Syl4r-v
commented
12 months ago Having the same issue. States replaced or overridden can't be used. IOS-XE version in question is 17.06.03
Closed slefol closed 9 months ago
Syl4r-v
commented
12 months ago Having the same issue. States replaced or overridden can't be used. IOS-XE version in question is 17.06.03
dshuffin
commented
11 months ago Same here on C9500-24Q running 17.3.3
drobnymichal
commented
11 months ago Same on ISO-XE SW Version 17.03.03. Cannot deploy VLANs with the overridden state.
forcecity
commented
10 months ago Same on IOS-XE 16.12.04. And collection version is cisco.ios 6.0.0. Cannot deploy VLANs with the overridden state.
KB-perByte
commented
10 months ago Hey @forcecity, @drobnymichal, @dshuffin, @slefol, @Syl4r-v There were some critical optimizations done to the ios_vlans module in the last release i.e. cisco.ios 6.1.0 Could you please check if this issue persists there too? I can push a patch if needed. Thank you for reporting!
forcecity
commented
10 months ago I just tried with cisco.ios 6.1.0, the issue is still there:
fatal: [SW1]: FAILED! => {
"changed": false,
"module_stderr": "no mtu 1500\r\nno mtu 1500\r\n ^\r\n% Invalid input detected at '^' marker.\r\n\r\nSW1(config-vlan)#",
"module_stdout": "",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error"
}Unfortunately, I got the same error message.
KB-perByte
commented
9 months ago @slefol if the device doesn't support mtu we should not push it via our playbook. Please consider updating your playbook. Regards.
forcecity
commented
9 months ago i believe nobody added "mtu" parameters in the playbook/j2 template. But this activity lets the module translate as "no mtu" command to the device if use override mode.
dshuffin
commented
9 months ago @KB-perByte The problem is that with state: overriden not supplying the mtu causes this error:
fatal: [hostname]: FAILED! => changed=false
module_stderr: |-
no mtu 1500
no mtu 1500
^
% Invalid input detected at '^' marker.
So basically with mtu supplied module fails when you want to create new vlans, and without mtu it fails every time.
dshuffin
commented
9 months ago @KB-perByte Will this issue be reopened, or we need to create a new one? Running latest version of the module with "overriden" always fails with
no mtu 1500
^
% Invalid input detected at '^' marker.regardless of mtu being supplied or not supplied to the module. If you are confident that we are using the module wrong - please provide a working example for us. The show vlan command on the switch shows that the vlan has MTU of 1500, but the device does not allow modifying that mtu in any way, including removal of MTU configuration. The only working approach with the 9300/9500 series switches is to just not issue any vlan mtu related commands to the device and ignore all vlan mtu configuration fed to the module. If you need any command output from the switch to improve the module - let me know, I'll be happy to provide.
slefol
commented
9 months ago I support the request made by dshuffin.
KB-perByte
commented
9 months ago @KB-perByte Will this issue be reopened, or we need to create a new one? Running latest version of the module with "overriden" always fails with
no mtu 1500 ^ % Invalid input detected at '^' marker.regardless of mtu being supplied or not supplied to the module. If you are confident that we are using the module wrong - please provide a working example for us. The show vlan command on the switch shows that the vlan has MTU of 1500, but the device does not allow modifying that mtu in any way, including removal of MTU configuration. The only working approach with the 9300/9500 series switches is to just not issue any vlan mtu related commands to the device and ignore all vlan mtu configuration fed to the module. If you need any command output from the switch to improve the module - let me know, I'll be happy to provide.
@dshuffin this explains a lot of it, can you please help me with the command that lets you configure mtu correctly? We can path that change in. Thank you!
dshuffin
commented
9 months ago Here are two related documents on configuring MTU on cat 9500 switches. They apply at least to cat 9300 too. https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-3/configuration_guide/int_hw/b_173_int_and_hw_9500_cg/configuring_system_mtu.html https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst9500/software/release/17-3/configuration_guide/int_hw/b_173_int_and_hw_9500_cg/configuring_per_port_mtu.html
Basically there is system MTU ( Device(config)# system mtu 1900) which applies to the whole switch. It affects how big of an Ethernet frame the device can accept on any physical port regardless of the VLAN ID. Then there is per-protocol MTU (Device(config-if)# ip mtu 68 / Device(config-if)# ipv6 mtu 1280 ). It can be applied to L3 interfaces (physical and virtual), and affects how big of an ethernet frame the switch can send from it's corresponding L3 interface. Starting from 17.1.1 there is also per-port MTU (Device(config-if)# mtu 6666). It can be applied to physical interfaces and affects how big of an Ethernet frame the device can accept on this physical port regardless of VLAN ID.
There is no other MTU-related configuration on those devices. None of those commands are related to VLAN configuration, so my suggestion remains the same - never send any mtu related commands when configuring vlans on those devices.
drobnymichal
commented
8 months ago Hello, could you please reopen this issue. I don't think it's solved yet....Or am I wrong? Are there any plans to fix this problem? Thanks for the reply.
slefol
commented
8 months ago Hello, could you please reopen this issue. Thanks.
insanerob
commented
6 months ago @KB-perByte Will this issue be reopened, or we need to create a new one? Running latest version of the module with "overriden" always fails with
no mtu 1500 ^ % Invalid input detected at '^' marker.regardless of mtu being supplied or not supplied to the module. If you are confident that we are using the module wrong - please provide a working example for us. The show vlan command on the switch shows that the vlan has MTU of 1500, but the device does not allow modifying that mtu in any way, including removal of MTU configuration. The only working approach with the 9300/9500 series switches is to just not issue any vlan mtu related commands to the device and ignore all vlan mtu configuration fed to the module. If you need any command output from the switch to improve the module - let me know, I'll be happy to provide.
@dshuffin this explains a lot of it, can you please help me with the command that lets you configure mtu correctly? We can path that change in. Thank you!
Hi KB, VLANs are just tags (802.1q) in the frame headers they don't have a concept of MTU. MTU is only set in places where a frame is constructed, like physical interfaces or frame encapsulation / decapsulation. VLANs have nothing to do with frame construction :)
Quick fix for anyone waiting for this issue to be resolved: Comment out the ' # # Appending MTU value to the retrieved dictionary ' section in cisco/ios/plugins/module_utils/network/ios/facts/vlans/vlans.py
Thanks for creating and supporting these modules ... as a network engineer I really appreciate it, saves my sanity :D
slefol
commented
5 months ago I just tried with cisco.ios 8.0.0, the issue is still there:
fatal: [mgt-it08-04d-1]: FAILED! => {
"changed": false,
"module_stderr": "mtu 1500\r\nmtu 1500\r\n ^\r\n% Invalid input detected at '^' marker.\r\n\r\nmgt-it08-04d-1(config-vlan)#",
"module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error"
}As suggested by @dshuffin and explain by @insanerob, the module should never send MTU related commands when configuring VLANs on these devices.
hoedem
commented
5 months ago Just tested on cisco.ios 9.0.0, the issue is still there:
{
"module_stdout": "",
"module_stderr": "no mtu 1500\r\nno mtu 1500\r\n ^\r\n% Invalid input detected at '^' marker.\r\n\r\nlv-impoc-as01(config-vlan)#",
"msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
"_ansible_no_log": false,
"changed": false
}
"stdout_lines": [
"Starting galaxy collection install process",
"Process install dependency map",
"Starting collection install process",
...,
"Installing 'cisco.ios:9.0.0' to '/var/lib/awx/projects/.__awx_cache/_9__network_mvp/stage/requirements_collections/ansible_collections/cisco/ios'",
"cisco.ios:9.0.0 was installed successfully"
]@KB-perByte Can this issue be re-opened or do we need to create a new issue?
I'm using the module to configure catalyst 9300 devices, which do support mtu commands.
KB-perByte
commented
4 months ago @hoedem please create a new ticket describing the issue you are facing!
slefol
commented
4 months ago @KB-perByte the issue is still here. Are there any plans to fix this problem? Thanks for the reply.
Niich
commented
4 months ago I am also experiencing this issue.
Can't use the vlan module to perform actions that would lead to removal of a vlan.
Returns an error because its trying to execute no mtu 1500 but that's not a valid command.
# show vlan
VLAN Name Status Ports
---- -------------------------------- --------- ------------------------------
1 default active Gi3/0/1, Gi3/0/2, Gi3/0/3, Gi3
Gi3/0/12, Gi3/0/13, Gi3/0/14,
Gi3/0/23, Gi3/0/24, Gi3/0/25,
Gi3/0/34, Gi3/0/35, Gi3/0/36,
Gi3/0/45, Gi3/0/46, Gi3/0/47,
222 DMZ active
900 Managment active
999 OOB_Managment active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
1010 Development active
1020 Production active
1030 Storage active
1681 Fresh active
1682 IoT active
1683 Camera active
1685 Guest active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
222 enet 100222 1500 - - - - - 0 0
900 enet 100900 1500 - - - - - 0 0
999 enet 100999 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0Running "merged"
- name: Test merged
cisco.ios.ios_vlans:
state: merged
config:
- vlan_id: 5
name: testOutput
PLAY [Configure Cisco iOS switches] *******************************************************************************
TASK [Test merged] ************************************************************************************************
changed: [192.168.1.5]
PLAY RECAP ********************************************************************************************************
192.168.1.5 : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Results
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi3/0/1, Gi3/0/2, Gi3/0/3, Gi3/
Gi3/0/12, Gi3/0/13, Gi3/0/14, G
Gi3/0/23, Gi3/0/24, Gi3/0/25, G
Gi3/0/34, Gi3/0/35, Gi3/0/36, G
Gi3/0/45, Gi3/0/46, Gi3/0/47, G
5 test active
222 DMZ active
900 Managment active
999 OOB_Managment active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
1010 Development active
1020 Production active
1030 Storage active
1681 Fresh active
1682 IoT active
1683 Camera active
1685 Guest active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
5 enet 100005 1500 - - - - - 0 0
222 enet 100222 1500 - - - - - 0 0
900 enet 100900 1500 - - - - - 0 0Running "deleted"
- name: Test deleted
cisco.ios.ios_vlans:
state: deleted
config:
- vlan_id: 5
name: testOutput
PLAY [Configure Cisco iOS switches] ***********************************************************************************************************************************************************************************************************************************
TASK [Test deleted] ***************************************************************************************************************************************************************************************************************************************************
fatal: [192.168.1.5]: FAILED! => {"changed": false, "module_stderr": "no mtu 1500\r\nno mtu 1500\r\n ^\r\n% Invalid input detected at '^' marker.\r\n\r\nsw-01(config-vlan)#", "module_stdout": "", "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error"}
PLAY RECAP ************************************************************************************************************************************************************************************************************************************************************
192.168.1.5 : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0
Results
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi3/0/1, Gi3/0/2, Gi3/0/3, Gi3/
Gi3/0/12, Gi3/0/13, Gi3/0/14, G
Gi3/0/23, Gi3/0/24, Gi3/0/25, G
Gi3/0/34, Gi3/0/35, Gi3/0/36, G
Gi3/0/45, Gi3/0/46, Gi3/0/47, G
5 VLAN0005 active
222 DMZ active
900 Managment active
999 OOB_Managment active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
1010 Development active
1020 Production active
1030 Storage active
1681 Fresh active
1682 IoT active
1683 Camera active
1685 Guest active
VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
5 enet 100005 1500 - - - - - 0 0
222 enet 100222 1500 - - - - - 0 0
900 enet 100900 1500 - - - - - 0 0| Name | Model | SW version |
|---|---|---|
| Catalyst C3850 | WS-C3850-48P | 16.12.08 |
Cisco IOS XE Software, Version 16.12.08
Cisco IOS Software [Gibraltar], Catalyst L3 Switch Software (CAT3K_CAA-UNIVERSALK9-M), Version 16.12.8, RELEASE SOFTWARE (fc1)# -> ansible --version
ansible [core 2.17.1]
config file = None
configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /root/.local/pipx/venvs/ansible/lib/python3.11/site-packages/ansible
ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
executable location = /root/.local/bin/ansible
python version = 3.11.2 (main, Mar 13 2023, 12:18:29) [GCC 12.2.0] (/root/.local/pipx/venvs/ansible/bin/python)
jinja version = 3.1.4
libyaml = True# -> ansible-galaxy collection list
# /root/.ansible/collections/ansible_collections
Collection Version
---------------------------------------- -------
ansible.netcommon 7.0.0
ansible.utils 5.0.0
cisco.ios 9.0.0
# /root/.local/pipx/venvs/ansible/lib/python3.11/site-packages/ansible_collections
Collection Version
---------------------------------------- -------
amazon.aws 8.0.1
ansible.netcommon 6.1.3
ansible.posix 1.5.4
ansible.utils 4.1.0
ansible.windows 2.4.0
arista.eos 9.0.0
awx.awx 24.5.0
azure.azcollection 2.4.0
check_point.mgmt 5.2.3
chocolatey.chocolatey 1.5.1
cisco.aci 2.9.0
cisco.asa 5.0.1
cisco.dnac 6.16.0
cisco.intersight 2.0.9
cisco.ios 8.0.0
cisco.iosxr 9.0.0
cisco.ise 2.9.2
cisco.meraki 2.18.1
cisco.mso 2.6.0
cisco.nxos 8.1.0
cisco.ucs 1.10.0
cloud.common 3.0.0
cloudscale_ch.cloud 2.3.1
community.aws 8.0.0
community.ciscosmb 1.0.9
community.crypto 2.20.0
community.digitalocean 1.26.0
community.dns 3.0.1
community.docker 3.10.4
community.general 9.1.0
community.grafana 1.9.1
community.hashi_vault 6.2.0
community.hrobot 2.0.1
community.library_inventory_filtering_v1 1.0.1
community.libvirt 1.3.0
community.mongodb 1.7.4
community.mysql 3.9.0
community.network 5.0.3
community.okd 3.0.1
community.postgresql 3.4.1
community.proxysql 1.5.1
community.rabbitmq 1.3.0
community.routeros 2.16.0
community.sap_libs 1.4.2
community.sops 1.6.7
community.vmware 4.4.0
community.windows 2.2.0
community.zabbix 2.5.1
containers.podman 1.15.2
cyberark.conjur 1.3.0
cyberark.pas 1.0.25
dellemc.enterprise_sonic 2.4.0
dellemc.openmanage 9.3.0
dellemc.powerflex 2.5.0
dellemc.unity 2.0.0
f5networks.f5_modules 1.28.0
fortinet.fortimanager 2.5.0
fortinet.fortios 2.3.6
frr.frr 2.0.2
google.cloud 1.3.0
grafana.grafana 5.2.0
hetzner.hcloud 3.1.1
ibm.qradar 3.0.0
ibm.spectrum_virtualize 2.0.0
ibm.storage_virtualize 2.3.1
ieisystem.inmanage 2.0.0
infinidat.infinibox 1.4.5
infoblox.nios_modules 1.6.1
inspur.ispim 2.2.3
inspur.sm 2.3.0
junipernetworks.junos 8.0.0
kaytus.ksmanage 1.2.2
kubernetes.core 3.2.0
lowlydba.sqlserver 2.3.3
microsoft.ad 1.6.0
netapp.cloudmanager 21.22.1
netapp.ontap 22.11.0
netapp.storagegrid 21.12.0
netapp_eseries.santricity 1.4.0
netbox.netbox 3.19.1
ngine_io.cloudstack 2.3.0
ngine_io.exoscale 1.1.0
openstack.cloud 2.2.0
openvswitch.openvswitch 2.1.1
ovirt.ovirt 3.2.0
purestorage.flasharray 1.28.1
purestorage.flashblade 1.17.0
sensu.sensu_go 1.14.0
splunk.es 3.0.0
t_systems_mms.icinga_director 2.0.1
telekom_mms.icinga_director 2.1.2
theforeman.foreman 4.0.0
vmware.vmware_rest 3.0.1
vultr.cloud 1.13.0
vyos.vyos 4.1.0
wti.remote 1.0.5
SUMMARY
The cisco_ios_vlans task failed fails with the following traceback for devices (Cisco 9200L) running 17.3.4.
ISSUE TYPE
COMPONENT NAME
ios_vlans ansible_collections/cisco/ios/plugins/module_utils/network/ios/config/vlans/vlans.py
ANSIBLE VERSION
COLLECTION VERSION
CONFIGURATION
OS / ENVIRONMENT
STEPS TO REPRODUCE
vars_file:
EXPECTED RESULTS
if the mtu parameter is not set (in case the equipment does not support it), it should not be configured on the device.
ACTUAL RESULTS
Despite the failure, the vlan is still created on the device ! When we run the playbook a second time everything is ok.
the mtu setting for a vlan is not supported on the device, leading to failed :
The task also fails with the following traceback if the mtu parameter is not set.