123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419 |
- ---
- - name: Add VLAN definition
- nxos_vlan:
- vlan_id: "{{ vlan_id }}"
- admin_state: up
- name: "{{ vlan_name }}"
- when: delete_vlan is not defined or not delete_vlan|bool
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-vlan
- - add-nxos-vlan
- - name: Initialize iflist
- set_fact:
- iflist: []
- when: generate_iflist|bool
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - allow-vlan
- - allow-nxos-vlan
- - remove-vlan
- - remove-ucs-vlan
- - name: Generate list of interfaces (stretched)
- set_fact:
- iflist: "{{ iflist + [item.key] }}"
- with_items: "{{ lookup('dict', port_channels) }}"
- when: generate_iflist|bool and is_stretched|bool
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - allow-vlan
- - allow-nxos-vlan
- - remove-vlan
- - remove-ucs-vlan
- - name: Generate list of interfaces (non-stretched)
- set_fact:
- iflist: "{{ iflist + [item.key] }}"
- with_items: "{{ lookup('dict', port_channels) }}"
- when: generate_iflist|bool and not is_stretched|bool and not port_channels[item.key]|bool
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - allow-vlan
- - allow-nxos-vlan
- - remove-vlan
- - remove-ucs-vlan
- - name: Associate interfaces to VLAN
- nxos_config:
- lines:
- - switchport trunk allowed vlan add {{ vlan_id }}
- parents: interface {{ item }}
- with_items: "{{ iflist }}"
- when: (delete_vlan is not defined or not delete_vlan|bool) and iflist is defined
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - allow-vlan
- - allow-nxos-vlan
- - name: Add SVI definition
- nxos_interfaces:
- config:
- - name: Vlan{{ vlan_id }}
- enabled: True
- mtu: "{{ svi_mtu }}"
- description: "{{ svi_descr }}"
- when: (delete_vlan is not defined or not delete_vlan|bool) and svi_mtu is defined and svi_descr is defined
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-svi
- - name: Set per-DC v4 IDF ID
- set_fact: v4_idf_id={{ idf_id }}
- when: (delete_vlan is not defined or not delete_vlan|bool) and not is_stretched|bool and build_v4|bool
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-svi-l3
- - add-svi-l3-v4
- - name: Set stretched v4 IDF ID
- set_fact: v4_idf_id={{ stretched_idf_id }}
- when: (delete_vlan is not defined or not delete_vlan|bool) and is_stretched|bool and build_v4|bool
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-svi-l3
- - add-svi-l3-v4
- - name: Construct SVI IPv4 address
- set_fact: svi_v4_prefix={{ base_major_net }}.{{ vlan_id }}.{{ v4_idf_id }} svi_subnet_len="24"
- when: (delete_vlan is not defined or not delete_vlan|bool) and build_v4|bool
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-svi-l3
- - add-svi-l3-v4
- - name: Add SVI v4 L3 parameters
- nxos_l3_interfaces:
- config:
- - name: Vlan{{ vlan_id }}
- ipv4:
- - address: "{{ svi_v4_prefix }}.{{ core_svi_v4_suffix }}/{{ svi_subnet_len }}"
- when: (delete_vlan is not defined or not delete_vlan|bool) and svi_v4_prefix is defined
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-svi-l3
- - add-svi-l3-v4
- - name: Set per-DC v6 IDF ID
- set_fact: v6_idf_id="{{ '%0x' % idf_id|int }}"
- when: (delete_vlan is not defined or not delete_vlan|bool) and not is_stretched|bool and build_v6|bool
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-svi-l3
- - add-svi-l3-v6
- - name: Set stretched v6 IDF ID
- set_fact: v6_idf_id="{{ '%0x' % stretched_idf_id|int }}"
- when: (delete_vlan is not defined or not delete_vlan|bool) and is_stretched|bool and build_v6|bool
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-svi-l3
- - add-svi-l3-v6
- - name: Construct SVI v6 address
- set_fact: svi_v6_network="{{ base_v6_prefix }}:{{ '%0x' % vlan_id|int }}{{ v6_idf_id }}::"
- when: (delete_vlan is not defined or not delete_vlan|bool) and build_v6|bool
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-svi-l3
- - add-svi-l3-v6
- - name: Add SVI v6 L3 parameters
- nxos_l3_interfaces:
- config:
- - name: Vlan{{ vlan_id }}
- ipv6:
- - address: "{{ svi_v6_network }}{{ core_svi_v6_suffix }}/64"
- when: (delete_vlan is not defined or not delete_vlan|bool) and svi_v6_network is defined
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-svi-l3
- - add-svi-l3-v6
- - name: Add SVI v6 L3 parameters
- nxos_config:
- lines:
- - ipv6 address use-link-local-only
- parents: interface Vlan{{ vlan_id }}
- when: (delete_vlan is not defined or not delete_vlan|bool) and svi_v6_link_local is defined
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-svi-l3
- - add-svi-l3-v6
- - name: Add SVI OSPFv2 parameters
- nxos_interface_ospf:
- area: 0.0.0.0
- ospf: "{{ ospf_pid }}"
- interface: Vlan{{ vlan_id }}
- when: (delete_vlan is not defined or not delete_vlan|bool) and svi_v4_prefix is defined
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-ospf
- - add-ospfv2
- - name: Add additional SVI OSPFv2 parameters
- nxos_config:
- lines:
- - ip ospf network {{ ospf_type }}
- parents: interface Vlan{{ vlan_id }}
- when: (delete_vlan is not defined or not delete_vlan|bool) and svi_v4_prefix is defined
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-ospf
- - add-ospfv2
- - name: Disable SVI OSPFv2 passive interface
- nxos_config:
- lines:
- - no ip ospf passive-interface
- parents: interface Vlan{{ vlan_id }}
- when: (delete_vlan is not defined or not delete_vlan|bool) and svi_v4_prefix is defined and not passive_interface is defined
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-ospf
- - add-ospfv2
- - name: Add SVI OSPFv3 parameters
- nxos_config:
- lines:
- - ipv6 router ospfv3 1 area 0.0.0.0
- - ospfv3 network {{ ospf_type }}
- parents: interface Vlan{{ vlan_id }}
- when: (delete_vlan is not defined or not delete_vlan|bool) and svi_v6_network is defined or svi_v6_link_local is defined
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-ospf
- - add-ospfv3
- - name: Disable SVI OSPFv3 passive interface
- nxos_config:
- lines:
- - no ospfv3 passive-interface
- parents: interface Vlan{{ vlan_id }}
- when: (delete_vlan is not defined or not delete_vlan|bool) and (svi_v6_network is defined or svi_v6_link_local is defined) and not passive_interface is defined
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-ospf
- - add-ospfv3
- - name: Add addition SVI parameters
- nxos_config:
- lines:
- - no ip redirects
- - no ipv6 redirects
- parents: interface Vlan{{ vlan_id }}
- when: (delete_vlan is not defined or not delete_vlan|bool) and svi_v4_prefix is defined or svi_v6_network is defined
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-svi-l3
- - name: Enable HSRP
- nxos_config:
- lines:
- - hsrp version 2
- parents: interface Vlan{{ vlan_id }}
- when: (delete_vlan is not defined or not delete_vlan|bool) and (svi_v4_prefix is defined or svi_v6_network is defined) and use_hsrp is defined
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-hsrp
- - name: Add HSRP v4 configuration
- nxos_config:
- lines:
- - authentication md5 key-chain HSRP_KEY
- - preempt
- - priority {{ core_hsrp_priority }}
- - timers 1 3
- - ip {{ svi_v4_prefix }}.{{ core_hsrp_vip_v4_suffix }}
- - track {{ core_hsrp_v4_track }} decrement 20
- parents:
- - interface Vlan{{ vlan_id }}
- - hsrp 1
- when: (delete_vlan is not defined or not delete_vlan|bool) and svi_v4_prefix is defined and use_hsrp is defined
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-hsrp
- - add-hsrp-v4
- - name: Add HSRP v6 configuration
- nxos_config:
- lines:
- - authentication md5 key-chain HSRP_KEY
- - preempt
- - priority {{ core_hsrp_priority }}
- - timers 1 3
- - ip {{ svi_v6_network }}{{ core_hsrp_vip_v6_suffix }}
- - track {{ core_hsrp_v6_track }} decrement 20
- parents:
- - interface Vlan{{ vlan_id }}
- - hsrp 2 ipv6
- when: (delete_vlan is not defined or not delete_vlan|bool) and svi_v6_network is defined and use_hsrp is defined
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-hsrp
- - add-hsrp-v6
- - name: Add DHCP relays
- nxos_config:
- lines:
- - ip dhcp relay address {{ item }}
- parents: interface Vlan{{ vlan_id }}
- when: (delete_vlan is not defined or not delete_vlan|bool) and svi_v4_prefix is defined
- with_items: "{{ dhcp_servers }}"
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-dhcp-relay
- - name: Add RDNSS server configuration
- nxos_config:
- lines:
- - ipv6 nd ra dns server {{ item }} {{ rdnss_lifetime }} sequence {{ item_idx }}
- parents: interface Vlan{{ vlan_id }}
- when: (delete_vlan is not defined or not delete_vlan|bool) and svi_v6_network is defined
- with_items: "{{ dns_servers_v6 }}"
- loop_control:
- index_var: item_idx
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - rdnss
- - name: Add RDNSS search domain
- nxos_config:
- lines:
- - ipv6 nd ra dns search-list {{ item }} {{ rdnss_lifetime }} sequence {{ item_idx }}
- parents: interface Vlan{{ vlan_id }}
- when: (delete_vlan is not defined or not delete_vlan|bool) and svi_v6_network is defined
- with_items: "{{ search_domains }}"
- loop_control:
- index_var: item_idx
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - rdnss
- - name: Add v4 ACL
- nxos_acl_interface:
- direction: ingress
- interface: Vlan{{ vlan_id }}
- name: "{{ v4_acl_name }}"
- when: (delete_vlan is not defined or not delete_vlan|bool) and svi_v4_prefix is defined and add_acl|bool
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-v4-acl
- - name: Add v6 ACL
- nxos_config:
- lines:
- - ipv6 traffic-filter {{ v6_acl_name }} in
- parents: interface Vlan{{ vlan_id }}
- when: (delete_vlan is not defined or not delete_vlan|bool) and svi_v6_network and add_acl|bool
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - add-v6-acl
- - name: Remove SVI
- nxos_interfaces:
- config:
- - name: Vlan{{ vlan_id }}
- state: deleted
- when: delete_vlan is defined and delete_vlan|bool
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - delete-svi
- - name: Remove VLAN from interfaces
- nxos_config:
- lines:
- - switchport trunk allowed vlan remove {{ vlan_id }}
- parents: interface {{ item }}
- with_items: "{{ iflist }}"
- when: delete_vlan is defined and delete_vlan|bool and iflist is defined
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - remove-vlan
- - remove-ucs-vlan
- - name: Delete VLAN definition
- nxos_vlan:
- vlan_id: "{{ vlan_id }}"
- state: absent
- when: delete_vlan is defined and delete_vlan|bool
- tags:
- - nxos
- - vlan
- - nxos-vlan
- - delete-vlan
- - delete-nxos-vlan
|