cisco.mso.ndo_l3out_template module – Manage L3Outs on Cisco Nexus Dashboard Orchestrator (NDO).

Note

This module is part of the cisco.mso collection (version 2.10.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cisco.mso. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: cisco.mso.ndo_l3out_template.

Synopsis

• Manage L3Outs on Cisco Nexus Dashboard Orchestrator (NDO).

• This module is only supported on ND v3.1 (NDO v4.3) and later.

Requirements

The below requirements are needed on the host that executes this module.

• Multi Site Orchestrator v2.1 or newer

Parameters

Parameter	Comments
attached_host_route_redistribution aliases: attached_host_route string	The name of the Route Map Policy for Route Control that needs to be associated with Attached Host Route Redistribution route map. Providing an empty string will remove the attached_host_route_redistribution="" from the L3Out.
bgp dictionary	The BGP routing protocol configuration of the L3Out.
inbound_route_map aliases: import_route, inbound_route string	The name of the Route Map Policy for Route Control that needs to be associated with inbound route map. Providing an empty string will remove the bgp.inbound_route_map="" from the L3Out.
outbound_route_map aliases: export_route, outbound_route string	The name of the Route Map Policy for Route Control that needs to be associated with outbound route map. Providing an empty string will remove the bgp.outbound_route_map="" from the L3Out.
route_dampening_ipv4 aliases: dampening_ipv4 string	The name of the Route Map Policy for Route Control that needs to be associated with Route Dampening IPv4 route map. Providing an empty string will remove the bgp.route_dampening_ipv4="" from the L3Out.
route_dampening_ipv6 aliases: dampening_ipv6 string	The name of the Route Map Policy for Route Control that needs to be associated with Route Dampening IPv6 route map. Providing an empty string will remove the bgp.route_dampening_ipv6="" from the L3Out.
state string	Use enabled to configure the BGP routing protocol. Use disabled to remove the BGP routing protocol. Choices: "enabled" ← (default) "disabled"
connected_route_redistribution aliases: connected_route string	The name of the Route Map Policy for Route Control that needs to be associated with Connected Route Redistribution route map. Providing an empty string will remove the connected_route_redistribution="" from the L3Out.
description string	The description of the L3Out. Providing an empty string will remove the description="" from the L3Out.
host aliases: hostname string	IP Address or hostname of the ACI Multi Site Orchestrator host. If the value is not specified in the task, the value of environment variable MSO_HOST will be used instead.
interleak string	The name of the Route Map Policy for Route Control that needs to be associated with Interleak route map. Providing an empty string will remove the interleak="" from the L3Out.
l3_domain string	The name of the L3 Domain.
login_domain string	The login domain name to use for authentication. The default value is Local. If the value is not specified in the task, the value of environment variable MSO_LOGIN_DOMAIN will be used instead. When using a HTTPAPI connection plugin the inventory variable ansible_httpapi_login_domain will be used if this attribute is not specified.
name string	The name of the L3Out.
ospf dictionary	The OSPF routing protocol configuration of the L3Out.
area_id string	The area id of the OSPF area. This option is required when the ospf.state=enabled.
area_type string	The area type of the OSPF area. This option is required when the ospf.state=enabled. Choices: "regular" "stub" "nssa"
cost integer	The cost of the OSPF area. Defaults to 1 when unset during creation.
originate_default_route string	The Originate Default Route option in an L3Out configuration allows the ACI fabric to advertise a default route (0.0.0.0/0) to external networks. Providing an empty string will remove the ospf.originate_default_route from the L3Out. Choices: "only" "in_addition" ""
originate_default_route_always aliases: always boolean	Enabling this option will set the ospf.originate_default_route=only when the ospf.originate_default_route unset during creation. This option is applicable only if OSPF is configured on the L3Out. Choices: false true
originate_summary_lsa aliases: originate_lsa boolean	This option is for OSPF NSSA (not-so-stubby area) or Stub area. When this option is disabled, not only Type 4 and 5, but also Type 3 LSAs are not sent into the NSSA or Stub area by the border leaf. Instead, the border leaf creates and sends a default route to the area. If there is no Type 3 LSA in this area in the first place, a default route is not created. Choices: false true
send_redistributed_lsas aliases: redistributed_lsas boolean	This option is for the OSPF NSSA (not-so-stubby area). When this option is disabled, the redistributed routes are not sent into this NSSA area from the border leaf. This is typically used when the ospf.originate_summary_lsa=false. Because disabling the ospf.originate_summary_lsa option creates and sends a default route to the NSSA or Stub area. Choices: false true
state string	Use enabled to configure the OSPF routing protocol. Use disabled to remove the OSPF routing protocol. Choices: "enabled" ← (default) "disabled"
suppress_forwarding_addr_translated_lsa aliases: suppress_fa_lsa boolean	This option is for OSPF NSSA (not-so-stubby area). When an OSPF NSSA ABR (Area Border Router) translates a Type-7 LSA into a Type-5 LSA to send it across non-NSSA areas. It typically includes the IP address of the originator ASBR (Autonomous System Boundary Router) as a forwarding address. However, if an OSPF router receiving the Type-5 LSA lacks a route to this forwarding address. The route may not be installed in the router’s route table. Enabling this option prevents the ABR from adding a forwarding address during the Type-7 to Type-5 translation, thereby avoiding this issue. Choices: false true
output_level string	Influence the output of this MSO module. normal means the standard output, incl. current dict info adds informational output, incl. previous, proposed and sent dicts debug adds debugging output, incl. filter_string, method, response, status and url information If the value is not specified in the task, the value of environment variable MSO_OUTPUT_LEVEL will be used instead. Choices: "debug" "info" "normal" ← (default)
password string	The password to use for authentication. If the value is not specified in the task, the value of environment variables MSO_PASSWORD or ANSIBLE_NET_PASSWORD will be used instead.
pim boolean	The protocol independent multicast (PIM) flag of the L3Out. By default, PIM is disabled. To enable the PIM, Layer 3 Multicast must be enabled on the vrf. Choices: false true
port integer	Port number to be used for the REST connection. The default value depends on parameter `use_ssl`. If the value is not specified in the task, the value of environment variable MSO_PORT will be used instead.
state string	Use absent for removing. Use query for listing an object or multiple objects. Use present for creating or updating. Choices: "absent" "query" ← (default) "present"
static_route_redistribution aliases: static_route string	The name of the Route Map Policy for Route Control that needs to be associated with Static Route Redistribution route map. Providing an empty string will remove the static_route_redistribution="" from the L3Out.
target_dscp string	The DSCP Level of the L3Out. Choices: "af11" "af12" "af13" "af21" "af22" "af23" "af31" "af32" "af33" "af41" "af42" "af43" "cs0" "cs1" "cs2" "cs3" "cs4" "cs5" "cs6" "cs7" "expedited_forwarding" "unspecified" "voice_admit"
template aliases: l3out_template string / required	The name of the L3Out template.
timeout integer	The socket level timeout in seconds. The default value is 30 seconds. If the value is not specified in the task, the value of environment variable MSO_TIMEOUT will be used instead.
use_proxy boolean	If false, it will not use a proxy, even if one is defined in an environment variable on the target hosts. If the value is not specified in the task, the value of environment variable MSO_USE_PROXY will be used instead. The default is true. Choices: false true
use_ssl boolean	If false, an HTTP connection will be used instead of the default HTTPS connection. If the value is not specified in the task, the value of environment variable MSO_USE_SSL will be used instead. When using a HTTPAPI connection plugin the inventory variable ansible_httpapi_use_ssl will be used if this attribute is not specified. The default is false when using a HTTPAPI connection plugin (mso or nd) and true when using the legacy connection method (only for mso). Choices: false true
username string	The username to use for authentication. If the value is not specified in the task, the value of environment variables MSO_USERNAME or ANSIBLE_NET_USERNAME will be used instead.
uuid string	The UUID of the L3Out. This parameter is required when the L3Out name needs to be updated.
validate_certs boolean	If false, SSL certificates will not be validated. This should only set to false when used on personally controlled sites using self-signed certificates. If the value is not specified in the task, the value of environment variable MSO_VALIDATE_CERTS will be used instead. The default is true. Choices: false true
vrf dictionary	The VRF associated with the L3Out.
name string / required	The name of the VRF.
schema string / required	The name of the schema.
template string / required	The name of the template.

Notes

Note

• The template must exist before using this module in your playbook. Use cisco.mso.ndo_template to create the L3Out template.

• The vrf must exist before using this module in your playbook. Use cisco.mso.mso_schema_template_vrf to create the VRF.

• The l3_domain must exist before using this module in your playbook. Use cisco.mso.ndo_l3_domain to create the L3Out domain.

• This module was written to support Multi Site Orchestrator v2.1 or newer. Some or all functionality may not work on earlier versions.

See Also

See also

cisco.mso.mso_schema_template_vrf

Manage VRFs in schema templates.

cisco.mso.ndo_template

Manage Templates on Cisco Nexus Dashboard Orchestrator (NDO).

cisco.mso.ndo_l3_domain

Manage L3 Domains on Cisco Nexus Dashboard Orchestrator (NDO).

Examples

- name: Create a new L3Out object without BGP and OSPF
  cisco.mso.ndo_l3out_template:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    l3out_template: l3out_template
    name: "l3out_1"
    vrf:
      name: "VRF1"
      schema: "Schema1"
      template: "Template1"
    state: "present"

- name: Query a L3Out object with name
  cisco.mso.ndo_l3out_template:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    l3out_template: l3out_template
    name: "l3out_1"
    state: "query"
  register: query_l3out_name

- name: Update a L3Out object name with UUID
  cisco.mso.ndo_l3out_template:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    l3out_template: l3out_template
    uuid: "{{ query_l3out_name.current.uuid }}"
    name: "l3out_1_updated"
    description: "updated description"
    state: "present"

- name: Create a new L3Out object with BGP and OSPF
  cisco.mso.ndo_l3out_template:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    l3out_template: l3out_template
    name: "l3out_1_new"
    vrf:
      name: "VRF1"
      schema: "Schema1"
      template: "Template1"
    routing_protocols: ["bgp", "ospf"]
    bgp:
      inbound_route_map: "ans_route_map"
      outbound_route_map: "ans_route_map"
      route_dampening_ipv4: "ans_route_map"
      route_dampening_ipv6: "ans_route_map"
    ospf:
      area_id: "0.0.0.1"
      area_type: "regular"
      cost: 1
      send_redistributed_lsas: true
      originate_summary_lsa: true
      suppress_forwarding_addr_translated_lsa: true
      originate_default_route: "only"
      originate_default_route_always: false
    interleak: "ans_route_map"
    static_route_redistribution: "ans_route_map"
    connected_route_redistribution: "ans_route_map"
    attached_host_route_redistribution: "ans_route_map"
    state: "present"

- name: Update a L3Out object BGP and OSPF values
  cisco.mso.ndo_l3out_template:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    l3out_template: l3out_template
    name: "l3out_1_new"
    vrf:
      name: "VRF1"
      schema: "Schema1"
      template: "Template1"
    routing_protocols: ["bgp", "ospf"]
    bgp:
      route_dampening_ipv4: "ans_route_map_2"
      route_dampening_ipv6: "ans_route_map_2"
    ospf:
      area_id: "0.0.0.2"
      area_type: "stub"
      cost: 3
      send_redistributed_lsas: true
      originate_summary_lsa: true
      suppress_forwarding_addr_translated_lsa: true
    interleak: "ans_route_map"
    static_route_redistribution: "ans_route_map"
    connected_route_redistribution: "ans_route_map"
    attached_host_route_redistribution: "ans_route_map"
    state: "present"

- name: Clear bgp and ospf routing protocol from the existing L3Out
  cisco.mso.ndo_l3out_template:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    l3out_template: l3out_template
    name: "l3out_1_new"
    vrf:
      name: "VRF1"
      schema: "Schema1"
      template: "Template1"
    routing_protocol: ["bgp"]
    bgp:
      state: disabled
    ospf:
      state: disabled
    state: "present"

- name: Query a L3Out object with uuid
  cisco.mso.ndo_l3out_template:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    l3out_template: l3out_template
    uuid: "{{ query_l3out_name.current.uuid }}"
    state: "query"
  register: query_l3out_name

- name: Query all L3Out objects
  cisco.mso.ndo_l3out_template:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    l3out_template: l3out_template
    state: "query"
  register: query_all_l3out

- name: Delete a L3Out object with name
  cisco.mso.ndo_l3out_template:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    l3out_template: l3out_template
    name: "l3out_1"
    state: "absent"

- name: Delete a L3Out object with uuid
  cisco.mso.ndo_l3out_template:
    host: mso_host
    username: admin
    password: SomeSecretPassword
    l3out_template: l3out_template
    uuid: "{{ query_l3out_name.current.uuid }}"
    state: "absent"

Authors

• Sabari Jaganathan (@sajagana)

Collection links

• Issue Tracker
• Homepage
• Repository (Sources)