cisco.nxos.nxos_vrf_address_family module – Resource module to configure VRF address family definitions.
Note
This module is part of the cisco.nxos collection (version 9.3.0).
You might already have this collection installed if you are using the ansible package.
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install cisco.nxos.
To use it in a playbook, specify: cisco.nxos.nxos_vrf_address_family.
New in cisco.nxos 9.3.0
Synopsis
This module provides declarative management of VRF definitions on Cisco NXOS.
Parameters
Parameter |
Comments |
|---|---|
A list of device configurations for VRF address family. |
|
Enable address family and enter its config mode - AFI/SAFI configuration |
|
Address Family Identifier (AFI) Choices:
|
|
VRF export |
|
Route-map based VRF export |
|
Virtual Router Context |
|
Allow re-importation of VPN imported routes Choices:
|
|
Route-map based VRF import |
|
Maximum prefix limit |
|
VRF import |
|
Route-map based VRF export |
|
Virtual Router Context |
|
Allow leaked routes to be advertised to VPN Choices:
|
|
Route-map based VRF import |
|
Maximum prefix limit |
|
Set a limit of routes |
|
Configure the options for maximum routes |
|
Configure threshold & its options |
|
Threshold value (%) at which to reinstall routes back to VRF |
|
Threshold value (%) at which to generate a warning msg |
|
Configure only give a warning message if limit is exceeded Choices:
|
|
Maximum number of routes allowed |
|
Specify Target VPN Extended Communities |
|
Export Target-VPN community |
|
Import Target-VPN community |
|
Address Family modifier Choices:
|
|
Name of the VRF. |
|
This option is used only with state parsed. The value of this option should be the output received from the NX-OS device by executing the command show running-config | section ^vrf. The state parsed reads the configuration from |
|
The state the configuration should be left in The states rendered, gathered and parsed does not perform any change on the device. The state rendered will transform the configuration in The state gathered will fetch the running configuration from device and transform it into structured data in the format as per the resource module argspec and the value is returned in the gathered key within the result. The state parsed reads the configuration from Choices:
|
Notes
Note
Tested against NX-OS 9.3.6.
This module works with connection
network_cliandhttpapi. See https://docs.ansible.com/ansible/latest/network/user_guide/platform_nxos.html
Examples
# Using merged
# Before state:
# -------------
#
# nxos#show running-config | section ^vrf
- name: Merge provided configuration with device configuration
register: result
cisco.nxos.nxos_vrf_address_family:
config:
- name: VRF1
address_families:
- afi: ipv4
safi: unicast
route_target:
- export: "65512:200"
maximum:
max_routes: 500
max_route_options:
threshold:
threshold_value: 60
reinstall_threshold: 80
export:
- map: "22"
- vrf:
allow_vpn: true
map_import: "44"
- vrf:
allow_vpn: true
- afi: ipv6
safi: unicast
maximum:
max_routes: 1000
route_target:
- import: "65512:200"
import:
- map: "22"
- vrf:
advertise_vpn: true
map_import: "44"
- vrf:
advertise_vpn: true
state: merged
# Task Output:
# ------------
# before: {}
# commands:
# - vrf context VRF1
# - address-family ipv4 unicast
# - maximum routes 500 60 reinstall 80
# - route-target export 65512:200
# - export map 22
# - export vrf default map 44 allow-vpn
# - export vrf allow-vpn
# - address-family ipv6 unicast
# - maximum routes 1000
# - route-target import 65512:200
# - import map 22
# - import vrf default map 44 advertise-vpn
# - import vrf advertise-vpn
# after:
# - address_families:
# - afi: ipv4
# export:
# - map: "22"
# - vrf:
# allow_vpn: true
# map_import: "44"
# - vrf:
# allow_vpn: true
# maximum:
# max_route_options:
# threshold:
# reinstall_threshold: 80
# threshold_value: 60
# max_routes: 500
# route_target:
# - export: 65512:200
# safi: unicast
# - afi: ipv6
# import:
# - map: "22"
# - vrf:
# advertise_vpn: true
# map_import: "44"
# - vrf:
# advertise_vpn: true
# maximum:
# max_routes: 1000
# route_target:
# - import: 65512:200
# safi: unicast
# name: VRF1
# After state:
# ------------
#
# nxos#show running-config | section ^vrf
# vrf context VRF1
# address-family ipv4 unicast
# route-target export 65512:200
# export map 22
# export vrf default map 44 allow-vpn
# export vrf allow-vpn
# maximum routes 500 60 reinstall 80
# address-family ipv6 unicast
# route-target import 65512:200
# import map 22
# import vrf default map 44 advertise-vpn
# import vrf advertise-vpn
# maximum routes 1000
# Using deleted
# Before state:
# -------------
#
# nxos#show running-config | section ^vrf
# vrf context VRF1
# address-family ipv4 unicast
# route-target import 64512:200
# route-target export 64512:200
# export map 22
# export vrf default map 44 allow-vpn
# export vrf allow-vpn
# maximum routes 900 22 reinstall 44
- name: Delete given vrf address family configuration
register: result
cisco.nxos.nxos_vrf_address_family:
config:
- name: VRF1
address_families:
- afi: ipv4
safi: unicast
route_target:
- import: 64512:200
export:
- map: "22"
maximum:
max_routes: 900
max_route_options:
threshold:
threshold_value: 22
reinstall_threshold: 44
state: deleted
# Task Output:
# ------------
#
# before:
# - address_families:
# - afi: ipv4
# export:
# - map: "22"
# - vrf:
# allow_vpn: true
# map_import: "44"
# - vrf:
# allow_vpn: true
# maximum:
# max_route_options:
# threshold:
# reinstall_threshold: 44
# threshold_value: 22
# max_routes: 900
# route_target:
# - import: "64512:200"
# - export: "64512:200"
# safi: unicast
# name: VRF1
# commands:
# - vrf context VRF1
# - address-family ipv4 unicast
# - no maximum routes 900 22 reinstall 44
# - no route-target import 64512:200
# - no export map 22
# after:
# - address_families:
# - afi: ipv4
# export:
# - vrf:
# allow_vpn: true
# map_import: "44"
# - vrf:
# allow_vpn: true
# route_target:
# - export: "64512:200"
# safi: unicast
# name: VRF1
# Using purged
# Before state:
# -------------
#
# nxos#show running-config | section ^vrf
# vrf context VRF1
# address-family ipv4 unicast
# route-target export 65512:200
# export map 22
# export vrf default map 44 allow-vpn
# export vrf allow-vpn
# maximum routes 500 60 reinstall 80
# address-family ipv6 unicast
# route-target import 65512:200
# import map 22
# import vrf default map 44 advertise-vpn
# import vrf advertise-vpn
# maximum routes 1000
- name: Purge the configuration of VRF address family
register: result
cisco.nxos.nxos_vrf_address_family:
config:
- name: VRF1
address_families:
- afi: ipv4
safi: unicast
- afi: ipv6
safi: unicast
state: purged
# Task Output:
# ------------
#
# before:
# - address_families:
# - afi: ipv4
# export:
# - map: "22"
# - vrf:
# allow_vpn: true
# map_import: "44"
# - vrf:
# allow_vpn: true
# maximum:
# max_route_options:
# threshold:
# reinstall_threshold: 80
# threshold_value: 60
# max_routes: 500
# route_target:
# - export: 65512:200
# safi: unicast
# - afi: ipv6
# import:
# - map: "22"
# - vrf:
# advertise_vpn: true
# map_import: "44"
# - vrf:
# advertise_vpn: true
# maximum:
# max_routes: 1000
# route_target:
# - import: 65512:200
# safi: unicast
# name: VRF1
# commands:
# - vrf context VRF1
# - no address-family ipv4 unicast
# - no address-family ipv6 unicast
# after: {}
# Using overridden
# Before state:
# -------------
#
# nxos#show running-config | section ^vrf
# vrf context VRF1
# address-family ipv4 unicast
# route-target import 64512:200
# address-family ipv6 unicast
# route-target import 554832:500
- name: Override the provided configuration with the existing running configuration
cisco.nxos.nxos_vrf_address_family:
config:
- name: VRF1
address_families:
- afi: ipv6
safi: unicast
route_target:
- export: 65512:200
maximum:
max_routes: 500
max_route_options:
threshold:
threshold_value: 60
reinstall_threshold: 80
export:
- map: "22"
- vrf:
allow_vpn: true
map_import: "44"
- vrf:
allow_vpn: true
- name: temp
address_families:
- afi: ipv4
safi: unicast
route_target:
- import: 65512:200
maximum:
max_routes: 1000
export:
- map: "26"
- vrf:
allow_vpn: true
map_import: "46"
state: overridden
# Task Output:
# ------------
#
# before:
# - address_families:
# - afi: ipv4
# route_target:
# - import: 64512:200
# safi: unicast
# - afi: ipv6
# route_target:
# - import: 554832:500
# safi: unicast
# name: VRF1
#
# commands:
# - vrf context VRF1
# - address-family ipv4 unicast
# - no route-target import 64512:200
# - address-family ipv6 unicast
# - maximum routes 500 60 reinstall 80
# - no route-target import 554832:500
# - route-target export 65512:200
# - export map 22
# - export vrf default map 44 allow-vpn
# - export vrf allow-vpn
# - vrf context temp
# - address-family ipv4 unicast
# - maximum routes 1000
# - route-target import 65512:200
# - export map 26
# - export vrf default map 46 allow-vpn
# after:
# - address_families:
# - afi: ipv4
# safi: unicast
# - afi: ipv6
# export:
# - map: "22"
# - vrf:
# allow_vpn: true
# map_import: "44"
# - vrf:
# allow_vpn: true
# maximum:
# max_route_options:
# threshold:
# reinstall_threshold: 80
# threshold_value: 60
# max_routes: 500
# route_target:
# - export: 65512:200
# safi: unicast
# name: VRF1
# - address_families:
# - afi: ipv4
# export:
# - map: "26"
# - vrf:
# allow_vpn: true
# map_import: "46"
# maximum:
# max_routes: 1000
# route_target:
# - import: 65512:200
# safi: unicast
# name: temp
# Using replaced
# Before state:
# -------------
#
# nxos# show running-config | section ^vrf
# vrf context VRF1
# address-family ipv4 unicast
# route-target import 64512:200
# address-family ipv6 unicast
# route-target import 554832:500
- name: Replaced state for VRF configuration
cisco.nxos.nxos_vrf_global:
config:
vrfs:
- ip:
name_server:
address_list:
- 192.168.255.1
route:
- destination: 192.168.255.1
source: 0.0.0.0/0
name: management
- name: temp
description: Test
ip:
auto_discard: true
domain_list:
- invalid.com
- example.com
domain_name: test.org
state: replaced
# Task Output:
# ------------
#
# before:
# - address_families:
# - afi: ipv4
# route_target:
# - import: 64512:200
# safi: unicast
# - afi: ipv6
# route_target:
# - import: 554832:500
# safi: unicast
# name: VRF1
# commands:
# - vrf context VRF1
# - address-family ipv4 unicast
# - no route-target import 64512:200
# - address-family ipv6 unicast
# - maximum routes 500 60 reinstall 80
# - no route-target import 554832:500
# - route-target export 65512:200
# - export map 22
# - export vrf default map 44 allow-vpn
# - export vrf allow-vpn
# - vrf context temp
# - address-family ipv4 unicast
# - maximum routes 1000
# - route-target import 65512:200
# - export map 26
# - export vrf default map 46 allow-vpn
# after:
# - address_families:
# - afi: ipv4
# safi: unicast
# - afi: ipv6
# export:
# - map: "22"
# - vrf:
# allow_vpn: true
# map_import: "44"
# - vrf:
# allow_vpn: true
# maximum:
# max_route_options:
# threshold:
# reinstall_threshold: 80
# threshold_value: 60
# max_routes: 500
# route_target:
# - export: 65512:200
# safi: unicast
# name: VRF1
# - address_families:
# - afi: ipv4
# export:
# - map: "26"
# - vrf:
# allow_vpn: true
# map_import: "46"
# maximum:
# max_routes: 1000
# route_target:
# - import: 65512:200
# safi: unicast
# name: temp
#
# After state:
# ------------
# router-ios#show running-config | section ^vrf
# vrf context VRF1
# address-family ipv6 unicast
# route-target export 65512:200
# export map 22
# export vrf default map 44 allow-vpn
# export vrf allow-vpn
# vrf context temp
# address-family ipv4 unicast
# route-target import 65512:200
# export map 26
# export vrf default map 46 allow-vpn
# maximum routes 1000
# Using gathered
# Before state:
# -------------
#
# nxos#show running-config | section ^vrf
# vrf context VRF1
# address-family ipv4 unicast
# route-target export 65512:200
# export map 22
# export vrf default map 44 allow-vpn
# export vrf allow-vpn
# maximum routes 500 60 reinstall 80
# address-family ipv6 unicast
# route-target import 65512:200
# import map 22
# import vrf default map 44 advertise-vpn
# import vrf advertise-vpn
# maximum routes 1000
- name: Gathered state for VRF configuration
cisco.nxos.nxos_vrf_global:
config:
state: gathered
# Task Output:
# ------------
#
# gathered:
# - address_families:
# - afi: ipv4
# export:
# - map: "22"
# - vrf:
# allow_vpn: true
# map_import: "44"
# - vrf:
# allow_vpn: true
# maximum:
# max_route_options:
# threshold:
# reinstall_threshold: 80
# threshold_value: 60
# max_routes: 500
# route_target:
# - export: 65512:200
# safi: unicast
# - afi: ipv6
# import:
# - map: "22"
# - vrf:
# advertise_vpn: true
# map_import: "44"
# - vrf:
# advertise_vpn: true
# maximum:
# max_routes: 1000
# route_target:
# - import: 65512:200
# safi: unicast
# name: VRF1
# Using rendered
- name: Render provided configuration with device configuration
register: result
cisco.nxos.nxos_vrf_address_family:
config:
- name: VRF1
address_families:
- afi: ipv6
safi: unicast
route_target:
- export: 65512:200
maximum:
max_routes: 500
max_route_options:
threshold:
threshold_value: 60
reinstall_threshold: 80
export:
- map: "22"
- vrf:
allow_vpn: true
map_import: "44"
- vrf:
allow_vpn: true
- name: temp
address_families:
- afi: ipv4
safi: unicast
route_target:
- import: 65512:200
maximum:
max_routes: 1000
export:
- map: "26"
- vrf:
allow_vpn: true
map_import: "46"
state: rendered
# Task Output:
# ------------
#
# commands:
# - vrf context VRF1
# - address-family ipv6 unicast
# - maximum routes 500 60 reinstall 80
# - route-target export 65512:200
# - export map 22
# - export vrf default map 44 allow-vpn
# - export vrf allow-vpn
# - vrf context temp
# - address-family ipv4 unicast
# - maximum routes 1000
# - route-target import 65512:200
# - export map 26
# - export vrf default map 46 allow-vpn
# Using Parsed
# Parsed Config:
# -------------
# vrf context VRF1
# address-family ipv4 unicast
# route-target import 64512:200
# route-target export 64512:200
# export map 22
# export vrf default map 44 allow-vpn
# export vrf allow-vpn
# maximum routes 900 22 reinstall 44
# address-family ipv6 unicast
# route-target import 554832:500
- name: Parse the commands for provided configuration
register: result
cisco.nxos.nxos_vrf_address_family:
running_config: "{{ lookup('file', '_parsed.cfg') }}"
state: parsed
# Task Output:
# ------------
# parsed:
# - name: VRF1
# address_families:
# - afi: ipv4
# safi: unicast
# route_target:
# - import: 64512:200
# - export: 64512:200
# export:
# - map: "22"
# - vrf:
# allow_vpn: true
# map_import: "44"
# - vrf:
# allow_vpn: true
# maximum:
# max_routes: 900
# max_route_options:
# threshold:
# threshold_value: 22
# reinstall_threshold: 44
# - afi: ipv6
# safi: unicast
# route_target:
# - import: 554832:500
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
|---|---|
The resulting configuration after module execution. Returned: when changed Sample: |
|
The configuration prior to the module execution. Returned: when state is Sample: |
|
The set of commands pushed to the remote device. Returned: when state is Sample: |
|
Facts about the network resource gathered from the remote device as structured data. Returned: when state is Sample: |
|
The device native config provided in running_config option parsed into structured data as per module argspec. Returned: when state is Sample: |
|
The provided configuration in the task rendered in device-native format (offline). Returned: when state is Sample: |