Palo Alto - Enable Jumbo Frames using Ansible

This post is purely because I spent a very long time googling and was not able to find the answer. I've been doing a lot with Ansible lately for work and have been playing around scripts for essentially fully configuring a Palo Alto firewall from scratch, outside of management. One of the tasks I was trying to work with was to enable jumbo frames on the device and after spending hours googling I found some answers that eventually led me in the right direction so decided I'd write up a quick blog post for it. 

I won't go into detail of the entire play here, but it turns out it's actually quite simple and the way I worked it out, was by navigating through the firewalls API's for Operational Commands. The settings is found under Operational Commands -> set -> system -> setting -> jumbo frame. From here, there's an on or off option. All that you need to do, is use the Palo Alto module panos_op to enable the feature. Below is the required task to enable jumbo frames. Note that the changes still need to be committed, and the firewall rebooted in order to enable the feature globally. 

---
- name: Enable jumbo frames
  paloaltonetworks.panos.panos_op:
    provider: '{{ provider }}'
    cmd: "<set><system><setting><jumbo-frame>on</jumbo-frame></setting></system></set>"
    cmd_is_xml: true
  register: jumbo_enable

There are other settings that you can set such as global mtu but those are fairly easy to enable using panos_config_element.

Thanks for checking out my blog. If you've noticed anything missing or have any questions, please leave a comment and let me know.