W3cubDocs

/Ansible

cisco.mso.ndo_l3out_bgp_peer module – Manage L3Out BGP Peer on Cisco Nexus Dashboard Orchestrator (NDO).

Note

This module is part of the cisco.mso collection (version 2.11.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cisco.mso. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: cisco.mso.ndo_l3out_bgp_peer.

New in cisco.mso 2.11.0

Synopsis
Requirements
Parameters
Notes
See Also
Examples

Synopsis

Manage L3Out BGP Peer on Cisco Nexus Dashboard Orchestrator (NDO).
This module is only supported on ND v3.1 (NDO v4.3) and later.

Requirements

The below requirements are needed on the host that executes this module.

Multi Site Orchestrator v2.1 or newer

Parameters

Parameter	Comments
address_families dictionary	The address family controls for the BGP peer.
multicast boolean	The multicast address flag of the address family. Choices: `false` `true`
state string	Use `enabled` to configure the address control settings. Use `disabled` to remove the address control settings. Choices: `"enabled"` `"disabled"`
unicast boolean	The unicast address flag of the address family. Choices: `false` `true`
admin_state string	The administrative state of the L3Out BGP Peer. Defaults to `enabled` when unset during creation. Choices: `"enabled"` `"disabled"`
allowed_self_as_count integer	The allowed self-AS count of the L3Out BGP Peer. Defaults to 3 when unset during creation. The value must be between 1 and 10.
auth_password string	The authentication password of the L3Out BGP Peer.
bgp_controls dictionary	The BGP control settings for the peer.
allow_self_as boolean	The allow self AS flag of the BGP control. Choices: `false` `true`
disabled_peer_as_check boolean	The disable peer AS check flag of the BGP control. Choices: `false` `true`
next_hop_self boolean	The set next hop to self flag of the BGP control. Choices: `false` `true`
override_as boolean	The override AS flag of the BGP control. Choices: `false` `true`
send_community boolean	The send community flag of the BGP control. Choices: `false` `true`
send_domain_path boolean	The send domain path flag of the BGP control. Choices: `false` `true`
send_extended_community boolean	The send extended community flag of the BGP control. Choices: `false` `true`
state string	Use `enabled` to configure the BGP control settings. Use `disabled` to remove the BGP control settings. Choices: `"enabled"` `"disabled"`
ebgp_multi_hop_ttl integer	The TTL for eBGP multi-hop of the L3Out BGP Peer. Defaults to 1 when unset during creation. The value must be between 1 and 255.
export_route_map dictionary	The name of the export route map. Providing an empty dictionary will remove the `export_route_map={}` from the L3Out BGP Peer. This parameter can be used instead of `export_route_map_uuid`.
name string	The name of the export route map.
template string	The template associated with the export route map. This parameter or `export_route_map.template_id` is required.
template_id string	The template ID associated with the the export route map. This parameter or `export_route_map.template` is required.
export_route_map_uuid string	The UUID of the export route map. Providing an empty string will remove the `export_route_map_uuid=""` from the L3Out BGP Peer. This parameter can be used instead of `export_route_map`.
host aliases: hostname string	IP Address or hostname of the ACI Multi Site Orchestrator host. If the value is not specified in the task, the value of environment variable `MSO_HOST` will be used instead.
import_route_map dictionary	The name of the import route map. Providing an empty dictionary will remove the `import_route_map={}` from the L3Out BGP Peer. This parameter can be used instead of `import_route_map_uuid`.
name string	The name of the import route map.
template string	The template associated with the import route map. This parameter or `import_route_map.template_id` is required.
template_id string	The template ID associated with the the import route map. This parameter or `import_route_map.template` is required.
import_route_map_uuid string	The UUID of the import route map. Providing an empty string will remove the `import_route_map_uuid=""` from the L3Out BGP Peer. This parameter can be used instead of `import_route_map`.
ipv4_address aliases: peer_address_ipv4 string	The IPv4 address of the L3Out BGP Peer. Providing an empty string will remove the `ipv4_address=""` from the L3Out BGP Peer.
ipv6_address aliases: peer_address_ipv6 string	The IPv6 address of the L3Out BGP Peer. Providing an empty string will remove the `ipv6_address=""` from the L3Out BGP Peer.
l3out string	The name of the L3Out. This parameter or `l3out_uuid` is required.
l3out_uuid string	The UUID of the L3Out. This parameter or `l3out` is required.
local_asn string	The local autonomous system number (ASN) of the L3Out BGP Peer. The value must be between 1 and 4294967295. Providing an empty string will remove the `local_asn=""` from the L3Out BGP Peer.
local_asn_config string	The configuration for local ASN of the L3Out BGP Peer. Choices: `"none"` `"no_prepend"` `"dual_as"` `"replace_as"`
login_domain string	The login domain name to use for authentication. The default value is Local. If the value is not specified in the task, the value of environment variable `MSO_LOGIN_DOMAIN` will be used instead. When using a HTTPAPI connection plugin the inventory variable `ansible_httpapi_login_domain` will be used if this attribute is not specified.
node_group string / required	The name of the Node Group Policy.
output_level string	Influence the output of this MSO module. `normal` means the standard output, incl. `current` dict `info` adds informational output, incl. `previous`, `proposed` and `sent` dicts `debug` adds debugging output, incl. `filter_string`, `method`, `response`, `status` and `url` information If the value is not specified in the task, the value of environment variable `MSO_OUTPUT_LEVEL` will be used instead. Choices: `"debug"` `"info"` `"normal"` ← (default)
password string	The password to use for authentication. If the value is not specified in the task, the value of environment variables `MSO_PASSWORD` or `ANSIBLE_NET_PASSWORD` will be used instead.
peer_controls dictionary	The Peer control settings for the BGP peer.
bfd boolean	The Enable Bidirectional Forwarding Detection (BFD) flag of the Peer control. Choices: `false` `true`
disable_peer_connected_check boolean	The disable peer connected check flag of the Peer control. Choices: `false` `true`
state string	Use `enabled` to configure the Peer control settings. Use `disabled` to remove the Peer control settings. Choices: `"enabled"` `"disabled"`
peer_prefix dictionary	The name of the peer prefix. Providing an empty dictionary will remove the `peer_prefix={}` from the L3Out BGP Peer. This parameter can be used instead of `peer_prefix_uuid`.
name string	The name of the peer prefix.
template string	The template associated with the peer prefix. This parameter or `peer_prefix.template_id` is required.
template_id string	The template ID associated with the the peer prefix. This parameter or `peer_prefix.template` is required.
peer_prefix_uuid string	The UUID of the peer prefix. Providing an empty string will remove the `peer_prefix_uuid=""` from the L3Out BGP Peer. This parameter can be used instead of `peer_prefix`.
port integer	Port number to be used for the REST connection. The default value depends on parameter `use_ssl`. If the value is not specified in the task, the value of environment variable `MSO_PORT` will be used instead.
private_as_controls dictionary	The private AS control settings for the BGP peer.
remove_all boolean	The remove all flag of the private AS numbers. Choices: `false` `true`
replace_with_local_as boolean	The replace private AS with local AS flag of the private AS control. Choices: `false` `true`
state string	Use `enabled` to configure the private AS control settings. Use `disabled` to remove the private AS control settings. Choices: `"enabled"` `"disabled"`
remote_asn string	The remote autonomous system number (ASN) of the L3Out BGP Peer. The value must be between 1 and 4294967295. Providing an empty string will remove the `remote_asn=""` from the L3Out BGP Peer.
site_of_origin aliases: fabric_of_origin string	The site of origin for the L3Out BGP Peer. The value must adhere to the pattern “extended:as2-nn2:1000:65534”.
state string	Use `absent` for removing. Use `query` for listing an object or multiple objects. Use `present` for creating or updating. Choices: `"absent"` `"query"` ← (default) `"present"`
template aliases: l3out_template string	The name of the L3Out template. This parameter or `template_id` is required.
template_id aliases: l3out_template_id string	The ID of the L3Out template. This parameter or `template` is required.
timeout integer	The socket level timeout in seconds. The default value is 30 seconds. If the value is not specified in the task, the value of environment variable `MSO_TIMEOUT` will be used instead.
use_proxy boolean	If `false`, it will not use a proxy, even if one is defined in an environment variable on the target hosts. If the value is not specified in the task, the value of environment variable `MSO_USE_PROXY` will be used instead. The default is `true`. Choices: `false` `true`
use_ssl boolean	If `false`, an HTTP connection will be used instead of the default HTTPS connection. If the value is not specified in the task, the value of environment variable `MSO_USE_SSL` will be used instead. When using a HTTPAPI connection plugin the inventory variable `ansible_httpapi_use_ssl` will be used if this attribute is not specified. The default is `false` when using a HTTPAPI connection plugin (mso or nd) and `true` when using the legacy connection method (only for mso). Choices: `false` `true`
username string	The username to use for authentication. If the value is not specified in the task, the value of environment variables `MSO_USERNAME` or `ANSIBLE_NET_USERNAME` will be used instead.
validate_certs boolean	If `false`, SSL certificates will not be validated. This should only set to `false` when used on personally controlled sites using self-signed certificates. If the value is not specified in the task, the value of environment variable `MSO_VALIDATE_CERTS` will be used instead. The default is `true`. Choices: `false` `true`
weight string	The weight of the L3Out BGP Peer. The value must be between 1 and 65535. Providing an empty string will remove the `weight=""` from the L3Out BGP Peer.

Notes

Note

The template must exist before using this module in your playbook. Use cisco.mso.ndo_template to create the L3Out template.
The l3out must exist before using this module in your playbook. Use cisco.mso.ndo_l3out_template to create the L3Out.
The node_group must exist before using this module in your playbook. Use cisco.mso.ndo_l3out_node_group_policy to create the L3Out Node Group Policy.
The peer_prefix must exist before using it with this module in your playbook. Use cisco.mso.ndo_tenant_bgp_peer_prefix_policy to create the BGP Peer Prefix Policy.
This module was written to support Multi Site Orchestrator v2.1 or newer. Some or all functionality may not work on earlier versions.

Examples

- name: Create an L3Out BGP Peer with minimum configuration
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    ipv4_address: "1.1.1.1"
    ipv6_address: "1::8/16"
    auth_password: 123
    state: present

- name: Update an L3Out BGP Peer with full configuration
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    ipv4_address: "1.1.1.1"
    ipv6_address: "1::8/16"
    remote_asn: 2
    admin_state: enabled
    import_route_map:
      name: ans_route_map
      template: ansible_test_policy
    export_route_map:
      name: ans_route_map_2
      template: ansible_test_policy
    peer_prefix:
      name: ansible_test_bgp_peer_prefix_policy
      template: ansible_test_policy
    ebgp_multi_hop_ttl: 1
    auth_password: 123
    weight: 2
    site_of_origin: "extended:as2-nn2:1000:65534"
    allowed_self_as_count: 3
    local_asn_config: replace_as
    local_asn: 1
    bgp_controls:
      allow_self_as: true
      override_as: true
      disabled_peer_as_check: true
      next_hop_self: true
      send_community: true
      send_extended_community: true
      send_domain_path: true
    peer_controls:
      bfd: true
      disable_peer_connected_check: true
    address_families:
      multicast: true
      unicast: true
    private_as_controls:
      remove_all: true
      replace_with_local_as: true
    state: present

- name: Query an L3Out BGP Peer with IPv4 and IPv6 addresses
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    ipv4_address: "1.1.1.1"
    ipv6_address: "1::8/16"
    state: query
  register: query_with_ipv4_and_ipv6

- name: Query an L3Out BGP Peer with IPv4
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    ipv4_address: "1.1.1.1"
    state: query
  register: query_with_ipv4

- name: Query an L3Out BGP Peer with IPv6
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    ipv6_address: "1::8/16"
    state: query
  register: query_with_ipv6

- name: Query all L3Out BGP Peer
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    state: query
  register: query_all

- name: Remove an L3Out BGP Peer with IPv4 and IPv6 addresses
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    ipv4_address: "1.1.1.1"
    ipv6_address: "1::8/16"
    state: absent

- name: Remove an L3Out BGP Peer with IPv4
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    ipv4_address: "1.1.1.1"
    state: absent

- name: Remove an L3Out BGP Peer with IPv6
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    ipv6_address: "1::8/16"
    state: absent

Authors

Sabari Jaganathan (@sajagana)

Collection links

© 2012–2018 Michael DeHaan
© 2018–2025 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/cisco/mso/ndo_l3out_bgp_peer_module.html