fortinet.fortios.fortios_router_bgp – Configure BGP in Fortinet’s FortiOS and FortiGate.
Note
This plugin is part of the fortinet.fortios collection (version 2.1.2).
You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install fortinet.fortios.
To use it in a playbook, specify: fortinet.fortios.fortios_router_bgp.
New in version 2.10: of fortinet.fortios
Synopsis
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify router feature and bgp category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
Parameters
| Parameter | Choices/Defaults | Comments | |||
|---|---|---|---|---|---|
| access_token
string
|
Token-based authentication. Generated from GUI of Fortigate.
|
||||
| enable_log
boolean
|
|
Enable/Disable logging for task.
|
|||
| router_bgp
dictionary
|
Configure BGP.
|
||||
| additional_path
string
|
|
Enable/disable selection of BGP IPv4 additional paths.
|
|||
| additional_path6
string
|
|
Enable/disable selection of BGP IPv6 additional paths.
|
|||
| additional_path_select
integer
|
Number of additional paths to be selected for each IPv4 NLRI.
|
||||
| additional_path_select6
integer
|
Number of additional paths to be selected for each IPv6 NLRI.
|
||||
| admin_distance
list / elements=string
|
Administrative distance modifications.
|
||||
| distance
integer
|
Administrative distance to apply (1 - 255).
|
||||
| id
integer / required
|
ID.
|
||||
| neighbour_prefix
string
|
Neighbor address prefix.
|
||||
| route_list
string
|
Access list of routes to apply new distance to. Source router.access-list.name.
|
||||
| aggregate_address
list / elements=string
|
BGP aggregate address table.
|
||||
| as_set
string
|
|
Enable/disable generate AS set path information.
|
|||
| id
integer / required
|
ID.
|
||||
| prefix
string
|
Aggregate prefix.
|
||||
| summary_only
string
|
|
Enable/disable filter more specific routes from updates.
|
|||
| aggregate_address6
list / elements=string
|
BGP IPv6 aggregate address table.
|
||||
| as_set
string
|
|
Enable/disable generate AS set path information.
|
|||
| id
integer / required
|
ID.
|
||||
| prefix6
string
|
Aggregate IPv6 prefix.
|
||||
| summary_only
string
|
|
Enable/disable filter more specific routes from updates.
|
|||
| always_compare_med
string
|
|
Enable/disable always compare MED.
|
|||
| as
integer
|
Router AS number, valid from 1 to 4294967295, 0 to disable BGP.
|
||||
| bestpath_as_path_ignore
string
|
|
Enable/disable ignore AS path.
|
|||
| bestpath_cmp_confed_aspath
string
|
|
Enable/disable compare federation AS path length.
|
|||
| bestpath_cmp_routerid
string
|
|
Enable/disable compare router ID for identical EBGP paths.
|
|||
| bestpath_med_confed
string
|
|
Enable/disable compare MED among confederation paths.
|
|||
| bestpath_med_missing_as_worst
string
|
|
Enable/disable treat missing MED as least preferred.
|
|||
| client_to_client_reflection
string
|
|
Enable/disable client-to-client route reflection.
|
|||
| cluster_id
string
|
Route reflector cluster ID.
|
||||
| confederation_identifier
integer
|
Confederation identifier.
|
||||
| confederation_peers
list / elements=string
|
Confederation peers.
|
||||
| peer
string / required
|
Peer ID.
|
||||
| dampening
string
|
|
Enable/disable route-flap dampening.
|
|||
| dampening_max_suppress_time
integer
|
Maximum minutes a route can be suppressed.
|
||||
| dampening_reachability_half_life
integer
|
Reachability half-life time for penalty (min).
|
||||
| dampening_reuse
integer
|
Threshold to reuse routes.
|
||||
| dampening_route_map
string
|
Criteria for dampening. Source router.route-map.name.
|
||||
| dampening_suppress
integer
|
Threshold to suppress routes.
|
||||
| dampening_unreachability_half_life
integer
|
Unreachability half-life time for penalty (min).
|
||||
| default_local_preference
integer
|
Default local preference.
|
||||
| deterministic_med
string
|
|
Enable/disable enforce deterministic comparison of MED.
|
|||
| distance_external
integer
|
Distance for routes external to the AS.
|
||||
| distance_internal
integer
|
Distance for routes internal to the AS.
|
||||
| distance_local
integer
|
Distance for routes local to the AS.
|
||||
| ebgp_multipath
string
|
|
Enable/disable EBGP multi-path.
|
|||
| enforce_first_as
string
|
|
Enable/disable enforce first AS for EBGP routes.
|
|||
| fast_external_failover
string
|
|
Enable/disable reset peer BGP session if link goes down.
|
|||
| graceful_end_on_timer
string
|
|
Enable/disable to exit graceful restart on timer only.
|
|||
| graceful_restart
string
|
|
Enable/disable BGP graceful restart capabilities.
|
|||
| graceful_restart_time
integer
|
Time needed for neighbors to restart (sec).
|
||||
| graceful_stalepath_time
integer
|
Time to hold stale paths of restarting neighbor (sec).
|
||||
| graceful_update_delay
integer
|
Route advertisement/selection delay after restart (sec).
|
||||
| holdtime_timer
integer
|
Number of seconds to mark peer as dead.
|
||||
| ibgp_multipath
string
|
|
Enable/disable IBGP multi-path.
|
|||
| ignore_optional_capability
string
|
|
Don"t send unknown optional capability notification message
|
|||
| keepalive_timer
integer
|
Frequency to send keep alive requests.
|
||||
| log_neighbour_changes
string
|
|
Enable logging of BGP neighbour"s changes
|
|||
| multipath_recursive_distance
string
|
|
Enable/disable use of recursive distance to select multipath.
|
|||
| neighbor
list / elements=string
|
BGP neighbor table.
|
||||
| activate
string
|
|
Enable/disable address family IPv4 for this neighbor.
|
|||
| activate6
string
|
|
Enable/disable address family IPv6 for this neighbor.
|
|||
| additional_path
string
|
|
Enable/disable IPv4 additional-path capability.
|
|||
| additional_path6
string
|
|
Enable/disable IPv6 additional-path capability.
|
|||
| adv_additional_path
integer
|
Number of IPv4 additional paths that can be advertised to this neighbor.
|
||||
| adv_additional_path6
integer
|
Number of IPv6 additional paths that can be advertised to this neighbor.
|
||||
| advertisement_interval
integer
|
Minimum interval (sec) between sending updates.
|
||||
| allowas_in
integer
|
IPv4 The maximum number of occurrence of my AS number allowed.
|
||||
| allowas_in6
integer
|
IPv6 The maximum number of occurrence of my AS number allowed.
|
||||
| allowas_in_enable
string
|
|
Enable/disable IPv4 Enable to allow my AS in AS path.
|
|||
| allowas_in_enable6
string
|
|
Enable/disable IPv6 Enable to allow my AS in AS path.
|
|||
| as_override
string
|
|
Enable/disable replace peer AS with own AS for IPv4.
|
|||
| as_override6
string
|
|
Enable/disable replace peer AS with own AS for IPv6.
|
|||
| attribute_unchanged
list / elements=string
|
|
IPv4 List of attributes that should be unchanged.
|
|||
| attribute_unchanged6
list / elements=string
|
|
IPv6 List of attributes that should be unchanged.
|
|||
| bfd
string
|
|
Enable/disable BFD for this neighbor.
|
|||
| capability_default_originate
string
|
|
Enable/disable advertise default IPv4 route to this neighbor.
|
|||
| capability_default_originate6
string
|
|
Enable/disable advertise default IPv6 route to this neighbor.
|
|||
| capability_dynamic
string
|
|
Enable/disable advertise dynamic capability to this neighbor.
|
|||
| capability_graceful_restart
string
|
|
Enable/disable advertise IPv4 graceful restart capability to this neighbor.
|
|||
| capability_graceful_restart6
string
|
|
Enable/disable advertise IPv6 graceful restart capability to this neighbor.
|
|||
| capability_orf
string
|
|
Accept/Send IPv4 ORF lists to/from this neighbor.
|
|||
| capability_orf6
string
|
|
Accept/Send IPv6 ORF lists to/from this neighbor.
|
|||
| capability_route_refresh
string
|
|
Enable/disable advertise route refresh capability to this neighbor.
|
|||
| conditional_advertise
list / elements=string
|
Conditional advertisement.
|
||||
| advertise_routemap
string
|
Name of advertising route map. Source router.route-map.name.
|
||||
| condition_routemap
string
|
Name of condition route map. Source router.route-map.name.
|
||||
| condition_type
string
|
|
Type of condition.
|
|||
| connect_timer
integer
|
Interval (sec) for connect timer.
|
||||
| default_originate_routemap
string
|
Route map to specify criteria to originate IPv4 default. Source router.route-map.name.
|
||||
| default_originate_routemap6
string
|
Route map to specify criteria to originate IPv6 default. Source router.route-map.name.
|
||||
| description
string
|
Description.
|
||||
| distribute_list_in
string
|
Filter for IPv4 updates from this neighbor. Source router.access-list.name.
|
||||
| distribute_list_in6
string
|
Filter for IPv6 updates from this neighbor. Source router.access-list6.name.
|
||||
| distribute_list_out
string
|
Filter for IPv4 updates to this neighbor. Source router.access-list.name.
|
||||
| distribute_list_out6
string
|
Filter for IPv6 updates to this neighbor. Source router.access-list6.name.
|
||||
| dont_capability_negotiate
string
|
|
Don"t negotiate capabilities with this neighbor
|
|||
| ebgp_enforce_multihop
string
|
|
Enable/disable allow multi-hop EBGP neighbors.
|
|||
| ebgp_multihop_ttl
integer
|
EBGP multihop TTL for this peer.
|
||||
| filter_list_in
string
|
BGP filter for IPv4 inbound routes. Source router.aspath-list.name.
|
||||
| filter_list_in6
string
|
BGP filter for IPv6 inbound routes. Source router.aspath-list.name.
|
||||
| filter_list_out
string
|
BGP filter for IPv4 outbound routes. Source router.aspath-list.name.
|
||||
| filter_list_out6
string
|
BGP filter for IPv6 outbound routes. Source router.aspath-list.name.
|
||||
| holdtime_timer
integer
|
Interval (sec) before peer considered dead.
|
||||
| interface
string
|
Interface Source system.interface.name.
|
||||
| ip
string / required
|
IP/IPv6 address of neighbor.
|
||||
| keep_alive_timer
integer
|
Keep alive timer interval (sec).
|
||||
| link_down_failover
string
|
|
Enable/disable failover upon link down.
|
|||
| local_as
integer
|
Local AS number of neighbor.
|
||||
| local_as_no_prepend
string
|
|
Do not prepend local-as to incoming updates.
|
|||
| local_as_replace_as
string
|
|
Replace real AS with local-as in outgoing updates.
|
|||
| maximum_prefix
integer
|
Maximum number of IPv4 prefixes to accept from this peer.
|
||||
| maximum_prefix6
integer
|
Maximum number of IPv6 prefixes to accept from this peer.
|
||||
| maximum_prefix_threshold
integer
|
Maximum IPv4 prefix threshold value (1 - 100 percent).
|
||||
| maximum_prefix_threshold6
integer
|
Maximum IPv6 prefix threshold value (1 - 100 percent).
|
||||
| maximum_prefix_warning_only
string
|
|
Enable/disable IPv4 Only give warning message when limit is exceeded.
|
|||
| maximum_prefix_warning_only6
string
|
|
Enable/disable IPv6 Only give warning message when limit is exceeded.
|
|||
| next_hop_self
string
|
|
Enable/disable IPv4 next-hop calculation for this neighbor.
|
|||
| next_hop_self6
string
|
|
Enable/disable IPv6 next-hop calculation for this neighbor.
|
|||
| next_hop_self_rr
string
|
|
Enable/disable setting nexthop"s address to interface"s IPv4 address for route-reflector routes.
|
|||
| next_hop_self_rr6
string
|
|
Enable/disable setting nexthop"s address to interface"s IPv6 address for route-reflector routes.
|
|||
| override_capability
string
|
|
Enable/disable override result of capability negotiation.
|
|||
| passive
string
|
|
Enable/disable sending of open messages to this neighbor.
|
|||
| password
string
|
Password used in MD5 authentication.
|
||||
| prefix_list_in
string
|
IPv4 Inbound filter for updates from this neighbor. Source router.prefix-list.name.
|
||||
| prefix_list_in6
string
|
IPv6 Inbound filter for updates from this neighbor. Source router.prefix-list6.name.
|
||||
| prefix_list_out
string
|
IPv4 Outbound filter for updates to this neighbor. Source router.prefix-list.name.
|
||||
| prefix_list_out6
string
|
IPv6 Outbound filter for updates to this neighbor. Source router.prefix-list6.name.
|
||||
| remote_as
integer
|
AS number of neighbor.
|
||||
| remove_private_as
string
|
|
Enable/disable remove private AS number from IPv4 outbound updates.
|
|||
| remove_private_as6
string
|
|
Enable/disable remove private AS number from IPv6 outbound updates.
|
|||
| restart_time
integer
|
Graceful restart delay time (sec, 0 = global default).
|
||||
| retain_stale_time
integer
|
Time to retain stale routes.
|
||||
| route_map_in
string
|
IPv4 Inbound route map filter. Source router.route-map.name.
|
||||
| route_map_in6
string
|
IPv6 Inbound route map filter. Source router.route-map.name.
|
||||
| route_map_out
string
|
IPv4 Outbound route map filter. Source router.route-map.name.
|
||||
| route_map_out6
string
|
IPv6 Outbound route map filter. Source router.route-map.name.
|
||||
| route_map_out6_preferable
string
|
IPv6 outbound route map filter if the peer is preferred. Source router.route-map.name.
|
||||
| route_map_out_preferable
string
|
IPv4 outbound route map filter if the peer is preferred. Source router.route-map.name.
|
||||
| route_reflector_client
string
|
|
Enable/disable IPv4 AS route reflector client.
|
|||
| route_reflector_client6
string
|
|
Enable/disable IPv6 AS route reflector client.
|
|||
| route_server_client
string
|
|
Enable/disable IPv4 AS route server client.
|
|||
| route_server_client6
string
|
|
Enable/disable IPv6 AS route server client.
|
|||
| send_community
string
|
|
IPv4 Send community attribute to neighbor.
|
|||
| send_community6
string
|
|
IPv6 Send community attribute to neighbor.
|
|||
| shutdown
string
|
|
Enable/disable shutdown this neighbor.
|
|||
| soft_reconfiguration
string
|
|
Enable/disable allow IPv4 inbound soft reconfiguration.
|
|||
| soft_reconfiguration6
string
|
|
Enable/disable allow IPv6 inbound soft reconfiguration.
|
|||
| stale_route
string
|
|
Enable/disable stale route after neighbor down.
|
|||
| strict_capability_match
string
|
|
Enable/disable strict capability matching.
|
|||
| unsuppress_map
string
|
IPv4 Route map to selectively unsuppress suppressed routes. Source router.route-map.name.
|
||||
| unsuppress_map6
string
|
IPv6 Route map to selectively unsuppress suppressed routes. Source router.route-map.name.
|
||||
| update_source
string
|
Interface to use as source IP/IPv6 address of TCP connections. Source system.interface.name.
|
||||
| weight
integer
|
Neighbor weight.
|
||||
| neighbor_group
list / elements=string
|
BGP neighbor group table.
|
||||
| activate
string
|
|
Enable/disable address family IPv4 for this neighbor.
|
|||
| activate6
string
|
|
Enable/disable address family IPv6 for this neighbor.
|
|||
| additional_path
string
|
|
Enable/disable IPv4 additional-path capability.
|
|||
| additional_path6
string
|
|
Enable/disable IPv6 additional-path capability.
|
|||
| adv_additional_path
integer
|
Number of IPv4 additional paths that can be advertised to this neighbor.
|
||||
| adv_additional_path6
integer
|
Number of IPv6 additional paths that can be advertised to this neighbor.
|
||||
| advertisement_interval
integer
|
Minimum interval (sec) between sending updates.
|
||||
| allowas_in
integer
|
IPv4 The maximum number of occurrence of my AS number allowed.
|
||||
| allowas_in6
integer
|
IPv6 The maximum number of occurrence of my AS number allowed.
|
||||
| allowas_in_enable
string
|
|
Enable/disable IPv4 Enable to allow my AS in AS path.
|
|||
| allowas_in_enable6
string
|
|
Enable/disable IPv6 Enable to allow my AS in AS path.
|
|||
| as_override
string
|
|
Enable/disable replace peer AS with own AS for IPv4.
|
|||
| as_override6
string
|
|
Enable/disable replace peer AS with own AS for IPv6.
|
|||
| attribute_unchanged
string
|
|
IPv4 List of attributes that should be unchanged.
|
|||
| attribute_unchanged6
string
|
|
IPv6 List of attributes that should be unchanged.
|
|||
| bfd
string
|
|
Enable/disable BFD for this neighbor.
|
|||
| capability_default_originate
string
|
|
Enable/disable advertise default IPv4 route to this neighbor.
|
|||
| capability_default_originate6
string
|
|
Enable/disable advertise default IPv6 route to this neighbor.
|
|||
| capability_dynamic
string
|
|
Enable/disable advertise dynamic capability to this neighbor.
|
|||
| capability_graceful_restart
string
|
|
Enable/disable advertise IPv4 graceful restart capability to this neighbor.
|
|||
| capability_graceful_restart6
string
|
|
Enable/disable advertise IPv6 graceful restart capability to this neighbor.
|
|||
| capability_orf
string
|
|
Accept/Send IPv4 ORF lists to/from this neighbor.
|
|||
| capability_orf6
string
|
|
Accept/Send IPv6 ORF lists to/from this neighbor.
|
|||
| capability_route_refresh
string
|
|
Enable/disable advertise route refresh capability to this neighbor.
|
|||
| connect_timer
integer
|
Interval (sec) for connect timer.
|
||||
| default_originate_routemap
string
|
Route map to specify criteria to originate IPv4 default. Source router.route-map.name.
|
||||
| default_originate_routemap6
string
|
Route map to specify criteria to originate IPv6 default. Source router.route-map.name.
|
||||
| description
string
|
Description.
|
||||
| distribute_list_in
string
|
Filter for IPv4 updates from this neighbor. Source router.access-list.name.
|
||||
| distribute_list_in6
string
|
Filter for IPv6 updates from this neighbor. Source router.access-list6.name.
|
||||
| distribute_list_out
string
|
Filter for IPv4 updates to this neighbor. Source router.access-list.name.
|
||||
| distribute_list_out6
string
|
Filter for IPv6 updates to this neighbor. Source router.access-list6.name.
|
||||
| dont_capability_negotiate
string
|
|
Don"t negotiate capabilities with this neighbor
|
|||
| ebgp_enforce_multihop
string
|
|
Enable/disable allow multi-hop EBGP neighbors.
|
|||
| ebgp_multihop_ttl
integer
|
EBGP multihop TTL for this peer.
|
||||
| filter_list_in
string
|
BGP filter for IPv4 inbound routes. Source router.aspath-list.name.
|
||||
| filter_list_in6
string
|
BGP filter for IPv6 inbound routes. Source router.aspath-list.name.
|
||||
| filter_list_out
string
|
BGP filter for IPv4 outbound routes. Source router.aspath-list.name.
|
||||
| filter_list_out6
string
|
BGP filter for IPv6 outbound routes. Source router.aspath-list.name.
|
||||
| holdtime_timer
integer
|
Interval (sec) before peer considered dead.
|
||||
| interface
string
|
Interface Source system.interface.name.
|
||||
| keep_alive_timer
integer
|
Keep alive timer interval (sec).
|
||||
| link_down_failover
string
|
|
Enable/disable failover upon link down.
|
|||
| local_as
integer
|
Local AS number of neighbor.
|
||||
| local_as_no_prepend
string
|
|
Do not prepend local-as to incoming updates.
|
|||
| local_as_replace_as
string
|
|
Replace real AS with local-as in outgoing updates.
|
|||
| maximum_prefix
integer
|
Maximum number of IPv4 prefixes to accept from this peer.
|
||||
| maximum_prefix6
integer
|
Maximum number of IPv6 prefixes to accept from this peer.
|
||||
| maximum_prefix_threshold
integer
|
Maximum IPv4 prefix threshold value (1 - 100 percent).
|
||||
| maximum_prefix_threshold6
integer
|
Maximum IPv6 prefix threshold value (1 - 100 percent).
|
||||
| maximum_prefix_warning_only
string
|
|
Enable/disable IPv4 Only give warning message when limit is exceeded.
|
|||
| maximum_prefix_warning_only6
string
|
|
Enable/disable IPv6 Only give warning message when limit is exceeded.
|
|||
| name
string / required
|
Neighbor group name.
|
||||
| next_hop_self
string
|
|
Enable/disable IPv4 next-hop calculation for this neighbor.
|
|||
| next_hop_self6
string
|
|
Enable/disable IPv6 next-hop calculation for this neighbor.
|
|||
| next_hop_self_rr
string
|
|
Enable/disable setting nexthop"s address to interface"s IPv4 address for route-reflector routes.
|
|||
| next_hop_self_rr6
string
|
|
Enable/disable setting nexthop"s address to interface"s IPv6 address for route-reflector routes.
|
|||
| override_capability
string
|
|
Enable/disable override result of capability negotiation.
|
|||
| passive
string
|
|
Enable/disable sending of open messages to this neighbor.
|
|||
| prefix_list_in
string
|
IPv4 Inbound filter for updates from this neighbor. Source router.prefix-list.name.
|
||||
| prefix_list_in6
string
|
IPv6 Inbound filter for updates from this neighbor. Source router.prefix-list6.name.
|
||||
| prefix_list_out
string
|
IPv4 Outbound filter for updates to this neighbor. Source router.prefix-list.name.
|
||||
| prefix_list_out6
string
|
IPv6 Outbound filter for updates to this neighbor. Source router.prefix-list6.name.
|
||||
| remote_as
integer
|
AS number of neighbor.
|
||||
| remove_private_as
string
|
|
Enable/disable remove private AS number from IPv4 outbound updates.
|
|||
| remove_private_as6
string
|
|
Enable/disable remove private AS number from IPv6 outbound updates.
|
|||
| restart_time
integer
|
Graceful restart delay time (sec, 0 = global default).
|
||||
| retain_stale_time
integer
|
Time to retain stale routes.
|
||||
| route_map_in
string
|
IPv4 Inbound route map filter. Source router.route-map.name.
|
||||
| route_map_in6
string
|
IPv6 Inbound route map filter. Source router.route-map.name.
|
||||
| route_map_out
string
|
IPv4 Outbound route map filter. Source router.route-map.name.
|
||||
| route_map_out6
string
|
IPv6 Outbound route map filter. Source router.route-map.name.
|
||||
| route_map_out6_preferable
string
|
IPv6 outbound route map filter if the peer is preferred. Source router.route-map.name.
|
||||
| route_map_out_preferable
string
|
IPv4 outbound route map filter if the peer is preferred. Source router.route-map.name.
|
||||
| route_reflector_client
string
|
|
Enable/disable IPv4 AS route reflector client.
|
|||
| route_reflector_client6
string
|
|
Enable/disable IPv6 AS route reflector client.
|
|||
| route_server_client
string
|
|
Enable/disable IPv4 AS route server client.
|
|||
| route_server_client6
string
|
|
Enable/disable IPv6 AS route server client.
|
|||
| send_community
string
|
|
IPv4 Send community attribute to neighbor.
|
|||
| send_community6
string
|
|
IPv6 Send community attribute to neighbor.
|
|||
| shutdown
string
|
|
Enable/disable shutdown this neighbor.
|
|||
| soft_reconfiguration
string
|
|
Enable/disable allow IPv4 inbound soft reconfiguration.
|
|||
| soft_reconfiguration6
string
|
|
Enable/disable allow IPv6 inbound soft reconfiguration.
|
|||
| stale_route
string
|
|
Enable/disable stale route after neighbor down.
|
|||
| strict_capability_match
string
|
|
Enable/disable strict capability matching.
|
|||
| unsuppress_map
string
|
IPv4 Route map to selectively unsuppress suppressed routes. Source router.route-map.name.
|
||||
| unsuppress_map6
string
|
IPv6 Route map to selectively unsuppress suppressed routes. Source router.route-map.name.
|
||||
| update_source
string
|
Interface to use as source IP/IPv6 address of TCP connections. Source system.interface.name.
|
||||
| weight
integer
|
Neighbor weight.
|
||||
| neighbor_range
list / elements=string
|
BGP neighbor range table.
|
||||
| id
integer / required
|
Neighbor range ID.
|
||||
| max_neighbor_num
integer
|
Maximum number of neighbors.
|
||||
| neighbor_group
string
|
Neighbor group name. Source router.bgp.neighbor-group.name.
|
||||
| prefix
string
|
Neighbor range prefix.
|
||||
| neighbor_range6
list / elements=string
|
BGP IPv6 neighbor range table.
|
||||
| id
integer / required
|
IPv6 neighbor range ID.
|
||||
| max_neighbor_num
integer
|
Maximum number of neighbors.
|
||||
| neighbor_group
string
|
Neighbor group name. Source router.bgp.neighbor-group.name.
|
||||
| prefix6
string
|
IPv6 prefix.
|
||||
| network
list / elements=string
|
BGP network table.
|
||||
| backdoor
string
|
|
Enable/disable route as backdoor.
|
|||
| id
integer / required
|
ID.
|
||||
| prefix
string
|
Network prefix.
|
||||
| route_map
string
|
Route map to modify generated route. Source router.route-map.name.
|
||||
| network6
list / elements=string
|
BGP IPv6 network table.
|
||||
| backdoor
string
|
|
Enable/disable route as backdoor.
|
|||
| id
integer / required
|
ID.
|
||||
| prefix6
string
|
Network IPv6 prefix.
|
||||
| route_map
string
|
Route map to modify generated route. Source router.route-map.name.
|
||||
| network_import_check
string
|
|
Enable/disable ensure BGP network route exists in IGP.
|
|||
| recursive_next_hop
string
|
|
Enable/disable recursive resolution of next-hop using BGP route.
|
|||
| redistribute
list / elements=string
|
BGP IPv4 redistribute table.
|
||||
| name
string / required
|
Distribute list entry name.
|
||||
| route_map
string
|
Route map name. Source router.route-map.name.
|
||||
| status
string
|
|
Status
|
|||
| redistribute6
list / elements=string
|
BGP IPv6 redistribute table.
|
||||
| name
string / required
|
Distribute list entry name.
|
||||
| route_map
string
|
Route map name. Source router.route-map.name.
|
||||
| status
string
|
|
Status
|
|||
| router_id
string
|
Router ID.
|
||||
| scan_time
integer
|
Background scanner interval (sec), 0 to disable it.
|
||||
| synchronization
string
|
|
Enable/disable only advertise routes from iBGP if routes present in an IGP.
|
|||
| vrf_leak
list / elements=string
|
BGP VRF leaking table.
|
||||
| target
list / elements=string
|
Target VRF table.
|
||||
| interface
string
|
Interface which is used to leak routes to target VRF. Source system.interface.name.
|
||||
| route_map
string
|
Route map of VRF leaking. Source router.route-map.name.
|
||||
| vrf
string / required
|
Target VRF ID <0 - 31>.
|
||||
| vrf
string / required
|
Origin VRF ID <0 - 31>.
|
||||
| vdom
string
|
Default:
"root"
|
Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.
|
|||
Notes
Note
- Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks
Examples
- hosts: fortigates
collections:
- fortinet.fortios
connection: httpapi
vars:
vdom: "root"
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
tasks:
- name: Configure BGP.
fortios_router_bgp:
vdom: "{{ vdom }}"
router_bgp:
additional_path: "enable"
additional_path_select: "4"
additional_path_select6: "5"
additional_path6: "enable"
admin_distance:
-
distance: "8"
id: "9"
neighbour_prefix: "<your_own_value>"
route_list: "<your_own_value> (source router.access-list.name)"
aggregate_address:
-
as_set: "enable"
id: "14"
prefix: "<your_own_value>"
summary_only: "enable"
aggregate_address6:
-
as_set: "enable"
id: "19"
prefix6: "<your_own_value>"
summary_only: "enable"
always_compare_med: "enable"
as: "23"
bestpath_as_path_ignore: "enable"
bestpath_cmp_confed_aspath: "enable"
bestpath_cmp_routerid: "enable"
bestpath_med_confed: "enable"
bestpath_med_missing_as_worst: "enable"
client_to_client_reflection: "enable"
cluster_id: "<your_own_value>"
confederation_identifier: "31"
confederation_peers:
-
peer: "<your_own_value>"
dampening: "enable"
dampening_max_suppress_time: "35"
dampening_reachability_half_life: "36"
dampening_reuse: "37"
dampening_route_map: "<your_own_value> (source router.route-map.name)"
dampening_suppress: "39"
dampening_unreachability_half_life: "40"
default_local_preference: "41"
deterministic_med: "enable"
distance_external: "43"
distance_internal: "44"
distance_local: "45"
ebgp_multipath: "enable"
enforce_first_as: "enable"
fast_external_failover: "enable"
graceful_end_on_timer: "enable"
graceful_restart: "enable"
graceful_restart_time: "51"
graceful_stalepath_time: "52"
graceful_update_delay: "53"
holdtime_timer: "54"
ibgp_multipath: "enable"
ignore_optional_capability: "enable"
keepalive_timer: "57"
log_neighbour_changes: "enable"
multipath_recursive_distance: "enable"
neighbor:
-
activate: "enable"
activate6: "enable"
additional_path: "send"
additional_path6: "send"
adv_additional_path: "65"
adv_additional_path6: "66"
advertisement_interval: "67"
allowas_in: "68"
allowas_in_enable: "enable"
allowas_in_enable6: "enable"
allowas_in6: "71"
as_override: "enable"
as_override6: "enable"
attribute_unchanged: "as-path"
attribute_unchanged6: "as-path"
bfd: "enable"
capability_default_originate: "enable"
capability_default_originate6: "enable"
capability_dynamic: "enable"
capability_graceful_restart: "enable"
capability_graceful_restart6: "enable"
capability_orf: "none"
capability_orf6: "none"
capability_route_refresh: "enable"
conditional_advertise:
-
advertise_routemap: "<your_own_value> (source router.route-map.name)"
condition_routemap: "<your_own_value> (source router.route-map.name)"
condition_type: "exist"
connect_timer: "89"
default_originate_routemap: "<your_own_value> (source router.route-map.name)"
default_originate_routemap6: "<your_own_value> (source router.route-map.name)"
description: "<your_own_value>"
distribute_list_in: "<your_own_value> (source router.access-list.name)"
distribute_list_in6: "<your_own_value> (source router.access-list6.name)"
distribute_list_out: "<your_own_value> (source router.access-list.name)"
distribute_list_out6: "<your_own_value> (source router.access-list6.name)"
dont_capability_negotiate: "enable"
ebgp_enforce_multihop: "enable"
ebgp_multihop_ttl: "99"
filter_list_in: "<your_own_value> (source router.aspath-list.name)"
filter_list_in6: "<your_own_value> (source router.aspath-list.name)"
filter_list_out: "<your_own_value> (source router.aspath-list.name)"
filter_list_out6: "<your_own_value> (source router.aspath-list.name)"
holdtime_timer: "104"
interface: "<your_own_value> (source system.interface.name)"
ip: "<your_own_value>"
keep_alive_timer: "107"
link_down_failover: "enable"
local_as: "109"
local_as_no_prepend: "enable"
local_as_replace_as: "enable"
maximum_prefix: "112"
maximum_prefix_threshold: "113"
maximum_prefix_threshold6: "114"
maximum_prefix_warning_only: "enable"
maximum_prefix_warning_only6: "enable"
maximum_prefix6: "117"
next_hop_self: "enable"
next_hop_self_rr: "enable"
next_hop_self_rr6: "enable"
next_hop_self6: "enable"
override_capability: "enable"
passive: "enable"
password: "<your_own_value>"
prefix_list_in: "<your_own_value> (source router.prefix-list.name)"
prefix_list_in6: "<your_own_value> (source router.prefix-list6.name)"
prefix_list_out: "<your_own_value> (source router.prefix-list.name)"
prefix_list_out6: "<your_own_value> (source router.prefix-list6.name)"
remote_as: "129"
remove_private_as: "enable"
remove_private_as6: "enable"
restart_time: "132"
retain_stale_time: "133"
route_map_in: "<your_own_value> (source router.route-map.name)"
route_map_in6: "<your_own_value> (source router.route-map.name)"
route_map_out: "<your_own_value> (source router.route-map.name)"
route_map_out_preferable: "<your_own_value> (source router.route-map.name)"
route_map_out6: "<your_own_value> (source router.route-map.name)"
route_map_out6_preferable: "<your_own_value> (source router.route-map.name)"
route_reflector_client: "enable"
route_reflector_client6: "enable"
route_server_client: "enable"
route_server_client6: "enable"
send_community: "standard"
send_community6: "standard"
shutdown: "enable"
soft_reconfiguration: "enable"
soft_reconfiguration6: "enable"
stale_route: "enable"
strict_capability_match: "enable"
unsuppress_map: "<your_own_value> (source router.route-map.name)"
unsuppress_map6: "<your_own_value> (source router.route-map.name)"
update_source: "<your_own_value> (source system.interface.name)"
weight: "154"
neighbor_group:
-
activate: "enable"
activate6: "enable"
additional_path: "send"
additional_path6: "send"
adv_additional_path: "160"
adv_additional_path6: "161"
advertisement_interval: "162"
allowas_in: "163"
allowas_in_enable: "enable"
allowas_in_enable6: "enable"
allowas_in6: "166"
as_override: "enable"
as_override6: "enable"
attribute_unchanged: "as-path"
attribute_unchanged6: "as-path"
bfd: "enable"
capability_default_originate: "enable"
capability_default_originate6: "enable"
capability_dynamic: "enable"
capability_graceful_restart: "enable"
capability_graceful_restart6: "enable"
capability_orf: "none"
capability_orf6: "none"
capability_route_refresh: "enable"
connect_timer: "180"
default_originate_routemap: "<your_own_value> (source router.route-map.name)"
default_originate_routemap6: "<your_own_value> (source router.route-map.name)"
description: "<your_own_value>"
distribute_list_in: "<your_own_value> (source router.access-list.name)"
distribute_list_in6: "<your_own_value> (source router.access-list6.name)"
distribute_list_out: "<your_own_value> (source router.access-list.name)"
distribute_list_out6: "<your_own_value> (source router.access-list6.name)"
dont_capability_negotiate: "enable"
ebgp_enforce_multihop: "enable"
ebgp_multihop_ttl: "190"
filter_list_in: "<your_own_value> (source router.aspath-list.name)"
filter_list_in6: "<your_own_value> (source router.aspath-list.name)"
filter_list_out: "<your_own_value> (source router.aspath-list.name)"
filter_list_out6: "<your_own_value> (source router.aspath-list.name)"
holdtime_timer: "195"
interface: "<your_own_value> (source system.interface.name)"
keep_alive_timer: "197"
link_down_failover: "enable"
local_as: "199"
local_as_no_prepend: "enable"
local_as_replace_as: "enable"
maximum_prefix: "202"
maximum_prefix_threshold: "203"
maximum_prefix_threshold6: "204"
maximum_prefix_warning_only: "enable"
maximum_prefix_warning_only6: "enable"
maximum_prefix6: "207"
name: "default_name_208"
next_hop_self: "enable"
next_hop_self_rr: "enable"
next_hop_self_rr6: "enable"
next_hop_self6: "enable"
override_capability: "enable"
passive: "enable"
prefix_list_in: "<your_own_value> (source router.prefix-list.name)"
prefix_list_in6: "<your_own_value> (source router.prefix-list6.name)"
prefix_list_out: "<your_own_value> (source router.prefix-list.name)"
prefix_list_out6: "<your_own_value> (source router.prefix-list6.name)"
remote_as: "219"
remove_private_as: "enable"
remove_private_as6: "enable"
restart_time: "222"
retain_stale_time: "223"
route_map_in: "<your_own_value> (source router.route-map.name)"
route_map_in6: "<your_own_value> (source router.route-map.name)"
route_map_out: "<your_own_value> (source router.route-map.name)"
route_map_out_preferable: "<your_own_value> (source router.route-map.name)"
route_map_out6: "<your_own_value> (source router.route-map.name)"
route_map_out6_preferable: "<your_own_value> (source router.route-map.name)"
route_reflector_client: "enable"
route_reflector_client6: "enable"
route_server_client: "enable"
route_server_client6: "enable"
send_community: "standard"
send_community6: "standard"
shutdown: "enable"
soft_reconfiguration: "enable"
soft_reconfiguration6: "enable"
stale_route: "enable"
strict_capability_match: "enable"
unsuppress_map: "<your_own_value> (source router.route-map.name)"
unsuppress_map6: "<your_own_value> (source router.route-map.name)"
update_source: "<your_own_value> (source system.interface.name)"
weight: "244"
neighbor_range:
-
id: "246"
max_neighbor_num: "247"
neighbor_group: "<your_own_value> (source router.bgp.neighbor-group.name)"
prefix: "<your_own_value>"
neighbor_range6:
-
id: "251"
max_neighbor_num: "252"
neighbor_group: "<your_own_value> (source router.bgp.neighbor-group.name)"
prefix6: "<your_own_value>"
network:
-
backdoor: "enable"
id: "257"
prefix: "<your_own_value>"
route_map: "<your_own_value> (source router.route-map.name)"
network_import_check: "enable"
network6:
-
backdoor: "enable"
id: "263"
prefix6: "<your_own_value>"
route_map: "<your_own_value> (source router.route-map.name)"
recursive_next_hop: "enable"
redistribute:
-
name: "default_name_268"
route_map: "<your_own_value> (source router.route-map.name)"
status: "enable"
redistribute6:
-
name: "default_name_272"
route_map: "<your_own_value> (source router.route-map.name)"
status: "enable"
router_id: "<your_own_value>"
scan_time: "276"
synchronization: "enable"
vrf_leak:
-
target:
-
interface: "<your_own_value> (source system.interface.name)"
route_map: "<your_own_value> (source router.route-map.name)"
vrf: "<your_own_value>"
vrf: "<your_own_value>"
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| build
string
|
always |
Build number of the fortigate image
Sample:
1547
|
| http_method
string
|
always |
Last method used to provision the content into FortiGate
Sample:
PUT
|
| http_status
string
|
always |
Last result given by FortiGate on last operation applied
Sample:
200
|
| mkey
string
|
success |
Master key (id) used in the last call to FortiGate
Sample:
id
|
| name
string
|
always |
Name of the table used to fulfill the request
Sample:
urlfilter
|
| path
string
|
always |
Path of the table used to fulfill the request
Sample:
webfilter
|
| revision
string
|
always |
Internal revision number
Sample:
17.0.2.10658
|
| serial
string
|
always |
Serial number of the unit
Sample:
FGVMEVYYQT3AB5352
|
| status
string
|
always |
Indication of the operation's result
Sample:
success
|
| vdom
string
|
always |
Virtual domain used
Sample:
root
|
| version
string
|
always |
Version of the FortiGate
Sample:
v5.6.3
|
Authors
- Link Zheng (@chillancezen)
- Jie Xue (@JieX19)
- Hongbin Lu (@fgtdev-hblu)
- Frank Shen (@frankshen01)
- Miguel Angel Munoz (@mamunozgonzalez)
- Nicolas Thomas (@thomnico)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/fortinet/fortios/fortios_router_bgp_module.html