fortios_router_ospf – Configure OSPF in Fortinet’s FortiOS and FortiGate

New in version 2.8.

Synopsis
Requirements
Parameters
Notes
Examples
Return Values
Status

Synopsis

This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify router feature and ospf category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.5

Requirements

The below requirements are needed on the host that executes this module.

fortiosapi>=0.9.8

Parameters

Parameter				Choices/Defaults	Comments
host string					FortiOS or FortiGate IP address.
https boolean				Choices: no yes ←	Indicates if the requests towards FortiGate must use HTTPS protocol.
password string				Default: ""	FortiOS or FortiGate password.
router_ospf dictionary				Default: null	Configure OSPF.
	abr_type string			Choices: cisco ibm shortcut standard	Area border router type.
	area list				OSPF area configuration.
		authentication string		Choices: none text md5	Authentication type.
		default_cost integer			Summary default cost of stub or NSSA area.
		filter_list list			OSPF area filter-list configuration.
			direction string	Choices: in out	Direction.
			id integer / required		Filter list entry ID.
			list string		Access-list or prefix-list name. Source router.access-list.name router.prefix-list.name.
		id string / required			Area entry IP address.
		nssa_default_information_originate string		Choices: enable always disable	Redistribute, advertise, or do not originate Type-7 default route into NSSA area.
		nssa_default_information_originate_metric integer			OSPF default metric.
		nssa_default_information_originate_metric_type string		Choices: 1 2	OSPF metric type for default routes.
		nssa_redistribution string		Choices: enable disable	Enable/disable redistribute into NSSA area.
		nssa_translator_role string		Choices: candidate never always	NSSA translator role type.
		range list			OSPF area range configuration.
			advertise string	Choices: disable enable	Enable/disable advertise status.
			id integer / required		Range entry ID.
			prefix string		Prefix.
			substitute string		Substitute prefix.
			substitute_status string	Choices: enable disable	Enable/disable substitute status.
		shortcut string		Choices: disable enable default	Enable/disable shortcut option.
		stub_type string		Choices: no-summary summary	Stub summary setting.
		type string		Choices: regular nssa stub	Area type setting.
		virtual_link list			OSPF virtual link configuration.
			authentication string	Choices: none text md5	Authentication type.
			authentication_key string		Authentication key.
			dead_interval integer		Dead interval.
			hello_interval integer		Hello interval.
			md5_key string		MD5 key.
			name string / required		Virtual link entry name.
			peer string		Peer IP.
			retransmit_interval integer		Retransmit interval.
			transmit_delay integer		Transmit delay.
	auto_cost_ref_bandwidth integer				Reference bandwidth in terms of megabits per second.
	bfd string			Choices: enable disable	Bidirectional Forwarding Detection (BFD).
	database_overflow string			Choices: enable disable	Enable/disable database overflow.
	database_overflow_max_lsas integer				Database overflow maximum LSAs.
	database_overflow_time_to_recover integer				Database overflow time to recover (sec).
	default_information_metric integer				Default information metric.
	default_information_metric_type string			Choices: 1 2	Default information metric type.
	default_information_originate string			Choices: enable always disable	Enable/disable generation of default route.
	default_information_route_map string				Default information route map. Source router.route-map.name.
	default_metric integer				Default metric of redistribute routes.
	distance integer				Distance of the route.
	distance_external integer				Administrative external distance.
	distance_inter_area integer				Administrative inter-area distance.
	distance_intra_area integer				Administrative intra-area distance.
	distribute_list list				Distribute list configuration.
		access_list string			Access list name. Source router.access-list.name.
		id integer / required			Distribute list entry ID.
		protocol string		Choices: connected static rip	Protocol type.
	distribute_list_in string				Filter incoming routes. Source router.access-list.name router.prefix-list.name.
	distribute_route_map_in string				Filter incoming external routes by route-map. Source router.route-map.name.
	log_neighbour_changes string			Choices: enable disable	Enable logging of OSPF neighbour's changes
	neighbor list				OSPF neighbor configuration are used when OSPF runs on non-broadcast media
		cost integer			Cost of the interface, value range from 0 to 65535, 0 means auto-cost.
		id integer / required			Neighbor entry ID.
		ip string			Interface IP address of the neighbor.
		poll_interval integer			Poll interval time in seconds.
		priority integer			Priority.
	network list				OSPF network configuration.
		area string			Attach the network to area.
		id integer / required			Network entry ID.
		prefix string			Prefix.
	ospf_interface list				OSPF interface configuration.
		authentication string		Choices: none text md5	Authentication type.
		authentication_key string			Authentication key.
		bfd string		Choices: global enable disable	Bidirectional Forwarding Detection (BFD).
		cost integer			Cost of the interface, value range from 0 to 65535, 0 means auto-cost.
		database_filter_out string		Choices: enable disable	Enable/disable control of flooding out LSAs.
		dead_interval integer			Dead interval.
		hello_interval integer			Hello interval.
		hello_multiplier integer			Number of hello packets within dead interval.
		interface string			Configuration interface name. Source system.interface.name.
		ip string			IP address.
		md5_key string			MD5 key.
		mtu integer			MTU for database description packets.
		mtu_ignore string		Choices: enable disable	Enable/disable ignore MTU.
		name string / required			Interface entry name.
		network_type string		Choices: broadcast non-broadcast point-to-point point-to-multipoint point-to-multipoint-non-broadcast	Network type.
		prefix_length integer			Prefix length.
		priority integer			Priority.
		resync_timeout integer			Graceful restart neighbor resynchronization timeout.
		retransmit_interval integer			Retransmit interval.
		status string		Choices: disable enable	Enable/disable status.
		transmit_delay integer			Transmit delay.
	passive_interface list				Passive interface configuration.
		name string / required			Passive interface name. Source system.interface.name.
	redistribute list				Redistribute configuration.
		metric integer			Redistribute metric setting.
		metric_type string		Choices: 1 2	Metric type.
		name string / required			Redistribute name.
		routemap string			Route map name. Source router.route-map.name.
		status string		Choices: enable disable	status
		tag integer			Tag value.
	restart_mode string			Choices: none lls graceful-restart	OSPF restart mode (graceful or LLS).
	restart_period integer				Graceful restart period.
	rfc1583_compatible string			Choices: enable disable	Enable/disable RFC1583 compatibility.
	router_id string				Router ID.
	spf_timers string				SPF calculation frequency.
	summary_address list				IP address summary configuration.
		advertise string		Choices: disable enable	Enable/disable advertise status.
		id integer / required			Summary address entry ID.
		prefix string			Prefix.
		tag integer			Tag value.
ssl_verify boolean added in 2.9				Choices: no yes ←	Ensures FortiGate certificate must be verified by a proper CA.
username string					FortiOS or FortiGate username.
vdom string				Default: "root"	Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.

Notes

Note

Requires fortiosapi library developed by Fortinet
Run as a local_action in your playbook

Examples

- hosts: localhost
  vars:
   host: "192.168.122.40"
   username: "admin"
   password: ""
   vdom: "root"
   ssl_verify: "False"
  tasks:
  - name: Configure OSPF.
    fortios_router_ospf:
      host:  "{{ host }}"
      username: "{{ username }}"
      password: "{{ password }}"
      vdom:  "{{ vdom }}"
      https: "False"
      router_ospf:
        abr_type: "cisco"
        area:
         -
            authentication: "none"
            default_cost: "6"
            filter_list:
             -
                direction: "in"
                id:  "9"
                list: "<your_own_value> (source router.access-list.name router.prefix-list.name)"
            id:  "11"
            nssa_default_information_originate: "enable"
            nssa_default_information_originate_metric: "13"
            nssa_default_information_originate_metric_type: "1"
            nssa_redistribution: "enable"
            nssa_translator_role: "candidate"
            range:
             -
                advertise: "disable"
                id:  "19"
                prefix: "<your_own_value>"
                substitute: "<your_own_value>"
                substitute_status: "enable"
            shortcut: "disable"
            stub_type: "no-summary"
            type: "regular"
            virtual_link:
             -
                authentication: "none"
                authentication_key: "<your_own_value>"
                dead_interval: "29"
                hello_interval: "30"
                md5_key: "<your_own_value>"
                name: "default_name_32"
                peer: "<your_own_value>"
                retransmit_interval: "34"
                transmit_delay: "35"
        auto_cost_ref_bandwidth: "36"
        bfd: "enable"
        database_overflow: "enable"
        database_overflow_max_lsas: "39"
        database_overflow_time_to_recover: "40"
        default_information_metric: "41"
        default_information_metric_type: "1"
        default_information_originate: "enable"
        default_information_route_map: "<your_own_value> (source router.route-map.name)"
        default_metric: "45"
        distance: "46"
        distance_external: "47"
        distance_inter_area: "48"
        distance_intra_area: "49"
        distribute_list:
         -
            access_list: "<your_own_value> (source router.access-list.name)"
            id:  "52"
            protocol: "connected"
        distribute_list_in: "<your_own_value> (source router.access-list.name router.prefix-list.name)"
        distribute_route_map_in: "<your_own_value> (source router.route-map.name)"
        log_neighbour_changes: "enable"
        neighbor:
         -
            cost: "58"
            id:  "59"
            ip: "<your_own_value>"
            poll_interval: "61"
            priority: "62"
        network:
         -
            area: "<your_own_value>"
            id:  "65"
            prefix: "<your_own_value>"
        ospf_interface:
         -
            authentication: "none"
            authentication_key: "<your_own_value>"
            bfd: "global"
            cost: "71"
            database_filter_out: "enable"
            dead_interval: "73"
            hello_interval: "74"
            hello_multiplier: "75"
            interface: "<your_own_value> (source system.interface.name)"
            ip: "<your_own_value>"
            md5_key: "<your_own_value>"
            mtu: "79"
            mtu_ignore: "enable"
            name: "default_name_81"
            network_type: "broadcast"
            prefix_length: "83"
            priority: "84"
            resync_timeout: "85"
            retransmit_interval: "86"
            status: "disable"
            transmit_delay: "88"
        passive_interface:
         -
            name: "default_name_90 (source system.interface.name)"
        redistribute:
         -
            metric: "92"
            metric_type: "1"
            name: "default_name_94"
            routemap: "<your_own_value> (source router.route-map.name)"
            status: "enable"
            tag: "97"
        restart_mode: "none"
        restart_period: "99"
        rfc1583_compatible: "enable"
        router_id: "<your_own_value>"
        spf_timers: "<your_own_value>"
        summary_address:
         -
            advertise: "disable"
            id:  "105"
            prefix: "<your_own_value>"
            tag: "107"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
build string	always	Build number of the fortigate image Sample: 1547
http_method string	always	Last method used to provision the content into FortiGate Sample: PUT
http_status string	always	Last result given by FortiGate on last operation applied Sample: 200
mkey string	success	Master key (id) used in the last call to FortiGate Sample: id
name string	always	Name of the table used to fulfill the request Sample: urlfilter
path string	always	Path of the table used to fulfill the request Sample: webfilter
revision string	always	Internal revision number Sample: 17.0.2.10658
serial string	always	Serial number of the unit Sample: FGVMEVYYQT3AB5352
status string	always	Indication of the operation's result Sample: success
vdom string	always	Virtual domain used Sample: root
version string	always	Version of the FortiGate Sample: v5.6.3

Status

This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by the Ansible Community. [community]

Authors

Miguel Angel Munoz (@mamunozgonzalez)
Nicolas Thomas (@thomnico)

Hint

If you notice any issues in this documentation, you can edit this document to improve it.

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/fortios_router_ospf_module.html