cisco.mso.ndo_l3out_bgp_peer module – Manage L3Out BGP Peer on Cisco Nexus Dashboard Orchestrator (NDO).

Note

This module is part of the cisco.mso collection (version 2.11.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cisco.mso. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: cisco.mso.ndo_l3out_bgp_peer.

New in cisco.mso 2.11.0

Synopsis

• Manage L3Out BGP Peer on Cisco Nexus Dashboard Orchestrator (NDO).

• This module is only supported on ND v3.1 (NDO v4.3) and later.

Requirements

The below requirements are needed on the host that executes this module.

• Multi Site Orchestrator v2.1 or newer

Parameters

Parameter	Comments
address_families dictionary	The address family controls for the BGP peer.
multicast boolean	The multicast address flag of the address family. Choices: false true
state string	Use enabled to configure the address control settings. Use disabled to remove the address control settings. Choices: "enabled" "disabled"
unicast boolean	The unicast address flag of the address family. Choices: false true
admin_state string	The administrative state of the L3Out BGP Peer. Defaults to enabled when unset during creation. Choices: "enabled" "disabled"
allowed_self_as_count integer	The allowed self-AS count of the L3Out BGP Peer. Defaults to 3 when unset during creation. The value must be between 1 and 10.
auth_password string	The authentication password of the L3Out BGP Peer.
bgp_controls dictionary	The BGP control settings for the peer.
allow_self_as boolean	The allow self AS flag of the BGP control. Choices: false true
disabled_peer_as_check boolean	The disable peer AS check flag of the BGP control. Choices: false true
next_hop_self boolean	The set next hop to self flag of the BGP control. Choices: false true
override_as boolean	The override AS flag of the BGP control. Choices: false true
send_community boolean	The send community flag of the BGP control. Choices: false true
send_domain_path boolean	The send domain path flag of the BGP control. Choices: false true
send_extended_community boolean	The send extended community flag of the BGP control. Choices: false true
state string	Use enabled to configure the BGP control settings. Use disabled to remove the BGP control settings. Choices: "enabled" "disabled"
ebgp_multi_hop_ttl integer	The TTL for eBGP multi-hop of the L3Out BGP Peer. Defaults to 1 when unset during creation. The value must be between 1 and 255.
export_route_map dictionary	The name of the export route map. Providing an empty dictionary will remove the export_route_map={} from the L3Out BGP Peer. This parameter can be used instead of export_route_map_uuid.
name string	The name of the export route map.
template string	The template associated with the export route map. This parameter or export_route_map.template_id is required.
template_id string	The template ID associated with the the export route map. This parameter or export_route_map.template is required.
export_route_map_uuid string	The UUID of the export route map. Providing an empty string will remove the export_route_map_uuid="" from the L3Out BGP Peer. This parameter can be used instead of export_route_map.
host aliases: hostname string	IP Address or hostname of the ACI Multi Site Orchestrator host. If the value is not specified in the task, the value of environment variable MSO_HOST will be used instead.
import_route_map dictionary	The name of the import route map. Providing an empty dictionary will remove the import_route_map={} from the L3Out BGP Peer. This parameter can be used instead of import_route_map_uuid.
name string	The name of the import route map.
template string	The template associated with the import route map. This parameter or import_route_map.template_id is required.
template_id string	The template ID associated with the the import route map. This parameter or import_route_map.template is required.
import_route_map_uuid string	The UUID of the import route map. Providing an empty string will remove the import_route_map_uuid="" from the L3Out BGP Peer. This parameter can be used instead of import_route_map.
ipv4_address aliases: peer_address_ipv4 string	The IPv4 address of the L3Out BGP Peer. Providing an empty string will remove the ipv4_address="" from the L3Out BGP Peer.
ipv6_address aliases: peer_address_ipv6 string	The IPv6 address of the L3Out BGP Peer. Providing an empty string will remove the ipv6_address="" from the L3Out BGP Peer.
l3out string	The name of the L3Out. This parameter or l3out_uuid is required.
l3out_uuid string	The UUID of the L3Out. This parameter or l3out is required.
local_asn string	The local autonomous system number (ASN) of the L3Out BGP Peer. The value must be between 1 and 4294967295. Providing an empty string will remove the local_asn="" from the L3Out BGP Peer.
local_asn_config string	The configuration for local ASN of the L3Out BGP Peer. Choices: "none" "no_prepend" "dual_as" "replace_as"
login_domain string	The login domain name to use for authentication. The default value is Local. If the value is not specified in the task, the value of environment variable MSO_LOGIN_DOMAIN will be used instead. When using a HTTPAPI connection plugin the inventory variable ansible_httpapi_login_domain will be used if this attribute is not specified.
node_group string / required	The name of the Node Group Policy.
output_level string	Influence the output of this MSO module. normal means the standard output, incl. current dict info adds informational output, incl. previous, proposed and sent dicts debug adds debugging output, incl. filter_string, method, response, status and url information If the value is not specified in the task, the value of environment variable MSO_OUTPUT_LEVEL will be used instead. Choices: "debug" "info" "normal" ← (default)
password string	The password to use for authentication. If the value is not specified in the task, the value of environment variables MSO_PASSWORD or ANSIBLE_NET_PASSWORD will be used instead.
peer_controls dictionary	The Peer control settings for the BGP peer.
bfd boolean	The Enable Bidirectional Forwarding Detection (BFD) flag of the Peer control. Choices: false true
disable_peer_connected_check boolean	The disable peer connected check flag of the Peer control. Choices: false true
state string	Use enabled to configure the Peer control settings. Use disabled to remove the Peer control settings. Choices: "enabled" "disabled"
peer_prefix dictionary	The name of the peer prefix. Providing an empty dictionary will remove the peer_prefix={} from the L3Out BGP Peer. This parameter can be used instead of peer_prefix_uuid.
name string	The name of the peer prefix.
template string	The template associated with the peer prefix. This parameter or peer_prefix.template_id is required.
template_id string	The template ID associated with the the peer prefix. This parameter or peer_prefix.template is required.
peer_prefix_uuid string	The UUID of the peer prefix. Providing an empty string will remove the peer_prefix_uuid="" from the L3Out BGP Peer. This parameter can be used instead of peer_prefix.
port integer	Port number to be used for the REST connection. The default value depends on parameter `use_ssl`. If the value is not specified in the task, the value of environment variable MSO_PORT will be used instead.
private_as_controls dictionary	The private AS control settings for the BGP peer.
remove_all boolean	The remove all flag of the private AS numbers. Choices: false true
replace_with_local_as boolean	The replace private AS with local AS flag of the private AS control. Choices: false true
state string	Use enabled to configure the private AS control settings. Use disabled to remove the private AS control settings. Choices: "enabled" "disabled"
remote_asn string	The remote autonomous system number (ASN) of the L3Out BGP Peer. The value must be between 1 and 4294967295. Providing an empty string will remove the remote_asn="" from the L3Out BGP Peer.
site_of_origin aliases: fabric_of_origin string	The site of origin for the L3Out BGP Peer. The value must adhere to the pattern “extended:as2-nn2:1000:65534”.
state string	Use absent for removing. Use query for listing an object or multiple objects. Use present for creating or updating. Choices: "absent" "query" ← (default) "present"
template aliases: l3out_template string	The name of the L3Out template. This parameter or template_id is required.
template_id aliases: l3out_template_id string	The ID of the L3Out template. This parameter or template is required.
timeout integer	The socket level timeout in seconds. The default value is 30 seconds. If the value is not specified in the task, the value of environment variable MSO_TIMEOUT will be used instead.
use_proxy boolean	If false, it will not use a proxy, even if one is defined in an environment variable on the target hosts. If the value is not specified in the task, the value of environment variable MSO_USE_PROXY will be used instead. The default is true. Choices: false true
use_ssl boolean	If false, an HTTP connection will be used instead of the default HTTPS connection. If the value is not specified in the task, the value of environment variable MSO_USE_SSL will be used instead. When using a HTTPAPI connection plugin the inventory variable ansible_httpapi_use_ssl will be used if this attribute is not specified. The default is false when using a HTTPAPI connection plugin (mso or nd) and true when using the legacy connection method (only for mso). Choices: false true
username string	The username to use for authentication. If the value is not specified in the task, the value of environment variables MSO_USERNAME or ANSIBLE_NET_USERNAME will be used instead.
validate_certs boolean	If false, SSL certificates will not be validated. This should only set to false when used on personally controlled sites using self-signed certificates. If the value is not specified in the task, the value of environment variable MSO_VALIDATE_CERTS will be used instead. The default is true. Choices: false true
weight string	The weight of the L3Out BGP Peer. The value must be between 1 and 65535. Providing an empty string will remove the weight="" from the L3Out BGP Peer.

Notes

Note

• The template must exist before using this module in your playbook. Use cisco.mso.ndo_template to create the L3Out template.

• The l3out must exist before using this module in your playbook. Use cisco.mso.ndo_l3out_template to create the L3Out.

• The node_group must exist before using this module in your playbook. Use cisco.mso.ndo_l3out_node_group_policy to create the L3Out Node Group Policy.

• The peer_prefix must exist before using it with this module in your playbook. Use cisco.mso.ndo_tenant_bgp_peer_prefix_policy to create the BGP Peer Prefix Policy.

• This module was written to support Multi Site Orchestrator v2.1 or newer. Some or all functionality may not work on earlier versions.

See Also

See also

cisco.mso.ndo_template

Manage Templates on Cisco Nexus Dashboard Orchestrator (NDO).

cisco.mso.ndo_l3out_template

Manage L3Outs on Cisco Nexus Dashboard Orchestrator (NDO).

cisco.mso.ndo_l3out_node_group_policy

Manage L3Out Node Group Policy on Cisco Nexus Dashboard Orchestrator (NDO).

cisco.mso.ndo_tenant_bgp_peer_prefix_policy

Manage BGP Peer Prefix Policies in Tenant Policy Templates on Cisco Nexus Dashboard Orchestrator (NDO).

Examples

- name: Create an L3Out BGP Peer with minimum configuration
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    ipv4_address: "1.1.1.1"
    ipv6_address: "1::8/16"
    auth_password: 123
    state: present

- name: Update an L3Out BGP Peer with full configuration
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    ipv4_address: "1.1.1.1"
    ipv6_address: "1::8/16"
    remote_asn: 2
    admin_state: enabled
    import_route_map:
      name: ans_route_map
      template: ansible_test_policy
    export_route_map:
      name: ans_route_map_2
      template: ansible_test_policy
    peer_prefix:
      name: ansible_test_bgp_peer_prefix_policy
      template: ansible_test_policy
    ebgp_multi_hop_ttl: 1
    auth_password: 123
    weight: 2
    site_of_origin: "extended:as2-nn2:1000:65534"
    allowed_self_as_count: 3
    local_asn_config: replace_as
    local_asn: 1
    bgp_controls:
      allow_self_as: true
      override_as: true
      disabled_peer_as_check: true
      next_hop_self: true
      send_community: true
      send_extended_community: true
      send_domain_path: true
    peer_controls:
      bfd: true
      disable_peer_connected_check: true
    address_families:
      multicast: true
      unicast: true
    private_as_controls:
      remove_all: true
      replace_with_local_as: true
    state: present

- name: Query an L3Out BGP Peer with IPv4 and IPv6 addresses
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    ipv4_address: "1.1.1.1"
    ipv6_address: "1::8/16"
    state: query
  register: query_with_ipv4_and_ipv6

- name: Query an L3Out BGP Peer with IPv4
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    ipv4_address: "1.1.1.1"
    state: query
  register: query_with_ipv4

- name: Query an L3Out BGP Peer with IPv6
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    ipv6_address: "1::8/16"
    state: query
  register: query_with_ipv6

- name: Query all L3Out BGP Peer
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    state: query
  register: query_all

- name: Remove an L3Out BGP Peer with IPv4 and IPv6 addresses
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    ipv4_address: "1.1.1.1"
    ipv6_address: "1::8/16"
    state: absent

- name: Remove an L3Out BGP Peer with IPv4
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    ipv4_address: "1.1.1.1"
    state: absent

- name: Remove an L3Out BGP Peer with IPv6
  cisco.mso.ndo_l3out_bgp_peer:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    template: l3out_template
    l3out: l3out_1
    node_group: node_group_policy_1
    ipv6_address: "1::8/16"
    state: absent

Authors

• Sabari Jaganathan (@sajagana)

Collection links

• Issue Tracker
• Homepage
• Repository (Sources)