dellemc.enterprise_sonic.sonic_bgp_neighbors module – Manage a BGP neighbor and its parameters
Note
This module is part of the dellemc.enterprise_sonic collection (version 2.2.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install dellemc.enterprise_sonic
.
To use it in a playbook, specify: dellemc.enterprise_sonic.sonic_bgp_neighbors
.
New in dellemc.enterprise_sonic 1.0.0
Synopsis
This module provides configuration management of global BGP_NEIGHBORS parameters on devices running Enterprise SONiC.
bgp_as and vrf_name must be created on the device in advance.
Note
This module has a corresponding action plugin.
Parameters
Parameter |
Comments |
---|---|
Specifies the BGP neighbors related configuration. |
|
Specifies the BGP autonomous system (AS) number which is already configured on the device. |
|
Specifies BGP neighbor-related configurations. |
|
Specifies the minimum interval between sending BGP routing updates. The range is from 0 to 600. |
|
Configuration for neighbor group authentication password. |
|
Indicates whether the password is encrypted text. Choices:
|
|
Authentication password for the neighbor group. |
|
Enables or disables BFD. |
|
Link dataplane status with control plane. Choices:
|
|
Enables BFD liveliness check for a BGP neighbor. Choices:
|
|
BFD Profile name. |
|
Specifies capability attributes to this neighbor. |
|
Enables or disables dynamic capability to this neighbor. Choices:
|
|
Enables or disables advertise extended next-hop capability to the peer. Choices:
|
|
Disables EBGP conntected route check. Choices:
|
|
Disables capability negotiation. Choices:
|
|
Allow EBGP neighbors not on directly connected networks. |
|
Enables the referenced group or neighbors to be indirectly connected. Choices:
|
|
Time-to-live value to use when packets are sent to the referenced group or neighbors and ebgp-multihop is enabled. |
|
Enforces the first AS for EBGP routes. Choices:
|
|
Enforces EBGP multihop performance for neighbor. Choices:
|
|
Set the local IP address to use for the session when sending BGP update messages. |
|
Specifies local autonomous system number. |
|
Local autonomous system number. |
|
Do not prepend the local-as number in AS-Path advertisements. Choices:
|
|
Replace the configured AS Number with the local-as number in AS-Path advertisements. Choices:
|
|
A textual description of the neighbor. |
|
Neighbor router address. |
|
Override capability negotiation result. Choices:
|
|
Do not send open messages to this neighbor. Choices:
|
|
The name of the peer group that the neighbor is a member of. |
|
Neighbor’s BGP port. |
|
Remote AS of the BGP neighbor to configure. peer_as and peer_type are mutually exclusive. |
|
Specifies remote AS number. The range is from 1 to 4294967295. |
|
Specifies the type of BGP peer. Choices:
|
|
Add a shutdown message. |
|
Indicates that routes advertised by the peer should not be reflected back to the peer. Choices:
|
|
Enables strict capability negotiation match. Choices:
|
|
Specifies BGP neighbor timer-related configurations. |
|
Time interval in seconds between attempts to establish a session with the peer. The range is from 1 to 65535. |
|
Interval after not receiving a keepalive message that SONiC declares a peer dead, in seconds. The range is from 0 to 65535. |
|
Frequency with which the device sends keepalive messages to its peer, in seconds. The range is from 0 to 65535. |
|
Enforces only the neighbors that are specified number of hops away will be allowed to become neighbors. |
|
Enables BGP with v6 link-local only. Choices:
|
|
Specifies the list of peer groups. |
|
Holds of list of address families associated to the peergroup. |
|
List of address families with afi, safi, activate and allowas-in parameters. afi and safi are required together. |
|
Enable or disable activate. Choices:
|
|
Holds afi mode. Choices:
|
|
Holds AS value. The origin and value are mutually exclusive. |
|
Set AS as the origin. Choices:
|
|
Holds AS number in the range 1-10. |
|
Common configuration attributes for IPv4 and IPv6 unicast address families. |
|
Specifies routing policy definition. |
|
Enable or disable sending of default-route to the peer. Choices:
|
|
Specifies prefix limit attributes. |
|
Maximum number of prefixes that will be accepted from the peer. |
|
Enable or disable teardown of BGP session when maximum prefix limit is exceeded. Choices:
|
|
Time interval in seconds after which the BGP session is re-established after being torn down. |
|
Threshold on number of prefixes that can be received from a peer before generation of warning messages. Expressed as a percentage of max-prefixes. |
|
Inbound route filtering policy for a peer. |
|
Outbound route filtering policy for a peer. |
|
Holds safi mode. Choices:
|
|
Specifies the minimum interval between sending BGP routing updates. The range is from 0 to 600. |
|
Configuration for peer group authentication password. |
|
Indicates whether the password is encrypted text. Choices:
|
|
Authentication password for the peer group. |
|
Enables or disables BFD. |
|
Link dataplane status with control plane. Choices:
|
|
Enables BFD liveliness check for a BGP peer. Choices:
|
|
BFD Profile name. |
|
Specifies capability attributes to this peer group. |
|
Enables or disables dynamic capability to this peer group. Choices:
|
|
Enables or disables advertise extended next-hop capability to the peer. Choices:
|
|
Disables EBGP conntected route check. Choices:
|
|
Disables capability negotiation. Choices:
|
|
Allow EBGP peers not on directly connected networks. |
|
Enables the referenced group or peers to be indirectly connected. Choices:
|
|
Time-to-live value to use when packets are sent to the referenced group or peers and ebgp-multihop is enabled. |
|
Enforces the first AS for EBGP routes. Choices:
|
|
Enforces EBGP multihop performance for peer. Choices:
|
|
Set the local IP address to use for the session when sending BGP update messages. |
|
Specifies local autonomous system number. |
|
Local autonomous system number. |
|
Do not prepend the local-as number in AS-Path advertisements. Choices:
|
|
Replace the configured AS Number with the local-as number in AS-Path advertisements. Choices:
|
|
Name of the peer group. |
|
Override capability negotiation result. Choices:
|
|
Do not send open messages to this peer. Choices:
|
|
A textual description of the peer group. |
|
Remote AS of the BGP peer group to configure. peer_as and peer_type are mutually exclusive. |
|
Specifies remote AS number. The range is from 1 to 4294967295. |
|
Specifies the type of BGP peer. Choices:
|
|
Add a shutdown message. |
|
Indicates that routes advertised by the peer should not be reflected back to the peer. Choices:
|
|
Enables strict capability negotiation match. Choices:
|
|
Specifies BGP peer group timer related configurations. |
|
Time interval in seconds between attempts to establish a session with the peer. The range is from 1 to 65535. |
|
Interval after not receiving a keepalive message that Enterprise SONiC declares a peer dead, in seconds. The range is from 0 to 65535. |
|
Frequency with which the device sends keepalive messages to its peer, in seconds. The range is from 0 to 65535. |
|
Enforces only the peers that are specified number of hops away will be allowed to become peers. |
|
Specifies the VRF name which is already configured on the device. Default: |
|
Specifies the operation to be performed on the BGP process that is configured on the device. In case of merged, the input configuration is merged with the existing BGP configuration on the device. In case of deleted, the existing BGP configuration is removed from the device. Choices:
|
Notes
Note
Tested against Enterprise SONiC Distribution by Dell Technologies.
Supports
check_mode
.
Examples
# Using deleted
#
# Before state:
# -------------
#router bgp 11 vrf VrfCheck2
# network import-check
# timers 60 180
#!
#router bgp 51 vrf VrfReg1
# network import-check
# timers 60 180
# !
# neighbor interface Eth1/3
#!
#router bgp 11
# network import-check
# timers 60 180
# !
# neighbor 192.168.1.4
# !
# peer-group SP1
# bfd
# capability dynamic
# !
# peer-group SP2
# !
#
- name: Deletes all BGP neighbors
dellemc.enterprise_sonic.sonic_bgp_neighbors:
config:
state: deleted
#
# After state:
# -------------
#router bgp 11 vrf VrfCheck2
# network import-check
# timers 60 180
#!
#router bgp 51 vrf VrfReg1
# network import-check
# timers 60 180
#!
#router bgp 11
# network import-check
# timers 60 180
# !
#
# Using merged
#
# Before state:
# ------------
#router bgp 11 vrf VrfCheck2
# network import-check
# timers 60 180
#!
#router bgp 51 vrf VrfReg1
# network import-check
# timers 60 180
#!
#router bgp 11
# network import-check
# timers 60 180
# !
- name: "Adds sonic_bgp_neighbors"
dellemc.enterprise_sonic.sonic_bgp_neighbors:
config:
- bgp_as: 51
neighbors:
- neighbor: Eth1/2
auth_pwd:
pwd: 'pw123'
encrypted: false
dont_negotiate_capability: true
ebgp_multihop:
enabled: true
multihop_ttl: 1
enforce_first_as: true
enforce_multihop: true
local_address: 'Ethernet4'
local_as:
as: 2
no_prepend: true
replace_as: true
nbr_description: "description 1"
override_capability: true
passive: true
port: 3
shutdown_msg: 'msg1'
solo: true
- neighbor: 1.1.1.1
disable_connected_check: true
ttl_security: 5
- bgp_as: 51
vrf_name: VrfReg1
peer_group:
- name: SPINE
bfd:
check_failure: true
enabled: true
profile: 'profile 1'
capability:
dynamic: true
extended_nexthop: true
auth_pwd:
pwd: 'U2FsdGVkX1/4sRsZ624wbAJfDmagPLq2LsGDOcW/47M='
encrypted: true
dont_negotiate_capability: true
ebgp_multihop:
enabled: true
multihop_ttl: 1
enforce_first_as: true
enforce_multihop: true
local_address: 'Ethernet4'
local_as:
as: 2
no_prepend: true
replace_as: true
pg_description: 'description 1'
override_capability: true
passive: true
solo: true
remote_as:
peer_as: 4
- name: SPINE1
disable_connected_check: true
shutdown_msg: "msg1"
strict_capability_match: true
timers:
keepalive: 30
holdtime: 15
connect_retry: 25
ttl_security: 5
address_family:
afis:
- afi: ipv4
safi: unicast
activate: true
allowas_in:
origin: true
- afi: ipv6
safi: unicast
activate: true
allowas_in:
value: 5
neighbors:
- neighbor: Eth1/3
remote_as:
peer_as: 10
peer_group: SPINE
advertisement_interval: 15
timers:
keepalive: 30
holdtime: 15
connect_retry: 25
bfd:
check_failure: true
enabled: true
profile: 'profile 1'
capability:
dynamic: true
extended_nexthop: true
auth_pwd:
pwd: 'U2FsdGVkX199MZ7YOPkOR9O6wEZmtGSgiDfnlcN9hBg='
encrypted: true
nbr_description: 'description 2'
strict_capability_match: true
v6only: true
- neighbor: 192.168.1.4
state: merged
#
# After state:
# ------------
#!
#router bgp 11 vrf VrfCheck2
# network import-check
# timers 60 180
#!
#router bgp 51 vrf VrfReg1
# network import-check
# timers 60 180
# !
# peer-group SPINE1
# timers 15 30
# timers connect 25
# shutdown message msg1
# disable-connected-check
# strict-capability-match
# ttl-security hops 5
# !
# peer-group SPINE
# description "description 1"
# ebgp-multihop 1
# remote-as 4
# bfd check-control-plane-failure profile "profile 1"
# update-source interface Ethernet4
# capability dynamic
# capability extended-nexthop
# dont-capability-negotiate
# enforce-first-as
# enforce-multihop
# local-as 2 no-prepend replace-as
# override-capability
# passive
# password U2FsdGVkX1/4sRsZ624wbAJfDmagPLq2LsGDOcW/47M= encrypted
# solo
# address-family ipv4 unicast
# activate
# allowas-in origin
# send-community both
# !
# address-family ipv6 unicast
# activate
# allowas-in 5
# send-community both
# !
# neighbor interface Eth1/3
# description "description 2"
# peer-group SPINE
# remote-as 10
# timers 15 30
# timers connect 25
# bfd check-control-plane-failure profile "profile 1"
# advertisement-interval 15
# capability extended-nexthop
# capability dynamic
# v6only
# password U2FsdGVkX199MZ7YOPkOR9O6wEZmtGSgiDfnlcN9hBg= encrypted
# strict-capability-match
# !
# neighbor 192.168.1.4
#!
# router bgp 51
# timers 60 180
# neighbor interface Eth1/2
# description "description 1"
# shutdown message msg1
# ebgp-multihop 1
# remote-as external
# update-source interface Ethernet4
# dont-capability-negotiate
# enforce-first-as
# enforce-multihop
# local-as 2 no-prepend replace-as
# override-capability
# passive
# password U2FsdGVkX1+bxMf9TKOhaXRNNaHmywiEVDF2lJ2c000= encrypted
# port 3
# solo
# neighbor 1.1.1.1
# disable-connected-check
# ttl-security hops 5
#router bgp 11
# network import-check
# timers 60 180
#
# Using deleted
#
# Before state:
# ------------
#!
#router bgp 11 vrf VrfCheck2
# network import-check
# timers 60 180
#!
#router bgp 51 vrf VrfReg1
# network import-check
# timers 60 180
# !
# peer-group SPINE
# bfd
# remote-as 4
# !
# neighbor interface Eth1/3
# peer-group SPINE
# remote-as 10
# timers 15 30
# advertisement-interval 15
# bfd
# capability extended-nexthop
# capability dynamic
# !
# neighbor 192.168.1.4
#!
#router bgp 11
# network import-check
# timers 60 18
# !
# peer-group SP
# !
# neighbor interface Eth1/3
#
- name: "Deletes sonic_bgp_neighbors and peer-groups specific to vrfname"
dellemc.enterprise_sonic.sonic_bgp_neighbors:
config:
- bgp_as: 51
vrf_name: VrfReg1
state: deleted
# After state:
# ------------
#!
#router bgp 11 vrf VrfCheck2
# network import-check
# timers 60 180
#!
#router bgp 51 vrf VrfReg1
# network import-check
# timers 60 180
# !
#router bgp 11
# network import-check
# timers 60 18
# !
# peer-group SP
# !
# neighbor interface Eth1/3
#
# Using deleted
#
# Before state:
# -------------
#
#router bgp 51 vrf VrfReg1
# network import-check
# timers 60 180
# !
# peer-group SPINE
# bfd
# remote-as 4
# !
# neighbor interface Eth1/3
# peer-group SPINE
# remote-as 10
# timers 15 30
# advertisement-interval 15
# bfd
# capability extended-nexthop
# capability dynamic
# !
# neighbor 192.168.1.4
# !
- name: "Deletes specific sonic_bgp_neighbors"
dellemc.enterprise_sonic.sonic_bgp_neighbors:
config:
- bgp_as: 51
neighbors:
- neighbor: Eth1/2
auth_pwd:
pwd: 'pw123'
encrypted: false
dont_negotiate_capability: true
ebgp_multihop:
enabled: true
multihop_ttl: 1
enforce_first_as: true
enforce_multihop: true
local_address: 'Ethernet4'
local_as:
as: 2
no_prepend: true
replace_as: true
nbr_description: 'description 1'
override_capability: true
passive: true
port: 3
shutdown_msg: 'msg1'
solo: true
- neighbor: 1.1.1.1
disable_connected_check: true
ttl_security: 5
- bgp_as: 51
vrf_name: VrfReg1
peer_group:
- name: SPINE
bfd:
check_failure: true
enabled: true
profile: 'profile 1'
capability:
dynamic: true
extended_nexthop: true
auth_pwd:
pwd: 'U2FsdGVkX1/4sRsZ624wbAJfDmagPLq2LsGDOcW/47M='
encrypted: true
dont_negotiate_capability: true
ebgp_multihop:
enabled: true
multihop_ttl: 1
enforce_first_as: true
enforce_multihop: true
local_address: 'Ethernet4'
local_as:
as: 2
no_prepend: true
replace_as: true
pg_description: 'description 1'
override_capability: true
passive: true
solo: true
remote_as:
peer_as: 4
- name: SPINE1
disable_connected_check: true
shutdown_msg: "msg1"
strict_capability_match: true
timers:
keepalive: 30
holdtime: 15
connect_retry: 25
ttl_security: 5
neighbors:
- neighbor: Eth1/3
remote_as:
peer_as: 10
peer_group: SPINE
advertisement_interval: 15
timers:
keepalive: 30
holdtime: 15
connect_retry: 25
bfd:
check_failure: true
enabled: true
profile: 'profile 1'
capability:
dynamic: true
extended_nexthop: true
auth_pwd:
pwd: 'U2FsdGVkX199MZ7YOPkOR9O6wEZmtGSgiDfnlcN9hBg='
encrypted: true
nbr_description: 'description 2'
strict_capability_match: true
v6only: true
- neighbor: 192.168.1.4
state: deleted
#
# After state:
# -------------
#
#router bgp 51 vrf VrfReg1
# network import-check
# timers 60 180
# !
# peer-group SPINE1
# !
# peer-group SPINE
# !
# neighbor interface Eth1/3
# !
# neighbor interface Eth1/2
# neighbor 1.1.1.1
#
# Using merged
#
# Before state:
# -------------
#
# sonic# show running-configuration bgp peer-group vrf default
# (No bgp peer-group configuration present)
- name: "Configure BGP peer-group prefix-list attributes"
dellemc.enterprise_sonic.sonic_bgp_neighbors:
config:
- bgp_as: 51
peer_group:
- name: SPINE
address_family:
afis:
- afi: ipv4
safi: unicast
ip_afi:
default_policy_name: rmap_reg1
send_default_route: true
prefix_limit:
max_prefixes: 1
prevent_teardown: true
warning_threshold: 80
prefix_list_in: p1
prefix_list_out: p2
state: merged
# After state:
# ------------
#
# sonic# show running-configuration bgp peer-group vrf default
# !
# peer-group SPINE
# !
# address-family ipv4 unicast
# default-originate route-map rmap_reg1
# prefix-list p1 in
# prefix-list p2 out
# send-community both
# maximum-prefix 1 80 warning-only
#
# Using deleted
#
# Before state:
# -------------
#
# sonic# show running-configuration bgp peer-group vrf default
# !
# peer-group SPINE
# !
# address-family ipv6 unicast
# default-originate route-map rmap_reg2
# prefix-list p1 in
# prefix-list p2 out
# send-community both
# maximum-prefix 5 90 restart 2
- name: "Delete BGP peer-group prefix-list attributes"
dellemc.enterprise_sonic.sonic_bgp_neighbors:
config:
- bgp_as: 51
peer_group:
- name: SPINE
address_family:
afis:
- afi: ipv6
safi: unicast
ip_afi:
default_policy_name: rmap_reg2
send_default_route: true
prefix_limit:
max_prefixes: 5
warning_threshold: 90
restart-timer: 2
prefix_list_in: p1
prefix_list_out: p2
state: deleted
# sonic# show running-configuration bgp peer-group vrf default
# (No bgp peer-group configuration present)
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
The resulting configuration model invocation. Returned: when changed Sample: |
|
The configuration prior to the model invocation. Returned: always Sample: |
|
The set of commands pushed to the remote device. Returned: always Sample: |