Layer3 Subinterface creation throws an error
maikelvandooren opened this issue · 2 comments
Describe the bug
When I execute this playbook extract on Panorama v10.1.4 to configure layer3 subinterface in a template.
Add a subinterface
- name: ethernet 1/9.{{ cdz1_vlan }} subinterface CDZ1
panos_l3_subinterface:
provider: '{{ provider }}'
template: '{{ template_name }}'
name: 'ethernet1/9.{{ cdz1_vlan }}'
tag: '{{ cdz1_vlan }}'
enable_dhcp: false
ip: ["{{ cdz1_ip }}"]
management_profile: "ping-only"
zone_name: "CDZ"
vr_name: 'VR-CUST-{{ customer_id }}-{{ tenant_shortname|upper }}'
when: cdz1_interface == true
I get the following error back:
fatal: [panorama]: FAILED! => {"changed": false, "msg": "Failed setref: layer3 'ethernet1/9.274' is not a valid reference"}
Expected behavior
Interface should be created completely.
Current behavior
It stops at the zone_name or vr_name if you switch those options. If you delete the zone_name and vr_name the error doesn't happen.
ethernet1/9 is created/set first as layer3 interface
Possible solution
This module does work when used to the firewall directly but not to a Panorama Template. It seems there is a difference.
Steps to reproduce
As above.
Screenshots
Context
Your Environment
- Collection: paloaltonetworks.panos
- Python: 2.7.12
- Ansible: 2.9.27
- PAN-OS Python Library & version (e.g. pandevice 0.14.0, pan-os-python 1.0.2): pan-os-python 1.6.0 panpython 0.16.0
I found the issue trying to deploy it with the panos_type_cmd. I had to define the vsys as well for the panos_l3_subinterface e.g. vsys: "vsys1"
With the panos_interface module it does work without defining the vsys.