fmgd_router_multicast – Configure router multicast.
Added in version 1.0.0.
Synopsis
This module is able to configure a FortiManager device.
Examples include all parameters and values need to be adjusted to data sources before usage.
Tested with FortiManager v7.x.
Requirements
The below requirements are needed on the host that executes this module.
ansible-core>=2.16.0
FortiManager Version Compatibility
Supported Version Ranges: v7.2.6 -> v7.2.12, v7.4.3 -> latest
Parameters
- access_token -The token to access FortiManager without using username and password. type: str required: false
- bypass_validation - Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. type: bool required: false default: False
- enable_log - Enable/Disable logging for task. type: bool required: false default: False
- forticloud_access_token - Access token of forticloud managed API users, this option is available with FortiManager later than 6.4.0. type: str required: false
- proposed_method - The overridden method for the underlying Json RPC request. type: str required: false choices: set, update, add
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden. type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden. type: list required: false
- workspace_locking_adom - Acquire the workspace lock if FortiManager is running in workspace mode. type: str required: false choices: global, custom adom including root
- workspace_locking_timeout - The maximum time in seconds to wait for other users to release workspace lock. type: integer required: false default: 300
- device - The parameter in requested url type: str required: true
- vdom - The parameter in requested url type: str required: true
- router_multicast - Configure router multicast. type: dict
- interface Interface. type: list
more...
- bfd Enable/disable protocol independent multicast (pim) bidirectional forwarding detection (bfd). type: str choices: [disable, enable] more...
- cisco_exclude_genid (Alias name: cisco-exclude-genid) Exclude genid from hello packets (compatibility with old cisco ios). type: str choices: [disable, enable] more...
- dr_priority (Alias name: dr-priority) Dr election priority. type: int more...
- hello_holdtime (Alias name: hello-holdtime) Time before old neighbor information expires (0 - 65535 sec, default = 105). type: int more...
- hello_interval (Alias name: hello-interval) Interval between sending pim hello messages (0 - 65535 sec, default = 30). type: int more...
- igmp Igmp. type: dict
more...
- access_group (Alias name: access-group) Groups igmp hosts are allowed to join. type: list more...
- immediate_leave_group (Alias name: immediate-leave-group) Groups to drop membership for immediately after receiving igmpv2 leave. type: list more...
- last_member_query_count (Alias name: last-member-query-count) Number of group specific queries before removing group (2 - 7, default = 2). type: int more...
- last_member_query_interval (Alias name: last-member-query-interval) Timeout between igmpv2 leave and removing group (1 - 65535 msec, default = 1000). type: int more...
- query_interval (Alias name: query-interval) Interval between queries to igmp hosts (1 - 65535 sec, default = 125). type: int more...
- query_max_response_time (Alias name: query-max-response-time) Maximum time to wait for a igmp query response (1 - 25 sec, default = 10). type: int more...
- query_timeout (Alias name: query-timeout) Timeout between queries before becoming querying unit for network (60 - 900, default = 255). type: int more...
- router_alert_check (Alias name: router-alert-check) Enable/disable require igmp packets contain router alert option. type: str choices: [disable, enable] more...
- version Maximum version of igmp to support. type: str choices: [1, 2, 3] more...
- join_group (Alias name: join-group) Join group. type: list
more...
- address Multicast group ip address. type: str more...
- multicast_flow (Alias name: multicast-flow) Acceptable source for multicast group. type: list more...
- name Interface name. type: str more...
- neighbour_filter (Alias name: neighbour-filter) Routers acknowledged as neighbor routers. type: list more...
- passive Enable/disable listening to igmp but not participating in pim. type: str choices: [disable, enable] more...
- pim_mode (Alias name: pim-mode) Pim operation mode. type: str choices: [sparse-mode, dense-mode] more...
- propagation_delay (Alias name: propagation-delay) Delay flooding packets on this interface (100 - 5000 msec, default = 500). type: int more...
- rp_candidate (Alias name: rp-candidate) Enable/disable compete to become rp in elections. type: str choices: [disable, enable] more...
- rp_candidate_group (Alias name: rp-candidate-group) Multicast groups managed by this rp. type: list more...
- rp_candidate_interval (Alias name: rp-candidate-interval) Rp candidate advertisement interval (1 - 16383 sec, default = 60). type: int more...
- rp_candidate_priority (Alias name: rp-candidate-priority) Routers priority as rp. type: int more...
- rpf_nbr_fail_back (Alias name: rpf-nbr-fail-back) Enable/disable fail back for rpf neighbor query. type: str choices: [disable, enable] more...
- rpf_nbr_fail_back_filter (Alias name: rpf-nbr-fail-back-filter) Filter for fail back rpf neighbors. type: list more...
- state_refresh_interval (Alias name: state-refresh-interval) Interval between sending state-refresh packets (1 - 100 sec, default = 60). type: int more...
- static_group (Alias name: static-group) Statically set multicast groups to forward out. type: list more...
- ttl_threshold (Alias name: ttl-threshold) Minimum ttl of multicast packets that will be forwarded (applied only to new multicast routes) (1 - 255, default = 1). type: int more...
- multicast_routing (Alias name: multicast-routing) Enable/disable ip multicast routing. type: str choices: [disable, enable] more...
- pim_sm_global (Alias name: pim-sm-global) Pim sm global. type: dict
more...
- accept_register_list (Alias name: accept-register-list) Sources allowed to register packets with this rendezvous point (rp). type: list more...
- accept_source_list (Alias name: accept-source-list) Sources allowed to send multicast traffic. type: list more...
- bsr_allow_quick_refresh (Alias name: bsr-allow-quick-refresh) Enable/disable accept bsr quick refresh packets from neighbors. type: str choices: [disable, enable] more...
- bsr_candidate (Alias name: bsr-candidate) Enable/disable allowing this router to become a bootstrap router (bsr). type: str choices: [disable, enable] more...
- bsr_hash (Alias name: bsr-hash) Bsr hash length (0 - 32, default = 10). type: int more...
- bsr_interface (Alias name: bsr-interface) Interface to advertise as candidate bsr. type: list more...
- bsr_priority (Alias name: bsr-priority) Bsr priority (0 - 255, default = 0). type: int more...
- cisco_crp_prefix (Alias name: cisco-crp-prefix) Enable/disable making candidate rp compatible with old cisco ios. type: str choices: [disable, enable] more...
- cisco_ignore_rp_set_priority (Alias name: cisco-ignore-rp-set-priority) Use only hash for rp selection (compatibility with old cisco ios). type: str choices: [disable, enable] more...
- cisco_register_checksum (Alias name: cisco-register-checksum) Checksum entire register packet(for old cisco ios compatibility). type: str choices: [disable, enable] more...
- cisco_register_checksum_group (Alias name: cisco-register-checksum-group) Cisco register checksum only these groups. type: list more...
- join_prune_holdtime (Alias name: join-prune-holdtime) Join/prune holdtime (1 - 65535, default = 210). type: int more...
- message_interval (Alias name: message-interval) Period of time between sending periodic pim join/prune messages in seconds (1 - 65535, default = 60). type: int more...
- null_register_retries (Alias name: null-register-retries) Maximum retries of null register (1 - 20, default = 1). type: int more...
- pim_use_sdwan (Alias name: pim-use-sdwan) Enable/disable use of sdwan when checking rpf neighbor and sending of reg packet. type: str choices: [disable, enable] more...
- register_rate_limit (Alias name: register-rate-limit) Limit of packets/sec per source registered through this rp (0 - 65535, default = 0 which means unlimited). type: int more...
- register_rp_reachability (Alias name: register-rp-reachability) Enable/disable check rp is reachable before registering packets. type: str choices: [disable, enable] more...
- register_source (Alias name: register-source) Override source address in register packets. type: str choices: [disable, ip-address, interface] more...
- register_source_interface (Alias name: register-source-interface) Override with primary interface address. type: list more...
- register_source_ip (Alias name: register-source-ip) Override with local ip address. type: str more...
- register_supression (Alias name: register-supression) Period of time to honor register-stop message (1 - 65535 sec, default = 60). type: int more...
- rp_address (Alias name: rp-address) Rp address. type: list more...
- rp_register_keepalive (Alias name: rp-register-keepalive) Timeout for rp receiving data on (s,g) tree (1 - 65535 sec, default = 185). type: int more...
- spt_threshold (Alias name: spt-threshold) Enable/disable switching to source specific trees. type: str choices: [disable, enable] more...
- spt_threshold_group (Alias name: spt-threshold-group) Groups allowed to switch to source tree. type: list more...
- ssm Enable/disable source specific multicast. type: str choices: [disable, enable] more...
- ssm_range (Alias name: ssm-range) Groups allowed to source specific multicast. type: list more...
- route_limit (Alias name: route-limit) Maximum number of multicast routes. type: int more...
- route_threshold (Alias name: route-threshold) Generate warnings when the number of multicast routes exceeds this number, must not be greater than route-limit. type: int more...
- pim_sm_global_vrf (Alias name: pim-sm-global-vrf) Pim sm global vrf. type: list
more...
- bsr_allow_quick_refresh (Alias name: bsr-allow-quick-refresh) Enable/disable accept bsr quick refresh packets from neighbors. type: str choices: [disable, enable] more...
- bsr_candidate (Alias name: bsr-candidate) Enable/disable allowing this router to become a bootstrap router (bsr). type: str choices: [disable, enable] more...
- bsr_hash (Alias name: bsr-hash) Bsr hash length (0 - 32, default = 10). type: int more...
- bsr_interface (Alias name: bsr-interface) Interface to advertise as candidate bsr. type: list more...
- bsr_priority (Alias name: bsr-priority) Bsr priority (0 - 255, default = 0). type: int more...
- cisco_crp_prefix (Alias name: cisco-crp-prefix) Enable/disable making candidate rp compatible with old cisco ios. type: str choices: [disable, enable] more...
- rp_address (Alias name: rp-address) Rp address. type: list more...
- vrf Vrf id. type: int more...
Notes
Note
Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
To create or update an object, use state: present directive.
To delete an object, use state: absent directive
Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples
- name: Example playbook (generated based on argument schema)
hosts: fortimanagers
connection: httpapi
gather_facts: false
vars:
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_port: 443
tasks:
- name: Configure router multicast.
fortinet.fmgdevice.fmgd_router_multicast:
# bypass_validation: false
# workspace_locking_adom: <global or your adom name>
# workspace_locking_timeout: 300
# rc_succeeded: [0, -2, -3, ...]
# rc_failed: [-2, -3, ...]
device: <your own value>
vdom: <your own value>
router_multicast:
# interface:
# - bfd: <value in [disable, enable]>
# cisco_exclude_genid: <value in [disable, enable]>
# dr_priority: <integer>
# hello_holdtime: <integer>
# hello_interval: <integer>
# igmp:
# access_group: <list or string>
# immediate_leave_group: <list or string>
# last_member_query_count: <integer>
# last_member_query_interval: <integer>
# query_interval: <integer>
# query_max_response_time: <integer>
# query_timeout: <integer>
# router_alert_check: <value in [disable, enable]>
# version: <value in [1, 2, 3]>
# join_group:
# - address: <string>
# multicast_flow: <list or string>
# name: <string>
# neighbour_filter: <list or string>
# passive: <value in [disable, enable]>
# pim_mode: <value in [sparse-mode, dense-mode]>
# propagation_delay: <integer>
# rp_candidate: <value in [disable, enable]>
# rp_candidate_group: <list or string>
# rp_candidate_interval: <integer>
# rp_candidate_priority: <integer>
# rpf_nbr_fail_back: <value in [disable, enable]>
# rpf_nbr_fail_back_filter: <list or string>
# state_refresh_interval: <integer>
# static_group: <list or string>
# ttl_threshold: <integer>
# multicast_routing: <value in [disable, enable]>
# pim_sm_global:
# accept_register_list: <list or string>
# accept_source_list: <list or string>
# bsr_allow_quick_refresh: <value in [disable, enable]>
# bsr_candidate: <value in [disable, enable]>
# bsr_hash: <integer>
# bsr_interface: <list or string>
# bsr_priority: <integer>
# cisco_crp_prefix: <value in [disable, enable]>
# cisco_ignore_rp_set_priority: <value in [disable, enable]>
# cisco_register_checksum: <value in [disable, enable]>
# cisco_register_checksum_group: <list or string>
# join_prune_holdtime: <integer>
# message_interval: <integer>
# null_register_retries: <integer>
# pim_use_sdwan: <value in [disable, enable]>
# register_rate_limit: <integer>
# register_rp_reachability: <value in [disable, enable]>
# register_source: <value in [disable, ip-address, interface]>
# register_source_interface: <list or string>
# register_source_ip: <string>
# register_supression: <integer>
# rp_address:
# - group: <list or string>
# id: <integer>
# ip_address: <string>
# rp_register_keepalive: <integer>
# spt_threshold: <value in [disable, enable]>
# spt_threshold_group: <list or string>
# ssm: <value in [disable, enable]>
# ssm_range: <list or string>
# route_limit: <integer>
# route_threshold: <integer>
# pim_sm_global_vrf:
# - bsr_allow_quick_refresh: <value in [disable, enable]>
# bsr_candidate: <value in [disable, enable]>
# bsr_hash: <integer>
# bsr_interface: <list or string>
# bsr_priority: <integer>
# cisco_crp_prefix: <value in [disable, enable]>
# rp_address:
# - group: <list or string>
# id: <integer>
# ip_address: <string>
# vrf: <integer>
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- meta - The result of the request.returned: always type: dict
- request_url - The full url requested. returned: always type: str sample: /sys/login/user
- response_code - The status of api request. returned: always type: int sample: 0
- response_data - The data body of the api response. returned: optional type: list or dict
- response_message - The descriptive message of the api response. returned: always type: str sample: OK
- system_information - The information of the target system. returned: always type: dict
- rc - The status the request. returned: always type: int sample: 0
- version_check_warning - Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: if at least one parameter not supported by the current FortiManager version type: list
Status
This module is not guaranteed to have a backwards compatible interface.