From dd30e2ab1cb2111beb8f0ab10e1011b4a4828765 Mon Sep 17 00:00:00 2001
From: Timotej Lazar <timotej.lazar@fri.uni-lj.si>
Date: Mon, 10 Feb 2025 17:07:32 +0100
Subject: [PATCH] access: support native VLAN on tagged interfaces for D-Link
 switches

---
 roles/access/tasks/main.yml             |  2 +-
 roles/access/templates/config-d-link.j2 | 11 +++++++++--
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/roles/access/tasks/main.yml b/roles/access/tasks/main.yml
index 785a8a2..0cd612b 100644
--- a/roles/access/tasks/main.yml
+++ b/roles/access/tasks/main.yml
@@ -19,7 +19,7 @@
     ansible_terminal_stderr_re: [] # some errors are not actually errors
   register: result
   # These lines are not displayed by 'sho ru' and always reported as different, so ignore them.
-  changed_when: result.commands | reject('match', '^(no shutdown|no switchport access vlan|no voice vlan.*|switchport mode access|switchport mode hybrid|interface .*|no enable service web-server https?|no ip dhcp snooping|no ip dhcp snooping trust)$')
+  changed_when: result.commands | reject('match', '^(no shutdown|no switchport access vlan|no switchport trunk native vlan|no voice vlan.*|switchport mode access|switchport mode hybrid|interface .*|no enable service web-server https?|no ip dhcp snooping|no ip dhcp snooping trust)$')
   notify: write config
 
 - name: Run model-specific tasks
diff --git a/roles/access/templates/config-d-link.j2 b/roles/access/templates/config-d-link.j2
index 9942cf6..283e4ec 100644
--- a/roles/access/templates/config-d-link.j2
+++ b/roles/access/templates/config-d-link.j2
@@ -39,7 +39,14 @@ interface {{ iface.name }}
 
 {%+ elif iface.mode and iface.mode.value == 'tagged' %}
  switchport mode trunk
- switchport trunk allowed vlan {{ (iface.tagged_vlans or vlans) | map(attribute='vid') | compact_numlist }}
+{% if iface.untagged_vlan %}
+{% set iface_vlans = (iface.tagged_vlans or vlans) + [iface.untagged_vlan] %}
+ switchport trunk native vlan {{ iface.untagged_vlan.vid }}
+{% else %}
+{% set iface_vlans = (iface.tagged_vlans or vlans) %}
+ no switchport trunk native vlan
+{% endif %}
+ switchport trunk allowed vlan {{ iface_vlans | map(attribute='vid') | compact_numlist }}
 
 {%+ else %}
 
@@ -99,4 +106,4 @@ no ip dhcp snooping
 ip route 0.0.0.0 0.0.0.0 {{ mgmt.gw | ipaddr('address') }} primary
 {% endif %}
 
-no ddp
\ No newline at end of file
+no ddp