a10_flowspec
Synopsis
Configure Flowspec
Parameters
Parameters |
Choices/Defaults |
Comment |
|
|---|---|---|---|
state str/required |
[‘noop’, ‘present’, ‘absent’] |
State of the object to be created. |
|
ansible_host str/required |
Host for AXAPI authentication |
||
ansible_username str/required |
Username for AXAPI authentication |
||
ansible_password str/required |
Password for AXAPI authentication |
||
ansible_port int/required |
Port for AXAPI authentication |
||
a10_device_context_id int |
[‘1-8’] |
Device ID for aVCS configuration |
|
a10_partition str |
Destination/target partition for object/command |
||
name str/required |
Flowspec name |
||
src_addr_type str |
‘ip’= IPv4 Address; ‘ipv6’= IPv6 Address; |
||
src_ip_host str |
IPv4 host address |
||
src_ip_subnet str |
IPv4 Subnet address |
||
src_ipv6_host str |
IPv6 host address |
||
src_ipv6_subnet str |
IPv6 Subnet address |
||
dest_addr_type str |
‘ip’= IPv4 Address; ‘ipv6’= IPv6 Address; |
||
dest_ip_host str |
IPv4 host address |
||
dest_ip_subnet str |
IPv4 Subnet address |
||
dest_ipv6_host str |
IPv6 host address |
||
dest_ipv6_subnet str |
IPv6 Subnet address |
||
tcp_flags str |
‘match-all’= not = 0 match = 1; ‘none-of’= not = 1 match = 0; ‘not-match’= not = 1 match = 1; ‘match-any’= not = 0 match = 0; |
||
tcp_flags_bitmask str |
Bitmask in Hex |
||
uuid str |
uuid of the object |
||
user_tag str |
Customized tag |
||
source_port_list list |
Field source_port_list |
||
port_attribute str |
‘eq’= Match only packets on a given source port; ‘gt’= Match only packets with a greater port number; ‘lt’= Match only packets with a lower port number; ‘range’= match only packets in the range of port numbers; |
||
port_num int |
Specify the port number |
||
port_num_end int |
Specify the port number |
||
uuid str |
uuid of the object |
||
destination_port_list list |
Field destination_port_list |
||
port_attribute str |
‘eq’= Match only packets on a given destination port; ‘gt’= Match only packets with a greater port number; ‘lt’= Match only packets with a lower port number; ‘range’= match only packets in the range of port numbers; |
||
port_num int |
Specify the port number |
||
port_num_end int |
Specify the port number |
||
uuid str |
uuid of the object |
||
port_list list |
Field port_list |
||
port_attribute str |
‘eq’= Match only packets on a given port; ‘gt’= Match only packets with a greater port number; ‘lt’= Match only packets with a lower port number; ‘range’= match only packets in the range of port numbers; |
||
port_num int |
Specify the port number |
||
port_num_end int |
Specify the port number |
||
uuid str |
uuid of the object |
||
protocol_list list |
Field protocol_list |
||
proto_attribute str |
‘eq’= Match only packets on a given protocol; ‘gt’= Match only packets with a greater protocol number; ‘lt’= Match only packets with a lower protocol number; ‘range’= match only packets in the range of protocol numbers; |
||
proto_num int |
Specify the protocol number(6 for TCP and 17 for UDP) |
||
proto_num_end int |
Specify the protocol number |
||
uuid str |
uuid of the object |
||
fragmentation_option_list list |
Field fragmentation_option_list |
||
frag_attribute str |
‘is-fragment’= Is fragmented packet; ‘first-fragment’= Is the first fragment packet; ‘last-fragment’= Is the last fragment; ‘dont-fragment’= Is DF bit set; |
||
uuid str |
uuid of the object |
||
icmp_type_list list |
Field icmp_type_list |
||
icmp_type_attribute str |
‘eq’= Match only packets on a given ICMP Type; ‘gt’= Match only packets with a greater ICMP Type; ‘lt’= Match only packets with a lower ICMP Type; ‘range’= match only packets in the range of ICMP Types; |
||
ntype int |
Specify the ICMP Type |
||
type_end int |
Specify the ICMP Type |
||
uuid str |
uuid of the object |
||
icmp_code_list list |
Field icmp_code_list |
||
icmp_code_attribute str |
‘eq’= Match only packets on a given ICMP Code; ‘gt’= Match only packets with a greater ICMP Code; ‘lt’= Match only packets with a lower ICMP Code; ‘range’= match only packets in the range of ICMP Codes; |
||
code int |
Specify the ICMP Code |
||
code_end int |
Specify the ICMP Code |
||
uuid str |
uuid of the object |
||
packet_length_list list |
Field packet_length_list |
||
packet_length_attribute str |
‘eq’= Match only packets on a given Packet Length; ‘gt’= Match only packets with a greater Packet Length; ‘lt’= Match only packets with a lower Packet Length; ‘range’= match only packets in the range of Packet Lengths; |
||
length int |
Specify the Packet Length |
||
length_end int |
Specify the Packet Length |
||
uuid str |
uuid of the object |
||
dscp_list list |
Field dscp_list |
||
dscp_attribute str |
‘eq’= Match only packets on a given DSCP; ‘gt’= Match only packets with a greater DSCP; ‘lt’= Match only packets with a lower DSCP; ‘range’= match only packets in the range of DSCPs; |
||
dscp_val int |
Specify the DSCP value |
||
dscp_val_end int |
Specify the DSCP value |
||
uuid str |
uuid of the object |
||
filtering_action dict |
Field filtering_action |
||
terminal_action bool |
Evaluation stops after this rule if not set |
||
sample_log bool |
Enable traffic sampling and logging |
||
traffic_rate int |
Type 0x8006 - Apply rate (in Bytes per second) for this class of traffic |
||
traffic_marking str |
‘dscp’= IPv4 DSCP; ‘ipv6-traffic-class’= IPv6 Traffic Class; |
||
dscp_val int |
Set DSCP value |
||
traffic_class int |
Set IPv6 Traffic Class value |
||
redirect str |
‘next-hop-nlri’= Type 0x0800 - IP encoded in MP_REACH_NLRI Next-hop network; ‘next-hop’= Type 0x0800 - Extended community Next-hop (Per v2 dated Feb 2015); ‘vrf-route-target’= Type 0x8008 - Redirect to VRF Route Target; |
||
next_hop_nlri_type str |
‘ip’= Type 0x0800 - IPv4 Address; ‘ipv6’= Type 0x0800 - IPv6 Address; |
||
ip_host_nlri str |
IPv4 host address |
||
copy_ip_host_nlri bool |
Copy bit |
||
ipv6_host_nlri str |
IPv6 host address |
||
copy_ipv6_host_nlri bool |
Copy bit |
||
next_hop_type str |
‘ip’= Type 0x0800 - IPv4 Address; ‘ipv6’= Type 0x0800 - IPv6 Address; |
||
ip_host str |
IPv4 host address |
||
copy_ip_host bool |
Copy bit |
||
ipv6_host str |
IPv6 host address |
||
copy_ipv6_host bool |
Copy bit |
||
vrf_target_string str |
Type 0x8008(ASN-2=Index), 0x8208(ASN-4=Index) - Route Target AS |
||
vrf_target_ip str |
‘ip’= Type 0x8108 - Redirect to route-target IP; |
||
ip_host_rt str |
Type 0x8108 - Route Target IPv4 |
||
value_ip_host int |
2-byte decimal value(local-administrator) |
||
ecomm_custom_hex str |
Custom Extended Community in Hex |
||
uuid str |
uuid of the object |
||
operational_mode dict |
Field operational_mode |
||
mode str |
‘enabled’= Enable the flowspec and send the prefix to BGP; ‘disabled’= Disable the flowspec and remove the prefix from BGP; |
||
uuid str |
uuid of the object |
||
Examples
Return Values
- modified_values (changed, dict, )
Values modified (or potential changes if using check_mode) as a result of task operation
- axapi_calls (always, list, )
Sequential list of AXAPI calls made by the task
- endpoint (, str, [‘/axapi/v3/slb/virtual_server’, ‘/axapi/v3/file/ssl-cert’])
The AXAPI endpoint being accessed.
- http_method (, str, [‘POST’, ‘GET’])
HTTP method being used by the primary task to interact with the AXAPI endpoint.
- request_body (, complex, )
Params used to query the AXAPI
- response_body (, complex, )
Response from the AXAPI
Status
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by community.