Describe the bug
I have a Netgate SG2100 router and have been trying to use pfsensible.core to configure it.
The router sits behind a cable modem, so the WAN interface gets its IPv4 address via DHCP and the IPv6 address via either DHCP6 or SLAAC (both work).
In my playbook, I have a play to configure the interfaces and I added a task like the following:
- name: WAN interface
pfsensible.core.pfsense_interface:
blockbogons: true
blockpriv: true
descr: WAN
enable: true
ipv4_type: dhcp
ipv6_type: slaac
interface: mvneta0
When I run this, the WAN interface's IPv6 Configuration Type gets set to None, even if it was already set to SLAAC before. If it was already set to None, it stays that way.
When I run it in change mode (-CD flags) and the current type is SLAAC, Ansible shows me that there are changes to apply (although it does not say in detail which ones). If the current type is None, no outstanding changes are shown.
IOW, ipv6_type: slaac behaves exactly the same as ipv6_type: none.
This makes it impossible to configure the interface for SLAAC.
Expected behavior
When run, the playbook should set the IPv6 config type to SLAAC. Unless it is already set to SLAAC, in which case it should not make any changes (provided the other values also correspond to what's already configured).
When run in check mode, the playbook should not report outstanding changes when the IPv6 config type is already SLAAC (again, provided the other values also correspond to the existing configuration).
Playbook
Please paste a minimal playbook to reproduce the issue:
---
- name: Interfaces
hosts: "netgate-sg2100.lan"
tasks:
- name: WAN interface
pfsensible.core.pfsense_interface:
blockbogons: true
blockpriv: true
descr: WAN
enable: true
ipv4_type: dhcp
ipv6_type: slaac
interface: mvneta0
Output
When run in check mode:
ansible-playbook [core 2.16.4]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/gabe/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.11/site-packages/ansible
ansible collection location = /home/gabe/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible-playbook
python version = 3.11.8 (main, Feb 08 2024, 08:03:16) [GCC] (/usr/bin/python3.11)
jinja version = 3.1.3
libyaml = True
Using /etc/ansible/ansible.cfg as config file
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: playbook.yml *************************************************************************************************************
4 plays in playbook.yml
PLAY [Basic Setup] *****************************************************************************************************************
[…]
TASK [WAN interface] ***************************************************************************************************************
task path: /home/…/playbook.yml:31
changed: [netgate-sg2100.lan] => {"changed": true, "commands": ["update interface 'WAN' set ipv6_address=none"], "ifname": "wan", "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []}
[…]
PLAY RECAP *************************************************************************************************************************
netgate-sg2100.lan : ok=10 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
When run in change mode:
ansible-playbook [core 2.16.4]
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/gabe/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.11/site-packages/ansible
ansible collection location = /home/gabe/.ansible/collections:/usr/share/ansible/collections
executable location = /usr/bin/ansible-playbook
python version = 3.11.8 (main, Feb 08 2024, 08:03:16) [GCC] (/usr/bin/python3.11)
jinja version = 3.1.3
libyaml = True
Using /etc/ansible/ansible.cfg as config file
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: playbook.yml *************************************************************************************************************
4 plays in playbook.yml
PLAY [Basic Setup] *****************************************************************************************************************
[…]
TASK [WAN interface] ***************************************************************************************************************
task path: /home/…/playbook.yml:31
changed: [netgate-sg2100.lan] => {"changed": true, "commands": ["update interface 'WAN' set ipv6_address=none"], "ifname": "wan", "stderr": "", "stderr_lines": [], "stdout": "Netgate pfSense Plus shell: global $debug;\nNetgate pfSense Plus shell: $debug = 1;\nNetgate pfSense Plus shell: require_once(\"filter.inc\");\nNetgate pfSense Plus shell: require_once(\"interfaces.inc\");\nNetgate pfSense Plus shell: \nNetgate pfSense Plus shell: exec\nNetgate pfSense Plus shell: exit\nNetgate pfSense Plus shell: global $debug;\nNetgate pfSense Plus shell: $debug = 1;\nNetgate pfSense Plus shell: require_once(\"filter.inc\");\nNetgate pfSense Plus shell: require_once(\"interfaces.inc\");\nNetgate pfSense Plus shell: require_once(\"services.inc\");\nNetgate pfSense Plus shell: require_once(\"gwlb.inc\");\nNetgate pfSense Plus shell: require_once(\"rrd.inc\");\nNetgate pfSense Plus shell: require_once(\"shaper.inc\");\nNetgate pfSense Plus shell: interface_bring_down('wan', false);\nNetgate pfSense Plus shell: interface_configure('wan', true);\nNetgate pfSense Plus shell: services_snmpd_configure();\nNetgate pfSense Plus shell: setup_gateways_monitor();\nNetgate pfSense Plus shell: clear_subsystem_dirty('interfaces');\nNetgate pfSense Plus shell: filter_configure();\nNetgate pfSense Plus shell: enable_rrd_graphing();\nNetgate pfSense Plus shell: if (is_subsystem_dirty('staticroutes') && (system_routing_configure() == 0)) clear_subsystem_dirty('staticroutes');\nNetgate pfSense Plus shell: exec\nNetgate pfSense Plus shell: exit\n", "stdout_lines": ["Netgate pfSense Plus shell: global $debug;", "Netgate pfSense Plus shell: $debug = 1;", "Netgate pfSense Plus shell: require_once(\"filter.inc\");", "Netgate pfSense Plus shell: require_once(\"interfaces.inc\");", "Netgate pfSense Plus shell: ", "Netgate pfSense Plus shell: exec", "Netgate pfSense Plus shell: exit", "Netgate pfSense Plus shell: global $debug;", "Netgate pfSense Plus shell: $debug = 1;", "Netgate pfSense Plus shell: require_once(\"filter.inc\");", "Netgate pfSense Plus shell: require_once(\"interfaces.inc\");", "Netgate pfSense Plus shell: require_once(\"services.inc\");", "Netgate pfSense Plus shell: require_once(\"gwlb.inc\");", "Netgate pfSense Plus shell: require_once(\"rrd.inc\");", "Netgate pfSense Plus shell: require_once(\"shaper.inc\");", "Netgate pfSense Plus shell: interface_bring_down('wan', false);", "Netgate pfSense Plus shell: interface_configure('wan', true);", "Netgate pfSense Plus shell: services_snmpd_configure();", "Netgate pfSense Plus shell: setup_gateways_monitor();", "Netgate pfSense Plus shell: clear_subsystem_dirty('interfaces');", "Netgate pfSense Plus shell: filter_configure();", "Netgate pfSense Plus shell: enable_rrd_graphing();", "Netgate pfSense Plus shell: if (is_subsystem_dirty('staticroutes') && (system_routing_configure() == 0)) clear_subsystem_dirty('staticroutes');", "Netgate pfSense Plus shell: exec", "Netgate pfSense Plus shell: exit"]}
[…]
PLAY RECAP *************************************************************************************************************************
netgate-sg2100.lan : ok=10 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Environment
- What version of pfsensible.core?
2.16.4
- What version of ansible?
9.3.0-1.1
- What version of pfSense?
22.05-RELEASE (arm64)
Describe the bug
I have a Netgate SG2100 router and have been trying to use pfsensible.core to configure it.
The router sits behind a cable modem, so the WAN interface gets its IPv4 address via DHCP and the IPv6 address via either DHCP6 or SLAAC (both work).
In my playbook, I have a play to configure the interfaces and I added a task like the following:
When I run this, the WAN interface's IPv6 Configuration Type gets set to None, even if it was already set to SLAAC before. If it was already set to None, it stays that way.
When I run it in change mode (
-CDflags) and the current type is SLAAC, Ansible shows me that there are changes to apply (although it does not say in detail which ones). If the current type is None, no outstanding changes are shown.IOW,
ipv6_type: slaacbehaves exactly the same asipv6_type: none.This makes it impossible to configure the interface for SLAAC.
Expected behavior
When run, the playbook should set the IPv6 config type to SLAAC. Unless it is already set to SLAAC, in which case it should not make any changes (provided the other values also correspond to what's already configured).
When run in check mode, the playbook should not report outstanding changes when the IPv6 config type is already SLAAC (again, provided the other values also correspond to the existing configuration).
Playbook
Please paste a minimal playbook to reproduce the issue:
Output
When run in check mode:
When run in change mode:
Environment
2.16.4
9.3.0-1.1
22.05-RELEASE (arm64)