justjais
commented
3 years ago @michalstaporek Thanks for logging the issue, but with the above information I'm unable to reproduce the issue, the only difference in the config is the 1st ipv6 config name for DHCP Server which I've changed to DHCP-Server instead, for ref:
Switch Config:
IPv6 access list DHCP-Server
permit udp any eq 546 any eq 547 sequence 10
permit udp any eq 547 any eq 546 sequence 20
IPv6 access list preauth_ipv6_acl (per-user)
permit udp any any eq domain sequence 10
permit tcp any any eq domain sequence 20
permit icmp any any nd-ns sequence 30
permit icmp any any nd-na sequence 40
permit icmp any any router-solicitation sequence 50
permit icmp any any router-advertisement sequence 60
permit icmp any any redirect sequence 70
permit udp any eq 547 any eq 546 sequence 80
permit udp any eq 546 any eq 547 sequence 90
deny ipv6 any any sequence 100
IPv6 access list system-cpp-dhcpv6-cs
permit udp any eq 546 any eq 547 sequence 10
IPv6 access list system-cpp-dhcpv6-sc
permit udp any eq 547 any eq 546 sequence 10
IPv6 access list system-cpp-icmpv6-na
permit icmp any any nd-na sequence 10
IPv6 access list system-cpp-icmpv6-ns
permit icmp any any nd-ns sequence 10
IPv6 access list system-cpp-icmpv6-ra
permit icmp any any router-advertisement sequence 10
IPv6 access list system-cpp-icmpv6-rr
permit icmp any any redirect sequence 10
IPv6 access list system-cpp-icmpv6-rs
permit icmp any any router-solicitation sequence 10Gathered Play run:
"gathered": [
{
"acls": [
{
"aces": [
{
"destination": {
"any": true,
"port_protocol": {
"eq": "547"
}
},
"grant": "permit",
"protocol": "udp",
"sequence": 10,
"source": {
"any": true,
"port_protocol": {
"eq": "546"
}
}
},
{
"destination": {
"any": true,
"port_protocol": {
"eq": "546"
}
},
"grant": "permit",
"protocol": "udp",
"sequence": 20,
"source": {
"any": true,
"port_protocol": {
"eq": "547"
}
}
},
{},
{
"destination": {
"any": true,
"port_protocol": {
"eq": "domain"
}
},
"grant": "permit",
"protocol": "udp",
"sequence": 10,
"source": {
"any": true
}
},
{
"destination": {
"any": true,
"port_protocol": {
"eq": "domain"
}
},
"grant": "permit",
"protocol": "tcp",
"sequence": 20,
"source": {
"any": true
}
},
{
"destination": {
"any": true
},
"grant": "permit",
"protocol": "icmp",
"source": {
"any": true
}
},
{
"destination": {
"any": true
},
"grant": "permit",
"protocol": "icmp",
"protocol_options": {
"icmp": {
"router_solicitation": true
}
},
"sequence": 50,
"source": {
"any": true
}
},
{
"destination": {
"any": true
},
"grant": "permit",
"protocol": "icmp",
"protocol_options": {
"icmp": {
"router_advertisement": true
}
},
"sequence": 60,
"source": {
"any": true
}
},
{
"destination": {
"any": true
},
"grant": "permit",
"protocol": "icmp",
"protocol_options": {
"icmp": {
"redirect": true
}
},
"sequence": 70,
"source": {
"any": true
}
},
{
"destination": {
"any": true,
"port_protocol": {
"eq": "546"
}
},
"grant": "permit",
"protocol": "udp",
"sequence": 80,
"source": {
"any": true,
"port_protocol": {
"eq": "547"
}
}
},
{
"destination": {
"any": true,
"port_protocol": {
"eq": "547"
}
},
"grant": "permit",
"protocol": "udp",
"sequence": 90,
"source": {
"any": true,
"port_protocol": {
"eq": "546"
}
}
},
{
"grant": "deny",
"protocol": "ip"
}
],
"name": "DHCP-Server"
},
{
"aces": [
{
"destination": {
"any": true,
"port_protocol": {
"eq": "547"
}
},
"grant": "permit",
"protocol": "udp",
"sequence": 10,
"source": {
"any": true,
"port_protocol": {
"eq": "546"
}
}
}
],
"name": "system-cpp-dhcpv6-cs"
},
{
"aces": [
{
"destination": {
"any": true,
"port_protocol": {
"eq": "546"
}
},
"grant": "permit",
"protocol": "udp",
"sequence": 10,
"source": {
"any": true,
"port_protocol": {
"eq": "547"
}
}
}
],
"name": "system-cpp-dhcpv6-sc"
},
{
"aces": [
{
"destination": {
"any": true
},
"grant": "permit",
"protocol": "icmp",
"source": {
"any": true
}
}
],
"name": "system-cpp-icmpv6-na"
},
{
"aces": [
{
"destination": {
"any": true
},
"grant": "permit",
"protocol": "icmp",
"source": {
"any": true
}
}
],
"name": "system-cpp-icmpv6-ns"
},
{
"aces": [
{
"destination": {
"any": true
},
"grant": "permit",
"protocol": "icmp",
"protocol_options": {
"icmp": {
"router_advertisement": true
}
},
"sequence": 10,
"source": {
"any": true
}
}
],
"name": "system-cpp-icmpv6-ra"
},
{
"aces": [
{
"destination": {
"any": true
},
"grant": "permit",
"protocol": "icmp",
"protocol_options": {
"icmp": {
"redirect": true
}
},
"sequence": 10,
"source": {
"any": true
}
}
],
"name": "system-cpp-icmpv6-rr"
},
{
"aces": [
{
"destination": {
"any": true
},
"grant": "permit",
"protocol": "icmp",
"protocol_options": {
"icmp": {
"router_solicitation": true
}
},
"sequence": 10,
"source": {
"any": true
}
}
],
"name": "system-cpp-icmpv6-rs"
}
],
"afi": "ipv6"
}
]n @michalstaporek can you plz check if you're using the older version of the IOS collection, if yes plz update the IOS collection to the latest version i.e. 2.1.0 and you shouldn’t face the reported issue.
I am going ahead and close the issue, if you still face the issue with the updated collection plz feel free to reopen the bug.
jplitza
SUMMARY
When Ansible tries to collect ipv6 ACL details from a 4500 switch running IOS ver 03.11.02.E or 03.11.04.E it throws out the following error: "msg": "Unsupported parameters for (basic.py) module: std_source found in config -> acls -> aces.
ISSUE TYPE
COMPONENT NAME
cisco.ios.ios_acls
ANSIBLE VERSION
CONFIGURATION
OS / ENVIRONMENT
STEPS TO REPRODUCE
Trying to collect ACL details from a 4500 series switch running IOS ver 03.11.02.E or 03.11.04.E.
EXPECTED RESULTS
ACL details from the switch
ACTUAL RESULTS