Ansible - Router ACL changes

Archives Ansible Project
1

Router ACL Changes -
Ansible playbook Execution – While updating the below Router ACL changes in router, The playbook execution status was changed, but the changes are not replicated in Router and not getting any error message.
Please find the below changes.
Changes: If the existing rule sequence number is modified for new rule with same sequence number.
Manual configuration – while updating the same rule change in manual configuration. I’m getting error message % Duplicate sequence number

Please check the issue and do the needful.

2

Could you please tell clearly:

- What you are trying to achieve.
- How you are doing this.
- What problems you encounter.
- Which command did you run, and what output did you get from that
(copied as text, not as images/attachments/screenshots)
- What the relevant tasks/playbooks/code/variables look like

3

Hi Dick,

Thanks for acknowledging my issue.

I’m trying to do modify the ACL rule for same sequence number with new rule.

Example:

if rule sequence number 20 already exist in the router. I’m trying to update new rule with same sequence number 20. while doing manual configuration router says duplicate sequence number. while running the same changes command in ansible automation. Playbook execution was successful but router configuration changes are not updated and not getting any error message also.

This is my issue. please let me know if any information required.

My expectation is Ansible playbook execution have to fail or else it will send the error message.

Thanks in advance.

Regards,
Ilayaraja P

4

Hi,

May be you can add registers to all tasks and debug/print them to get more info.

Also router restart is needed too?

Regards,
Manash

5

Hi Mahesh,

Please find the debug output.

Playbook execution was successful what i’m trying to change but the changes are not updated in router.

changed: [10.226.90.161] => {
    "banners": {},
    "changed": true,
    "commands": [
        "ip access-list standard ANSIBLE-STD",
        "20 permit 20.20.20.0 0.0.0.255"
    ],
    "invocation": {
        "module_args": {
            "after": null,
            "auth_pass": null,
            "authorize": true,
            "backup": false,
            "backup_options": null,
            "before": null,
            "defaults": false,
            "diff_against": null,
            "diff_ignore_lines": null,
            "host": null,
            "intended_config": null,
            "lines": [
                "20 permit 20.20.20.0 0.0.0.255"
            ],
            "match": "line",
            "multiline_delimiter": "@",
            "parents": [
                "ip access-list standard ANSIBLE-STD"
            ],
            "password": null,
            "port": null,
            "provider": {
                "auth_pass": null,
                "authorize": true,
                "host": "10.226.90.161",
                "password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER",
                "port": null,
                "ssh_keyfile": null,
                "timeout": null,
                "username": "cat-ansible"
            },
            "replace": "line",
            "running_config": null,
            "save_when": "never",
            "src": null,
            "ssh_keyfile": null,
            "timeout": null,
            "username": null
        }
    },
    "updates": [
        "ip access-list standard ANSIBLE-STD",
        "20 permit 20.20.20.0 0.0.0.255"
    ]
}

Regards,
Ilayaraja P