ansible-collections/cisco.nxos

When using the cisco.nxos.nxos_acls module the module converts ipv6 prefixes with a /32 to hosts instead of prefixs

digitalfiend64 opened this issue · 0 comments

digitalfiend64 commented
SUMMARY

When using the cisco.nxos.nxos_acls module the module converts ipv6 prefixes with a /32 to hosts instead of prefixs

Example before configuration:
ipv6 access-list UE-GI-IPV6-IN
10 remark ULA to ULA
20 permit ipv6 fd00:976a::/32 fd00:976a::/32

Example after fact gathering:

  • acls:
    • aces:
      • remark: ULA to ULA
        sequence: 10
      • destination:
        host: 'fd00:976a::'
        grant: permit
        protocol: ipv6
        sequence: 20
        source:
        host: 'fd00:976a::'
ISSUE TYPE
  • Bug Report
COMPONENT NAME

cisco.nxos.nxos_acls module

ANSIBLE VERSIO
ansible [core 2.12.6]
  config file = /home/REDACTED/.ansible.cfg
  configured module search path = ['/home/REDACTED/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python3.8/site-packages/ansible
  ansible collection location = /home/REDACTED/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/local/bin/ansible
  python version = 3.8.12 (default, Sep 16 2021, 10:46:05) [GCC 8.5.0 20210514 (Red Hat 8.5.0-3)]
  jinja version = 3.0.2
  libyaml = True

##### COLLECTION VERSION
<!--- Paste verbatim output from "ansible-galaxy collection list
<namespace>.<collection>"  between the quotes
for example: ansible-galaxy collection list community.general
-->
```paste below
collection Version
---------- -------
cisco.nxos           4.0.0
CONFIGURATION
DEFAULT_LOAD_CALLBACK_PLUGINS(/home/REDACTED/.ansible.cfg) = True
DEFAULT_STDOUT_CALLBACK(/home/REDACTED/.ansible.cfg) = yaml
DEFAULT_TIMEOUT(/home/REDACTED/.ansible.cfg) = 120
DEPRECATION_WARNINGS(/home/REDACTED/.ansible.cfg) = False
GALAXY_IGNORE_CERTS(/home/REDACTED/.ansible.cfg) = True
GALAXY_SERVER_LIST(/home/REDACTED/.ansible.cfg) = ['inbound_yeti_repo', 'published_repo', 'rh-certified_repo']
HOST_KEY_CHECKING(/home/REDACTED/.ansible.cfg) = False
PARAMIKO_HOST_KEY_AUTO_ADD(/home/REDACTED/.ansible.cfg) = True
PERSISTENT_COMMAND_TIMEOUT(/home/REDACTED/.ansible.cfg) = 300
PERSISTENT_CONNECT_TIMEOUT(/home/REDACTED/.ansible.cfg) = 120
RETRY_FILES_ENABLED(/home/REDACTED/.ansible.cfg) = False
OS / ENVIRONMENT

NXOS: version 7.0(3)I7(6)

STEPS TO REPRODUCE

Attempted to use the cisco.nxos.nxos_acls module to gather acl facts.

Example before configuration:
ipv6 access-list UE-GI-IPV6-IN
10 remark ULA to ULA
20 permit ipv6 fd00:976a::/32 fd00:976a::/32

Example after fact gathering:

  • acls:
    • aces:
      • remark: ULA to ULA
        sequence: 10
      • destination:
        host: 'fd00:976a::'
        grant: permit
        protocol: ipv6
        sequence: 20
        source:
        host: 'fd00:976a::'

The config module applies the prefix list to the acl correctly, it is only when gathering facts does it convert it to host.

- name: Configure ACL
   cisco.nxos.nxos_acls:
      state: gathered
EXPECTED RESULTS

Expected the terminal message be sent to the ansible debug

  • acls:
    • aces:
      • remark: ULA to ULA
        sequence: 10
      • destination:
        prefix: 'fd05:976a::/32'
        grant: permit
        protocol: ipv6
        sequence: 20
        source:
        prefix: 'fd05:976a::/32'
ACTUAL RESULTS
commands:
-   acls:
    -   aces:
        -   remark: ULA to ULA
            sequence: 10
        -   destination:
                 host: 'fd05:976a::'
            grant: permit
            protocol: ipv6
            sequence: 20
            source:
                 host: 'fd05:976a::'