cisco.nxos.nxos_route_maps 模块 – 路由映射资源模块。
注意
此模块是 cisco.nxos 集合 (版本 9.2.1) 的一部分。
如果您正在使用 ansible 包,则可能已经安装了此集合。它不包含在 ansible-core 中。要检查它是否已安装,请运行 ansible-galaxy collection list。
要安装它,请使用: ansible-galaxy collection install cisco.nxos。
要在 playbook 中使用它,请指定: cisco.nxos.nxos_route_maps。
cisco.nxos 2.2.0 中的新增功能
概要
此模块管理在运行 Cisco NX-OS 的设备上路由映射配置。
参数
参数 |
注释 |
|---|---|
路由映射配置列表。 |
|
此路由映射的条目列表(按序号标识)。 |
|
路由映射拒绝或允许设置操作。 选项
|
|
在路由映射内的不同条目上继续。 |
|
路由映射的描述。 |
|
从路由表匹配值。 |
|
匹配 BGP 对等 AS 号。 |
|
AS 路径访问列表名称。 |
|
AS 号。 |
|
匹配 BGP AS 路径访问列表。 |
|
匹配 BGP 社区列表。 |
|
社区列表。 |
|
对社区进行精确匹配。 选项
|
|
匹配 BGP EVPN 路由。 |
|
匹配 evpn 路由的路由类型。 |
|
匹配 BGP 社区列表。 |
|
对扩展社区进行精确匹配。 选项
|
|
扩展社区列表。 |
|
匹配路由的首跳接口。 |
|
配置 IP 特定信息。 |
|
匹配路由地址或匹配数据包。 |
|
IP 访问列表名称(仅用于 PBR 的路由映射)。 |
|
匹配前缀列表的条目。 |
|
匹配组播属性。 |
|
组播组前缀。 与 group_range 互斥。 |
|
IPv4 组前缀。 |
|
组播组地址范围。 与 group 互斥。 |
|
第一个组地址。 |
|
最后一个组地址。 |
|
汇合点。 |
|
IPv4 汇合点前缀。 |
|
组播汇合点类型。 选项
|
|
组播源地址。 |
|
匹配路由的下一跳地址。 |
|
匹配前缀列表的条目。 |
|
匹配路由的通告源地址。 |
|
匹配前缀列表的条目。 |
|
配置 IPv6 特定信息。 |
|
匹配路由地址或匹配数据包。 |
|
IP 访问列表名称(仅用于 PBR 的路由映射)。 |
|
匹配前缀列表的条目。 |
|
匹配组播属性。 |
|
组播组前缀。 与 group_range 互斥。 |
|
IPv4 组前缀。 |
|
组播组地址范围。 与 group 互斥。 |
|
第一个组地址。 |
|
最后一个组地址。 |
|
汇合点。 |
|
IPv4 汇合点前缀。 |
|
组播汇合点类型。 选项
|
|
组播源地址。 |
|
匹配路由的下一跳地址。 |
|
匹配前缀列表的条目。 |
|
匹配路由的通告源地址。 |
|
匹配前缀列表的条目。 |
|
匹配 MAC 列表的条目。 |
|
匹配路由的度量。 |
|
匹配 OSPF 区域。 |
|
匹配路由的路由类型。 选项
|
|
匹配源协议。 |
|
匹配路由的标签。 |
|
要插入到/从现有路由映射条目中删除的序列。 |
|
在目标路由协议中设置值。 |
|
为 BGP AS-path 属性添加前缀字符串。 |
|
添加到 AS-Path。 |
|
AS 号。 |
|
最后 AS 前缀的数量。 |
|
将标签设置为 AS-path 属性。 选项
|
|
设置 BGP 社区列表(用于删除)。 |
|
设置 BGP 社区属性。 |
|
添加到现有社区。 选项
|
|
优雅关机(众所周知的社区)。 选项
|
|
互联网(众所周知的社区)。 选项
|
|
不要发送到本地 AS 外部(众所周知的社区)。 选项
|
|
不要通告给任何对等体(众所周知的社区)。 选项
|
|
不要导出到下一个 AS(众所周知的社区)。 选项
|
|
社区编号 aa:nn 格式 |
|
设置 BGP 路由抖动抑制参数。 |
|
惩罚的半衰期。 |
|
稳定路由的最大抑制时间。 |
|
开始重用路由的值。 |
|
开始抑制路由的值。 |
|
配置管理距离。 |
|
IGP 或 EBGP 路由的管理距离 |
|
内部路由的距离。 |
|
本地路由的距离。 |
|
设置 BGP EVPN 路由。 |
|
为 5 型 EVPN 路由设置网关 IP。 不能在同一个路由映射序列中同时设置 ip 和 use-nexthop。 |
|
网关 IP 地址。 |
|
使用下一跳地址作为网关 IP。 选项
|
|
设置 BGP 扩展社区列表(用于删除)。 |
|
设置 BGP 扩展社区属性。 |
|
路由目标。 |
|
添加到现有的 rt 扩展社区。 选项
|
|
扩展社区编号。 支持的格式为 ASN2:NN、ASN4:NN、IPV4:NN。 |
|
设置转发地址。 选项
|
|
配置 IP 功能。 |
|
指定 IP 地址。 |
|
前缀列表名称(最大大小 63)。 |
|
设置下一跳 IP 地址(用于基于策略的路由) |
|
设置以空格分隔的下一跳 IP 地址列表。地址顺序很重要。也不要使用不必要的空格。 |
|
当配置的下一跳变得不可达时,丢弃数据包而不是使用默认路由 选项
|
|
启用按地址参数中指定的顺序排列下一跳。 选项
|
|
启用跨最多 32 个下一跳地址的流量负载均衡 选项
|
|
BGP 前缀下一跳设置为对等体的本地地址。 如果在路由映射中未设置下一跳,则下一跳设置为路径中存储的下一跳。 选项
|
|
为非本地生成的路由设置下一跳地址保留。 与 redistribute 命令一起使用。可用于维护与 Nexus OS 上的 RFC 4271 兼容的 BGP 路由。 选项
|
|
设置 eBGP 出站更新中的下一跳地址保留 选项
|
|
使用 IP SLA 设置下一跳 IP 地址跟踪 |
|
设置一个下一跳地址 |
|
当配置的下一跳变得不可达时,丢弃数据包而不是使用默认路由 选项
|
|
启用按地址参数中指定的顺序排列下一跳。 选项
|
|
启用跨最多 32 个下一跳地址的流量负载均衡 选项
|
|
设置跟踪编号 |
|
设置优先级字段。 |
|
配置 IPv6 功能。 |
|
指定 IP 地址。 |
|
前缀列表名称(最大大小 63)。 |
|
设置优先级字段。 |
|
设置路由的段路由 (SR) 标签索引。 |
|
导入路由的位置。 选项
|
|
BGP 本地优先级路径属性。 |
|
设置目标路由协议的度量。 |
|
度量值或带宽(以 Kbit/秒为单位)(最大大小 11)。 |
|
IGRP 延迟度量。 |
|
IGRP 有效带宽度量(负载),255 为 100%。 |
|
路径的 IGRP MTU。 |
|
IGRP 可靠性度量,其中 255 为 100% 可靠。 |
|
目标路由协议的度量类型。 选项
|
|
OSPF NSSA 区域。 选项
|
|
输出空接口。 |
|
BGP 源代码。 选项
|
|
BGP 的路径选择标准。 选项
|
|
目标路由协议的标签值。 |
|
路由表的 BGP 权重。 |
|
路由映射名称。 |
|
此选项仅与状态 *parsed* 一起使用。 此选项的值应为通过执行命令 **show running-config | section ‘^route-map’** 从 NX-OS 设备接收到的输出。 状态 *parsed* 从 |
|
配置应保留的状态。 使用状态 *replaced*,对于列出的路由映射,运行配置中存在但在任务中不存在的序列将被否定。 使用状态 *overridden*,运行配置中存在但在任务中不存在的所有路由映射都将被否定。 请参阅示例了解更多详细信息。 选项
|
注释
注意
针对 NX-OS 9.3.6 进行了测试。
不支持 Cisco MDS
此模块可与连接
network_cli和httpapi配合使用。
示例
# Using merged
# Before state:
# -------------
# nxos-9k-rdo# show running-config | section "^route-map"
# nxos-9k-rdo#
- name: Merge the provided configuration with the existing running configuration
cisco.nxos.nxos_route_maps:
config:
- route_map: rmap1
entries:
- sequence: 10
action: permit
description: rmap1-10-permit
match:
ip:
address:
access_list: acl_1
as_path: Allow40
as_number:
asn: 65564
- sequence: 20
action: deny
description: rmap1-20-deny
match:
community:
community_list:
- BGPCommunity1
- BGPCommunity2
ip:
address:
prefix_lists:
- AllowPrefix1
- AllowPrefix2
set:
dampening:
half_life: 30
start_reuse_route: 1500
start_suppress_route: 10000
max_suppress_time: 120
- route_map: rmap2
entries:
- sequence: 20
action: permit
description: rmap2-20-permit
continue_sequence: 40
match:
ipv6:
address:
prefix_lists: AllowIPv6Prefix
interfaces: "{{ nxos_int1 }}"
set:
as_path:
prepend:
as_number:
- 65563
- 65568
- 65569
comm_list: BGPCommunity
- sequence: 40
action: deny
description: rmap2-40-deny
match:
route_types:
- level-1
- level-2
tags: 2
ip:
multicast:
rp:
prefix: 192.0.2.0/24
rp_type: ASM
source: 203.0.113.0/24
group_range:
first: 239.0.0.1
last: 239.255.255.255
- route_map: rmap3
entries:
- sequence: 10
description: "*** first stanza ***"
action: permit
set:
ip:
next_hop:
verify_availability:
- address: 3.3.3.3
track: 1
- address: 4.4.4.4
track: 3
- sequence: 20
description: "*** second stanza ***"
action: permit
set:
ip:
next_hop:
address: 6.6.6.6 2.2.2.2
load_share: true
drop_on_fail: true
- sequence: 30
description: "*** third stanza ***"
action: permit
set:
ip:
next_hop:
peer_address: true
- sequence: 40
description: "*** fourth stanza ***"
action: permit
set:
ip:
next_hop:
unchanged: true
redist_unchanged: true
state: merged
# Task output
# -------------
# before: []
#
# commands:
# - "route-map rmap1 permit 10"
# - "match as-number 65564"
# - "match as-path Allow40"
# - "match ip address acl_1"
# - "description rmap1-10-permit"
# - "route-map rmap1 deny 20"
# - "match community BGPCommunity1 BGPCommunity2"
# - "match ip address prefix-list AllowPrefix1 AllowPrefix2"
# - "description rmap1-20-deny"
# - "set dampening 30 1500 10000 120"
# - "route-map rmap2 permit 20"
# - "match interface Ethernet1/1"
# - "match ipv6 address prefix-list AllowIPv6Prefix"
# - "set as-path prepend 65563 65568 65569"
# - "description rmap2-20-permit"
# - "continue 40"
# - "set comm-list BGPCommunity delete"
# - "route-map rmap2 deny 40"
# - "match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM"
# - "match route-type level-1 level-2"
# - "match tag 2"
# - "description rmap2-40-deny"
# - "route-map rmap3 permit 10"
# - "description *** first stanza ***"
# - "set ip next-hop verify-availability 3.3.3.3 track 1"
# - "set ip next-hop verify-availability 4.4.4.4 track 3"
# - "route-map rmap3 permit 20"
# - "description *** second stanza ***"
# - "set ip next-hop 6.6.6.6 2.2.2.2 load-share drop-on-fail"
# - "route-map rmap3 permit 30"
# - "description *** third stanza ***"
# - "set ip next-hop peer-address"
# - "route-map rmap3 permit 40"
# - "description *** fourth stanza ***"
# - "set ip next-hop unchanged"
# - "set ip next-hop redist-unchanged"
#
# after:
# - route_map: rmap1
# entries:
# - action: permit
# description: rmap1-10-permit
# match:
# as_number:
# asn:
# - '65564'
# as_path:
# - Allow40
# ip:
# address:
# access_list: acl_1
# sequence: 10
#
# - action: deny
# description: rmap1-20-deny
# match:
# community:
# community_list:
# - BGPCommunity1
# - BGPCommunity2
# ip:
# address:
# prefix_lists:
# - AllowPrefix1
# - AllowPrefix2
# sequence: 20
# set:
# dampening:
# half_life: 30
# max_suppress_time: 120
# start_reuse_route: 1500
# start_suppress_route: 10000
#
# - route_map: rmap2
# entries:
# - action: permit
# continue_sequence: 40
# description: rmap2-20-permit
# match:
# interfaces:
# - Ethernet1/1
# ipv6:
# address:
# prefix_lists:
# - AllowIPv6Prefix
# sequence: 20
# set:
# as_path:
# prepend:
# as_number:
# - '65563'
# - '65568'
# - '65569'
# comm_list: BGPCommunity
#
# - action: deny
# description: rmap2-40-deny
# match:
# ip:
# multicast:
# group_range:
# first: 239.0.0.1
# last: 239.255.255.255
# rp:
# prefix: 192.0.2.0/24
# rp_type: ASM
# source: 203.0.113.0/24
# route_types:
# - level-1
# - level-2
# tags:
# - 2
# sequence: 40
#
# - route_map: rmap3
# entries:
# - sequence: 10
# description: "*** first stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# verify_availability:
# - address: 3.3.3.3
# track: 1
# - address: 4.4.4.4
# track: 3
#
# - sequence: 20
# description: "*** second stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# address: 6.6.6.6 2.2.2.2
# load_share: true
# drop_on_fail: true
#
# - sequence: 30
# description: "*** third stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# peer_address: true
#
# - sequence: 40
# description: "*** fourth stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# unchanged: true
# redist_unchanged: true
# After state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
# match as-number 65564
# match as-path Allow40
# match ip address acl_1
# description rmap1-10-permit
# route-map rmap1 deny 20
# match community BGPCommunity1 BGPCommunity2
# match ip address prefix-list AllowPrefix1 AllowPrefix2
# description rmap1-20-deny
# set dampening 30 1500 10000 120
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
# route-map rmap2 deny 40
# match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
# match route-type level-1 level-2
# match tag 2
# description rmap2-40-deny
# route-map rmap3 permit 10
# description *** first stanza ***
# set ip next-hop verify-availability 3.3.3.3 track 1
# set ip next-hop verify-availability 4.4.4.4 track 3
# route-map rmap3 permit 20
# description *** second stanza ***
# set ip next-hop 6.6.6.6 2.2.2.2 load-share drop-on-fail
# route-map rmap3 permit 30
# description *** third stanza ***
# set ip next-hop peer-address
# route-map rmap3 permit 40
# description *** fourth stanza ***
# set ip next-hop unchanged
# set ip next-hop redist-unchanged
#
# Using replaced
# (for the listed route-map(s), sequences that are in running-config but not in the task are negated)
# Before state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
# match as-number 65564
# match as-path Allow40
# match ip address acl_1
# description rmap1-10-permit
# route-map rmap1 deny 20
# match community BGPCommunity1 BGPCommunity2
# match ip address prefix-list AllowPrefix1 AllowPrefix2
# description rmap1-20-deny
# set dampening 30 1500 10000 120
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
# route-map rmap2 deny 40
# match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
# match route-type level-1 level-2
# match tag 2
# description rmap2-40-deny
# route-map rmap3 permit 10
# description *** first stanza ***
# set ip next-hop verify-availability 3.3.3.3 track 1
# set ip next-hop verify-availability 4.4.4.4 track 3
# route-map rmap3 permit 20
# description *** second stanza ***
# set ip next-hop 6.6.6.6 2.2.2.2 load-share drop-on-fail
# route-map rmap3 permit 30
# description *** third stanza ***
# set ip next-hop peer-address
# route-map rmap3 permit 40
# description *** fourth stanza ***
# set ip next-hop unchanged
# set ip next-hop redist-unchanged
#
- name: Replace route-maps configurations of listed route-maps with provided configurations
cisco.nxos.nxos_route_maps:
config:
- route_map: rmap1
entries:
- sequence: 20
action: deny
description: rmap1-20-deny
match:
community:
community_list:
- BGPCommunity4
- BGPCommunity5
ip:
address:
prefix_lists:
- AllowPrefix1
set:
community:
local_as: true
- route_map: rmap3
entries:
- sequence: 10
description: "*** first stanza ***"
action: permit
set:
ip:
next_hop:
verify_availability:
- address: 3.3.3.3
track: 1
- sequence: 20
description: "*** second stanza ***"
action: permit
set:
ip:
next_hop:
peer_address: true
- sequence: 30
description: "*** third stanza ***"
action: permit
set:
ip:
next_hop:
address: 6.6.6.6 2.2.2.2
load_share: true
drop_on_fail: true
state: replaced
# Task output
# -------------
# before:
# - route_map: rmap1
# entries:
# - action: permit
# description: rmap1-10-permit
# match:
# as_number:
# asn:
# - '65564'
# as_path:
# - Allow40
# ip:
# address:
# access_list: acl_1
# sequence: 10
#
# - action: deny
# description: rmap1-20-deny
# match:
# community:
# community_list:
# - BGPCommunity1
# - BGPCommunity2
# ip:
# address:
# prefix_lists:
# - AllowPrefix1
# - AllowPrefix2
# sequence: 20
# set:
# dampening:
# half_life: 30
# max_suppress_time: 120
# start_reuse_route: 1500
# start_suppress_route: 10000
#
# - route_map: rmap2
# entries:
# - action: permit
# continue_sequence: 40
# description: rmap2-20-permit
# match:
# interfaces:
# - Ethernet1/1
# ipv6:
# address:
# prefix_lists:
# - AllowIPv6Prefix
# sequence: 20
# set:
# as_path:
# prepend:
# as_number:
# - '65563'
# - '65568'
# - '65569'
# comm_list: BGPCommunity
#
# - action: deny
# description: rmap2-40-deny
# match:
# ip:
# multicast:
# group_range:
# first: 239.0.0.1
# last: 239.255.255.255
# rp:
# prefix: 192.0.2.0/24
# rp_type: ASM
# source: 203.0.113.0/24
# route_types:
# - level-1
# - level-2
# tags:
# - 2
# sequence: 40
#
# - route_map: rmap3
# entries:
# - sequence: 10
# description: "*** first stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# verify_availability:
# - address: 3.3.3.3
# track: 1
# - address: 4.4.4.4
# track: 3
#
# - sequence: 20
# description: "*** second stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# address: 6.6.6.6 2.2.2.2
# load_share: true
# drop_on_fail: true
#
# - sequence: 30
# description: "*** third stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# peer_address: true
#
# - sequence: 40
# description: "*** fourth stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# unchanged: true
# redist_unchanged: true
#
# commands:
# - no route-map rmap1 permit 10
# - route-map rmap1 deny 20
# - no match community BGPCommunity1 BGPCommunity2
# - match community BGPCommunity4 BGPCommunity5
# - no match ip address prefix-list AllowPrefix1 AllowPrefix2
# - match ip address prefix-list AllowPrefix1
# - no set dampening 30 1500 10000 120
# - set community local-AS
# - route-map rmap3 permit 10
# - no set ip next-hop verify-availability 4.4.4.4 track 3
# - route-map rmap3 permit 20
# - no set ip next-hop 6.6.6.6 2.2.2.2 load-share drop-on-fail
# - set ip next-hop peer-address
# - route-map rmap3 permit 30
# - no set ip next-hop peer-address
# - set ip next-hop 6.6.6.6 2.2.2.2 load-share drop-on-fail
# - no route-map rmap3 permit 40
#
# after:
# - route_map: rmap1
# entries:
# - sequence: 20
# action: deny
# description: rmap1-20-deny
# match:
# community:
# community_list:
# - BGPCommunity4
# - BGPCommunity5
# ip:
# address:
# prefix_lists:
# - AllowPrefix1
# set:
# community:
# local_as: true
#
# - route_map: rmap2
# entries:
# - action: permit
# continue_sequence: 40
# description: rmap2-20-permit
# match:
# interfaces:
# - Ethernet1/1
# ipv6:
# address:
# prefix_lists:
# - AllowIPv6Prefix
# sequence: 20
# set:
# as_path:
# prepend:
# as_number:
# - '65563'
# - '65568'
# - '65569'
# comm_list: BGPCommunity
#
# - action: deny
# description: rmap2-40-deny
# match:
# ip:
# multicast:
# group_range:
# first: 239.0.0.1
# last: 239.255.255.255
# rp:
# prefix: 192.0.2.0/24
# rp_type: ASM
# source: 203.0.113.0/24
# route_types:
# - level-1
# - level-2
# tags:
# - 2
# sequence: 40
#
# - route_map: rmap3
# entries:
# - sequence: 10
# description: "*** first stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# verify_availability:
# - address: 3.3.3.3
# track: 1
# - sequence: 20
# description: "*** second stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# peer_address: true
# - sequence: 30
# description: "*** third stanza ***"
# action: permit
# set:
# ip:
# next_hop:
# address: 6.6.6.6 2.2.2.2
# load_share: true
# drop_on_fail: true
# After state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 deny 20
# description rmap1-20-deny
# match community BGPCommunity4 BGPCommunity5
# match ip address prefix-list AllowPrefix1
# set community local-AS
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
# route-map rmap2 deny 40
# match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
# match route-type level-1 level-2
# match tag 2
# description rmap2-40-deny
# route-map rmap3 permit 10
# description *** first stanza ***
# set ip next-hop verify-availability 3.3.3.3 track 1
# route-map rmap3 permit 20
# description *** second stanza ***
# set ip next-hop peer-address
# route-map rmap3 permit 30
# description *** third stanza ***
# set ip next-hop 6.6.6.6 2.2.2.2 load-share drop-on-fail
# Using overridden
# Before state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
# match as-number 65564
# match as-path Allow40
# match ip address acl_1
# description rmap1-10-permit
# route-map rmap1 deny 20
# match community BGPCommunity1 BGPCommunity2
# match ip address prefix-list AllowPrefix1 AllowPrefix2
# description rmap1-20-deny
# set dampening 30 1500 10000 120
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
# route-map rmap2 deny 40
# match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
# match route-type level-1 level-2
# match tag 2
# description rmap2-40-deny
- name: Override all route-maps configuration with provided configuration
cisco.nxos.nxos_route_maps:
config:
- route_map: rmap1
entries:
- sequence: 20
action: deny
description: rmap1-20-deny
match:
community:
community_list:
- BGPCommunity4
- BGPCommunity5
ip:
address:
prefix_lists:
- AllowPrefix1
set:
community:
local_as: true
state: overridden
# Task output
# -------------
# before:
# - route_map: rmap1
# entries:
# - action: permit
# description: rmap1-10-permit
# match:
# as_number:
# asn:
# - '65564'
# as_path:
# - Allow40
# ip:
# address:
# access_list: acl_1
# sequence: 10
#
# - action: deny
# description: rmap1-20-deny
# match:
# community:
# community_list:
# - BGPCommunity1
# - BGPCommunity2
# ip:
# address:
# prefix_lists:
# - AllowPrefix1
# - AllowPrefix2
# sequence: 20
# set:
# dampening:
# half_life: 30
# max_suppress_time: 120
# start_reuse_route: 1500
# start_suppress_route: 10000
#
# - route_map: rmap2
# entries:
# - action: permit
# continue_sequence: 40
# description: rmap2-20-permit
# match:
# interfaces:
# - Ethernet1/1
# ipv6:
# address:
# prefix_lists:
# - AllowIPv6Prefix
# sequence: 20
# set:
# as_path:
# prepend:
# as_number:
# - '65563'
# - '65568'
# - '65569'
# comm_list: BGPCommunity
#
# - action: deny
# description: rmap2-40-deny
# match:
# ip:
# multicast:
# group_range:
# first: 239.0.0.1
# last: 239.255.255.255
# rp:
# prefix: 192.0.2.0/24
# rp_type: ASM
# source: 203.0.113.0/24
# route_types:
# - level-1
# - level-2
# tags:
# - 2
# sequence: 40
#
# commands:
# - no route-map rmap1 permit 10
# - route-map rmap1 deny 20
# - no match community BGPCommunity1 BGPCommunity2
# - match community BGPCommunity4 BGPCommunity5
# - no match ip address prefix-list AllowPrefix1 AllowPrefix2
# - match ip address prefix-list AllowPrefix1
# - no set dampening 30 1500 10000 120
# - set community local-AS
# - no route-map rmap2 permit 20
# - no route-map rmap2 deny 40
#
# after:
# - route_map: rmap1
# entries:
# - sequence: 20
# action: deny
# description: rmap1-20-deny
# match:
# community:
# community_list:
# - BGPCommunity4
# - BGPCommunity5
# ip:
# address:
# prefix_lists:
# - AllowPrefix1
# set:
# community:
# local_as: true
#
# After state:
# ------------
# nxos-9k-rdo# sh running-config | section "^route-map"
# route-map rmap1 deny 20
# description rmap1-20-deny
# match community BGPCommunity4 BGPCommunity5
# match ip address prefix-list AllowPrefix1
# set community local-AS
# Using deleted to delete a single route-map
# Before state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
# match as-number 65564
# match as-path Allow40
# match ip address acl_1
# description rmap1-10-permit
# route-map rmap1 deny 20
# match community BGPCommunity1 BGPCommunity2
# match ip address prefix-list AllowPrefix1 AllowPrefix2
# description rmap1-20-deny
# set dampening 30 1500 10000 120
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
# route-map rmap2 deny 40
# match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
# match route-type level-1 level-2
# match tag 2
# description rmap2-40-deny
- name: Delete single route-map
cisco.nxos.nxos_route_maps:
config:
- route_map: rmap1
state: deleted
# Task output
# -------------
# before:
# - route_map: rmap1
# entries:
# - action: permit
# description: rmap1-10-permit
# match:
# as_number:
# asn:
# - '65564'
# as_path:
# - Allow40
# ip:
# address:
# access_list: acl_1
# sequence: 10
#
# - action: deny
# description: rmap1-20-deny
# match:
# community:
# community_list:
# - BGPCommunity1
# - BGPCommunity2
# ip:
# address:
# prefix_lists:
# - AllowPrefix1
# - AllowPrefix2
# sequence: 20
# set:
# dampening:
# half_life: 30
# max_suppress_time: 120
# start_reuse_route: 1500
# start_suppress_route: 10000
#
# - route_map: rmap2
# entries:
# - action: permit
# continue_sequence: 40
# description: rmap2-20-permit
# match:
# interfaces:
# - Ethernet1/1
# ipv6:
# address:
# prefix_lists:
# - AllowIPv6Prefix
# sequence: 20
# set:
# as_path:
# prepend:
# as_number:
# - '65563'
# - '65568'
# - '65569'
# comm_list: BGPCommunity
#
# - action: deny
# description: rmap2-40-deny
# match:
# ip:
# multicast:
# group_range:
# first: 239.0.0.1
# last: 239.255.255.255
# rp:
# prefix: 192.0.2.0/24
# rp_type: ASM
# source: 203.0.113.0/24
# route_types:
# - level-1
# - level-2
# tags:
# - 2
# sequence: 40
#
# commands:
# - no route-map rmap1 permit 10
# - no route-map rmap1 deny 20
#
# after:
# - route_map: rmap2
# entries:
# - action: permit
# continue_sequence: 40
# description: rmap2-20-permit
# match:
# interfaces:
# - Ethernet1/1
# ipv6:
# address:
# prefix_lists:
# - AllowIPv6Prefix
# sequence: 20
# set:
# as_path:
# prepend:
# as_number:
# - '65563'
# - '65568'
# - '65569'
# comm_list: BGPCommunity
#
# - action: deny
# description: rmap2-40-deny
# match:
# ip:
# multicast:
# group_range:
# first: 239.0.0.1
# last: 239.255.255.255
# rp:
# prefix: 192.0.2.0/24
# rp_type: ASM
# source: 203.0.113.0/24
# route_types:
# - level-1
# - level-2
# tags:
# - 2
# sequence: 40
#
# After state:
# ------------
# nxos-9k-rdo# sh running-config | section "^route-map"
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
# route-map rmap2 deny 40
# match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
# match route-type level-1 level-2
# match tag 2
# description rmap2-40-deny
# Using deleted to delete all route-maps from the device running-config
# Before state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
# match as-number 65564
# match as-path Allow40
# match ip address acl_1
# description rmap1-10-permit
# route-map rmap1 deny 20
# match community BGPCommunity1 BGPCommunity2
# match ip address prefix-list AllowPrefix1 AllowPrefix2
# description rmap1-20-deny
# set dampening 30 1500 10000 120
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
# route-map rmap2 deny 40
# match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
# match route-type level-1 level-2
# match tag 2
# description rmap2-40-deny
- name: Delete all route-maps
cisco.nxos.nxos_route_maps:
state: deleted
# Task output
# -------------
# before:
# - route_map: rmap1
# entries:
# - action: permit
# description: rmap1-10-permit
# match:
# as_number:
# asn:
# - '65564'
# as_path:
# - Allow40
# ip:
# address:
# access_list: acl_1
# sequence: 10
#
# - action: deny
# description: rmap1-20-deny
# match:
# community:
# community_list:
# - BGPCommunity1
# - BGPCommunity2
# ip:
# address:
# prefix_lists:
# - AllowPrefix1
# - AllowPrefix2
# sequence: 20
# set:
# dampening:
# half_life: 30
# max_suppress_time: 120
# start_reuse_route: 1500
# start_suppress_route: 10000
#
# - route_map: rmap2
# entries:
# - action: permit
# continue_sequence: 40
# description: rmap2-20-permit
# match:
# interfaces:
# - Ethernet1/1
# ipv6:
# address:
# prefix_lists:
# - AllowIPv6Prefix
# sequence: 20
# set:
# as_path:
# prepend:
# as_number:
# - '65563'
# - '65568'
# - '65569'
# comm_list: BGPCommunity
#
# - action: deny
# description: rmap2-40-deny
# match:
# ip:
# multicast:
# group_range:
# first: 239.0.0.1
# last: 239.255.255.255
# rp:
# prefix: 192.0.2.0/24
# rp_type: ASM
# source: 203.0.113.0/24
# route_types:
# - level-1
# - level-2
# tags:
# - 2
# sequence: 40
#
# commands:
# - no route-map rmap1 permit 10
# - no route-map rmap1 deny 20
# - no route-map rmap2 permit 20
# - no route-map rmap2 deny 40
#
# after: []
#
# After state:
# ------------
# nxos-9k-rdo# sh running-config | section "^route-map"
- name: Render platform specific configuration lines with state rendered (without connecting to the device)
cisco.nxos.nxos_route_maps:
config:
- route_map: rmap1
entries:
- sequence: 10
action: permit
description: rmap1-10-permit
match:
ip:
address:
access_list: acl_1
as_path: Allow40
as_number:
asn: 65564
- sequence: 20
action: deny
description: rmap1-20-deny
match:
community:
community_list:
- BGPCommunity1
- BGPCommunity2
ip:
address:
prefix_lists:
- AllowPrefix1
- AllowPrefix2
set:
dampening:
half_life: 30
start_reuse_route: 1500
start_suppress_route: 10000
max_suppress_time: 120
- route_map: rmap2
entries:
- sequence: 20
action: permit
description: rmap2-20-permit
continue_sequence: 40
match:
ipv6:
address:
prefix_lists: AllowIPv6Prefix
interfaces: "{{ nxos_int1 }}"
set:
as_path:
prepend:
as_number:
- 65563
- 65568
- 65569
comm_list: BGPCommunity
- sequence: 40
action: deny
description: rmap2-40-deny
match:
route_types:
- level-1
- level-2
tags: 2
ip:
multicast:
rp:
prefix: 192.0.2.0/24
rp_type: ASM
source: 203.0.113.0/24
group_range:
first: 239.0.0.1
last: 239.255.255.255
state: rendered
# Task Output (redacted)
# -----------------------
# rendered:
# - "route-map rmap1 permit 10"
# - "match as-number 65564"
# - "match as-path Allow40"
# - "match ip address acl_1"
# - "description rmap1-10-permit"
# - "route-map rmap1 deny 20"
# - "match community BGPCommunity1 BGPCommunity2"
# - "match ip address prefix-list AllowPrefix1 AllowPrefix2"
# - "description rmap1-20-deny"
# - "set dampening 30 1500 10000 120"
# - "route-map rmap2 permit 20"
# - "match interface Ethernet1/1"
# - "match ipv6 address prefix-list AllowIPv6Prefix"
# - "set as-path prepend 65563 65568 65569"
# - "description rmap2-20-permit"
# - "continue 40"
# - "set comm-list BGPCommunity delete"
# - "route-map rmap2 deny 40"
# - "match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM"
# - "match route-type level-1 level-2"
# - "match tag 2"
# - "description rmap2-40-deny"
# Using parsed
# parsed.cfg
# ------------
# route-map rmap1 permit 10
# match as-number 65564
# match as-path Allow40
# match ip address acl_1
# description rmap1-10-permit
# route-map rmap1 deny 20
# match community BGPCommunity1 BGPCommunity2
# match ip address prefix-list AllowPrefix1 AllowPrefix2
# description rmap1-20-deny
# set dampening 30 1500 10000 120
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
# route-map rmap2 deny 40
# match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
# match route-type level-1 level-2
# match tag 2
# description rmap2-40-deny
- name: Parse externally provided route-maps configuration
cisco.nxos.nxos_route_maps:
running_config: "{{ lookup('file', './fixtures/parsed.cfg') }}"
state: parsed
# Task output (redacted)
# -----------------------
# parsed:
# - route_map: rmap1
# entries:
# - action: permit
# description: rmap1-10-permit
# match:
# as_number:
# asn:
# - '65564'
# as_path:
# - Allow40
# ip:
# address:
# access_list: acl_1
# sequence: 10
#
# - action: deny
# description: rmap1-20-deny
# match:
# community:
# community_list:
# - BGPCommunity1
# - BGPCommunity2
# ip:
# address:
# prefix_lists:
# - AllowPrefix1
# - AllowPrefix2
# sequence: 20
# set:
# dampening:
# half_life: 30
# max_suppress_time: 120
# start_reuse_route: 1500
# start_suppress_route: 10000
#
# - route_map: rmap2
# entries:
# - action: permit
# continue_sequence: 40
# description: rmap2-20-permit
# match:
# interfaces:
# - Ethernet1/1
# ipv6:
# address:
# prefix_lists:
# - AllowIPv6Prefix
# sequence: 20
# set:
# as_path:
# prepend:
# as_number:
# - '65563'
# - '65568'
# - '65569'
# comm_list: BGPCommunity
#
# - action: deny
# description: rmap2-40-deny
# match:
# ip:
# multicast:
# group_range:
# first: 239.0.0.1
# last: 239.255.255.255
# rp:
# prefix: 192.0.2.0/24
# rp_type: ASM
# source: 203.0.113.0/24
# route_types:
# - level-1
# - level-2
# tags:
# - 2
# sequence: 40
# Using gathered
# Existing route-map config
# ---------------------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
# match as-number 65564
# match as-path Allow40
# match ip address acl_1
# description rmap1-10-permit
# route-map rmap2 permit 20
# match interface Ethernet1/1
# match ipv6 address prefix-list AllowIPv6Prefix
# set as-path prepend 65563 65568 65569
# description rmap2-20-permit
# continue 40
# set comm-list BGPCommunity delete
- name: Gather route-maps facts using gathered
cisco.nxos.nxos_route_maps:
state: gathered
# gathered:
# - route_map: rmap1
# entries:
# - action: permit
# description: rmap1-10-permit
# match:
# as_number:
# asn:
# - '65564'
# as_path:
# - Allow40
# ip:
# address:
# access_list: acl_1
# sequence: 10
#
# - route_map: rmap2
# entries:
# - action: permit
# continue_sequence: 40
# description: rmap2-20-permit
# match:
# interfaces:
# - Ethernet1/1
# ipv6:
# address:
# prefix_lists:
# - AllowIPv6Prefix
# sequence: 20
# set:
# as_path:
# prepend:
# as_number:
# - '65563'
# - '65568'
# - '65569'
# comm_list: BGPCommunity
#
返回值
常用返回值已在此处记录 此处,以下是此模块特有的字段
键 |
描述 |
|---|---|
生成的配置模型调用。 返回:发生更改时 示例: |
|
模型调用之前的配置。 返回:始终 示例: |
|
推送到远程设备的命令集。 返回:始终 示例: |