fortinet.fortios.fortios_router_isis – Configure IS-IS in Fortinet’s FortiOS and FortiGate.
Note
This plugin is part of the fortinet.fortios collection (version 2.1.2).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install fortinet.fortios
.
To use it in a playbook, specify: fortinet.fortios.fortios_router_isis
.
New in version 2.10: of fortinet.fortios
Synopsis
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify router feature and isis category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
Parameters
Parameter | Choices/Defaults | Comments | ||
---|---|---|---|---|
access_token string | Token-based authentication. Generated from GUI of Fortigate. | |||
enable_log boolean |
| Enable/Disable logging for task. | ||
router_isis dictionary | Configure IS-IS. | |||
adjacency_check string |
| Enable/disable adjacency check. | ||
adjacency_check6 string |
| Enable/disable IPv6 adjacency check. | ||
adv_passive_only string |
| Enable/disable IS-IS advertisement of passive interfaces only. | ||
adv_passive_only6 string |
| Enable/disable IPv6 IS-IS advertisement of passive interfaces only. | ||
auth_keychain_l1 string | Authentication key-chain for level 1 PDUs. Source router.key-chain.name. | |||
auth_keychain_l2 string | Authentication key-chain for level 2 PDUs. Source router.key-chain.name. | |||
auth_mode_l1 string |
| Level 1 authentication mode. | ||
auth_mode_l2 string |
| Level 2 authentication mode. | ||
auth_password_l1 string | Authentication password for level 1 PDUs. | |||
auth_password_l2 string | Authentication password for level 2 PDUs. | |||
auth_sendonly_l1 string |
| Enable/disable level 1 authentication send-only. | ||
auth_sendonly_l2 string |
| Enable/disable level 2 authentication send-only. | ||
default_originate string |
| Enable/disable distribution of default route information. | ||
default_originate6 string |
| Enable/disable distribution of default IPv6 route information. | ||
dynamic_hostname string |
| Enable/disable dynamic hostname. | ||
ignore_lsp_errors string |
| Enable/disable ignoring of LSP errors with bad checksums. | ||
is_type string |
| IS type. | ||
isis_interface list / elements=string | IS-IS interface configuration. | |||
auth_keychain_l1 string | Authentication key-chain for level 1 PDUs. Source router.key-chain.name. | |||
auth_keychain_l2 string | Authentication key-chain for level 2 PDUs. Source router.key-chain.name. | |||
auth_mode_l1 string |
| Level 1 authentication mode. | ||
auth_mode_l2 string |
| Level 2 authentication mode. | ||
auth_password_l1 string | Authentication password for level 1 PDUs. | |||
auth_password_l2 string | Authentication password for level 2 PDUs. | |||
auth_send_only_l1 string |
| Enable/disable authentication send-only for level 1 PDUs. | ||
auth_send_only_l2 string |
| Enable/disable authentication send-only for level 2 PDUs. | ||
circuit_type string |
| IS-IS interface"s circuit type | ||
csnp_interval_l1 integer | Level 1 CSNP interval. | |||
csnp_interval_l2 integer | Level 2 CSNP interval. | |||
hello_interval_l1 integer | Level 1 hello interval. | |||
hello_interval_l2 integer | Level 2 hello interval. | |||
hello_multiplier_l1 integer | Level 1 multiplier for Hello holding time. | |||
hello_multiplier_l2 integer | Level 2 multiplier for Hello holding time. | |||
hello_padding string |
| Enable/disable padding to IS-IS hello packets. | ||
lsp_interval integer | LSP transmission interval (milliseconds). | |||
lsp_retransmit_interval integer | LSP retransmission interval (sec). | |||
mesh_group string |
| Enable/disable IS-IS mesh group. | ||
mesh_group_id integer | Mesh group ID <0-4294967295>, 0: mesh-group blocked. | |||
metric_l1 integer | Level 1 metric for interface. | |||
metric_l2 integer | Level 2 metric for interface. | |||
name string / required | IS-IS interface name. Source system.interface.name. | |||
network_type string |
| IS-IS interface"s network type | ||
priority_l1 integer | Level 1 priority. | |||
priority_l2 integer | Level 2 priority. | |||
status string |
| Enable/disable interface for IS-IS. | ||
status6 string |
| Enable/disable IPv6 interface for IS-IS. | ||
wide_metric_l1 integer | Level 1 wide metric for interface. | |||
wide_metric_l2 integer | Level 2 wide metric for interface. | |||
isis_net list / elements=string | IS-IS net configuration. | |||
id integer / required | isis-net ID. | |||
net string | IS-IS net xx.xxxx. ... .xxxx.xx. | |||
lsp_gen_interval_l1 integer | Minimum interval for level 1 LSP regenerating. | |||
lsp_gen_interval_l2 integer | Minimum interval for level 2 LSP regenerating. | |||
lsp_refresh_interval integer | LSP refresh time in seconds. | |||
max_lsp_lifetime integer | Maximum LSP lifetime in seconds. | |||
metric_style string |
| Use old-style (ISO 10589) or new-style packet formats | ||
overload_bit string |
| Enable/disable signal other routers not to use us in SPF. | ||
overload_bit_on_startup integer | Overload-bit only temporarily after reboot. | |||
overload_bit_suppress list / elements=string |
| Suppress overload-bit for the specific prefixes. | ||
redistribute list / elements=string | IS-IS redistribute protocols. | |||
level string |
| Level. | ||
metric integer | Metric. | |||
metric_type string |
| Metric type. | ||
protocol string / required | Protocol name. | |||
routemap string | Route map name. Source router.route-map.name. | |||
status string |
| Status. | ||
redistribute6 list / elements=string | IS-IS IPv6 redistribution for routing protocols. | |||
level string |
| Level. | ||
metric integer | Metric. | |||
metric_type string |
| Metric type. | ||
protocol string / required | Protocol name. | |||
routemap string | Route map name. Source router.route-map.name. | |||
status string |
| Enable/disable redistribution. | ||
redistribute6_l1 string |
| Enable/disable redistribution of level 1 IPv6 routes into level 2. | ||
redistribute6_l1_list string | Access-list for IPv6 route redistribution from l1 to l2. Source router.access-list6.name. | |||
redistribute6_l2 string |
| Enable/disable redistribution of level 2 IPv6 routes into level 1. | ||
redistribute6_l2_list string | Access-list for IPv6 route redistribution from l2 to l1. Source router.access-list6.name. | |||
redistribute_l1 string |
| Enable/disable redistribution of level 1 routes into level 2. | ||
redistribute_l1_list string | Access-list for route redistribution from l1 to l2. Source router.access-list.name. | |||
redistribute_l2 string |
| Enable/disable redistribution of level 2 routes into level 1. | ||
redistribute_l2_list string | Access-list for route redistribution from l2 to l1. Source router.access-list.name. | |||
spf_interval_exp_l1 string | Level 1 SPF calculation delay. | |||
spf_interval_exp_l2 string | Level 2 SPF calculation delay. | |||
summary_address list / elements=string | IS-IS summary addresses. | |||
id integer / required | Summary address entry ID. | |||
level string |
| Level. | ||
prefix string | Prefix. | |||
summary_address6 list / elements=string | IS-IS IPv6 summary address. | |||
id integer / required | Prefix entry ID. | |||
level string |
| Level. | ||
prefix6 string | IPv6 prefix. | |||
vdom string | Default: "root" | Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. |
Notes
Note
- Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks
Examples
- hosts: fortigates collections: - fortinet.fortios connection: httpapi vars: vdom: "root" ansible_httpapi_use_ssl: yes ansible_httpapi_validate_certs: no ansible_httpapi_port: 443 tasks: - name: Configure IS-IS. fortios_router_isis: vdom: "{{ vdom }}" router_isis: adjacency_check: "enable" adjacency_check6: "enable" adv_passive_only: "enable" adv_passive_only6: "enable" auth_keychain_l1: "<your_own_value> (source router.key-chain.name)" auth_keychain_l2: "<your_own_value> (source router.key-chain.name)" auth_mode_l1: "password" auth_mode_l2: "password" auth_password_l1: "<your_own_value>" auth_password_l2: "<your_own_value>" auth_sendonly_l1: "enable" auth_sendonly_l2: "enable" default_originate: "enable" default_originate6: "enable" dynamic_hostname: "enable" ignore_lsp_errors: "enable" is_type: "level-1-2" isis_interface: - auth_keychain_l1: "<your_own_value> (source router.key-chain.name)" auth_keychain_l2: "<your_own_value> (source router.key-chain.name)" auth_mode_l1: "md5" auth_mode_l2: "md5" auth_password_l1: "<your_own_value>" auth_password_l2: "<your_own_value>" auth_send_only_l1: "enable" auth_send_only_l2: "enable" circuit_type: "level-1-2" csnp_interval_l1: "30" csnp_interval_l2: "31" hello_interval_l1: "32" hello_interval_l2: "33" hello_multiplier_l1: "34" hello_multiplier_l2: "35" hello_padding: "enable" lsp_interval: "37" lsp_retransmit_interval: "38" mesh_group: "enable" mesh_group_id: "40" metric_l1: "41" metric_l2: "42" name: "default_name_43 (source system.interface.name)" network_type: "broadcast" priority_l1: "45" priority_l2: "46" status: "enable" status6: "enable" wide_metric_l1: "49" wide_metric_l2: "50" isis_net: - id: "52" net: "<your_own_value>" lsp_gen_interval_l1: "54" lsp_gen_interval_l2: "55" lsp_refresh_interval: "56" max_lsp_lifetime: "57" metric_style: "narrow" overload_bit: "enable" overload_bit_on_startup: "60" overload_bit_suppress: "external" redistribute: - level: "level-1-2" metric: "64" metric_type: "external" protocol: "<your_own_value>" routemap: "<your_own_value> (source router.route-map.name)" status: "enable" redistribute_l1: "enable" redistribute_l1_list: "<your_own_value> (source router.access-list.name)" redistribute_l2: "enable" redistribute_l2_list: "<your_own_value> (source router.access-list.name)" redistribute6: - level: "level-1-2" metric: "75" metric_type: "external" protocol: "<your_own_value>" routemap: "<your_own_value> (source router.route-map.name)" status: "enable" redistribute6_l1: "enable" redistribute6_l1_list: "<your_own_value> (source router.access-list6.name)" redistribute6_l2: "enable" redistribute6_l2_list: "<your_own_value> (source router.access-list6.name)" spf_interval_exp_l1: "<your_own_value>" spf_interval_exp_l2: "<your_own_value>" summary_address: - id: "87" level: "level-1-2" prefix: "<your_own_value>" summary_address6: - id: "91" level: "level-1-2" prefix6: "<your_own_value>"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
build string | always | Build number of the fortigate image Sample: 1547 |
http_method string | always | Last method used to provision the content into FortiGate Sample: PUT |
http_status string | always | Last result given by FortiGate on last operation applied Sample: 200 |
mkey string | success | Master key (id) used in the last call to FortiGate Sample: id |
name string | always | Name of the table used to fulfill the request Sample: urlfilter |
path string | always | Path of the table used to fulfill the request Sample: webfilter |
revision string | always | Internal revision number Sample: 17.0.2.10658 |
serial string | always | Serial number of the unit Sample: FGVMEVYYQT3AB5352 |
status string | always | Indication of the operation's result Sample: success |
vdom string | always | Virtual domain used Sample: root |
version string | always | Version of the FortiGate Sample: v5.6.3 |
Authors
- Link Zheng (@chillancezen)
- Jie Xue (@JieX19)
- Hongbin Lu (@fgtdev-hblu)
- Frank Shen (@frankshen01)
- Miguel Angel Munoz (@mamunozgonzalez)
- Nicolas Thomas (@thomnico)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/fortinet/fortios/fortios_router_isis_module.html