access: support native VLAN on tagged interfaces for D-Link switches

roles/access/tasks/main.yml

@@ -19,7 +19,7 @@
     ansible_terminal_stderr_re: [] # some errors are not actually errors
   register: result
   # These lines are not displayed by 'sho ru' and always reported as different, so ignore them.
-  changed_when: result.commands | reject('match', '^(no shutdown|no switchport access vlan|no voice vlan.*|switchport mode access|switchport mode hybrid|interface .*|no enable service web-server https?|no ip dhcp snooping|no ip dhcp snooping trust)$')
+  changed_when: result.commands | reject('match', '^(no shutdown|no switchport access vlan|no switchport trunk native vlan|no voice vlan.*|switchport mode access|switchport mode hybrid|interface .*|no enable service web-server https?|no ip dhcp snooping|no ip dhcp snooping trust)$')
   notify: write config
 
 - name: Run model-specific tasks

roles/access/templates/config-d-link.j2

@@ -39,7 +39,14 @@ interface {{ iface.name }}
 
 {%+ elif iface.mode and iface.mode.value == 'tagged' %}
  switchport mode trunk
- switchport trunk allowed vlan {{ (iface.tagged_vlans or vlans) | map(attribute='vid') | compact_numlist }}
+{% if iface.untagged_vlan %}
+{% set iface_vlans = (iface.tagged_vlans or vlans) + [iface.untagged_vlan] %}
+ switchport trunk native vlan {{ iface.untagged_vlan.vid }}
+{% else %}
+{% set iface_vlans = (iface.tagged_vlans or vlans) %}
+ no switchport trunk native vlan
+{% endif %}
+ switchport trunk allowed vlan {{ iface_vlans | map(attribute='vid') | compact_numlist }}
 
 {%+ else %}
 
@@ -99,4 +106,4 @@ no ip dhcp snooping
 ip route 0.0.0.0 0.0.0.0 {{ mgmt.gw | ipaddr('address') }} primary
 {% endif %}
 
-no ddp
+no ddp