If you ever tried to update login banner on Cisco router/switch using napalm_install_config function in Ansible napalm-ansible module, you may notice it does not work as expected. Ansible will always try to update banner returning “changed” for napalm_config_install step.

For example play bellow does not work as expected.

- name: Update Banner
  napalm_install_config:
     username: ''
     config_file: './banner.conf'
     commit_changes: true

./banner.conf content.

banner login ^C
******************************************************
*
* WARNING --- WARNING --- WARNING --- WARNING
*
* ! Unauthorized Access is Welcomed !
*
******************************************************
^C

Napalm fails to manage banner properly because ^C characters surrounding banner is in fact a single character with ASCII code 0x03. It just happen to be displayed as “^C” in “sh run”. So if you use “0x03” char to surround banner in template file then napalm_config_install will work as expected. It will return “OK” if banner matches template.

How to get “0x03” in to ./banner.conf is up to you. I’m generating router config using Jinja2 templates. Banner part of it looks like bellow

banner login {{ "%c"|format(3) }}
******************************************************
*
* WARNING --- WARNING --- WARNING --- WARNING
*
* ! Unauthorized Access is Welcomed !
*
******************************************************
{{ "%c"|format(3) }}

Updated: