fortinet.fortios.fortios_system_npu module – Configure NPU attributes in Fortinet’s FortiOS and FortiGate.

Note

This module is part of the fortinet.fortios collection (version 2.3.8).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install fortinet.fortios. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: fortinet.fortios.fortios_system_npu.

New in fortinet.fortios 2.0.0

Synopsis 

This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify system feature and npu category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0

Requirements 

The below requirements are needed on the host that executes this module.

ansible>=2.15

Parameters 

Parameter	Comments
access_token string	Token-based authentication. Generated from GUI of Fortigate.
enable_log boolean	Enable/Disable logging for task. Choices: `false` ← (default) `true`
member_path string	Member attribute path to operate on. Delimited by a slash character if there are more than one attribute. Parameter marked with member_path is legitimate for doing member operation.
member_state string	Add or delete a member under specified attribute path. When member_state is specified, the state option is ignored. Choices: `"present"` `"absent"`
system_npu dictionary	Configure NPU attributes.
capwap_offload string	Enable/disable offloading managed FortiAP and FortiLink CAPWAP sessions. Choices: `"enable"` `"disable"`
dedicated_management_affinity string	Affinity setting for management daemons (hexadecimal value up to 256 bits in the format of xxxxxxxxxxxxxxxx).
dedicated_management_cpu string	Enable to dedicate one CPU for GUI and CLI connections when NPs are busy. Choices: `"enable"` `"disable"`
default_qos_type string	Set default QoS type. Choices: `"policing"` `"shaping"` `"policing-enhanced"`
dos_options dictionary	NPU DoS configurations.
npu_dos_meter_mode string	Set DoS meter NPU offloading mode. Choices: `"global"` `"local"`
npu_dos_tpe_mode string	Enable/disable insertion of DoS meter ID to session table. Choices: `"enable"` `"disable"`
double_level_mcast_offload string	Enable double level mcast offload. Choices: `"enable"` `"disable"`
dsw_dts_profile list / elements=dictionary	Configure NPU DSW DTS profile.
action string	Set NPU DSW DTS profile action. Choices: `"wait"` `"drop"` `"drop_tmr_0"` `"drop_tmr_1"` `"enque"` `"enque_0"` `"enque_1"`
min_limit integer	Set NPU DSW DTS profile min-limt.
profile_id integer / required	Set NPU DSW DTS profile profile id. see <a href=’#notes’>Notes</a>.
step integer	Set NPU DSW DTS profile step.
dsw_queue_dts_profile list / elements=dictionary	Configure NPU DSW Queue DTS profile.
iport string	Set NPU DSW DTS in port. Choices: `"eif0"` `"eif1"` `"eif2"` `"eif3"` `"eif4"` `"eif5"` `"eif6"` `"eif7"` `"htx0"` `"htx1"` `"sse0"` `"sse1"` `"sse2"` `"sse3"` `"rlt"` `"dfr"` `"ipseci"` `"ipseco"` `"ipti"` `"ipto"` `"vep0"` `"vep2"` `"vep4"` `"vep6"` `"ivs"` `"l2ti1"` `"l2to"` `"l2ti0"` `"ple"` `"spath"` `"qtm"`
name string / required	Name.
oport string	Set NPU DSW DTS out port. Choices: `"eif0"` `"eif1"` `"eif2"` `"eif3"` `"eif4"` `"eif5"` `"eif6"` `"eif7"` `"hrx"` `"sse0"` `"sse1"` `"sse2"` `"sse3"` `"rlt"` `"dfr"` `"ipseci"` `"ipseco"` `"ipti"` `"ipto"` `"vep0"` `"vep2"` `"vep4"` `"vep6"` `"ivs"` `"l2ti1"` `"l2to"` `"l2ti0"` `"ple"` `"sync"` `"nss"` `"tsk"` `"qtm"`
profile_id integer	Set NPU DSW DTS profile ID.
queue_select integer	Set NPU DSW DTS queue ID select (0 - reset to default).
fastpath string	Enable/disable NP6 offloading (also called fast path). Choices: `"disable"` `"enable"`
fp_anomaly dictionary	IPv4/IPv6 anomaly protection.
icmp_csum_err string	Invalid IPv4 ICMP checksum anomalies. Choices: `"drop"` `"trap-to-host"`
icmp_frag string	Layer 3 fragmented packets that could be part of layer 4 ICMP anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
icmp_land string	ICMP land anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv4_csum_err string	Invalid IPv4 IP checksum anomalies. Choices: `"drop"` `"trap-to-host"`
ipv4_land string	Land anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv4_optlsrr string	Loose source record route option anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv4_optrr string	Record route option anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv4_optsecurity string	Security option anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv4_optssrr string	Strict source record route option anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv4_optstream string	Stream option anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv4_opttimestamp string	Timestamp option anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv4_proto_err string	Invalid layer 4 protocol anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv4_unknopt string	Unknown option anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv6_daddr_err string	Destination address as unspecified or loopback address anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv6_land string	Land anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv6_optendpid string	End point identification anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv6_opthomeaddr string	Home address option anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv6_optinvld string	Invalid option anomalies.Invalid option anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv6_optjumbo string	Jumbo options anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv6_optnsap string	Network service access point address option anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv6_optralert string	Router alert option anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv6_opttunnel string	Tunnel encapsulation limit option anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv6_proto_err string	Layer 4 invalid protocol anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv6_saddr_err string	Source address as multicast anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
ipv6_unknopt string	Unknown option anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
tcp_csum_err string	Invalid IPv4 TCP checksum anomalies. Choices: `"drop"` `"trap-to-host"`
tcp_fin_noack string	TCP SYN flood with FIN flag set without ACK setting anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
tcp_fin_only string	TCP SYN flood with only FIN flag set anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
tcp_land string	TCP land anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
tcp_no_flag string	TCP SYN flood with no flag set anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
tcp_syn_data string	TCP SYN flood packets with data anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
tcp_syn_fin string	TCP SYN flood SYN/FIN flag set anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
tcp_winnuke string	TCP WinNuke anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
udp_csum_err string	Invalid IPv4 UDP checksum anomalies. Choices: `"drop"` `"trap-to-host"`
udp_land string	UDP land anomalies. Choices: `"allow"` `"drop"` `"trap-to-host"`
gtp_enhanced_cpu_range string	GTP enhanced CPU range option. Choices: `"0"` `"1"` `"2"`
gtp_enhanced_mode string	Enable/disable GTP enhanced mode. Choices: `"enable"` `"disable"`
gtp_support string	Enable/Disable NP7 GTP support Choices: `"enable"` `"disable"`
hash_tbl_spread string	Enable/disable hash table entry spread . Choices: `"enable"` `"disable"`
hpe dictionary	Host protection engine configuration.
all_protocol integer	Maximum packet rate of each host queue except high priority traffic(1K - 32M pps), set 0 to disable.
arp_max integer	Maximum ARP packet rate (1K - 32M pps). Entry is valid when ARP is removed from high-priority traffic.
enable_shaper string	Enable/Disable NPU Host Protection Engine (HPE) for packet type shaper. Choices: `"disable"` `"enable"`
esp_max integer	Maximum ESP packet rate (1K - 32M pps).
high_priority integer	Maximum packet rate for high priority traffic packets (1K - 32M pps).
icmp_max integer	Maximum ICMP packet rate (1K - 32M pps).
ip_frag_max integer	Maximum fragmented IP packet rate (1K - 32M pps).
ip_others_max integer	Maximum IP packet rate for other packets (packet types that cannot be set with other options) (1K - 32G pps).
l2_others_max integer	Maximum L2 packet rate for L2 packets that are not ARP packets (1K - 32M pps).
sctp_max integer	Maximum SCTP packet rate (1K - 32M pps).
tcp_max integer	Maximum TCP packet rate (1K - 32M pps).
tcpfin_rst_max integer	Maximum TCP carries FIN or RST flags packet rate (1K - 32M pps).
tcpsyn_ack_max integer	Maximum TCP carries SYN and ACK flags packet rate (1K - 32M pps).
tcpsyn_max integer	Maximum TCP SYN packet rate (1K - 40M pps).
udp_max integer	Maximum UDP packet rate (1K - 32M pps).
htab_dedi_queue_nr integer	Set the number of dedicate queue for hash table messages.
htab_msg_queue string	Set hash table message queue mode. Choices: `"data"` `"idle"` `"dedicated"`
htx_icmp_csum_chk string	Set HTX icmp csum checking mode. Choices: `"drop"` `"pass"`
inbound_dscp_copy_port list / elements=dictionary	Physical interfaces that support inbound-dscp-copy.
interface string / required	Physical interface name.
intf_shaping_offload string	Enable/disable NPU offload when doing interface-based traffic shaping according to the egress-shaping-profile. Choices: `"enable"` `"disable"`
ip_fragment_offload string	Enable/disable NP7 NPU IP fragment offload. Choices: `"disable"` `"enable"`
ip_reassembly dictionary	IP reassebmly engine configuration.
max_timeout integer	Maximum timeout value for IP reassembly (5 us - 600,000,000 us).
min_timeout integer	Minimum timeout value for IP reassembly (5 us - 600,000,000 us).
status string	Set IP reassembly processing status. Choices: `"disable"` `"enable"`
ipsec_dec_subengine_mask string	IPsec decryption subengine mask (0x1 - 0xff).
ipsec_enc_subengine_mask string	IPsec encryption subengine mask (0x1 - 0xff).
ipsec_inbound_cache string	Enable/disable IPsec inbound cache for anti-replay. Choices: `"enable"` `"disable"`
ipsec_mtu_override string	Enable/disable NP6 IPsec MTU override. Choices: `"disable"` `"enable"`
ipsec_ob_np_sel string	IPsec NP selection for OB SA offloading. Choices: `"rr"` `"Packet"` `"Hash"`
ipsec_over_vlink string	Enable/disable IPsec over vlink. Choices: `"enable"` `"disable"`
isf_np_queues dictionary	Configure queues of switch port connected to NP6 XAUI on ingress path.
cos0 string	CoS profile name for CoS 0. Source system.isf-queue-profile.name.
cos1 string	CoS profile name for CoS 1. Source system.isf-queue-profile.name.
cos2 string	CoS profile name for CoS 2. Source system.isf-queue-profile.name.
cos3 string	CoS profile name for CoS 3. Source system.isf-queue-profile.name.
cos4 string	CoS profile name for CoS 4. Source system.isf-queue-profile.name.
cos5 string	CoS profile name for CoS 5. Source system.isf-queue-profile.name.
cos6 string	CoS profile name for CoS 6. Source system.isf-queue-profile.name.
cos7 string	CoS profile name for CoS 7. Source system.isf-queue-profile.name.
lag_out_port_select string	Enable/disable LAG outgoing port selection based on incoming traffic port. Choices: `"disable"` `"enable"`
max_receive_unit integer	Set the maximum packet size for receive, larger packets will be silently dropped.
max_session_timeout integer	Maximum time interval for refreshing NPU-offloaded sessions (10 - 1000 sec).
mcast_session_accounting string	Enable/disable traffic accounting for each multicast session through TAE counter. Choices: `"tpe-based"` `"session-based"` `"disable"`
napi_break_interval integer	NAPI break interval .
np_queues dictionary	Configure queue assignment on NP7.
ethernet_type list / elements=dictionary	Configure a NP7 QoS Ethernet Type.
name string / required	Ethernet Type Name.
queue integer	Queue Number.
type string	Ethernet Type.
weight integer	Class Weight.
ip_protocol list / elements=dictionary	Configure a NP7 QoS IP Protocol.
name string / required	IP Protocol Name.
protocol integer	IP Protocol.
queue integer	Queue Number.
weight integer	Class Weight.
ip_service list / elements=dictionary	Configure a NP7 QoS IP Service.
dport integer	Destination port.
name string / required	IP service name.
protocol integer	IP protocol.
queue integer	Queue number.
sport integer	Source port.
weight integer	Class weight.
profile list / elements=dictionary	Configure a NP7 class profile.
cos0 string	Queue number of CoS 0. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
cos1 string	Queue number of CoS 1. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
cos2 string	Queue number of CoS 2. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
cos3 string	Queue number of CoS 3. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
cos4 string	Queue number of CoS 4. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
cos5 string	Queue number of CoS 5. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
cos6 string	Queue number of CoS 6. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
cos7 string	Queue number of CoS 7. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp0 string	Queue number of DSCP 0. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp1 string	Queue number of DSCP 1. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp10 string	Queue number of DSCP 10. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp11 string	Queue number of DSCP 11. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp12 string	Queue number of DSCP 12. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp13 string	Queue number of DSCP 13. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp14 string	Queue number of DSCP 14. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp15 string	Queue number of DSCP 15. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp16 string	Queue number of DSCP 16. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp17 string	Queue number of DSCP 17. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp18 string	Queue number of DSCP 18. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp19 string	Queue number of DSCP 19. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp2 string	Queue number of DSCP 2. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp20 string	Queue number of DSCP 20. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp21 string	Queue number of DSCP 21. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp22 string	Queue number of DSCP 22. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp23 string	Queue number of DSCP 23. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp24 string	Queue number of DSCP 24. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp25 string	Queue number of DSCP 25. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp26 string	Queue number of DSCP 26. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp27 string	Queue number of DSCP 27. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp28 string	Queue number of DSCP 28. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp29 string	Queue number of DSCP 29. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp3 string	Queue number of DSCP 3. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp30 string	Queue number of DSCP 30. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp31 string	Queue number of DSCP 31. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp32 string	Queue number of DSCP 32. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp33 string	Queue number of DSCP 33. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp34 string	Queue number of DSCP 34. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp35 string	Queue number of DSCP 35. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp36 string	Queue number of DSCP 36. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp37 string	Queue number of DSCP 37. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp38 string	Queue number of DSCP 38. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp39 string	Queue number of DSCP 39. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp4 string	Queue number of DSCP 4. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp40 string	Queue number of DSCP 40. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp41 string	Queue number of DSCP 41. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp42 string	Queue number of DSCP 42. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp43 string	Queue number of DSCP 43. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp44 string	Queue number of DSCP 44. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp45 string	Queue number of DSCP 45. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp46 string	Queue number of DSCP 46. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp47 string	Queue number of DSCP 47. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp48 string	Queue number of DSCP 48. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp49 string	Queue number of DSCP 49. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp5 string	Queue number of DSCP 5. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp50 string	Queue number of DSCP 50. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp51 string	Queue number of DSCP 51. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp52 string	Queue number of DSCP 52. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp53 string	Queue number of DSCP 53. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp54 string	Queue number of DSCP 54. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp55 string	Queue number of DSCP 55. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp56 string	Queue number of DSCP 56. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp57 string	Queue number of DSCP 57. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp58 string	Queue number of DSCP 58. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp59 string	Queue number of DSCP 59. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp6 string	Queue number of DSCP 6. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp60 string	Queue number of DSCP 60. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp61 string	Queue number of DSCP 61. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp62 string	Queue number of DSCP 62. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp63 string	Queue number of DSCP 63. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp7 string	Queue number of DSCP 7. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp8 string	Queue number of DSCP 8. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
dscp9 string	Queue number of DSCP 9. Choices: `"queue0"` `"queue1"` `"queue2"` `"queue3"` `"queue4"` `"queue5"` `"queue6"` `"queue7"`
id integer / required	Profile ID. see <a href=’#notes’>Notes</a>.
type string	Profile type. Choices: `"cos"` `"dscp"`
weight integer	Class weight.
scheduler list / elements=dictionary	Configure a NP7 QoS Scheduler.
mode string	Scheduler mode. Choices: `"none"` `"priority"` `"round-robin"`
name string / required	Scheduler name.
npu_group_effective_scope integer	npu-group-effective-scope defines under which npu-group cmds such as list/purge will be excecuted. Default scope is for all four HS-ok groups. (0-3).
npu_tcam list / elements=dictionary	Configure NPU TCAM policies.
data dictionary	Data fields of TCAM.
df string	tcam data ip flag df. Choices: `"enable"` `"disable"`
dstip string	tcam data dst ipv4 address.
dstipv6 string	tcam data dst ipv6 address.
dstmac string	tcam data dst macaddr.
dstport integer	tcam data L4 dst port.
ethertype string	tcam data ethertype.
ext_tag string	tcam data extension tag. Choices: `"enable"` `"disable"`
frag_off integer	tcam data ip flag fragment offset.
gen_buf_cnt integer	tcam data gen info buffer count.
gen_iv string	tcam data gen info iv. Choices: `"valid"` `"invalid"`
gen_l3_flags integer	tcam data gen info L3 flags.
gen_l4_flags integer	tcam data gen info L4 flags.
gen_pkt_ctrl integer	tcam data gen info packet control.
gen_pri integer	tcam data gen info priority.
gen_pri_v string	tcam data gen info priority valid. Choices: `"valid"` `"invalid"`
gen_tv string	tcam data gen info tv. Choices: `"valid"` `"invalid"`
ihl integer	tcam data ipv4 IHL.
ip4_id integer	tcam data ipv4 id.
ip6_fl integer	tcam data ipv6 flow label.
ipver integer	tcam data ip header version.
l4_wd10 integer	tcam data L4 word10.
l4_wd11 integer	tcam data L4 word11.
l4_wd8 integer	tcam data L4 word8.
l4_wd9 integer	tcam data L4 word9.
mf string	tcam data ip flag mf. Choices: `"enable"` `"disable"`
protocol integer	tcam data ip protocol.
slink integer	tcam data sublink.
smac_change string	tcam data source MAC change. Choices: `"enable"` `"disable"`
sp integer	tcam data source port.
src_cfi string	tcam data source cfi. Choices: `"enable"` `"disable"`
src_prio integer	tcam data source priority.
src_updt string	tcam data source update. Choices: `"enable"` `"disable"`
srcip string	tcam data src ipv4 address.
srcipv6 string	tcam data src ipv6 address.
srcmac string	tcam data src macaddr.
srcport integer	tcam data L4 src port.
svid integer	tcam data source vid.
tcp_ack string	tcam data tcp flag ack. Choices: `"enable"` `"disable"`
tcp_cwr string	tcam data tcp flag cwr. Choices: `"enable"` `"disable"`
tcp_ece string	tcam data tcp flag ece. Choices: `"enable"` `"disable"`
tcp_fin string	tcam data tcp flag fin. Choices: `"enable"` `"disable"`
tcp_push string	tcam data tcp flag push. Choices: `"enable"` `"disable"`
tcp_rst string	tcam data tcp flag rst. Choices: `"enable"` `"disable"`
tcp_syn string	tcam data tcp flag syn. Choices: `"enable"` `"disable"`
tcp_urg string	tcam data tcp flag urg. Choices: `"enable"` `"disable"`
tgt_cfi string	tcam data target cfi. Choices: `"enable"` `"disable"`
tgt_prio integer	tcam data target priority.
tgt_updt string	tcam data target port update. Choices: `"enable"` `"disable"`
tgt_v string	tcam data target valid. Choices: `"valid"` `"invalid"`
tos integer	tcam data ip tos.
tp integer	tcam data target port.
ttl integer	tcam data ip ttl.
tvid integer	tcam data target vid.
vdid integer	tcam data vdom id.
mask dictionary	Mask fields of TCAM.
df string	tcam mask ip flag df. Choices: `"enable"` `"disable"`
dstip string	tcam mask dst ipv4 address.
dstipv6 string	tcam mask dst ipv6 address.
dstmac string	tcam mask dst macaddr.
dstport integer	tcam mask L4 dst port.
ethertype string	tcam mask ethertype.
ext_tag string	tcam mask extension tag. Choices: `"enable"` `"disable"`
frag_off integer	tcam data ip flag fragment offset.
gen_buf_cnt integer	tcam mask gen info buffer count.
gen_iv string	tcam mask gen info iv. Choices: `"valid"` `"invalid"`
gen_l3_flags integer	tcam mask gen info L3 flags.
gen_l4_flags integer	tcam mask gen info L4 flags.
gen_pkt_ctrl integer	tcam mask gen info packet control.
gen_pri integer	tcam mask gen info priority.
gen_pri_v string	tcam mask gen info priority valid. Choices: `"valid"` `"invalid"`
gen_tv string	tcam mask gen info tv. Choices: `"valid"` `"invalid"`
ihl integer	tcam mask ipv4 IHL.
ip4_id integer	tcam mask ipv4 id.
ip6_fl integer	tcam mask ipv6 flow label.
ipver integer	tcam mask ip header version.
l4_wd10 integer	tcam mask L4 word10.
l4_wd11 integer	tcam mask L4 word11.
l4_wd8 integer	tcam mask L4 word8.
l4_wd9 integer	tcam mask L4 word9.
mf string	tcam mask ip flag mf. Choices: `"enable"` `"disable"`
protocol integer	tcam mask ip protocol.
slink integer	tcam mask sublink.
smac_change string	tcam mask source MAC change. Choices: `"enable"` `"disable"`
sp integer	tcam mask source port.
src_cfi string	tcam mask source cfi. Choices: `"enable"` `"disable"`
src_prio integer	tcam mask source priority.
src_updt string	tcam mask source update. Choices: `"enable"` `"disable"`
srcip string	tcam mask src ipv4 address.
srcipv6 string	tcam mask src ipv6 address.
srcmac string	tcam mask src macaddr.
srcport integer	tcam mask L4 src port.
svid integer	tcam mask source vid.
tcp_ack string	tcam mask tcp flag ack. Choices: `"enable"` `"disable"`
tcp_cwr string	tcam mask tcp flag cwr. Choices: `"enable"` `"disable"`
tcp_ece string	tcam mask tcp flag ece. Choices: `"enable"` `"disable"`
tcp_fin string	tcam mask tcp flag fin. Choices: `"enable"` `"disable"`
tcp_push string	tcam mask tcp flag push. Choices: `"enable"` `"disable"`
tcp_rst string	tcam mask tcp flag rst. Choices: `"enable"` `"disable"`
tcp_syn string	tcam mask tcp flag syn. Choices: `"enable"` `"disable"`
tcp_urg string	tcam mask tcp flag urg. Choices: `"enable"` `"disable"`
tgt_cfi string	tcam mask target cfi. Choices: `"enable"` `"disable"`
tgt_prio integer	tcam mask target priority.
tgt_updt string	tcam mask target port update. Choices: `"enable"` `"disable"`
tgt_v string	tcam mask target valid. Choices: `"valid"` `"invalid"`
tos integer	tcam mask ip tos.
tp integer	tcam mask target port.
ttl integer	tcam mask ip ttl.
tvid integer	tcam mask target vid.
vdid integer	tcam mask vdom id.
mir_act dictionary	Mirror action of TCAM.
vlif integer	tcam mirror action vlif.
name string / required	NPU TCAM policies name.
oid integer	NPU TCAM OID.
pri_act dictionary	Priority action of TCAM.
priority integer	tcam priority action priority.
weight integer	tcam priority action weight.
sact dictionary	Source action of TCAM.
act integer	tcam sact act.
act_v string	Enable to set sact act. Choices: `"enable"` `"disable"`
bmproc integer	tcam sact bmproc.
bmproc_v string	Enable to set sact bmproc. Choices: `"enable"` `"disable"`
df_lif integer	tcam sact df-lif.
df_lif_v string	Enable to set sact df-lif. Choices: `"enable"` `"disable"`
dfr integer	tcam sact dfr.
dfr_v string	Enable to set sact dfr. Choices: `"enable"` `"disable"`
dmac_skip integer	tcam sact dmac-skip.
dmac_skip_v string	Enable to set sact dmac-skip. Choices: `"enable"` `"disable"`
dosen integer	tcam sact dosen.
dosen_v string	Enable to set sact dosen. Choices: `"enable"` `"disable"`
espff_proc integer	tcam sact espff-proc.
espff_proc_v string	Enable to set sact espff-proc. Choices: `"enable"` `"disable"`
etype_pid integer	tcam sact etype-pid.
etype_pid_v string	Enable to set sact etype-pid. Choices: `"enable"` `"disable"`
frag_proc integer	tcam sact frag-proc.
frag_proc_v string	Enable to set sact frag-proc. Choices: `"enable"` `"disable"`
fwd integer	tcam sact fwd.
fwd_lif integer	tcam sact fwd-lif.
fwd_lif_v string	Enable to set sact fwd-lif. Choices: `"enable"` `"disable"`
fwd_tvid integer	tcam sact fwd-tvid.
fwd_tvid_v string	Enable to set sact fwd-vid. Choices: `"enable"` `"disable"`
fwd_v string	Enable to set sact fwd. Choices: `"enable"` `"disable"`
icpen integer	tcam sact icpen.
icpen_v string	Enable to set sact icpen. Choices: `"enable"` `"disable"`
igmp_mld_snp integer	tcam sact igmp-mld-snp.
igmp_mld_snp_v string	Enable to set sact igmp-mld-snp. Choices: `"enable"` `"disable"`
learn integer	tcam sact learn.
learn_v string	Enable to set sact learn. Choices: `"enable"` `"disable"`
m_srh_ctrl integer	tcam sact m-srh-ctrl.
m_srh_ctrl_v string	Enable to set sact m-srh-ctrl. Choices: `"enable"` `"disable"`
mac_id integer	tcam sact mac-id.
mac_id_v string	Enable to set sact mac-id. Choices: `"enable"` `"disable"`
mss integer	tcam sact mss.
mss_v string	Enable to set sact mss. Choices: `"enable"` `"disable"`
pleen integer	tcam sact pleen.
pleen_v string	Enable to set sact pleen. Choices: `"enable"` `"disable"`
prio_pid integer	tcam sact prio-pid.
prio_pid_v string	Enable to set sact prio-pid. Choices: `"enable"` `"disable"`
promis integer	tcam sact promis.
promis_v string	Enable to set sact promis. Choices: `"enable"` `"disable"`
rfsh integer	tcam sact rfsh.
rfsh_v string	Enable to set sact rfsh. Choices: `"enable"` `"disable"`
smac_skip integer	tcam sact smac-skip.
smac_skip_v string	Enable to set sact smac-skip. Choices: `"enable"` `"disable"`
tp_smchk integer	tcam sact tp mode.
tp_smchk_v string	Enable to set sact tp mode. Choices: `"enable"` `"disable"`
tpe_id integer	tcam sact tpe-id.
tpe_id_v string	Enable to set sact tpe-id. Choices: `"enable"` `"disable"`
vdm integer	tcam sact vdm.
vdm_v string	Enable to set sact vdm. Choices: `"enable"` `"disable"`
vdom_id integer	tcam sact vdom-id.
vdom_id_v string	Enable to set sact vdom-id. Choices: `"enable"` `"disable"`
x_mode integer	tcam sact x-mode.
x_mode_v string	Enable to set sact x-mode. Choices: `"enable"` `"disable"`
tact dictionary	Target action of TCAM.
act integer	tcam tact act.
act_v string	Enable to set tact act. Choices: `"enable"` `"disable"`
fmtuv4_s integer	tcam tact fmtuv4-s.
fmtuv4_s_v string	Enable to set tact fmtuv4-s. Choices: `"enable"` `"disable"`
fmtuv6_s integer	tcam tact fmtuv6-s.
fmtuv6_s_v string	Enable to set tact fmtuv6-s. Choices: `"enable"` `"disable"`
lnkid integer	tcam tact lnkid.
lnkid_v string	Enable to set tact lnkid. Choices: `"enable"` `"disable"`
mac_id integer	tcam tact mac-id.
mac_id_v string	Enable to set tact mac-id. Choices: `"enable"` `"disable"`
mss_t integer	tcam tact mss.
mss_t_v string	Enable to set tact mss. Choices: `"enable"` `"disable"`
mtuv4 integer	tcam tact mtuv4.
mtuv4_v string	Enable to set tact mtuv4. Choices: `"enable"` `"disable"`
mtuv6 integer	tcam tact mtuv6.
mtuv6_v string	Enable to set tact mtuv6. Choices: `"enable"` `"disable"`
slif_act integer	tcam tact slif-act.
slif_act_v string	Enable to set tact slif-act. Choices: `"enable"` `"disable"`
sublnkid integer	tcam tact sublnkid.
sublnkid_v string	Enable to set tact sublnkid. Choices: `"enable"` `"disable"`
tgtv_act integer	tcam tact tgtv-act.
tgtv_act_v string	Enable to set tact tgtv-act. Choices: `"enable"` `"disable"`
tlif_act integer	tcam tact tlif-act.
tlif_act_v string	Enable to set tact tlif-act. Choices: `"enable"` `"disable"`
tpeid integer	tcam tact tpeid.
tpeid_v string	Enable to set tact tpeid. Choices: `"enable"` `"disable"`
v6fe integer	tcam tact v6fe.
v6fe_v string	Enable to set tact v6fe. Choices: `"enable"` `"disable"`
vep_en integer	tcam tact vep_en.
vep_en_v string	Enable to set tact vep-en. Choices: `"enable"` `"disable"`
vep_slid integer	tcam tact vep_slid.
vep_slid_v string	Enable to set tact vep-slid. Choices: `"enable"` `"disable"`
xlt_lif integer	tcam tact xlt-lif.
xlt_lif_v string	Enable to set tact xlt-lif. Choices: `"enable"` `"disable"`
xlt_vid integer	tcam tact xlt-vid.
xlt_vid_v string	Enable to set tact xlt-vid. Choices: `"enable"` `"disable"`
type string	TCAM policy type. Choices: `"L2_src_tc"` `"L2_tgt_tc"` `"L2_src_mir"` `"L2_tgt_mir"` `"L2_src_act"` `"L2_tgt_act"` `"IPv4_src_tc"` `"IPv4_tgt_tc"` `"IPv4_src_mir"` `"IPv4_tgt_mir"` `"IPv4_src_act"` `"IPv4_tgt_act"` `"IPv6_src_tc"` `"IPv6_tgt_tc"` `"IPv6_src_mir"` `"IPv6_tgt_mir"` `"IPv6_src_act"` `"IPv6_tgt_act"`
vid integer	NPU TCAM VID.
per_session_accounting string	Set per-session accounting. Choices: `"traffic-log-only"` `"disable"` `"enable"`
port_cpu_map list / elements=dictionary	Configure NPU interface to CPU core mapping.
cpu_core string	The CPU core to map to an interface.
interface string / required	The interface to map to a CPU core.
port_npu_map list / elements=dictionary	Configure port to NPU group mapping.
interface string / required	Set NPU interface port for NPU group mapping.
npu_group_index integer	Mapping NPU group index.
port_path_option dictionary	Configure port using NPU or Intel-NIC.
ports_using_npu list / elements=dictionary	Set ha/aux ports to handle traffic with NPU (otherwise traffic goes to Intel-NIC and then CPU).
interface_name string / required	Available interfaces for NPU path.
priority_protocol dictionary	Configure NPU priority protocol.
bfd string	Enable/disable NPU BFD priority protocol. Choices: `"enable"` `"disable"`
bgp string	Enable/disable NPU BGP priority protocol. Choices: `"enable"` `"disable"`
slbc string	Enable/disable NPU SLBC priority protocol. Choices: `"enable"` `"disable"`
qos_mode string	QoS mode on switch and NP. Choices: `"disable"` `"priority"` `"round-robin"`
qtm_buf_mode string	QTM channel configuration for packet buffer. Choices: `"6ch"` `"4ch"`
rdp_offload string	Enable/disable RDP offload. Choices: `"enable"` `"disable"`
session_acct_interval integer	Session accounting update interval (1 - 10 sec).
session_denied_offload string	Enable/disable offloading of denied sessions. Requires ses-denied-traffic to be set. Choices: `"disable"` `"enable"`
shaping_stats string	Enable/disable NP7 traffic shaping statistics . Choices: `"disable"` `"enable"`
sse_backpressure string	Enable/disable SSE backpressure. Choices: `"enable"` `"disable"`
strip_clear_text_padding string	Enable/disable stripping clear text padding. Choices: `"enable"` `"disable"`
strip_esp_padding string	Enable/disable stripping ESP padding. Choices: `"enable"` `"disable"`
sw_eh_hash dictionary	Configure switch enhanced hashing.
computation string	Set hashing computation. Choices: `"xor16"` `"xor8"` `"xor4"` `"crc16"`
destination_ip_lower_16 string	Include/exclude destination IP address lower 16 bits. Choices: `"include"` `"exclude"`
destination_ip_upper_16 string	Include/exclude destination IP address upper 16 bits. Choices: `"include"` `"exclude"`
destination_port string	Include/exclude destination port if TCP/UDP. Choices: `"include"` `"exclude"`
ip_protocol string	Include/exclude IP protocol. Choices: `"include"` `"exclude"`
netmask_length integer	Network mask length.
source_ip_lower_16 string	Include/exclude source IP address lower 16 bits. Choices: `"include"` `"exclude"`
source_ip_upper_16 string	Include/exclude source IP address upper 16 bits. Choices: `"include"` `"exclude"`
source_port string	Include/exclude source port if TCP/UDP. Choices: `"include"` `"exclude"`
sw_np_bandwidth string	Bandwidth from switch to NP. Choices: `"0G"` `"2G"` `"4G"` `"5G"` `"6G"` `"7G"` `"8G"` `"9G"`
sw_tr_hash dictionary	Configure switch traditional hashing.
draco15 string	Enable/disable DRACO15 hashing. Choices: `"enable"` `"disable"`
tcp_udp_port string	Include/exclude TCP/UDP source and destination port for unicast trunk traffic. Choices: `"include"` `"exclude"`
tunnel_over_vlink string	Enable/disable selection of which NP6 chip the tunnel uses . Choices: `"enable"` `"disable"`
uesp_offload string	Enable/disable UDP-encapsulated ESP offload . Choices: `"enable"` `"disable"`
ull_port_mode string	Set ULL port”s speed to 10G/25G . Choices: `"10G"` `"25G"`
vlan_lookup_cache string	Enable/disable vlan lookup cache . Choices: `"enable"` `"disable"`
vdom string	Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. Default: `"root"`

Notes 

Note

Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks

Examples 

- name: Configure NPU attributes.
  fortinet.fortios.fortios_system_npu:
      vdom: "{{ vdom }}"
      system_npu:
          capwap_offload: "enable"
          dedicated_management_affinity: "<your_own_value>"
          dedicated_management_cpu: "enable"
          default_qos_type: "policing"
          dos_options:
              npu_dos_meter_mode: "global"
              npu_dos_tpe_mode: "enable"
          double_level_mcast_offload: "enable"
          dsw_dts_profile:
              -
                  action: "wait"
                  min_limit: "0"
                  profile_id: "<you_own_value>"
                  step: "0"
          dsw_queue_dts_profile:
              -
                  iport: "eif0"
                  name: "default_name_18"
                  oport: "eif0"
                  profile_id: "0"
                  queue_select: "0"
          fastpath: "disable"
          fp_anomaly:
              icmp_csum_err: "drop"
              icmp_frag: "allow"
              icmp_land: "allow"
              ipv4_csum_err: "drop"
              ipv4_land: "allow"
              ipv4_optlsrr: "allow"
              ipv4_optrr: "allow"
              ipv4_optsecurity: "allow"
              ipv4_optssrr: "allow"
              ipv4_optstream: "allow"
              ipv4_opttimestamp: "allow"
              ipv4_proto_err: "allow"
              ipv4_unknopt: "allow"
              ipv6_daddr_err: "allow"
              ipv6_land: "allow"
              ipv6_optendpid: "allow"
              ipv6_opthomeaddr: "allow"
              ipv6_optinvld: "allow"
              ipv6_optjumbo: "allow"
              ipv6_optnsap: "allow"
              ipv6_optralert: "allow"
              ipv6_opttunnel: "allow"
              ipv6_proto_err: "allow"
              ipv6_saddr_err: "allow"
              ipv6_unknopt: "allow"
              tcp_csum_err: "drop"
              tcp_fin_noack: "allow"
              tcp_fin_only: "allow"
              tcp_land: "allow"
              tcp_no_flag: "allow"
              tcp_syn_data: "allow"
              tcp_syn_fin: "allow"
              tcp_winnuke: "allow"
              udp_csum_err: "drop"
              udp_land: "allow"
          gtp_enhanced_cpu_range: "0"
          gtp_enhanced_mode: "enable"
          gtp_support: "enable"
          hash_tbl_spread: "enable"
          hpe:
              all_protocol: "400000"
              arp_max: "5000"
              enable_shaper: "disable"
              esp_max: "5000"
              high_priority: "400000"
              icmp_max: "5000"
              ip_frag_max: "5000"
              ip_others_max: "5000"
              l2_others_max: "5000"
              sctp_max: "5000"
              tcp_max: "40000"
              tcpfin_rst_max: "40000"
              tcpsyn_ack_max: "40000"
              tcpsyn_max: "40000"
              udp_max: "40000"
          htab_dedi_queue_nr: "4"
          htab_msg_queue: "data"
          htx_icmp_csum_chk: "drop"
          inbound_dscp_copy_port:
              -
                  interface: "<your_own_value>"
          intf_shaping_offload: "enable"
          ip_fragment_offload: "disable"
          ip_reassembly:
              max_timeout: "200000"
              min_timeout: "64"
              status: "disable"
          ipsec_dec_subengine_mask: "<your_own_value>"
          ipsec_enc_subengine_mask: "<your_own_value>"
          ipsec_inbound_cache: "enable"
          ipsec_mtu_override: "disable"
          ipsec_ob_np_sel: "rr"
          ipsec_over_vlink: "enable"
          isf_np_queues:
              cos0: "<your_own_value> (source system.isf-queue-profile.name)"
              cos1: "<your_own_value> (source system.isf-queue-profile.name)"
              cos2: "<your_own_value> (source system.isf-queue-profile.name)"
              cos3: "<your_own_value> (source system.isf-queue-profile.name)"
              cos4: "<your_own_value> (source system.isf-queue-profile.name)"
              cos5: "<your_own_value> (source system.isf-queue-profile.name)"
              cos6: "<your_own_value> (source system.isf-queue-profile.name)"
              cos7: "<your_own_value> (source system.isf-queue-profile.name)"
          lag_out_port_select: "disable"
          max_receive_unit: "0"
          max_session_timeout: "40"
          mcast_session_accounting: "tpe-based"
          napi_break_interval: "0"
          np_queues:
              ethernet_type:
                  -
                      name: "default_name_112"
                      queue: "0"
                      type: "<your_own_value>"
                      weight: "15"
              ip_protocol:
                  -
                      name: "default_name_117"
                      protocol: "0"
                      queue: "0"
                      weight: "14"
              ip_service:
                  -
                      dport: "0"
                      name: "default_name_123"
                      protocol: "0"
                      queue: "0"
                      sport: "0"
                      weight: "13"
              profile:
                  -
                      cos0: "queue0"
                      cos1: "queue0"
                      cos2: "queue0"
                      cos3: "queue0"
                      cos4: "queue0"
                      cos5: "queue0"
                      cos6: "queue0"
                      cos7: "queue0"
                      dscp0: "queue0"
                      dscp1: "queue0"
                      dscp10: "queue0"
                      dscp11: "queue0"
                      dscp12: "queue0"
                      dscp13: "queue0"
                      dscp14: "queue0"
                      dscp15: "queue0"
                      dscp16: "queue0"
                      dscp17: "queue0"
                      dscp18: "queue0"
                      dscp19: "queue0"
                      dscp2: "queue0"
                      dscp20: "queue0"
                      dscp21: "queue0"
                      dscp22: "queue0"
                      dscp23: "queue0"
                      dscp24: "queue0"
                      dscp25: "queue0"
                      dscp26: "queue0"
                      dscp27: "queue0"
                      dscp28: "queue0"
                      dscp29: "queue0"
                      dscp3: "queue0"
                      dscp30: "queue0"
                      dscp31: "queue0"
                      dscp32: "queue0"
                      dscp33: "queue0"
                      dscp34: "queue0"
                      dscp35: "queue0"
                      dscp36: "queue0"
                      dscp37: "queue0"
                      dscp38: "queue0"
                      dscp39: "queue0"
                      dscp4: "queue0"
                      dscp40: "queue0"
                      dscp41: "queue0"
                      dscp42: "queue0"
                      dscp43: "queue0"
                      dscp44: "queue0"
                      dscp45: "queue0"
                      dscp46: "queue0"
                      dscp47: "queue0"
                      dscp48: "queue0"
                      dscp49: "queue0"
                      dscp5: "queue0"
                      dscp50: "queue0"
                      dscp51: "queue0"
                      dscp52: "queue0"
                      dscp53: "queue0"
                      dscp54: "queue0"
                      dscp55: "queue0"
                      dscp56: "queue0"
                      dscp57: "queue0"
                      dscp58: "queue0"
                      dscp59: "queue0"
                      dscp6: "queue0"
                      dscp60: "queue0"
                      dscp61: "queue0"
                      dscp62: "queue0"
                      dscp63: "queue0"
                      dscp7: "queue0"
                      dscp8: "queue0"
                      dscp9: "queue0"
                      id: "201"
                      type: "cos"
                      weight: "6"
              scheduler:
                  -
                      mode: "none"
                      name: "default_name_206"
          npu_group_effective_scope: "255"
          npu_tcam:
              -
                  data:
                      df: "enable"
                      dstip: "<your_own_value>"
                      dstipv6: "<your_own_value>"
                      dstmac: "<your_own_value>"
                      dstport: "0"
                      ethertype: "<your_own_value>"
                      ext_tag: "enable"
                      frag_off: "0"
                      gen_buf_cnt: "0"
                      gen_iv: "valid"
                      gen_l3_flags: "0"
                      gen_l4_flags: "0"
                      gen_pkt_ctrl: "0"
                      gen_pri: "0"
                      gen_pri_v: "valid"
                      gen_tv: "valid"
                      ihl: "0"
                      ip4_id: "0"
                      ip6_fl: "0"
                      ipver: "0"
                      l4_wd10: "0"
                      l4_wd11: "0"
                      l4_wd8: "0"
                      l4_wd9: "0"
                      mf: "enable"
                      protocol: "0"
                      slink: "0"
                      smac_change: "enable"
                      sp: "0"
                      src_cfi: "enable"
                      src_prio: "0"
                      src_updt: "enable"
                      srcip: "<your_own_value>"
                      srcipv6: "<your_own_value>"
                      srcmac: "<your_own_value>"
                      srcport: "0"
                      svid: "0"
                      tcp_ack: "enable"
                      tcp_cwr: "enable"
                      tcp_ece: "enable"
                      tcp_fin: "enable"
                      tcp_push: "enable"
                      tcp_rst: "enable"
                      tcp_syn: "enable"
                      tcp_urg: "enable"
                      tgt_cfi: "enable"
                      tgt_prio: "0"
                      tgt_updt: "enable"
                      tgt_v: "valid"
                      tos: "0"
                      tp: "0"
                      ttl: "0"
                      tvid: "0"
                      vdid: "0"
                  mask:
                      df: "enable"
                      dstip: "<your_own_value>"
                      dstipv6: "<your_own_value>"
                      dstmac: "<your_own_value>"
                      dstport: "0"
                      ethertype: "<your_own_value>"
                      ext_tag: "enable"
                      frag_off: "0"
                      gen_buf_cnt: "0"
                      gen_iv: "valid"
                      gen_l3_flags: "0"
                      gen_l4_flags: "0"
                      gen_pkt_ctrl: "0"
                      gen_pri: "0"
                      gen_pri_v: "valid"
                      gen_tv: "valid"
                      ihl: "0"
                      ip4_id: "0"
                      ip6_fl: "0"
                      ipver: "0"
                      l4_wd10: "0"
                      l4_wd11: "0"
                      l4_wd8: "0"
                      l4_wd9: "0"
                      mf: "enable"
                      protocol: "0"
                      slink: "0"
                      smac_change: "enable"
                      sp: "0"
                      src_cfi: "enable"
                      src_prio: "0"
                      src_updt: "enable"
                      srcip: "<your_own_value>"
                      srcipv6: "<your_own_value>"
                      srcmac: "<your_own_value>"
                      srcport: "0"
                      svid: "0"
                      tcp_ack: "enable"
                      tcp_cwr: "enable"
                      tcp_ece: "enable"
                      tcp_fin: "enable"
                      tcp_push: "enable"
                      tcp_rst: "enable"
                      tcp_syn: "enable"
                      tcp_urg: "enable"
                      tgt_cfi: "enable"
                      tgt_prio: "0"
                      tgt_updt: "enable"
                      tgt_v: "valid"
                      tos: "0"
                      tp: "0"
                      ttl: "0"
                      tvid: "0"
                      vdid: "0"
                  mir_act:
                      vlif: "0"
                  name: "default_name_321"
                  oid: "0"
                  pri_act:
                      priority: "0"
                      weight: "0"
                  sact:
                      act: "0"
                      act_v: "enable"
                      bmproc: "0"
                      bmproc_v: "enable"
                      df_lif: "0"
                      df_lif_v: "enable"
                      dfr: "0"
                      dfr_v: "enable"
                      dmac_skip: "0"
                      dmac_skip_v: "enable"
                      dosen: "0"
                      dosen_v: "enable"
                      espff_proc: "0"
                      espff_proc_v: "enable"
                      etype_pid: "0"
                      etype_pid_v: "enable"
                      frag_proc: "0"
                      frag_proc_v: "enable"
                      fwd: "0"
                      fwd_lif: "0"
                      fwd_lif_v: "enable"
                      fwd_tvid: "0"
                      fwd_tvid_v: "enable"
                      fwd_v: "enable"
                      icpen: "0"
                      icpen_v: "enable"
                      igmp_mld_snp: "0"
                      igmp_mld_snp_v: "enable"
                      learn: "0"
                      learn_v: "enable"
                      m_srh_ctrl: "0"
                      m_srh_ctrl_v: "enable"
                      mac_id: "0"
                      mac_id_v: "enable"
                      mss: "0"
                      mss_v: "enable"
                      pleen: "0"
                      pleen_v: "enable"
                      prio_pid: "0"
                      prio_pid_v: "enable"
                      promis: "0"
                      promis_v: "enable"
                      rfsh: "0"
                      rfsh_v: "enable"
                      smac_skip: "0"
                      smac_skip_v: "enable"
                      tp_smchk: "0"
                      tp_smchk_v: "enable"
                      tpe_id: "0"
                      tpe_id_v: "enable"
                      vdm: "0"
                      vdm_v: "enable"
                      vdom_id: "0"
                      vdom_id_v: "enable"
                      x_mode: "0"
                      x_mode_v: "enable"
                  tact:
                      act: "0"
                      act_v: "enable"
                      fmtuv4_s: "0"
                      fmtuv4_s_v: "enable"
                      fmtuv6_s: "0"
                      fmtuv6_s_v: "enable"
                      lnkid: "0"
                      lnkid_v: "enable"
                      mac_id: "0"
                      mac_id_v: "enable"
                      mss_t: "0"
                      mss_t_v: "enable"
                      mtuv4: "0"
                      mtuv4_v: "enable"
                      mtuv6: "0"
                      mtuv6_v: "enable"
                      slif_act: "0"
                      slif_act_v: "enable"
                      sublnkid: "0"
                      sublnkid_v: "enable"
                      tgtv_act: "0"
                      tgtv_act_v: "enable"
                      tlif_act: "0"
                      tlif_act_v: "enable"
                      tpeid: "0"
                      tpeid_v: "enable"
                      v6fe: "0"
                      v6fe_v: "enable"
                      vep_en: "0"
                      vep_en_v: "enable"
                      vep_slid: "0"
                      vep_slid_v: "enable"
                      xlt_lif: "0"
                      xlt_lif_v: "enable"
                      xlt_vid: "0"
                      xlt_vid_v: "enable"
                  type: "L2_src_tc"
                  vid: "0"
          per_session_accounting: "traffic-log-only"
          port_cpu_map:
              -
                  cpu_core: "<your_own_value>"
                  interface: "<your_own_value>"
          port_npu_map:
              -
                  interface: "<your_own_value>"
                  npu_group_index: "0"
          port_path_option:
              ports_using_npu:
                  -
                      interface_name: "<your_own_value>"
          priority_protocol:
              bfd: "enable"
              bgp: "enable"
              slbc: "enable"
          qos_mode: "disable"
          qtm_buf_mode: "6ch"
          rdp_offload: "enable"
          session_acct_interval: "5"
          session_denied_offload: "disable"
          shaping_stats: "disable"
          sse_backpressure: "enable"
          strip_clear_text_padding: "enable"
          strip_esp_padding: "enable"
          sw_eh_hash:
              computation: "xor16"
              destination_ip_lower_16: "include"
              destination_ip_upper_16: "include"
              destination_port: "include"
              ip_protocol: "include"
              netmask_length: "32"
              source_ip_lower_16: "include"
              source_ip_upper_16: "include"
              source_port: "include"
          sw_np_bandwidth: "0G"
          sw_tr_hash:
              draco15: "enable"
              tcp_udp_port: "include"
          tunnel_over_vlink: "enable"
          uesp_offload: "enable"
          ull_port_mode: "10G"
          vlan_lookup_cache: "enable"

Return Values 

Common return values are documented here, the following are the fields unique to this module:

Key	Description
build string	Build number of the fortigate image Returned: always Sample: `"1547"`
http_method string	Last method used to provision the content into FortiGate Returned: always Sample: `"PUT"`
http_status string	Last result given by FortiGate on last operation applied Returned: always Sample: `"200"`
mkey string	Master key (id) used in the last call to FortiGate Returned: success Sample: `"id"`
name string	Name of the table used to fulfill the request Returned: always Sample: `"urlfilter"`
path string	Path of the table used to fulfill the request Returned: always Sample: `"webfilter"`
revision string	Internal revision number Returned: always Sample: `"17.0.2.10658"`
serial string	Serial number of the unit Returned: always Sample: `"FGVMEVYYQT3AB5352"`
status string	Indication of the operation’s result Returned: always Sample: `"success"`
vdom string	Virtual domain used Returned: always Sample: `"root"`
version string	Version of the FortiGate Returned: always Sample: `"v5.6.3"`

Authors

Link Zheng (@chillancezen)
Jie Xue (@JieX19)
Hongbin Lu (@fgtdev-hblu)
Frank Shen (@frankshen01)
Miguel Angel Munoz (@mamunozgonzalez)
Nicolas Thomas (@thomnico)

fortinet.fortios.fortios_system_npu module – Configure NPU attributes in Fortinet’s FortiOS and FortiGate.

Synopsis

Requirements

Parameters

Notes

Examples

Return Values