fortiswitch_switch_global – Configure global settings in Fortinet’s FortiSwitch
New in version 1.0.0.
Synopsis
This module is able to configure a FortiSwitch device by allowing the user to set and modify switch feature and global category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v7.0.0
Requirements
The below requirements are needed on the host that executes this module.
ansible>=2.14
FortiSW Version Compatibility
| Supported Version Ranges | |
| fortiswitch_switch_global | v7.0.0 -> latest |
Parameters
- enable_log - Enable/Disable logging for task. type: bool required: false default: False
- member_path - Member attribute path to operate on. type: str
- member_state - Add or delete a member under specified attribute path. type: str choices: present, absent
- switch_global - Configure global settings. type: dict
- access_vlan_mode - Intra VLAN traffic behavior with loss of connection to the FortiGate. type: str choices: legacy, fail-open, fail-close
- auto_fortilink_discovery - Enable/disable automatic FortiLink discovery. type: str choices: enable, disable
- auto_isl - Enable/Disable automatic inter switch LAG. type: str choices: enable, disable
- auto_isl_port_group - Configure global automatic inter-switch link port groups (overrides port level port groups). type: int
- auto_stp_priority - Automatic assignment of STP priority for tier1 and tier2 switches. type: str choices: enable, disable
- bpdu_learn - Enable/disable BPDU learn. type: str choices: enable, disable
- dhcp_snooping_database_export - Enable/disable DHCP snoop database export to file. type: str choices: enable, disable
- dmi_global_all - Enable/disable DMI global status. type: str choices: enable, disable
- flapguard_retain_trigger - Enable/disable retention of triggered state upon reboot. type: str choices: enable, disable
- flood_unknown_multicast - Enable/disable unknown mcast flood in the vlan. type: str choices: enable, disable
- flood_vtp - Enable/disable Cisco VTP flood in the vlan. type: str choices: enable, disable
- forti_trunk_dmac - Destination MAC address to be used for FortiTrunk heartbeat packets. type: str
- fortilink_heartbeat_timeout - Max fortilinkd echo replies that can be missed before fortilink is considered down. type: int
- fortilink_p2p_native_vlan - FortiLink point to point native VLAN. type: int
- fortilink_p2p_tpid - FortiLink point-to-point TPID. type: int
- fortilink_vlan_optimization - Controls VLAN assignment on ISL ports (assigns all 4k vlans when disabled). type: str choices: enable, disable
- ip_mac_binding - Configure ip-mac-binding status. type: str choices: enable, disable
- l2_memory_check - Enable/disable L2 memory check, default interval is 120 seconds. type: str choices: enable, disable
- l2_memory_check_interval - User defined interval to check L2 memory(second). type: int
- log_mac_limit_violations - Enable/disable logs for Learning Limit Violations globally. type: str choices: enable, disable
- loop_guard_tx_interval - Loop guard packet Tx interval (sec). type: int
- mac_address - Manually configured MAC address when mac-address-algorithm is set to manual. type: int
- mac_address_algorithm - Method to configure the fifth byte of the MAC address type: str choices: auto, manual
- mac_aging_interval - MAC address aging interval (sec; remove any MAC addresses unused since the the last check. type: int
- mac_violation_timer - Set a global timeout for Learning Limit Violations (0 = disabled). type: int
- max_path_in_ecmp_group - Set max path in one ecmp group. type: int
- mclag_igmpsnooping_aware - MCLAG IGMP-snooping aware. type: str choices: enable, disable
- mclag_peer_info_timeout - MCLAG peer info timeout. type: int
- mclag_port_base - MCLAG port base. type: int
- mclag_split_brain_all_ports_down - Enable/disable MCLAG split brain all ports down type: str choices: disable, enable
- mclag_split_brain_detect - Enable/disable MCLAG split brain detect. type: str choices: enable, disable
- mclag_split_brain_priority - Set MCLAG split brain priority type: int
- mclag_stp_aware - MCLAG STP aware. type: str choices: enable, disable
- mirror_qos - QOS value for locally mirrored traffic. type: int
- name - Name. type: str
- poe_alarm_threshold - Threshold (% of total power budget) above which an alarm event is generated. type: int
- poe_guard_band - Reserves power (W) in case of a spike in PoE consumption. type: int
- poe_power_budget - Set/override maximum power budget. type: int
- poe_power_mode - Set poe power mode to priority based or first come first served. type: str choices: priority, first-come-first-served
- poe_pre_standard_detect - set poe-pre-standard-detect type: str choices: enable, disable
- port_security - Global parameters for port-security. type: dict
- link_down_auth - If link down detected, "set-unauth" reverts to un-authorized state. type: str choices: set-unauth, no-action
- mab_entry_as - Confgure MAB MAC entry as static or dynamic. type: str choices: static, dynamic
- mab_reauth - Enable or disable MAB reauthentication settings. type: str choices: disable, enable
- mac_called_station_delimiter - MAC called station delimiter . type: str choices: hyphen, single-hyphen, colon, none
- mac_calling_station_delimiter - MAC calling station delimiter . type: str choices: hyphen, single-hyphen, colon, none
- mac_case - MAC case . type: str choices: uppercase, lowercase
- mac_password_delimiter - MAC authentication password delimiter . type: str choices: hyphen, single-hyphen, colon, none
- mac_username_delimiter - MAC authentication username delimiter . type: str choices: hyphen, single-hyphen, colon, none
- max_reauth_attempt - 802.1X/MAB maximum reauthorization attempt. type: int
- quarantine_vlan - Enable or disable Quarantine VLAN detection. type: str choices: disable, enable
- reauth_period - 802.1X/MAB reauthentication period ( minute ). type: int
- tx_period - 802.1X tx period ( second ). type: int
- trunk_hash_mode - Trunk hash mode. type: str choices: default, enhanced
- trunk_hash_unicast_src_port - Enable/disable source port in Unicast trunk hashing. type: str choices: enable, disable
- trunk_hash_unkunicast_src_dst - Enable/disable trunk hash for unknown unicast src-dst. type: str choices: enable, disable
- virtual_wire_tpid - TPID value used by virtual-wires. type: int
- vxlan_dport - VXLAN destination UDP port. type: int
- vxlan_port - VXLAN destination UDP port. type: int
- vxlan_sport - VXLAN source UDP port (0 - 65535). type: int
- vxlan_stp_virtual_mac - Virtual STP root MAC address type: str
- vxlan_stp_virtual_root - Enable/disable automatically making local switch the STP root for STP instances containing configured VXLAN"s access vlan. type: str choices: enable, disable
Examples
- name: Configure global settings.
fortinet.fortiswitch.fortiswitch_switch_global:
switch_global:
access_vlan_mode: "legacy"
auto_fortilink_discovery: "enable"
auto_isl: "enable"
auto_isl_port_group: "6"
auto_stp_priority: "enable"
bpdu_learn: "enable"
dhcp_snooping_database_export: "enable"
dmi_global_all: "enable"
flapguard_retain_trigger: "enable"
flood_unknown_multicast: "enable"
flood_vtp: "enable"
forti_trunk_dmac: "<your_own_value>"
fortilink_heartbeat_timeout: "15"
fortilink_p2p_native_vlan: "16"
fortilink_p2p_tpid: "17"
fortilink_vlan_optimization: "enable"
ip_mac_binding: "enable"
l2_memory_check: "enable"
l2_memory_check_interval: "21"
log_mac_limit_violations: "enable"
loop_guard_tx_interval: "23"
mac_address: "24"
mac_address_algorithm: "auto"
mac_aging_interval: "26"
mac_violation_timer: "27"
max_path_in_ecmp_group: "28"
mclag_igmpsnooping_aware: "enable"
mclag_peer_info_timeout: "30"
mclag_port_base: "31"
mclag_split_brain_all_ports_down: "disable"
mclag_split_brain_detect: "enable"
mclag_split_brain_priority: "34"
mclag_stp_aware: "enable"
mirror_qos: "36"
name: "default_name_37"
poe_alarm_threshold: "38"
poe_guard_band: "39"
poe_power_budget: "40"
poe_power_mode: "priority"
poe_pre_standard_detect: "enable"
port_security:
link_down_auth: "set-unauth"
mab_entry_as: "static"
mab_reauth: "disable"
mac_called_station_delimiter: "hyphen"
mac_calling_station_delimiter: "hyphen"
mac_case: "uppercase"
mac_password_delimiter: "hyphen"
mac_username_delimiter: "hyphen"
max_reauth_attempt: "52"
quarantine_vlan: "disable"
reauth_period: "54"
tx_period: "55"
trunk_hash_mode: "default"
trunk_hash_unicast_src_port: "enable"
trunk_hash_unkunicast_src_dst: "enable"
virtual_wire_tpid: "59"
vxlan_dport: "60"
vxlan_port: "61"
vxlan_sport: "62"
vxlan_stp_virtual_mac: "<your_own_value>"
vxlan_stp_virtual_root: "enable"
Return Values
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- build - Build number of the fortiSwitch image returned: always type: str sample: 1547
- http_method - Last method used to provision the content into FortiSwitch returned: always type: str sample: PUT
- http_status - Last result given by FortiSwitch on last operation applied returned: always type: str sample: 200
- mkey - Master key (id) used in the last call to FortiSwitch returned: success type: str sample: id
- name - Name of the table used to fulfill the request returned: always type: str sample: urlfilter
- path - Path of the table used to fulfill the request returned: always type: str sample: webfilter
- serial - Serial number of the unit returned: always type: str sample: FS1D243Z13000122
- status - Indication of the operation's result returned: always type: str sample: success
- version - Version of the FortiSwitch returned: always type: str sample: v7.0.0
Status
This module is not guaranteed to have a backwards compatible interface.