New in version 2.9.
The below requirements are needed on the host that executes this module.
| Parameter | Choices/Defaults | Comments | |||
|---|---|---|---|---|---|
| host string | FortiOS or FortiGate IP address. | ||||
| https boolean |
| Indicates if the requests towards FortiGate must use HTTPS protocol. | |||
| password string | Default: "" | FortiOS or FortiGate password. | |||
| router_route_map dictionary | Default: null | Configure route maps. | |||
| comments string | Optional comments. | ||||
| name string / required | Name. | ||||
| rule list | Rule. | ||||
| action string |
| Action. | |||
| id integer / required | Rule ID. | ||||
| match_as_path string | Match BGP AS path list. Source router.aspath-list.name. | ||||
| match_community string | Match BGP community list. Source router.community-list.name. | ||||
| match_community_exact string |
| Enable/disable exact matching of communities. | |||
| match_flags integer | BGP flag value to match (0 - 65535) | ||||
| match_interface string | Match interface configuration. Source system.interface.name. | ||||
| match_ip6_address string | Match IPv6 address permitted by access-list6 or prefix-list6. Source router.access-list6.name router.prefix-list6.name. | ||||
| match_ip6_nexthop string | Match next hop IPv6 address passed by access-list6 or prefix-list6. Source router.access-list6.name router.prefix-list6.name. | ||||
| match_ip_address string | Match IP address permitted by access-list or prefix-list. Source router.access-list.name router.prefix-list.name. | ||||
| match_ip_nexthop string | Match next hop IP address passed by access-list or prefix-list. Source router.access-list.name router.prefix-list.name. | ||||
| match_metric integer | Match metric for redistribute routes. | ||||
| match_origin string |
| Match BGP origin code. | |||
| match_route_type string |
| Match route type. | |||
| match_tag integer | Match tag. | ||||
| set_aggregator_as integer | BGP aggregator AS. | ||||
| set_aggregator_ip string | BGP aggregator IP. | ||||
| set_aspath list | Prepend BGP AS path attribute. | ||||
| as string / required | AS number (0 - 42949672). | ||||
| set_aspath_action string |
| Specify preferred action of set-aspath. | |||
| set_atomic_aggregate string |
| Enable/disable BGP atomic aggregate attribute. | |||
| set_community list | BGP community attribute. | ||||
| community string / required | Attribute: AA|AA:NN|internet|local-AS|no-advertise|no-export. | ||||
| set_community_additive string |
| Enable/disable adding set-community to existing community. | |||
| set_community_delete string | Delete communities matching community list. Source router.community-list.name. | ||||
| set_dampening_max_suppress integer | Maximum duration to suppress a route (1 - 255 min, 0 = unset). | ||||
| set_dampening_reachability_half_life integer | Reachability half-life time for the penalty (1 - 45 min, 0 = unset). | ||||
| set_dampening_reuse integer | Value to start reusing a route (1 - 20000, 0 = unset). | ||||
| set_dampening_suppress integer | Value to start suppressing a route (1 - 20000, 0 = unset). | ||||
| set_dampening_unreachability_half_life integer | Unreachability Half-life time for the penalty (1 - 45 min, 0 = unset) | ||||
| set_extcommunity_rt list | Route Target extended community. | ||||
| community string / required | Set the target extended community (in decimal notation) of a BGP route. | ||||
| set_extcommunity_soo list | Site-of-Origin extended community. | ||||
| community string / required | AA:NN | ||||
| set_flags integer | BGP flags value (0 - 65535) | ||||
| set_ip6_nexthop string | IPv6 global address of next hop. | ||||
| set_ip6_nexthop_local string | IPv6 local address of next hop. | ||||
| set_ip_nexthop string | IP address of next hop. | ||||
| set_local_preference integer | BGP local preference path attribute. | ||||
| set_metric integer | Metric value. | ||||
| set_metric_type string |
| Metric type. | |||
| set_origin string |
| BGP origin code. | |||
| set_originator_id string | BGP originator ID attribute. | ||||
| set_route_tag integer | Route tag for routing table. | ||||
| set_tag integer | Tag value. | ||||
| set_weight integer | BGP weight for routing table. | ||||
| ssl_verify boolean |
| Ensures FortiGate certificate must be verified by a proper CA. | |||
| state string / required |
| Indicates whether to create or remove the object. | |||
| username string | FortiOS or FortiGate username. | ||||
| vdom string | Default: "root" | Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. | |||
Note
- hosts: localhost
vars:
host: "192.168.122.40"
username: "admin"
password: ""
vdom: "root"
ssl_verify: "False"
tasks:
- name: Configure route maps.
fortios_router_route_map:
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "{{ vdom }}"
https: "False"
state: "present"
router_route_map:
comments: "<your_own_value>"
name: "default_name_4"
rule:
-
action: "permit"
id: "7"
match_as_path: "<your_own_value> (source router.aspath-list.name)"
match_community: "<your_own_value> (source router.community-list.name)"
match_community_exact: "enable"
match_flags: "11"
match_interface: "<your_own_value> (source system.interface.name)"
match_ip_address: "<your_own_value> (source router.access-list.name router.prefix-list.name)"
match_ip_nexthop: "<your_own_value> (source router.access-list.name router.prefix-list.name)"
match_ip6_address: "<your_own_value> (source router.access-list6.name router.prefix-list6.name)"
match_ip6_nexthop: "<your_own_value> (source router.access-list6.name router.prefix-list6.name)"
match_metric: "17"
match_origin: "none"
match_route_type: "1"
match_tag: "20"
set_aggregator_as: "21"
set_aggregator_ip: "<your_own_value>"
set_aspath:
-
as: "<your_own_value>"
set_aspath_action: "prepend"
set_atomic_aggregate: "enable"
set_community:
-
community: "<your_own_value>"
set_community_additive: "enable"
set_community_delete: "<your_own_value> (source router.community-list.name)"
set_dampening_max_suppress: "31"
set_dampening_reachability_half_life: "32"
set_dampening_reuse: "33"
set_dampening_suppress: "34"
set_dampening_unreachability_half_life: "35"
set_extcommunity_rt:
-
community: "<your_own_value>"
set_extcommunity_soo:
-
community: "<your_own_value>"
set_flags: "40"
set_ip_nexthop: "<your_own_value>"
set_ip6_nexthop: "<your_own_value>"
set_ip6_nexthop_local: "<your_own_value>"
set_local_preference: "44"
set_metric: "45"
set_metric_type: "1"
set_origin: "none"
set_originator_id: "<your_own_value>"
set_route_tag: "49"
set_tag: "50"
set_weight: "51"
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| build string | always | Build number of the fortigate image Sample: 1547 |
| http_method string | always | Last method used to provision the content into FortiGate Sample: PUT |
| http_status string | always | Last result given by FortiGate on last operation applied Sample: 200 |
| mkey string | success | Master key (id) used in the last call to FortiGate Sample: id |
| name string | always | Name of the table used to fulfill the request Sample: urlfilter |
| path string | always | Path of the table used to fulfill the request Sample: webfilter |
| revision string | always | Internal revision number Sample: 17.0.2.10658 |
| serial string | always | Serial number of the unit Sample: FGVMEVYYQT3AB5352 |
| status string | always | Indication of the operation's result Sample: success |
| vdom string | always | Virtual domain used Sample: root |
| version string | always | Version of the FortiGate Sample: v5.6.3 |
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/fortios_router_route_map_module.html