Skip to content

Latest commit

 

History

History
305 lines (269 loc) · 10.9 KB

cisco.nxos.nxos_hsrp_module.rst

File metadata and controls

305 lines (269 loc) · 10.9 KB

cisco.nxos.nxos_hsrp

Manages HSRP configuration on NX-OS switches.

Version added: 1.0.0

Synopsis

  • Manages HSRP configuration on NX-OS switches.

Parameters

Parameter Choices/Defaults Comments
auth_string
string
Authentication string. If this needs to be hidden(for md5 type), the string should be 7 followed by the key string. Otherwise, it can be 0 followed by key string or just key string (for backward compatibility). For text type, this should be just be a key string. if this is 'default', authentication is removed.
auth_type
string
    Choices:
  • text
  • md5
Authentication type.
group
string / required
HSRP group number.
interface
string / required
Full name of interface that is being managed for HSRP.
preempt
string
    Choices:
  • enabled
  • disabled
Enable/Disable preempt.
priority
string
HSRP priority or keyword 'default'.
state
string
    Choices:
  • present ←
  • absent
Specify desired state of the resource.
version
string
    Choices:
  • 1 ←
  • 2
HSRP version.
vip
string
HSRP virtual IP address or keyword 'default'

Notes

Note

  • Tested against NXOSv 7.3.(0)D1(1) on VIRL
  • Unsupported for Cisco MDS
  • HSRP feature needs to be enabled first on the system.
  • SVIs must exist before using this module.
  • Interface must be a L3 port before using this module.
  • HSRP cannot be configured on loopback interfaces.
  • MD5 authentication is only possible with HSRPv2 while it is ignored if HSRPv1 is used instead, while it will not raise any error. Here we allow MD5 authentication only with HSRPv2 in order to enforce better practice.
  • For information on using CLI and NX-API see the :ref:`NXOS Platform Options guide <nxos_platform_options>`
  • For more information on using Ansible to manage network devices see the :ref:`Ansible Network Guide <network_guide>`
  • For more information on using Ansible to manage Cisco devices see the Cisco integration page.

Examples

- name: Ensure HSRP is configured with following params on a SVI
  cisco.nxos.nxos_hsrp:
    group: 10
    vip: 10.1.1.1
    priority: 150
    interface: vlan10
    preempt: enabled

- name: Ensure HSRP is configured with following params on a SVI with clear text authentication
  cisco.nxos.nxos_hsrp:
    group: 10
    vip: 10.1.1.1
    priority: 150
    interface: vlan10
    preempt: enabled
    auth_type: text
    auth_string: CISCO

- name: Ensure HSRP is configured with md5 authentication and clear authentication
    string
  cisco.nxos.nxos_hsrp:
    group: 10
    vip: 10.1.1.1
    priority: 150
    interface: vlan10
    preempt: enabled
    auth_type: md5
    auth_string: 0 1234

- name: Ensure HSRP is configured with md5 authentication and hidden authentication
    string
  cisco.nxos.nxos_hsrp:
    group: 10
    vip: 10.1.1.1
    priority: 150
    interface: vlan10
    preempt: enabled
    auth_type: md5
    auth_string: 7 1234

- name: Remove HSRP config for given interface, group, and VIP
  cisco.nxos.nxos_hsrp:
    group: 10
    interface: vlan10
    vip: 10.1.1.1
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
commands
list
always
commands sent to the device

Sample:
['interface vlan10', 'hsrp version 2', 'hsrp 30', 'ip 10.30.1.1']


Status

Authors

  • Jason Edelman (@jedelman8)
  • Gabriele Gerbino (@GGabriele)