W3cubDocs

/Ansible 2.9

fortios_router_multicast – Configure router multicast in Fortinet’s FortiOS and FortiGate

New in version 2.8.

Synopsis
Requirements
Parameters
Notes
Examples
Return Values
Status

Synopsis

This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify router feature and multicast category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.5

Requirements

The below requirements are needed on the host that executes this module.

fortiosapi>=0.9.8

Parameters

Parameter				Choices/Defaults	Comments
host string					FortiOS or FortiGate IP address.
https boolean				Choices: no yes ←	Indicates if the requests towards FortiGate must use HTTPS protocol.
password string				Default: ""	FortiOS or FortiGate password.
router_multicast dictionary				Default: null	Configure router multicast.
	interface list				PIM interfaces.
		bfd string		Choices: enable disable	Enable/disable Protocol Independent Multicast (PIM) Bidirectional Forwarding Detection (BFD).
		cisco_exclude_genid string		Choices: enable disable	Exclude GenID from hello packets (compatibility with old Cisco IOS).
		dr_priority integer			DR election priority.
		hello_holdtime integer			Time before old neighbor information expires (0 - 65535 sec).
		hello_interval integer			Interval between sending PIM hello messages (0 - 65535 sec).
		igmp dictionary			IGMP configuration options.
			access_group string		Groups IGMP hosts are allowed to join. Source router.access-list.name.
			immediate_leave_group string		Groups to drop membership for immediately after receiving IGMPv2 leave. Source router.access-list.name.
			last_member_query_count integer		Number of group specific queries before removing group (2 - 7).
			last_member_query_interval integer		Timeout between IGMPv2 leave and removing group (1 - 65535 msec).
			query_interval integer		Interval between queries to IGMP hosts (1 - 65535 sec).
			query_max_response_time integer		Maximum time to wait for a IGMP query response (1 - 25 sec).
			query_timeout integer		Timeout between queries before becoming querier for network (60 - 900).
			router_alert_check string	Choices: enable disable	Enable/disable require IGMP packets contain router alert option.
			version string	Choices: 3 2 1	Maximum version of IGMP to support.
		join_group list			Join multicast groups.
			address string / required		Multicast group IP address.
		multicast_flow string			Acceptable source for multicast group. Source router.multicast-flow.name.
		name string / required			Interface name. Source system.interface.name.
		neighbour_filter string			Routers acknowledged as neighbor routers. Source router.access-list.name.
		passive string		Choices: enable disable	Enable/disable listening to IGMP but not participating in PIM.
		pim_mode string		Choices: sparse-mode dense-mode	PIM operation mode.
		propagation_delay integer			Delay flooding packets on this interface (100 - 5000 msec).
		rp_candidate string		Choices: enable disable	Enable/disable compete to become RP in elections.
		rp_candidate_group string			Multicast groups managed by this RP. Source router.access-list.name.
		rp_candidate_interval integer			RP candidate advertisement interval (1 - 16383 sec).
		rp_candidate_priority integer			Router's priority as RP.
		state_refresh_interval integer			Interval between sending state-refresh packets (1 - 100 sec).
		static_group string			Statically set multicast groups to forward out. Source router.multicast-flow.name.
		ttl_threshold integer			Minimum TTL of multicast packets that will be forwarded (applied only to new multicast routes) (1 - 255).
	multicast_routing string			Choices: enable disable	Enable/disable IP multicast routing.
	pim_sm_global dictionary				PIM sparse-mode global settings.
		accept_register_list string			Sources allowed to register packets with this Rendezvous Point (RP). Source router.access-list.name.
		accept_source_list string			Sources allowed to send multicast traffic. Source router.access-list.name.
		bsr_allow_quick_refresh string		Choices: enable disable	Enable/disable accept BSR quick refresh packets from neighbors.
		bsr_candidate string		Choices: enable disable	Enable/disable allowing this router to become a bootstrap router (BSR).
		bsr_hash integer			BSR hash length (0 - 32).
		bsr_interface string			Interface to advertise as candidate BSR. Source system.interface.name.
		bsr_priority integer			BSR priority (0 - 255).
		cisco_crp_prefix string		Choices: enable disable	Enable/disable making candidate RP compatible with old Cisco IOS.
		cisco_ignore_rp_set_priority string		Choices: enable disable	Use only hash for RP selection (compatibility with old Cisco IOS).
		cisco_register_checksum string		Choices: enable disable	Checksum entire register packet(for old Cisco IOS compatibility).
		cisco_register_checksum_group string			Cisco register checksum only these groups. Source router.access-list.name.
		join_prune_holdtime integer			Join/prune holdtime (1 - 65535).
		message_interval integer			Period of time between sending periodic PIM join/prune messages in seconds (1 - 65535).
		null_register_retries integer			Maximum retries of null register (1 - 20).
		register_rate_limit integer			Limit of packets/sec per source registered through this RP (0 - 65535).
		register_rp_reachability string		Choices: enable disable	Enable/disable check RP is reachable before registering packets.
		register_source string		Choices: disable interface ip-address	Override source address in register packets.
		register_source_interface string			Override with primary interface address. Source system.interface.name.
		register_source_ip string			Override with local IP address.
		register_supression integer			Period of time to honor register-stop message (1 - 65535 sec).
		rp_address list			Statically configure RP addresses.
			group string		Groups to use this RP. Source router.access-list.name.
			id integer / required		ID.
			ip_address string		RP router address.
		rp_register_keepalive integer			Timeout for RP receiving data on (S,G) tree (1 - 65535 sec).
		spt_threshold string		Choices: enable disable	Enable/disable switching to source specific trees.
		spt_threshold_group string			Groups allowed to switch to source tree. Source router.access-list.name.
		ssm string		Choices: enable disable	Enable/disable source specific multicast.
		ssm_range string			Groups allowed to source specific multicast. Source router.access-list.name.
	route_limit integer				Maximum number of multicast routes.
	route_threshold integer				Generate warnings when the number of multicast routes exceeds this number, must not be greater than route-limit.
ssl_verify boolean added in 2.9				Choices: no yes ←	Ensures FortiGate certificate must be verified by a proper CA.
username string					FortiOS or FortiGate username.
vdom string				Default: "root"	Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.

Notes

Note

Requires fortiosapi library developed by Fortinet
Run as a local_action in your playbook

Examples

- hosts: localhost
  vars:
   host: "192.168.122.40"
   username: "admin"
   password: ""
   vdom: "root"
   ssl_verify: "False"
  tasks:
  - name: Configure router multicast.
    fortios_router_multicast:
      host:  "{{ host }}"
      username: "{{ username }}"
      password: "{{ password }}"
      vdom:  "{{ vdom }}"
      https: "False"
      router_multicast:
        interface:
         -
            bfd: "enable"
            cisco_exclude_genid: "enable"
            dr_priority: "6"
            hello_holdtime: "7"
            hello_interval: "8"
            igmp:
                access_group: "<your_own_value> (source router.access-list.name)"
                immediate_leave_group: "<your_own_value> (source router.access-list.name)"
                last_member_query_count: "12"
                last_member_query_interval: "13"
                query_interval: "14"
                query_max_response_time: "15"
                query_timeout: "16"
                router_alert_check: "enable"
                version: "3"
            join_group:
             -
                address: "<your_own_value>"
            multicast_flow: "<your_own_value> (source router.multicast-flow.name)"
            name: "default_name_22 (source system.interface.name)"
            neighbour_filter: "<your_own_value> (source router.access-list.name)"
            passive: "enable"
            pim_mode: "sparse-mode"
            propagation_delay: "26"
            rp_candidate: "enable"
            rp_candidate_group: "<your_own_value> (source router.access-list.name)"
            rp_candidate_interval: "29"
            rp_candidate_priority: "30"
            state_refresh_interval: "31"
            static_group: "<your_own_value> (source router.multicast-flow.name)"
            ttl_threshold: "33"
        multicast_routing: "enable"
        pim_sm_global:
            accept_register_list: "<your_own_value> (source router.access-list.name)"
            accept_source_list: "<your_own_value> (source router.access-list.name)"
            bsr_allow_quick_refresh: "enable"
            bsr_candidate: "enable"
            bsr_hash: "40"
            bsr_interface: "<your_own_value> (source system.interface.name)"
            bsr_priority: "42"
            cisco_crp_prefix: "enable"
            cisco_ignore_rp_set_priority: "enable"
            cisco_register_checksum: "enable"
            cisco_register_checksum_group: "<your_own_value> (source router.access-list.name)"
            join_prune_holdtime: "47"
            message_interval: "48"
            null_register_retries: "49"
            register_rate_limit: "50"
            register_rp_reachability: "enable"
            register_source: "disable"
            register_source_interface: "<your_own_value> (source system.interface.name)"
            register_source_ip: "<your_own_value>"
            register_supression: "55"
            rp_address:
             -
                group: "<your_own_value> (source router.access-list.name)"
                id:  "58"
                ip_address: "<your_own_value>"
            rp_register_keepalive: "60"
            spt_threshold: "enable"
            spt_threshold_group: "<your_own_value> (source router.access-list.name)"
            ssm: "enable"
            ssm_range: "<your_own_value> (source router.access-list.name)"
        route_limit: "65"
        route_threshold: "66"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
build string	always	Build number of the fortigate image Sample: 1547
http_method string	always	Last method used to provision the content into FortiGate Sample: PUT
http_status string	always	Last result given by FortiGate on last operation applied Sample: 200
mkey string	success	Master key (id) used in the last call to FortiGate Sample: id
name string	always	Name of the table used to fulfill the request Sample: urlfilter
path string	always	Path of the table used to fulfill the request Sample: webfilter
revision string	always	Internal revision number Sample: 17.0.2.10658
serial string	always	Serial number of the unit Sample: FGVMEVYYQT3AB5352
status string	always	Indication of the operation's result Sample: success
vdom string	always	Virtual domain used Sample: root
version string	always	Version of the FortiGate Sample: v5.6.3

Status

This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by the Ansible Community. [community]

Authors

Miguel Angel Munoz (@mamunozgonzalez)
Nicolas Thomas (@thomnico)

Hint

If you notice any issues in this documentation, you can edit this document to improve it.

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/fortios_router_multicast_module.html