cisco.nxos.nxos_route_maps – Route Maps resource module.

Note

This plugin is part of the cisco.nxos collection (version 2.7.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install cisco.nxos.

To use it in a playbook, specify: cisco.nxos.nxos_route_maps.

New in version 2.2.0: of cisco.nxos

Synopsis

  • This module manages route maps configuration on devices running Cisco NX-OS.

Note

This module has a corresponding action plugin.

Parameters

Parameter Choices/Defaults Comments
config
list / elements=dictionary
A list of route-map configuration.
entries
list / elements=dictionary
List of entries (identified by sequence number) for this route-map.
action
string
    Choices:
  • deny
  • permit
Route map denies or permits set operations.
continue_sequence
integer
Continue on a different entry within the route-map.
description
string
Description of the route-map.
match
dictionary
Match values from routing table.
as_number
dictionary
Match BGP peer AS number.
as_path_list
list / elements=string
AS path access list name.
asn
list / elements=string
AS number.
as_path
list / elements=string
Match BGP AS path access-list.
community
dictionary
Match BGP community list.
community_list
list / elements=string
Community list.
exact_match
boolean
    Choices:
  • no
  • yes
Do exact matching of communities.
evpn
dictionary
Match BGP EVPN Routes.
route_types
list / elements=string
Match route type for evpn route.
extcommunity
dictionary
Match BGP community list.
exact_match
boolean
    Choices:
  • no
  • yes
Do exact matching of extended communities.
extcommunity_list
list / elements=string
Extended Community list.
interfaces
list / elements=string
Match first hop interface of route.
ip
dictionary
Configure IP specific information.
address
dictionary
Match address of route or match packet.
access_list
string
IP access-list name (for use in route-maps for PBR only).
prefix_lists
list / elements=string
Match entries of prefix-lists.
multicast
dictionary
Match multicast attributes.
group
dictionary
Multicast Group prefix.
Mutually exclusive with group_range.
prefix
string
IPv4 group prefix.
group_range
dictionary
Multicast Group address range.
Mutually exclusive with group.
first
string
First Group address.
last
string
Last Group address.
rp
dictionary
Rendezvous point.
prefix
string
IPv4 rendezvous prefix.
rp_type
string
    Choices:
  • ASM
  • Bidir
Multicast rendezvous point type.
source
string
Multicast source address.
next_hop
dictionary
Match next-hop address of route.
prefix_lists
list / elements=string
Match entries of prefix-lists.
route_source
dictionary
Match advertising source address of route.
prefix_lists
list / elements=string
Match entries of prefix-lists.
ipv6
dictionary
Configure IPv6 specific information.
address
dictionary
Match address of route or match packet.
access_list
string
IP access-list name (for use in route-maps for PBR only).
prefix_lists
list / elements=string
Match entries of prefix-lists.
multicast
dictionary
Match multicast attributes.
group
dictionary
Multicast Group prefix.
Mutually exclusive with group_range.
prefix
string
IPv4 group prefix.
group_range
dictionary
Multicast Group address range.
Mutually exclusive with group.
first
string
First Group address.
last
string
Last Group address.
rp
dictionary
Rendezvous point.
prefix
string
IPv4 rendezvous prefix.
rp_type
string
    Choices:
  • ASM
  • Bidir
Multicast rendezvous point type.
source
string
Multicast source address.
next_hop
dictionary
Match next-hop address of route.
prefix_lists
list / elements=string
Match entries of prefix-lists.
route_source
dictionary
Match advertising source address of route.
prefix_lists
list / elements=string
Match entries of prefix-lists.
mac_list
list / elements=string
Match entries of mac-lists.
metric
list / elements=integer
Match metric of route.
ospf_area
list / elements=integer
Match ospf area.
route_types
list / elements=string
    Choices:
  • external
  • inter-area
  • internal
  • intra-area
  • level-1
  • level-2
  • local
  • nssa-external
  • type-1
  • type-2
Match route-type of route.
source_protocol
list / elements=string
Match source protocol.
tags
list / elements=integer
Match tag of route.
sequence
integer
Sequence to insert to/delete from existing route-map entry.
set
dictionary
Set values in destination routing protocol.
as_path
dictionary
Prepend string for a BGP AS-path attribute.
prepend
dictionary
Prepend to the AS-Path.
as_number
list / elements=string
AS number.
last_as
integer
Number of last-AS prepends.
tag
boolean
    Choices:
  • no
  • yes
Set the tag as an AS-path attribute.
comm_list
string
Set BGP community list (for deletion).
community
dictionary
Set BGP community attribute.
additive
boolean
    Choices:
  • no
  • yes
Add to existing community.
graceful_shutdown
boolean
    Choices:
  • no
  • yes
Graceful Shutdown (well-known community).
internet
boolean
    Choices:
  • no
  • yes
Internet (well-known community).
local_as
boolean
    Choices:
  • no
  • yes
Do not send outside local AS (well-known community).
no_advertise
boolean
    Choices:
  • no
  • yes
Do not advertise to any peer (well-known community).
no_export
boolean
    Choices:
  • no
  • yes
Do not export to next AS (well-known community).
number
list / elements=string
Community number aa:nn format
dampening
dictionary
Set BGP route flap dampening parameters.
half_life
integer
Half-life time for the penalty.
max_suppress_time
integer
Maximum suppress time for stable route.
start_reuse_route
integer
Value to start reusing a route.
start_suppress_route
integer
Value to start suppressing a route.
distance
dictionary
Configure administrative distance.
igp_ebgp_routes
integer
Administrative distance for IGP or EBGP routes
internal_routes
integer
Distance for internal routes.
local_routes
integer
Distance for local routes.
evpn
dictionary
Set BGP EVPN Routes.
gateway_ip
dictionary
Set gateway IP for type 5 EVPN routes.
Cannot set ip and use-nexthop in the same route-map sequence.
ip
string
Gateway IP address.
use_nexthop
boolean
    Choices:
  • no
  • yes
Use nexthop address as gateway IP.
extcomm_list
string
Set BGP extcommunity list (for deletion).
forwarding_address
boolean
    Choices:
  • no
  • yes
Set the forwarding address.
ip
dictionary
Configure IP features.
address
dictionary
Specify IP address.
prefix_list
string
Name of prefix list (Max Size 63).
precedence
string
Set precedence field.
ipv6
dictionary
Configure IPv6 features.
address
dictionary
Specify IP address.
prefix_list
string
Name of prefix list (Max Size 63).
precedence
string
Set precedence field.
label_index
integer
Set Segment Routing (SR) label index of route.
level
string
    Choices:
  • level-1
  • level-1-2
  • level-2
Where to import route.
local_preference
integer
BGP local preference path attribute.
metric
dictionary
Set metric for destination routing protocol.
bandwidth
integer
Metric value or Bandwidth in Kbits per second (Max Size 11).
igrp_delay_metric
integer
IGRP delay metric.
igrp_effective_bandwidth_metric
integer
IGRP Effective bandwidth metric (Loading) 255 is 100%.
igrp_mtu
integer
IGRP MTU of the path.
igrp_reliability_metric
integer
IGRP reliability metric where 255 is 100 percent reliable.
metric_type
string
    Choices:
  • external
  • internal
  • type-1
  • type-2
Type of metric for destination routing protocol.
nssa_only
boolean
    Choices:
  • no
  • yes
OSPF NSSA Areas.
null_interface
string
Output Null interface.
origin
string
    Choices:
  • egp
  • igp
  • incomplete
BGP origin code.
path_selection
string
    Choices:
  • all
  • backup
  • best2
  • multipaths
Path selection criteria for BGP.
tag
integer
Tag value for destination routing protocol.
weight
integer
BGP weight for routing table.
route_map
string
Route-map name.
running_config
string
This option is used only with state parsed.
The value of this option should be the output received from the NX-OS device by executing the command show running-config | section '^route-map'.
The state parsed reads the configuration from running_config option and transforms it into Ansible structured data as per the resource module's argspec and the value is then returned in the parsed key within the result.
state
string
    Choices:
  • merged
  • replaced
  • overridden
  • deleted
  • parsed
  • gathered
  • rendered
The state the configuration should be left in.
With state replaced, for the listed route-maps, sequences that are in running-config but not in the task are negated.
With state overridden, all route-maps that are in running-config but not in the task are negated.
Please refer to examples for more details.

Notes

Note

  • Tested against NX-OS 9.3.6.
  • Unsupported for Cisco MDS
  • This module works with connection network_cli and httpapi.

Examples

# Using merged

# Before state:
# -------------
# nxos-9k-rdo# show running-config | section "^route-map"
# nxos-9k-rdo#

- name: Merge the provided configuration with the existing running configuration
  cisco.nxos.nxos_route_maps:
    config:
      - route_map: rmap1
        entries:
          - sequence: 10
            action: permit
            description: rmap1-10-permit
            match:
              ip:
                address:
                  access_list: acl_1
              as_path: Allow40
              as_number:
                asn: 65564

          - sequence: 20
            action: deny
            description: rmap1-20-deny
            match:
              community:
                community_list:
                  - BGPCommunity1
                  - BGPCommunity2
              ip:
                address:
                  prefix_lists:
                    - AllowPrefix1
                    - AllowPrefix2
            set:
              dampening:
                half_life: 30
                start_reuse_route: 1500
                start_suppress_route: 10000
                max_suppress_time: 120

      - route_map: rmap2
        entries:
          - sequence: 20
            action: permit
            description: rmap2-20-permit
            continue_sequence: 40
            match:
              ipv6:
                address:
                  prefix_lists: AllowIPv6Prefix
              interfaces: "{{ nxos_int1 }}"
            set:
              as_path:
                prepend:
                  as_number:
                    - 65563
                    - 65568
                    - 65569
              comm_list: BGPCommunity

          - sequence: 40
            action: deny
            description: rmap2-40-deny
            match:
              route_types:
                - level-1
                - level-2
              tags: 2
              ip:
                multicast:
                  rp:
                    prefix: 192.0.2.0/24
                    rp_type: ASM
                  source: 203.0.113.0/24
                  group_range:
                    first: 239.0.0.1
                    last: 239.255.255.255
    state: merged

# Task output
# -------------
#  before: []
#
#  commands:
#    - "route-map rmap1 permit 10"
#    - "match as-number 65564"
#    - "match as-path Allow40"
#    - "match ip address acl_1"
#    - "description rmap1-10-permit"
#    - "route-map rmap1 deny 20"
#    - "match community BGPCommunity1 BGPCommunity2"
#    - "match ip address prefix-list AllowPrefix1 AllowPrefix2"
#    - "description rmap1-20-deny"
#    - "set dampening 30 1500 10000 120"
#    - "route-map rmap2 permit 20"
#    - "match interface Ethernet1/1"
#    - "match ipv6 address prefix-list AllowIPv6Prefix"
#    - "set as-path prepend 65563 65568 65569"
#    - "description rmap2-20-permit"
#    - "continue 40"
#    - "set comm-list BGPCommunity delete"
#    - "route-map rmap2 deny 40"
#    - "match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM"
#    - "match route-type level-1 level-2"
#    - "match tag 2"
#    - "description rmap2-40-deny"
#
#  after:
#   - route_map: rmap1
#     entries:
#     - action: permit
#       description: rmap1-10-permit
#       match:
#         as_number:
#           asn:
#           - '65564'
#         as_path:
#           - Allow40
#         ip:
#           address:
#             access_list: acl_1
#       sequence: 10
#
#     - action: deny
#       description: rmap1-20-deny
#       match:
#         community:
#           community_list:
#           - BGPCommunity1
#           - BGPCommunity2
#         ip:
#           address:
#             prefix_lists:
#             - AllowPrefix1
#             - AllowPrefix2
#       sequence: 20
#       set:
#         dampening:
#           half_life: 30
#           max_suppress_time: 120
#           start_reuse_route: 1500
#           start_suppress_route: 10000
#
#   - route_map: rmap2
#     entries:
#     - action: permit
#       continue_sequence: 40
#       description: rmap2-20-permit
#       match:
#         interfaces:
#         - Ethernet1/1
#         ipv6:
#           address:
#             prefix_lists:
#             - AllowIPv6Prefix
#         sequence: 20
#         set:
#           as_path:
#             prepend:
#               as_number:
#               - '65563'
#               - '65568'
#               - '65569'
#           comm_list: BGPCommunity
#
#     - action: deny
#       description: rmap2-40-deny
#       match:
#         ip:
#           multicast:
#             group_range:
#               first: 239.0.0.1
#               last: 239.255.255.255
#             rp:
#               prefix: 192.0.2.0/24
#               rp_type: ASM
#             source: 203.0.113.0/24
#         route_types:
#         - level-1
#         - level-2
#         tags:
#         - 2
#       sequence: 40

# After state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
#   match as-number 65564
#   match as-path Allow40
#   match ip address acl_1
#   description rmap1-10-permit
# route-map rmap1 deny 20
#   match community BGPCommunity1 BGPCommunity2
#   match ip address prefix-list AllowPrefix1 AllowPrefix2
#   description rmap1-20-deny
#   set dampening 30 1500 10000 120
# route-map rmap2 permit 20
#   match interface Ethernet1/1
#   match ipv6 address prefix-list AllowIPv6Prefix
#   set as-path prepend 65563 65568 65569
#   description rmap2-20-permit
#   continue 40
#   set comm-list BGPCommunity delete
# route-map rmap2 deny 40
#   match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
#   match route-type level-1 level-2
#   match tag 2
#   description rmap2-40-deny

# Using replaced
# (for the listed route-map(s), sequences that are in running-config but not in the task are negated)

# Before state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
#   match as-number 65564
#   match as-path Allow40
#   match ip address acl_1
#   description rmap1-10-permit
# route-map rmap1 deny 20
#   match community BGPCommunity1 BGPCommunity2
#   match ip address prefix-list AllowPrefix1 AllowPrefix2
#   description rmap1-20-deny
#   set dampening 30 1500 10000 120
# route-map rmap2 permit 20
#   match interface Ethernet1/1
#   match ipv6 address prefix-list AllowIPv6Prefix
#   set as-path prepend 65563 65568 65569
#   description rmap2-20-permit
#   continue 40
#   set comm-list BGPCommunity delete
# route-map rmap2 deny 40
#   match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
#   match route-type level-1 level-2
#   match tag 2
#   description rmap2-40-deny

- name: Replace route-maps configurations of listed route-maps with provided configurations
  cisco.nxos.nxos_route_maps:
    config:
      - route_map: rmap1
        entries:
          - sequence: 20
            action: deny
            description: rmap1-20-deny
            match:
              community:
                community_list:
                  - BGPCommunity4
                  - BGPCommunity5
              ip:
                address:
                  prefix_lists:
                    - AllowPrefix1
            set:
              community:
                local_as: True
    state: replaced

# Task output
# -------------
#  before:
#   - route_map: rmap1
#     entries:
#     - action: permit
#       description: rmap1-10-permit
#       match:
#         as_number:
#           asn:
#           - '65564'
#         as_path:
#           - Allow40
#         ip:
#           address:
#             access_list: acl_1
#       sequence: 10
#
#     - action: deny
#       description: rmap1-20-deny
#       match:
#         community:
#           community_list:
#           - BGPCommunity1
#           - BGPCommunity2
#         ip:
#           address:
#             prefix_lists:
#             - AllowPrefix1
#             - AllowPrefix2
#       sequence: 20
#       set:
#         dampening:
#           half_life: 30
#           max_suppress_time: 120
#           start_reuse_route: 1500
#           start_suppress_route: 10000
#
#   - route_map: rmap2
#     entries:
#     - action: permit
#       continue_sequence: 40
#       description: rmap2-20-permit
#       match:
#         interfaces:
#         - Ethernet1/1
#         ipv6:
#           address:
#             prefix_lists:
#             - AllowIPv6Prefix
#         sequence: 20
#         set:
#           as_path:
#             prepend:
#               as_number:
#               - '65563'
#               - '65568'
#               - '65569'
#           comm_list: BGPCommunity
#
#     - action: deny
#       description: rmap2-40-deny
#       match:
#         ip:
#           multicast:
#             group_range:
#               first: 239.0.0.1
#               last: 239.255.255.255
#             rp:
#               prefix: 192.0.2.0/24
#               rp_type: ASM
#             source: 203.0.113.0/24
#         route_types:
#         - level-1
#         - level-2
#         tags:
#         - 2
#       sequence: 40
#
#  commands:
#    - no route-map rmap1 permit 10
#    - route-map rmap1 deny 20
#    - no match community BGPCommunity1 BGPCommunity2
#    - match community BGPCommunity4 BGPCommunity5
#    - no match ip address prefix-list AllowPrefix1 AllowPrefix2
#    - match ip address prefix-list AllowPrefix1
#    - no set dampening 30 1500 10000 120
#    - set community local-AS
#
#  after:
#    - route_map: rmap1
#      entries:
#        - sequence: 20
#          action: deny
#          description: rmap1-20-deny
#          match:
#            community:
#              community_list:
#                - BGPCommunity4
#                - BGPCommunity5
#            ip:
#              address:
#                prefix_lists:
#                  - AllowPrefix1
#          set:
#            community:
#              local_as: True
#
#    - route_map: rmap2
#      entries:
#        - action: permit
#          continue_sequence: 40
#          description: rmap2-20-permit
#          match:
#            interfaces:
#            - Ethernet1/1
#            ipv6:
#              address:
#                prefix_lists:
#                - AllowIPv6Prefix
#          sequence: 20
#          set:
#            as_path:
#              prepend:
#                as_number:
#                - '65563'
#                - '65568'
#                - '65569'
#            comm_list: BGPCommunity
#
#        - action: deny
#          description: rmap2-40-deny
#          match:
#            ip:
#              multicast:
#                group_range:
#                  first: 239.0.0.1
#                  last: 239.255.255.255
#                rp:
#                  prefix: 192.0.2.0/24
#                  rp_type: ASM
#                source: 203.0.113.0/24
#            route_types:
#            - level-1
#            - level-2
#            tags:
#            - 2
#          sequence: 40
#

# After state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 deny 20
#   description rmap1-20-deny
#   match community BGPCommunity4 BGPCommunity5
#   match ip address prefix-list AllowPrefix1
#   set community local-AS
# route-map rmap2 permit 20
#   match interface Ethernet1/1
#   match ipv6 address prefix-list AllowIPv6Prefix
#   set as-path prepend 65563 65568 65569
#   description rmap2-20-permit
#   continue 40
#   set comm-list BGPCommunity delete
# route-map rmap2 deny 40
#   match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
#   match route-type level-1 level-2
#   match tag 2
#   description rmap2-40-deny

# Using overridden

# Before state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
#   match as-number 65564
#   match as-path Allow40
#   match ip address acl_1
#   description rmap1-10-permit
# route-map rmap1 deny 20
#   match community BGPCommunity1 BGPCommunity2
#   match ip address prefix-list AllowPrefix1 AllowPrefix2
#   description rmap1-20-deny
#   set dampening 30 1500 10000 120
# route-map rmap2 permit 20
#   match interface Ethernet1/1
#   match ipv6 address prefix-list AllowIPv6Prefix
#   set as-path prepend 65563 65568 65569
#   description rmap2-20-permit
#   continue 40
#   set comm-list BGPCommunity delete
# route-map rmap2 deny 40
#   match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
#   match route-type level-1 level-2
#   match tag 2
#   description rmap2-40-deny

- name: Override all route-maps configuration with provided configuration
  cisco.nxos.nxos_route_maps:
    config:
      - route_map: rmap1
        entries:
          - sequence: 20
            action: deny
            description: rmap1-20-deny
            match:
              community:
                community_list:
                  - BGPCommunity4
                  - BGPCommunity5
              ip:
                address:
                  prefix_lists:
                    - AllowPrefix1
            set:
              community:
                local_as: True
    state: overridden

# Task output
# -------------
#  before:
#   - route_map: rmap1
#     entries:
#     - action: permit
#       description: rmap1-10-permit
#       match:
#         as_number:
#           asn:
#           - '65564'
#         as_path:
#           - Allow40
#         ip:
#           address:
#             access_list: acl_1
#       sequence: 10
#
#     - action: deny
#       description: rmap1-20-deny
#       match:
#         community:
#           community_list:
#           - BGPCommunity1
#           - BGPCommunity2
#         ip:
#           address:
#             prefix_lists:
#             - AllowPrefix1
#             - AllowPrefix2
#       sequence: 20
#       set:
#         dampening:
#           half_life: 30
#           max_suppress_time: 120
#           start_reuse_route: 1500
#           start_suppress_route: 10000
#
#   - route_map: rmap2
#     entries:
#     - action: permit
#       continue_sequence: 40
#       description: rmap2-20-permit
#       match:
#         interfaces:
#         - Ethernet1/1
#         ipv6:
#           address:
#             prefix_lists:
#             - AllowIPv6Prefix
#         sequence: 20
#         set:
#           as_path:
#             prepend:
#               as_number:
#               - '65563'
#               - '65568'
#               - '65569'
#           comm_list: BGPCommunity
#
#     - action: deny
#       description: rmap2-40-deny
#       match:
#         ip:
#           multicast:
#             group_range:
#               first: 239.0.0.1
#               last: 239.255.255.255
#             rp:
#               prefix: 192.0.2.0/24
#               rp_type: ASM
#             source: 203.0.113.0/24
#         route_types:
#         - level-1
#         - level-2
#         tags:
#         - 2
#       sequence: 40
#
#  commands:
#    - no route-map rmap1 permit 10
#    - route-map rmap1 deny 20
#    - no match community BGPCommunity1 BGPCommunity2
#    - match community BGPCommunity4 BGPCommunity5
#    - no match ip address prefix-list AllowPrefix1 AllowPrefix2
#    - match ip address prefix-list AllowPrefix1
#    - no set dampening 30 1500 10000 120
#    - set community local-AS
#    - no route-map rmap2 permit 20
#    - no route-map rmap2 deny 40
#
#  after:
#  - route_map: rmap1
#    entries:
#    - sequence: 20
#      action: deny
#      description: rmap1-20-deny
#      match:
#        community:
#          community_list:
#          - BGPCommunity4
#          - BGPCommunity5
#        ip:
#          address:
#            prefix_lists:
#            - AllowPrefix1
#      set:
#        community:
#          local_as: True
#
# After state:
# ------------
# nxos-9k-rdo# sh running-config | section "^route-map"
# route-map rmap1 deny 20
#   description rmap1-20-deny
#   match community BGPCommunity4 BGPCommunity5
#   match ip address prefix-list AllowPrefix1
#   set community local-AS

# Using deleted to delete a single route-map

# Before state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
#   match as-number 65564
#   match as-path Allow40
#   match ip address acl_1
#   description rmap1-10-permit
# route-map rmap1 deny 20
#   match community BGPCommunity1 BGPCommunity2
#   match ip address prefix-list AllowPrefix1 AllowPrefix2
#   description rmap1-20-deny
#   set dampening 30 1500 10000 120
# route-map rmap2 permit 20
#   match interface Ethernet1/1
#   match ipv6 address prefix-list AllowIPv6Prefix
#   set as-path prepend 65563 65568 65569
#   description rmap2-20-permit
#   continue 40
#   set comm-list BGPCommunity delete
# route-map rmap2 deny 40
#   match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
#   match route-type level-1 level-2
#   match tag 2
#   description rmap2-40-deny

- name: Delete single route-map
  cisco.nxos.nxos_route_maps:
    config:
      - route_map: rmap1
    state: deleted

# Task output
# -------------
#  before:
#   - route_map: rmap1
#     entries:
#     - action: permit
#       description: rmap1-10-permit
#       match:
#         as_number:
#           asn:
#           - '65564'
#         as_path:
#           - Allow40
#         ip:
#           address:
#             access_list: acl_1
#       sequence: 10
#
#     - action: deny
#       description: rmap1-20-deny
#       match:
#         community:
#           community_list:
#           - BGPCommunity1
#           - BGPCommunity2
#         ip:
#           address:
#             prefix_lists:
#             - AllowPrefix1
#             - AllowPrefix2
#       sequence: 20
#       set:
#         dampening:
#           half_life: 30
#           max_suppress_time: 120
#           start_reuse_route: 1500
#           start_suppress_route: 10000
#
#   - route_map: rmap2
#     entries:
#     - action: permit
#       continue_sequence: 40
#       description: rmap2-20-permit
#       match:
#         interfaces:
#         - Ethernet1/1
#         ipv6:
#           address:
#             prefix_lists:
#             - AllowIPv6Prefix
#         sequence: 20
#         set:
#           as_path:
#             prepend:
#               as_number:
#               - '65563'
#               - '65568'
#               - '65569'
#           comm_list: BGPCommunity
#
#     - action: deny
#       description: rmap2-40-deny
#       match:
#         ip:
#           multicast:
#             group_range:
#               first: 239.0.0.1
#               last: 239.255.255.255
#             rp:
#               prefix: 192.0.2.0/24
#               rp_type: ASM
#             source: 203.0.113.0/24
#         route_types:
#         - level-1
#         - level-2
#         tags:
#         - 2
#       sequence: 40
#
#  commands:
#    - no route-map rmap1 permit 10
#    - no route-map rmap1 deny 20
#
#  after:
#   - route_map: rmap2
#     entries:
#     - action: permit
#       continue_sequence: 40
#       description: rmap2-20-permit
#       match:
#         interfaces:
#         - Ethernet1/1
#         ipv6:
#           address:
#             prefix_lists:
#             - AllowIPv6Prefix
#         sequence: 20
#         set:
#           as_path:
#             prepend:
#               as_number:
#               - '65563'
#               - '65568'
#               - '65569'
#           comm_list: BGPCommunity
#
#     - action: deny
#       description: rmap2-40-deny
#       match:
#         ip:
#           multicast:
#             group_range:
#               first: 239.0.0.1
#               last: 239.255.255.255
#             rp:
#               prefix: 192.0.2.0/24
#               rp_type: ASM
#             source: 203.0.113.0/24
#         route_types:
#         - level-1
#         - level-2
#         tags:
#         - 2
#       sequence: 40
#
# After state:
# ------------
# nxos-9k-rdo# sh running-config | section "^route-map"
# route-map rmap2 permit 20
#   match interface Ethernet1/1
#   match ipv6 address prefix-list AllowIPv6Prefix
#   set as-path prepend 65563 65568 65569
#   description rmap2-20-permit
#   continue 40
#   set comm-list BGPCommunity delete
# route-map rmap2 deny 40
#   match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
#   match route-type level-1 level-2
#   match tag 2
#   description rmap2-40-deny

# Using deleted to delete all route-maps from the device running-config

# Before state:
# ------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
#   match as-number 65564
#   match as-path Allow40
#   match ip address acl_1
#   description rmap1-10-permit
# route-map rmap1 deny 20
#   match community BGPCommunity1 BGPCommunity2
#   match ip address prefix-list AllowPrefix1 AllowPrefix2
#   description rmap1-20-deny
#   set dampening 30 1500 10000 120
# route-map rmap2 permit 20
#   match interface Ethernet1/1
#   match ipv6 address prefix-list AllowIPv6Prefix
#   set as-path prepend 65563 65568 65569
#   description rmap2-20-permit
#   continue 40
#   set comm-list BGPCommunity delete
# route-map rmap2 deny 40
#   match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
#   match route-type level-1 level-2
#   match tag 2
#   description rmap2-40-deny

- name: Delete all route-maps
  cisco.nxos.nxos_route_maps:
    state: deleted

# Task output
# -------------
#  before:
#   - route_map: rmap1
#     entries:
#     - action: permit
#       description: rmap1-10-permit
#       match:
#         as_number:
#           asn:
#           - '65564'
#         as_path:
#           - Allow40
#         ip:
#           address:
#             access_list: acl_1
#       sequence: 10
#
#     - action: deny
#       description: rmap1-20-deny
#       match:
#         community:
#           community_list:
#           - BGPCommunity1
#           - BGPCommunity2
#         ip:
#           address:
#             prefix_lists:
#             - AllowPrefix1
#             - AllowPrefix2
#       sequence: 20
#       set:
#         dampening:
#           half_life: 30
#           max_suppress_time: 120
#           start_reuse_route: 1500
#           start_suppress_route: 10000
#
#   - route_map: rmap2
#     entries:
#     - action: permit
#       continue_sequence: 40
#       description: rmap2-20-permit
#       match:
#         interfaces:
#         - Ethernet1/1
#         ipv6:
#           address:
#             prefix_lists:
#             - AllowIPv6Prefix
#         sequence: 20
#         set:
#           as_path:
#             prepend:
#               as_number:
#               - '65563'
#               - '65568'
#               - '65569'
#           comm_list: BGPCommunity
#
#     - action: deny
#       description: rmap2-40-deny
#       match:
#         ip:
#           multicast:
#             group_range:
#               first: 239.0.0.1
#               last: 239.255.255.255
#             rp:
#               prefix: 192.0.2.0/24
#               rp_type: ASM
#             source: 203.0.113.0/24
#         route_types:
#         - level-1
#         - level-2
#         tags:
#         - 2
#       sequence: 40
#
#  commands:
#    - no route-map rmap1 permit 10
#    - no route-map rmap1 deny 20
#    - no route-map rmap2 permit 20
#    - no route-map rmap2 deny 40
#
#  after: []
#
# After state:
# ------------
# nxos-9k-rdo# sh running-config | section "^route-map"

- name: Render platform specific configuration lines with state rendered (without connecting to the device)
  cisco.nxos.nxos_route_maps:
    config:
      - route_map: rmap1
        entries:
          - sequence: 10
            action: permit
            description: rmap1-10-permit
            match:
              ip:
                address:
                  access_list: acl_1
              as_path: Allow40
              as_number:
                asn: 65564

          - sequence: 20
            action: deny
            description: rmap1-20-deny
            match:
              community:
                community_list:
                  - BGPCommunity1
                  - BGPCommunity2
              ip:
                address:
                  prefix_lists:
                    - AllowPrefix1
                    - AllowPrefix2
            set:
              dampening:
                half_life: 30
                start_reuse_route: 1500
                start_suppress_route: 10000
                max_suppress_time: 120

      - route_map: rmap2
        entries:
          - sequence: 20
            action: permit
            description: rmap2-20-permit
            continue_sequence: 40
            match:
              ipv6:
                address:
                  prefix_lists: AllowIPv6Prefix
              interfaces: "{{ nxos_int1 }}"
            set:
              as_path:
                prepend:
                  as_number:
                    - 65563
                    - 65568
                    - 65569
              comm_list: BGPCommunity

          - sequence: 40
            action: deny
            description: rmap2-40-deny
            match:
              route_types:
                - level-1
                - level-2
              tags: 2
              ip:
                multicast:
                  rp:
                    prefix: 192.0.2.0/24
                    rp_type: ASM
                  source: 203.0.113.0/24
                  group_range:
                    first: 239.0.0.1
                    last: 239.255.255.255
    state: rendered

# Task Output (redacted)
# -----------------------
#  rendered:
#    - "route-map rmap1 permit 10"
#    - "match as-number 65564"
#    - "match as-path Allow40"
#    - "match ip address acl_1"
#    - "description rmap1-10-permit"
#    - "route-map rmap1 deny 20"
#    - "match community BGPCommunity1 BGPCommunity2"
#    - "match ip address prefix-list AllowPrefix1 AllowPrefix2"
#    - "description rmap1-20-deny"
#    - "set dampening 30 1500 10000 120"
#    - "route-map rmap2 permit 20"
#    - "match interface Ethernet1/1"
#    - "match ipv6 address prefix-list AllowIPv6Prefix"
#    - "set as-path prepend 65563 65568 65569"
#    - "description rmap2-20-permit"
#    - "continue 40"
#    - "set comm-list BGPCommunity delete"
#    - "route-map rmap2 deny 40"
#    - "match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM"
#    - "match route-type level-1 level-2"
#    - "match tag 2"
#    - "description rmap2-40-deny"

# Using parsed

# parsed.cfg
# ------------
# route-map rmap1 permit 10
#   match as-number 65564
#   match as-path Allow40
#   match ip address acl_1
#   description rmap1-10-permit
# route-map rmap1 deny 20
#   match community BGPCommunity1 BGPCommunity2
#   match ip address prefix-list AllowPrefix1 AllowPrefix2
#   description rmap1-20-deny
#   set dampening 30 1500 10000 120
# route-map rmap2 permit 20
#   match interface Ethernet1/1
#   match ipv6 address prefix-list AllowIPv6Prefix
#   set as-path prepend 65563 65568 65569
#   description rmap2-20-permit
#   continue 40
#   set comm-list BGPCommunity delete
# route-map rmap2 deny 40
#   match ip multicast source 203.0.113.0/24 group-range 239.0.0.1 to 239.255.255.255 rp 192.0.2.0/24 rp-type ASM
#   match route-type level-1 level-2
#   match tag 2
#   description rmap2-40-deny

- name: Parse externally provided route-maps configuration
  cisco.nxos.nxos_route_maps:
    running_config: "{{ lookup('file', './fixtures/parsed.cfg') }}"
    state: parsed

# Task output (redacted)
# -----------------------
#  parsed:
#   - route_map: rmap1
#     entries:
#     - action: permit
#       description: rmap1-10-permit
#       match:
#         as_number:
#           asn:
#           - '65564'
#         as_path:
#           - Allow40
#         ip:
#           address:
#             access_list: acl_1
#       sequence: 10
#
#     - action: deny
#       description: rmap1-20-deny
#       match:
#         community:
#           community_list:
#           - BGPCommunity1
#           - BGPCommunity2
#         ip:
#           address:
#             prefix_lists:
#             - AllowPrefix1
#             - AllowPrefix2
#       sequence: 20
#       set:
#         dampening:
#           half_life: 30
#           max_suppress_time: 120
#           start_reuse_route: 1500
#           start_suppress_route: 10000
#
#   - route_map: rmap2
#     entries:
#     - action: permit
#       continue_sequence: 40
#       description: rmap2-20-permit
#       match:
#         interfaces:
#         - Ethernet1/1
#         ipv6:
#           address:
#             prefix_lists:
#             - AllowIPv6Prefix
#         sequence: 20
#         set:
#           as_path:
#             prepend:
#               as_number:
#               - '65563'
#               - '65568'
#               - '65569'
#           comm_list: BGPCommunity
#
#     - action: deny
#       description: rmap2-40-deny
#       match:
#         ip:
#           multicast:
#             group_range:
#               first: 239.0.0.1
#               last: 239.255.255.255
#             rp:
#               prefix: 192.0.2.0/24
#               rp_type: ASM
#             source: 203.0.113.0/24
#         route_types:
#         - level-1
#         - level-2
#         tags:
#         - 2
#       sequence: 40

# Using gathered

# Existing route-map config
# ---------------------------
# nxos-9k-rdo# show running-config | section "^route-map"
# route-map rmap1 permit 10
#   match as-number 65564
#   match as-path Allow40
#   match ip address acl_1
#   description rmap1-10-permit
# route-map rmap2 permit 20
#   match interface Ethernet1/1
#   match ipv6 address prefix-list AllowIPv6Prefix
#   set as-path prepend 65563 65568 65569
#   description rmap2-20-permit
#   continue 40
#   set comm-list BGPCommunity delete

- name: Gather route-maps facts using gathered
  cisco.nxos.nxos_route_maps:
    state: gathered

#  gathered:
#   - route_map: rmap1
#     entries:
#     - action: permit
#       description: rmap1-10-permit
#       match:
#         as_number:
#           asn:
#           - '65564'
#         as_path:
#           - Allow40
#         ip:
#           address:
#             access_list: acl_1
#       sequence: 10
#
#   - route_map: rmap2
#     entries:
#     - action: permit
#       continue_sequence: 40
#       description: rmap2-20-permit
#       match:
#         interfaces:
#         - Ethernet1/1
#         ipv6:
#           address:
#             prefix_lists:
#             - AllowIPv6Prefix
#         sequence: 20
#         set:
#           as_path:
#             prepend:
#               as_number:
#               - '65563'
#               - '65568'
#               - '65569'
#           comm_list: BGPCommunity
#

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
after
dictionary
when changed
The resulting configuration model invocation.

Sample:
The configuration returned will always be in the same format of the parameters above.
before
dictionary
always
The configuration prior to the model invocation.

Sample:
The configuration returned will always be in the same format of the parameters above.
commands
list / elements=string
always
The set of commands pushed to the remote device.

Sample:
['route-map rmap1 permit 10', 'match as-number 65564', 'match as-path Allow40', 'match ip address acl_1', 'description rmap1-10-permit', 'route-map rmap1 deny 20', 'match community BGPCommunity1 BGPCommunity2']


Authors

  • Nilashish Chakraborty (@NilashishC)

© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/cisco/nxos/nxos_route_maps_module.html