interval: "10"
priority: "1"
network_type: "broadcast"
priority: "1"
retransmit_interval: "5"
status: "disable"
transmit_delay: "1"
passive_interface:
-
name: "default_name_78 (source system.interface.name)"
redistribute:
-
metric: "0"
metric_type: "1"
name: "default_name_82"
routemap: "<your_own_value> (source router.route-map.name)"
status: "enable"
restart_mode: "none"
restart_on_topology_change: "enable"
restart_period: "120"
router_id: "<your_own_value>"
spf_timers: "<your_own_value>"
summary_address:
-
advertise: "disable"
id: "92"
prefix6: "<your_own_value>"
tag: "0"
vdom:
default: root
description:
- Virtual domain, among those defined previously. A vdom is a virtual instance of
the FortiGate that can be configured and used as a different unit.
type: str
enable_log:
default: false
description:
- Enable/Disable logging for task.
required: false
type: bool
member_path:
description:
- Member attribute path to operate on.
- Delimited by a slash character if there are more than one attribute.
- Parameter marked with member_path is legitimate for doing member operation.
type: str
access_token:
description:
- Token-based authentication. Generated from GUI of Fortigate.
required: false
type: str
member_state:
choices:
- present
- absent
description:
- Add or delete a member under specified attribute path.
- When member_state is specified, the state option is ignored.
type: str
router_ospf6:
default: null
description:
- Configure IPv6 OSPF.
suboptions:
abr_type:
choices:
- cisco
- ibm
- standard
description:
- Area border router type.
type: str
area:
description:
- OSPF6 area configuration.
elements: dict
suboptions:
authentication:
choices:
- none
- ah
- esp
description:
- Authentication mode.
type: str
default_cost:
description:
- Summary default cost of stub or NSSA area.
type: int
id:
description:
- Area entry IP address.
type: str
ipsec_auth_alg:
choices:
- md5
- sha1
- sha256
- sha384
- sha512
description:
- Authentication algorithm.
type: str
ipsec_enc_alg:
choices:
- 'null'
- des
- 3des
- aes128
- aes192
- aes256
description:
- Encryption algorithm.
type: str
ipsec_keys:
description:
- IPsec authentication and encryption keys.
elements: dict
suboptions:
auth_key:
description:
- Authentication key.
type: str
enc_key:
description:
- Encryption key.
type: str
spi:
description:
- Security Parameters Index.
type: int
type: list
key_rollover_interval:
description:
- Key roll-over interval.
type: int
nssa_default_information_originate:
choices:
- enable
- disable
description:
- Enable/disable originate type 7 default into NSSA area.
type: str
nssa_default_information_originate_metric:
description:
- OSPFv3 default metric.
type: int
nssa_default_information_originate_metric_type:
choices:
- '1'
- '2'
description:
- OSPFv3 metric type for default routes.
type: str
nssa_redistribution:
choices:
- enable
- disable
description:
- Enable/disable redistribute into NSSA area.
type: str
nssa_translator_role:
choices:
- candidate
- never
- always
description:
- NSSA translator role type.
type: str
range:
description:
- OSPF6 area range configuration.
elements: dict
suboptions:
advertise:
choices:
- disable
- enable
description:
- Enable/disable advertise status.
type: str
id:
description:
- Range entry ID.
type: int
prefix6:
description:
- IPv6 prefix.
type: str
type: list
stub_type:
choices:
- no-summary
- summary
description:
- Stub summary setting.
type: str
type:
choices:
- regular
- nssa
- stub
description:
- Area type setting.
type: str
virtual_link:
description:
- OSPF6 virtual link configuration.
elements: dict
suboptions:
authentication:
choices:
- none
- ah
- esp
- area
description:
- Authentication mode.
type: str
dead_interval:
description:
- Dead interval.
type: int
hello_interval:
description:
- Hello interval.
type: int
ipsec_auth_alg:
choices:
- md5
- sha1
- sha256
- sha384
- sha512
description:
- Authentication algorithm.
type: str
ipsec_enc_alg:
choices:
- 'null'
- des
- 3des
- aes128
- aes192
- aes256
description:
- Encryption algorithm.
type: str
ipsec_keys:
description:
- IPsec authentication and encryption keys.
elements: dict
suboptions:
auth_key:
description:
- Authentication key.
type: str
enc_key:
description:
- Encryption key.
type: str
spi:
description:
- Security Parameters Index.
type: int
type: list
key_rollover_interval:
description:
- Key roll-over interval.
type: int
name:
description:
- Virtual link entry name.
type: str
peer:
description:
- A.B.C.D, peer router ID.
type: str
retransmit_interval:
description:
- Retransmit interval.
type: int
transmit_delay:
description:
- Transmit delay.
type: int
type: list
type: list
auto_cost_ref_bandwidth:
description:
- Reference bandwidth in terms of megabits per second.
type: int
bfd:
choices:
- enable
- disable
description:
- Enable/disable Bidirectional Forwarding Detection (BFD).
type: str
default_information_metric:
description:
- Default information metric.
type: int
default_information_metric_type:
choices:
- '1'
- '2'
description:
- Default information metric type.
type: str
default_information_originate:
choices:
- enable
- always
- disable
description:
- Enable/disable generation of default route.
type: str
default_information_route_map:
description:
- Default information route map. Source router.route-map.name.
type: str
default_metric:
description:
- Default metric of redistribute routes.
type: int
log_neighbour_changes:
choices:
- enable
- disable
description:
- Log OSPFv3 neighbor changes.
type: str
ospf6_interface:
description:
- OSPF6 interface configuration.
elements: dict
suboptions:
area_id:
description:
- A.B.C.D, in IPv4 address format.
type: str
authentication:
choices:
- none
- ah
- esp
- area
description:
- Authentication mode.
type: str
bfd:
choices:
- global
- enable
- disable
description:
- Enable/disable Bidirectional Forwarding Detection (BFD).
type: str
cost:
description:
- Cost of the interface, value range from 0 to 65535, 0 means auto-cost.
type: int
dead_interval:
description:
- Dead interval.
type: int
hello_interval:
description:
- Hello interval.
type: int
interface:
description:
- Configuration interface name. Source system.interface.name.
type: str
ipsec_auth_alg:
choices:
- md5
- sha1
- sha256
- sha384
- sha512
description:
- Authentication algorithm.
type: str
ipsec_enc_alg:
choices:
- 'null'
- des
- 3des
- aes128
- aes192
- aes256
description:
- Encryption algorithm.
type: str
ipsec_keys:
description:
- IPsec authentication and encryption keys.
elements: dict
suboptions:
auth_key:
description:
- Authentication key.
type: str
enc_key:
description:
- Encryption key.
type: str
spi:
description:
- Security Parameters Index.
type: int
type: list
key_rollover_interval:
description:
- Key roll-over interval.
type: int
mtu:
description:
- MTU for OSPFv3 packets.
type: int
mtu_ignore:
choices:
- enable
- disable
description:
- Enable/disable ignoring MTU field in DBD packets.
type: str
name:
description:
- Interface entry name.
type: str
neighbor:
description:
- OSPFv3 neighbors are used when OSPFv3 runs on non-broadcast media.
elements: dict
suboptions:
cost:
description:
- Cost of the interface, value range from 0 to 65535, 0 means auto-cost.
type: int
ip6:
description:
- IPv6 link local address of the neighbor.
type: str
poll_interval:
description:
- Poll interval time in seconds.
type: int
priority:
description:
- Priority.
type: int
type: list
network_type:
choices:
- broadcast
- point-to-point
- non-broadcast
- point-to-multipoint
- point-to-multipoint-non-broadcast
description:
- Network type.
type: str
priority:
description:
- Priority.
type: int
retransmit_interval:
description:
- Retransmit interval.
type: int
status:
choices:
- disable
- enable
description:
- Enable/disable OSPF6 routing on this interface.
type: str
transmit_delay:
description:
- Transmit delay.
type: int
type: list
passive_interface:
description:
- Passive interface configuration.
elements: dict
suboptions:
name:
description:
- Passive interface name. Source system.interface.name.
type: str
type: list
redistribute:
description:
- Redistribute configuration.
elements: dict
suboptions:
metric:
description:
- Redistribute metric setting.
type: int
metric_type:
choices:
- '1'
- '2'
description:
- Metric type.
type: str
name:
description:
- Redistribute name.
type: str
routemap:
description:
- Route map name. Source router.route-map.name.
type: str
status:
choices:
- enable
- disable
description:
- Status.
type: str
type: list
restart_mode:
choices:
- none
- graceful-restart
description:
- OSPFv3 restart mode (graceful or none).
type: str
restart_on_topology_change:
choices:
- enable
- disable
description:
- Enable/disable continuing graceful restart upon topology change.
type: str
restart_period:
description:
- Graceful restart period in seconds.
type: int
router_id:
description:
- A.B.C.D, in IPv4 address format.
type: str
spf_timers:
description:
- SPF calculation frequency.
type: str
summary_address:
description:
- IPv6 address summary configuration.
elements: dict
suboptions:
advertise:
choices:
- disable
- enable
description:
- Enable/disable advertise status.
type: str
id:
description:
- Summary address entry ID.
type: int
prefix6:
description:
- IPv6 prefix.
type: str
tag:
description:
- Tag value.
type: int
type: list
type: dict
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str