Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to set BGP community via route-map using module: eos_route_maps #509

Open
1 task done
Akasurde opened this issue Jan 11, 2024 · 1 comment
Open
1 task done

Unable to set BGP community via route-map using module: eos_route_maps #509

Akasurde opened this issue Jan 11, 2024 · 1 comment
Assignees
@rohitthakur2590

Comments

@Akasurde
Copy link
Member

Summary

While trying to set BGP community via route-map using ansible module: "eos_route_maps" but facing issues since the community is not pushed to the device. Changing the match condition to a different interface ("match interface Ethernet13/4" to another interface) and we see interface is changed in running-config, but community is still missing.

Issue Type

Bug Report

Component Name

module: eos_route_maps

Ansible Version

ansible-playbook [core 2.15.5]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/bzimmer/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/bzimmer/.local/lib/python3.10/site-packages/ansible
  ansible collection location = /home/bzimmer/.ansible/collections:/usr/share/ansible/collections
  executable location = /home/bzimmer/.local/bin/ansible-playbook
  python version = 3.10.12 (main, Nov 20 2023, 15:14:05) [GCC 11.4.0] (/usr/bin/python3)
  jinja version = 3.0.3
  libyaml = True

Configuration

Not applicable

OS / Environment

Not applicable

Steps to Reproduce

- name: "Configure route-map {{ route_map }}, add community"
  hosts: CPOP_LEAF
  gather_facts: no
  vars:
    route_map: CONNECTED_TO_BGP31334_IPV4_IPV6_VRF_DEFAULT
    match_intf: Ethernet13/4
    sequence: 30

  tasks:
    #- name: Backup running-config
    #  arista.eos.eos_config:
    #    backup: true
    #    backup_options:
    #      dir_path: /tmp/arista_backup

    - name: "Configure route-map {{ route_map }}"
      arista.eos.eos_route_maps:
        config:
          - route_map: "{{ route_map }}"
            entries:
              - action: "permit"
                sequence: " {{ sequence }}"
                match:
                  interface: "{{ match_intf }}"
                set: 
                  community_attributes:
                    community:
                      number: 
                          - "31334:20600"

        state: merged

Expected Results

  1. First, we noticed that the community attribute is set in colon format but the Ansible document states that the value should be in CSV format:
    https://docs.ansible.com/ansible/latest/collections/arista/eos/eos_route_maps_module.html#notes

But changing the format to CSV format didn't help.

  1. While checking on CLI, EOS accepts the config only when the community is in colon format and not CSV:
    sw(config-route-map-CONNECTED_TO_BGP31334_IPV4_IPV6_VRF_DEFAULT)#set community 31334,20600
    % Invalid input

  2. Ansible docs mention that 'This module is part of the arista.eos collection (version 6.2.2)'. Our current 'arista.eos collections' version is 6.1.2. We tried upgrading the collection on our lab setup to 6.2.2 but the result was the same (community was not updated on the device)

  3. We enabled ConfigAgent traces on the switch side and ran the playbook again. We noticed that community config was not pushed to the device from ansible itself.

  4. We tried assigning the input for community attribute from a CSV file but even that didn't help.

  5. We believe this is the template being used: https://github.com/ansible-collections/arista.eos/blob/main/plugins/module_utils/network/eos/rm_templates/route_maps.py#L603

which has the following regex:

        "getval": re.compile(
            r"""
            \s*set\scommunity
            \s+(?P<num>\d+\s*)+
            \s*(?P<action>additive|delete)*
            \s*(?P<donot>local-as|no-advertise|no-export)*
            $""",
            re.VERBOSE,
        ),

From the regex, it only supports one ore more digits and doesn't support the N:N format

  1. Testing with a single digit also didn't work. We wanted to check if parsed state works but even that didn't help:

Using this config file

route-map mapmerge permit 10
description merged_map
match router-id prefix-list 22
set bgp bestpath as-path weight 20
set community 100

and this task:

- name: parse configs
  arista.eos.eos_route_maps:
    running_config: "{{ lookup('file', './parsed.cfg') }}"
    state: parsed
  register: parsedConfigTest
- name: debug3
  ansible.builtin.debug:
    msg: "{{ parsedConfigTest }}"

the result was
TASK [parse configs] *************************************************************************************************************************************************************************************************************************************************************************************************
fatal: [s2-spine1]: FAILED! => changed=false
msg: 'Unsupported parameters for (basic.py) module: config.entries.set.community. Supported parameters include: as_path, bgp, community_attributes, distance, evpn, extcommunity, ip, ipv6, isis_level, local_preference, metric, metric_type, nexthop, origin, segment_index, tag, weight.'

As per the documentation, it looks like we are skipping one level in the dictionary as it should be set.community_attributes.community.number and not set.community.number

image

Actual Results

ansible-playbook -i inventory/eve_hosts playbooks/conf_route_map_connected.yml -vvv
ansible-playbook [core 2.15.5]
  config file = /etc/ansible/ansible.cfg
  configured module search path = ['/home/bzimmer/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /home/bzimmer/.local/lib/python3.10/site-packages/ansible
  ansible collection location = /home/bzimmer/.ansible/collections:/usr/share/ansible/collections
  executable location = /home/bzimmer/.local/bin/ansible-playbook
  python version = 3.10.12 (main, Nov 20 2023, 15:14:05) [GCC 11.4.0] (/usr/bin/python3)
  jinja version = 3.0.3
  libyaml = True
Using /etc/ansible/ansible.cfg as config file
host_list declined parsing /home/bzimmer/ansible/inventory/eve_hosts as it did not pass its verify_file() method
script declined parsing /home/bzimmer/ansible/inventory/eve_hosts as it did not pass its verify_file() method
auto declined parsing /home/bzimmer/ansible/inventory/eve_hosts as it did not pass its verify_file() method
Parsed /home/bzimmer/ansible/inventory/eve_hosts inventory source with ini plugin
redirecting (type: callback) ansible.builtin.yaml to community.general.yaml
redirecting (type: callback) ansible.builtin.yaml to community.general.yaml
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.

PLAYBOOK: conf_route_map_connected.yml *******************************************************************************************************************************************************************************************************************************************
1 plays in playbooks/conf_route_map_connected.yml

PLAY [Configure route-map CONNECTED_TO_BGP31334_IPV4_IPV6_VRF_DEFAULT, add community] ********************************************************************************************************************************************************************************************

TASK [Configure route-map CONNECTED_TO_BGP31334_IPV4_IPV6_VRF_DEFAULT] ***********************************************************************************************************************************************************************************************************
task path: /home/bzimmer/ansible/playbooks/conf_route_map_connected.yml:17
redirecting (type: become) ansible.builtin.enable to ansible.netcommon.enable
ok: [b-virt-lf-dca-cpop-1] => changed=false 
  before:
  - entries:
    - action: deny
      description: DO NOT REDISTRIBUTE LOOPBACKS INTO BGP
      match:
        ip:
          address:
            prefix_list: DENY_IPV4_NETWORKS
      sequence: 10
    - action: deny
      description: DO NOT REDISTRIBUTE LOOPBACKS INTO BGP IPV6
      match:
        ipv6:
          address:
            prefix_list: DENY_IPV6_NETWORKS
      sequence: 20
    - action: permit
      match:
        interface: Ethernet13/4
      sequence: 30
    - action: permit
      description: REDISTRIBUTE CONNECTED COS DSI NETWORKS INTO BGP IPV4 IPV6
      match:
        interface: Vlan2005
      sequence: 100
    - action: permit
      description: REDISTRIBUTE CONNECTED PTP NETWORKS INTO BGP
      match:
        ip:
          address:
            prefix_list: PREFIX_LENGTH_30
      sequence: 110
    route_map: CONNECTED_TO_BGP31334_IPV4_IPV6_VRF_DEFAULT
  commands: []
  invocation:
    module_args:
      config:
      - entries:
        - action: permit
          continue_sequence: null
          description: null
          match:
            aggregate_role: null
            as: null
            as_path: null
            community: null
            extcommunity: null
            interface: Ethernet13/4
            invert_result: null
            ip: null
            ipv6: null
            isis_level: null
            large_community: null
            local_preference: null
            metric: null
            metric_type: null
            route_type: null
            router_id: null
            source_protocol: null
            tag: null
          sequence: 30
          set:
            as_path: null
            bgp: null
            community_attributes:
              community:
                additive: null
                delete: null
                graceful_shutdown: null
                internet: null
                list: null
                local_as: null
                no_advertise: null
                no_export: null
                number: 31334,20600				<====== you can see the community here
              graceful_shutdown: null
              none: null
            distance: null
            evpn: null
            extcommunity: null
            ip: null
            ipv6: null
            isis_level: null
            local_preference: null
            metric: null
            metric_type: null
            nexthop: null
            origin: null
            segment_index: null
            tag: null
            weight: null
          source: null
          statement: null
          sub_route_map: null
        route_map: CONNECTED_TO_BGP31334_IPV4_IPV6_VRF_DEFAULT
      running_config: null
      state: merged

PLAY RECAP ***********************************************************************************************************************************************************************************************************************************************************************
b-virt-lf-dca-cpop-1       : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0   


### output of the switch

b-virt-lf-dca-cpop-1#sh run sec route-map CONNECTED
route-map CONNECTED_TO_BGP31334_IPV4_IPV6_VRF_DEFAULT deny 10
   description DO NOT REDISTRIBUTE LOOPBACKS INTO BGP
   match ip address prefix-list DENY_IPV4_NETWORKS
route-map CONNECTED_TO_BGP31334_IPV4_IPV6_VRF_DEFAULT deny 20
   description DO NOT REDISTRIBUTE LOOPBACKS INTO BGP IPV6
   match ipv6 address prefix-list DENY_IPV6_NETWORKS
route-map CONNECTED_TO_BGP31334_IPV4_IPV6_VRF_DEFAULT permit 30
   match interface Ethernet13/4											<== Community is missing
route-map CONNECTED_TO_BGP31334_IPV4_IPV6_VRF_DEFAULT permit 100
   description REDISTRIBUTE CONNECTED COS DSI NETWORKS INTO BGP IPV4 IPV6
   match interface Vlan2005
   set community 31334:29901
route-map CONNECTED_TO_BGP31334_IPV4_IPV6_VRF_DEFAULT permit 110
   description REDISTRIBUTE CONNECTED PTP NETWORKS INTO BGP
   match ip address prefix-list PREFIX_LENGTH_30
   set community 31334:29900
router bgp 31334
   redistribute connected route-map CONNECTED_TO_BGP31334_IPV4_IPV6_VRF_DEFAULT

Code of Conduct

  • I agree to follow the Ansible Code of Conduct
@Akasurde
Copy link
Member Author

cc @kaviya98

@Akasurde Akasurde mentioned this issue Jan 11, 2024
Closed
1 task
@rohitthakur2590 rohitthakur2590 self-assigned this Jan 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rohitthakur2590 rohitthakur2590

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Akasurde @rohitthakur2590