If you ever tried to update login banner on Cisco router/switch using napalm_install_config function in Ansible napalm-ansible module, you may notice it does not work as expected. Ansible will always try to update banner returning “changed” for napalm_config_install step.
For example play bellow does not work as expected.
- name: Update Banner
napalm_install_config:
username: ''
config_file: './banner.conf'
commit_changes: true
./banner.conf content.
banner login ^C
******************************************************
*
* WARNING --- WARNING --- WARNING --- WARNING
*
* ! Unauthorized Access is Welcomed !
*
******************************************************
^C
Napalm fails to manage banner properly because ^C characters surrounding banner is in fact a single character with ASCII code 0x03. It just happen to be displayed as “^C” in “sh run”. So if you use “0x03” char to surround banner in template file then napalm_config_install will work as expected. It will return “OK” if banner matches template.
How to get “0x03” in to ./banner.conf is up to you. I’m generating router config using Jinja2 templates. Banner part of it looks like bellow
banner login {{ "%c"|format(3) }}
******************************************************
*
* WARNING --- WARNING --- WARNING --- WARNING
*
* ! Unauthorized Access is Welcomed !
*
******************************************************
{{ "%c"|format(3) }}