W3cubDocs

/Ansible 2.10

fortinet.fortios.fortios_router_isis – Configure IS-IS in Fortinet’s FortiOS and FortiGate.

Note

This plugin is part of the fortinet.fortios collection.

To install it use: ansible-galaxy collection install fortinet.fortios.

To use it in a playbook, specify: fortinet.fortios.fortios_router_isis.

New in version 2.9: of fortinet.fortios

Synopsis
Requirements
Parameters
Notes
Examples
Return Values

Synopsis

This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify router feature and isis category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0

Requirements

The below requirements are needed on the host that executes this module.

ansible>=2.9.0

Parameters

Parameter			Choices/Defaults	Comments
host string				FortiOS or FortiGate IP address.
https boolean			Choices: no yes ←	Indicates if the requests towards FortiGate must use HTTPS protocol.
password string			Default: ""	FortiOS or FortiGate password.
router_isis dictionary				Configure IS-IS.
	adjacency_check string		Choices: enable disable	Enable/disable adjacency check.
	adjacency_check6 string		Choices: enable disable	Enable/disable IPv6 adjacency check.
	adv_passive_only string		Choices: enable disable	Enable/disable IS-IS advertisement of passive interfaces only.
	adv_passive_only6 string		Choices: enable disable	Enable/disable IPv6 IS-IS advertisement of passive interfaces only.
	auth_keychain_l1 string			Authentication key-chain for level 1 PDUs. Source router.key-chain.name.
	auth_keychain_l2 string			Authentication key-chain for level 2 PDUs. Source router.key-chain.name.
	auth_mode_l1 string		Choices: password md5	Level 1 authentication mode.
	auth_mode_l2 string		Choices: password md5	Level 2 authentication mode.
	auth_password_l1 string			Authentication password for level 1 PDUs.
	auth_password_l2 string			Authentication password for level 2 PDUs.
	auth_sendonly_l1 string		Choices: enable disable	Enable/disable level 1 authentication send-only.
	auth_sendonly_l2 string		Choices: enable disable	Enable/disable level 2 authentication send-only.
	default_originate string		Choices: enable disable	Enable/disable distribution of default route information.
	default_originate6 string		Choices: enable disable	Enable/disable distribution of default IPv6 route information.
	dynamic_hostname string		Choices: enable disable	Enable/disable dynamic hostname.
	ignore_lsp_errors string		Choices: enable disable	Enable/disable ignoring of LSP errors with bad checksums.
	is_type string		Choices: level-1-2 level-1 level-2-only	IS type.
	isis_interface list / elements=string			IS-IS interface configuration.
		auth_keychain_l1 string		Authentication key-chain for level 1 PDUs. Source router.key-chain.name.
		auth_keychain_l2 string		Authentication key-chain for level 2 PDUs. Source router.key-chain.name.
		auth_mode_l1 string	Choices: md5 password	Level 1 authentication mode.
		auth_mode_l2 string	Choices: md5 password	Level 2 authentication mode.
		auth_password_l1 string		Authentication password for level 1 PDUs.
		auth_password_l2 string		Authentication password for level 2 PDUs.
		auth_send_only_l1 string	Choices: enable disable	Enable/disable authentication send-only for level 1 PDUs.
		auth_send_only_l2 string	Choices: enable disable	Enable/disable authentication send-only for level 2 PDUs.
		circuit_type string	Choices: level-1-2 level-1 level-2	IS-IS interface"s circuit type
		csnp_interval_l1 integer		Level 1 CSNP interval.
		csnp_interval_l2 integer		Level 2 CSNP interval.
		hello_interval_l1 integer		Level 1 hello interval.
		hello_interval_l2 integer		Level 2 hello interval.
		hello_multiplier_l1 integer		Level 1 multiplier for Hello holding time.
		hello_multiplier_l2 integer		Level 2 multiplier for Hello holding time.
		hello_padding string	Choices: enable disable	Enable/disable padding to IS-IS hello packets.
		lsp_interval integer		LSP transmission interval (milliseconds).
		lsp_retransmit_interval integer		LSP retransmission interval (sec).
		mesh_group string	Choices: enable disable	Enable/disable IS-IS mesh group.
		mesh_group_id integer		Mesh group ID <0-4294967295>, 0: mesh-group blocked.
		metric_l1 integer		Level 1 metric for interface.
		metric_l2 integer		Level 2 metric for interface.
		name string / required		IS-IS interface name. Source system.interface.name.
		network_type string	Choices: broadcast point-to-point loopback	IS-IS interface"s network type
		priority_l1 integer		Level 1 priority.
		priority_l2 integer		Level 2 priority.
		status string	Choices: enable disable	Enable/disable interface for IS-IS.
		status6 string	Choices: enable disable	Enable/disable IPv6 interface for IS-IS.
		wide_metric_l1 integer		Level 1 wide metric for interface.
		wide_metric_l2 integer		Level 2 wide metric for interface.
	isis_net list / elements=string			IS-IS net configuration.
		id integer / required		isis-net ID.
		net string		IS-IS net xx.xxxx. ... .xxxx.xx.
	lsp_gen_interval_l1 integer			Minimum interval for level 1 LSP regenerating.
	lsp_gen_interval_l2 integer			Minimum interval for level 2 LSP regenerating.
	lsp_refresh_interval integer			LSP refresh time in seconds.
	max_lsp_lifetime integer			Maximum LSP lifetime in seconds.
	metric_style string		Choices: narrow wide transition narrow-transition narrow-transition-l1 narrow-transition-l2 wide-l1 wide-l2 wide-transition wide-transition-l1 wide-transition-l2 transition-l1 transition-l2	Use old-style (ISO 10589) or new-style packet formats
	overload_bit string		Choices: enable disable	Enable/disable signal other routers not to use us in SPF.
	overload_bit_on_startup integer			Overload-bit only temporarily after reboot.
	overload_bit_suppress string		Choices: external interlevel	Suppress overload-bit for the specific prefixes.
	redistribute list / elements=string			IS-IS redistribute protocols.
		level string	Choices: level-1-2 level-1 level-2	Level.
		metric integer		Metric.
		metric_type string	Choices: external internal	Metric type.
		protocol string / required		Protocol name.
		routemap string		Route map name. Source router.route-map.name.
		status string	Choices: enable disable	Status.
	redistribute6 list / elements=string			IS-IS IPv6 redistribution for routing protocols.
		level string	Choices: level-1-2 level-1 level-2	Level.
		metric integer		Metric.
		metric_type string	Choices: external internal	Metric type.
		protocol string / required		Protocol name.
		routemap string		Route map name. Source router.route-map.name.
		status string	Choices: enable disable	Enable/disable redistribution.
	redistribute6_l1 string		Choices: enable disable	Enable/disable redistribution of level 1 IPv6 routes into level 2.
	redistribute6_l1_list string			Access-list for IPv6 route redistribution from l1 to l2. Source router.access-list6.name.
	redistribute6_l2 string		Choices: enable disable	Enable/disable redistribution of level 2 IPv6 routes into level 1.
	redistribute6_l2_list string			Access-list for IPv6 route redistribution from l2 to l1. Source router.access-list6.name.
	redistribute_l1 string		Choices: enable disable	Enable/disable redistribution of level 1 routes into level 2.
	redistribute_l1_list string			Access-list for route redistribution from l1 to l2. Source router.access-list.name.
	redistribute_l2 string		Choices: enable disable	Enable/disable redistribution of level 2 routes into level 1.
	redistribute_l2_list string			Access-list for route redistribution from l2 to l1. Source router.access-list.name.
	spf_interval_exp_l1 string			Level 1 SPF calculation delay.
	spf_interval_exp_l2 string			Level 2 SPF calculation delay.
	summary_address list / elements=string			IS-IS summary addresses.
		id integer / required		Summary address entry ID.
		level string	Choices: level-1-2 level-1 level-2	Level.
		prefix string		Prefix.
	summary_address6 list / elements=string			IS-IS IPv6 summary address.
		id integer / required		Prefix entry ID.
		level string	Choices: level-1-2 level-1 level-2	Level.
		prefix6 string		IPv6 prefix.
ssl_verify boolean			Choices: no yes ←	Ensures FortiGate certificate must be verified by a proper CA.
username string				FortiOS or FortiGate username.
vdom string			Default: "root"	Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.

Notes

Note

Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks

Examples

- hosts: fortigates
  collections:
    - fortinet.fortios
  connection: httpapi
  vars:
   vdom: "root"
   ansible_httpapi_use_ssl: yes
   ansible_httpapi_validate_certs: no
   ansible_httpapi_port: 443
  tasks:
  - name: Configure IS-IS.
    fortios_router_isis:
      vdom:  "{{ vdom }}"
      router_isis:
        adjacency_check: "enable"
        adjacency_check6: "enable"
        adv_passive_only: "enable"
        adv_passive_only6: "enable"
        auth_keychain_l1: "<your_own_value> (source router.key-chain.name)"
        auth_keychain_l2: "<your_own_value> (source router.key-chain.name)"
        auth_mode_l1: "password"
        auth_mode_l2: "password"
        auth_password_l1: "<your_own_value>"
        auth_password_l2: "<your_own_value>"
        auth_sendonly_l1: "enable"
        auth_sendonly_l2: "enable"
        default_originate: "enable"
        default_originate6: "enable"
        dynamic_hostname: "enable"
        ignore_lsp_errors: "enable"
        is_type: "level-1-2"
        isis_interface:
         -
            auth_keychain_l1: "<your_own_value> (source router.key-chain.name)"
            auth_keychain_l2: "<your_own_value> (source router.key-chain.name)"
            auth_mode_l1: "md5"
            auth_mode_l2: "md5"
            auth_password_l1: "<your_own_value>"
            auth_password_l2: "<your_own_value>"
            auth_send_only_l1: "enable"
            auth_send_only_l2: "enable"
            circuit_type: "level-1-2"
            csnp_interval_l1: "30"
            csnp_interval_l2: "31"
            hello_interval_l1: "32"
            hello_interval_l2: "33"
            hello_multiplier_l1: "34"
            hello_multiplier_l2: "35"
            hello_padding: "enable"
            lsp_interval: "37"
            lsp_retransmit_interval: "38"
            mesh_group: "enable"
            mesh_group_id: "40"
            metric_l1: "41"
            metric_l2: "42"
            name: "default_name_43 (source system.interface.name)"
            network_type: "broadcast"
            priority_l1: "45"
            priority_l2: "46"
            status: "enable"
            status6: "enable"
            wide_metric_l1: "49"
            wide_metric_l2: "50"
        isis_net:
         -
            id:  "52"
            net: "<your_own_value>"
        lsp_gen_interval_l1: "54"
        lsp_gen_interval_l2: "55"
        lsp_refresh_interval: "56"
        max_lsp_lifetime: "57"
        metric_style: "narrow"
        overload_bit: "enable"
        overload_bit_on_startup: "60"
        overload_bit_suppress: "external"
        redistribute:
         -
            level: "level-1-2"
            metric: "64"
            metric_type: "external"
            protocol: "<your_own_value>"
            routemap: "<your_own_value> (source router.route-map.name)"
            status: "enable"
        redistribute_l1: "enable"
        redistribute_l1_list: "<your_own_value> (source router.access-list.name)"
        redistribute_l2: "enable"
        redistribute_l2_list: "<your_own_value> (source router.access-list.name)"
        redistribute6:
         -
            level: "level-1-2"
            metric: "75"
            metric_type: "external"
            protocol: "<your_own_value>"
            routemap: "<your_own_value> (source router.route-map.name)"
            status: "enable"
        redistribute6_l1: "enable"
        redistribute6_l1_list: "<your_own_value> (source router.access-list6.name)"
        redistribute6_l2: "enable"
        redistribute6_l2_list: "<your_own_value> (source router.access-list6.name)"
        spf_interval_exp_l1: "<your_own_value>"
        spf_interval_exp_l2: "<your_own_value>"
        summary_address:
         -
            id:  "87"
            level: "level-1-2"
            prefix: "<your_own_value>"
        summary_address6:
         -
            id:  "91"
            level: "level-1-2"
            prefix6: "<your_own_value>"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
build string	always	Build number of the fortigate image Sample: 1547
http_method string	always	Last method used to provision the content into FortiGate Sample: PUT
http_status string	always	Last result given by FortiGate on last operation applied Sample: 200
mkey string	success	Master key (id) used in the last call to FortiGate Sample: id
name string	always	Name of the table used to fulfill the request Sample: urlfilter
path string	always	Path of the table used to fulfill the request Sample: webfilter
revision string	always	Internal revision number Sample: 17.0.2.10658
serial string	always	Serial number of the unit Sample: FGVMEVYYQT3AB5352
status string	always	Indication of the operation's result Sample: success
vdom string	always	Virtual domain used Sample: root
version string	always	Version of the FortiGate Sample: v5.6.3

Authors

Link Zheng (@chillancezen)
Hongbin Lu (@fgtdev-hblu)
Frank Shen (@frankshen01)
Jie Xue (@JieX19)
Miguel Angel Munoz (@mamunozgonzalez)
Nicolas Thomas (@thomnico)

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/fortinet/fortios/fortios_router_isis_module.html