Created
July 18, 2024 12:57
-
-
Save dataolle/37833c333fc33167a4eedc6326d3e752 to your computer and use it in GitHub Desktop.
netsim/ansible/tasks/fortinet.fortios.fortios/bgp.yml
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| - name: Initialize network variables | |
| set_fact: | |
| ipv4_networks: [] | |
| ipv6_networks: [] | |
| - name: Set fact for BGP global settings | |
| set_fact: | |
| bgp_global_settings: | |
| as: "{{ bgp.as }}" | |
| ebgp_multipath: "enable" | |
| ibgp_multipath: "enable" | |
| bestpath_cmp_confed_aspath: "enable" | |
| bestpath_cmp_routerid: "enable" | |
| bestpath_med_confed: "enable" | |
| bestpath_med_missing_as_worst: "enable" | |
| client_to_client_reflection: "enable" | |
| cluster_id: "{{ bgp.rr_cluster_id | default(omit) }}" | |
| router_id: "{{ bgp.router_id | default(omit) }}" | |
| - name: Set fact for BGP neighbors (IPv4) | |
| set_fact: | |
| ipv4_neighbors: "{{ (ipv4_neighbors | default([])) + [{ | |
| 'ip': neighbor.ipv4 if neighbor.ipv4 is string else neighbor.local_if | default('?'), | |
| 'remote_as': neighbor.as, | |
| 'description': neighbor.name, | |
| 'update_source': loopback.ifname if neighbor.type == 'ibgp' and loopback.ifname is defined else omit, | |
| 'local_as': neighbor.local_as if neighbor.local_as is defined else omit, | |
| 'local_as_no_prepend': 'enable' if neighbor.local_as is defined and neighbor.replace_global_as | default(True) else 'disable', | |
| 'next_hop_self': 'enable' if neighbor.type == 'ibgp' and bgp.next_hop_self | default(False) else 'disable', | |
| 'route_reflector_client': 'enable' if neighbor.type == 'ibgp' and bgp.rr | default(False) and not neighbor.rr | default(False) else 'disable', | |
| 'send_community': 'standard' if neighbor.type in bgp.community | default({}) else 'disable', | |
| 'activate': 'enable' | |
| }] }}" | |
| with_items: "{{ bgp.neighbors }}" | |
| loop_control: | |
| loop_var: neighbor | |
| when: neighbor.ipv4 is defined | |
| - name: Set fact for BGP neighbors (IPv6) | |
| set_fact: | |
| ipv6_neighbors: "{{ (ipv6_neighbors | default([])) + [{ | |
| 'ip': neighbor.ipv6 if neighbor.ipv6 is string else neighbor.local_if | default('?'), | |
| 'remote_as': neighbor.as, | |
| 'description': neighbor.name, | |
| 'update_source': loopback.ifname if neighbor.type == 'ibgp' and loopback.ifname is defined else omit, | |
| 'local_as': neighbor.local_as if neighbor.local_as is defined else omit, | |
| 'local_as_no_prepend': 'enable' if neighbor.local_as is defined and neighbor.replace_global_as | default(True) else 'disable', | |
| 'next_hop_self': 'enable' if neighbor.type == 'ibgp' and bgp.next_hop_self | default(False) else 'disable', | |
| 'route_reflector_client': 'enable' if neighbor.type == 'ibgp' and bgp.rr | default(False) and not neighbor.rr | default(False) else 'disable', | |
| 'send_community': 'standard' if neighbor.type in bgp.community | default({}) else 'disable', | |
| 'activate': 'enable' | |
| }] }}" | |
| with_items: "{{ bgp.neighbors }}" | |
| loop_control: | |
| loop_var: neighbor | |
| when: neighbor.ipv6 is defined | |
| - name: Set fact for BGP networks (IPv4) | |
| set_fact: | |
| ipv4_networks: "{{ (ipv4_networks | default([])) + [{'id': (ipv4_networks | length) + 1, 'prefix': interface.ipv4}] }}" | |
| with_items: "{{ interfaces }}" | |
| loop_control: | |
| loop_var: interface | |
| when: interface.bgp.advertise | default(False) and interface.ipv4 is defined and not ('vrf' in interface) | |
| - name: Set fact for BGP networks (IPv6) | |
| set_fact: | |
| ipv6_networks: "{{ (ipv6_networks | default([])) + [{'id': (ipv6_networks | length) + 1, 'prefix6': interface.ipv6}] }}" | |
| with_items: "{{ interfaces }}" | |
| loop_control: | |
| loop_var: interface | |
| when: interface.bgp.advertise | default(False) and interface.ipv6 is defined and not ('vrf' in interface) | |
| - name: Set fact for extra BGP networks (IPv4) | |
| set_fact: | |
| ipv4_networks: "{{ (ipv4_networks | default([])) + [{'id': (ipv4_networks | length) + 1, 'prefix': pfx}] }}" | |
| with_items: "{{ bgp.originate | default([]) }}" | |
| loop_control: | |
| loop_var: pfx | |
| when: pfx is defined | |
| # - name: Set fact for extra BGP networks (IPv6) | |
| # set_fact: | |
| # ipv6_networks: "{{ (ipv6_networks | default([])) + [{'id': (ipv6_networks | length) + 1, 'prefix6': pfx}] }}" | |
| # with_items: "{{ bgp.originate | default([]) }}" | |
| # loop_control: | |
| # loop_var: pfx | |
| # when: pfx is defined | |
| - name: Consolidate BGP configuration | |
| set_fact: | |
| consolidated_bgp_settings: "{{ bgp_global_settings | combine({ | |
| 'neighbor': ipv4_neighbors | default([]) + ipv6_neighbors | default([]), | |
| 'network': ipv4_networks | default([]), | |
| 'network6': ipv6_networks | default([]) | |
| }) }}" | |
| - name: Apply consolidated BGP configuration | |
| fortinet.fortios.fortios_router_bgp: | |
| vdom: "{{ vdom }}" | |
| router_bgp: "{{ consolidated_bgp_settings }}" | |
| - name: Create static routes for extra BGP networks (IPv4) | |
| fortinet.fortios.fortios_router_static: | |
| vdom: "{{ vdom }}" | |
| state: "present" | |
| router_static: | |
| seq_num: 0 | |
| dst: "{{ pfx }}" | |
| blackhole: "enable" | |
| distance: 254 | |
| with_items: "{{ bgp.originate | default([]) }}" | |
| loop_control: | |
| loop_var: pfx | |
| when: pfx is defined |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment