Redirect for IPv6 is not configured correctly when the Boolean “false” is selected in the nxos_l3_interfaces resource module

Question

Redirect for IPv6 is not configured correctly when the Boolean “false” is selected in the nxos_l3_interfaces resource module

digitalfiend64 opened this issue 2 years ago · 1 comments

Verified. I did not find the issue reported in github.

SUMMARY

Redirect for IPv6 is not configured correctly when the Boolean “false” is selected in the nxos_l3_interfaces resource module.

The module is adding the configuration line “no ip redirect”, while it is expected to add “no ipv6 redirects” to the IPv6 l3 interfaces in the cisco nxos device.

ISSUE TYPE

Bug Report

COMPONENT NAME

nxos_l3_interfaces

ANSIBLE VERSION


[<REDACTED>@<REDACTED>_RHEL8 iossxr_comit_label]$ ansible --version
ansible [core 2.12.6]
  config file = /home/<REDACTED>/.ansible.cfg
  configured module search path = ['/home/<REDACTED>/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.8/site-packages/ansible
  ansible collection location = /home/<REDACTED>/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.8.12 (default, Sep 16 2021, 10:46:05) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)]
  jinja version = 3.0.2
  libyaml = True

COLLECTION VERSION


[<REDACTED>@<REDACTED>_RHEL8 iossxr_comit_label]$ ansible-galaxy collection list cisco.nxos

# /home/<REDACTED>/.ansible/collections/ansible_collections
Collection Version
---------- -------
cisco.nxos 2.4.0

# /usr/local/lib/python3.8/site-packages/ansible_collections
Collection Version
---------- -------
cisco.nxos 2.9.1

CONFIGURATION


[<REDACTED>@<REDACTED>_RHEL8 iossxr_comit_label]$ ansible-config dump --only-changed
DEFAULT_LOAD_CALLBACK_PLUGINS(/home/<REDACTED>/.ansible.cfg) = True
DEFAULT_STDOUT_CALLBACK(/home/<REDACTED>/.ansible.cfg) = yaml
DEFAULT_TIMEOUT(/home/<REDACTED>/.ansible.cfg) = 120
DEPRECATION_WARNINGS(/home/<REDACTED>/.ansible.cfg) = False
GALAXY_IGNORE_CERTS(/home/<REDACTED>/.ansible.cfg) = True
GALAXY_SERVER_LIST(/home/<REDACTED>/.ansible.cfg) = ['inbound_yeti_repo', 'published_repo', 'rh-certified_repo']
HOST_KEY_CHECKING(/home/<REDACTED>/.ansible.cfg) = False
PARAMIKO_HOST_KEY_AUTO_ADD(/home/<REDACTED>/.ansible.cfg) = True
PERSISTENT_COMMAND_TIMEOUT(/home/<REDACTED>/.ansible.cfg) = 300
PERSISTENT_CONNECT_TIMEOUT(/home/<REDACTED>/.ansible.cfg) = 120
RETRY_FILES_ENABLED(/home/<REDACTED>/.ansible.cfg) = False
[<REDACTED>@<REDACTED>_RHEL8 iossxr_comit_label]$

OS / ENVIRONMENT

STEPS TO REPRODUCE

      - name: Assign interfaces to VRF declaratively
        cisco.nxos.nxos_vrf_interface:
          vrf: GI
          interface: port-channel335.11
          state: present

      - name: nxos l3 interfaces
        cisco.nxos.nxos_l3_interfaces:
          config:
          - name: port-channel335.10
            ipv4:
            - address: X.X.X.X/31
            dot1q: 10
            redirects: false
          - name: port-channel335.11
            ipv6:
            - address: <REDACTED>/127
            dot1q: 11
            redirects: false
          state: merged

Result:

31128-11# show run int port-channel 335.10

!Command: show running-config interface port-channel335.10
!Running configuration last done at: Mon Sep 19 13:24:03 2022
!Time: Mon Sep 19 13:32:04 2022

version 7.0(3)I7(6) Bios:version 07.65

interface port-channel335.10
description POD1_LF1_VRF_Global
mtu 9216
encapsulation dot1q 10
no bfd echo
no ip redirects
ip address X.X.X.X/31
no shutdown

31128-11# show run int port-channel 335.11

!Command: show running-config interface port-channel335.11
!Running configuration last done at: Mon Sep 19 13:24:03 2022
!Time: Mon Sep 19 13:32:07 2022

version 7.0(3)I7(6) Bios:version 07.65

interface port-channel335.11
ipv6 traffic-filter GI-IPV6 in
description POD1_LF1_VRF_GI
mtu 9216
encapsulation dot1q 11
vrf member GI
no ip redirects
ipv6 address /127
no shutdown

31128-11#

Expected result:
31128-11# show run int port-channel 335.10

!Command: show running-config interface port-channel335.10
!Running configuration last done at: Mon Sep 19 13:24:03 2022
!Time: Mon Sep 19 13:32:04 2022

version 7.0(3)I7(6) Bios:version 07.65

interface port-channel335.10
description POD1_LF1_VRF_Global
mtu 9216
encapsulation dot1q 10
no bfd echo
no ip redirects
ip address X.X.X.X/31
no shutdown

31128-11# show run int port-channel 335.11

!Command: show running-config interface port-channel335.11
!Running configuration last done at: Mon Sep 19 13:24:03 2022
!Time: Mon Sep 19 13:32:07 2022

version 7.0(3)I7(6) Bios:version 07.65

interface port-channel335.11
ipv6 traffic-filter GI-IPV6 in
description POD1_LF1_VRF_GI
mtu 9216
encapsulation dot1q 11
vrf member GI
no ipv6 redirects
ipv6 address /127
no shutdown

31128-11#

EXPECTED RESULTS

ACTUAL RESULTS

Answer 1 · 2022-10-07T12:39:14.000Z

Hello @digitalfiend64. It appears that the redirects option only deals with IPv4 redirects. Using the same option for both IPv4 and IPv6 redirects would just allow room for more issues in the future. As a result, I added a new option ipv6_redirects which would behave exactly like redirects but for IPv6, while the redirects option will continue to work for IPv4 ones. Please let me know if you have queries on this. Thank you.