Timotej Lazar
de05fd236b
Use the ifaces_dhcp custom context property to select interfaces where we should expect DHCP replies.
102 lines
2.6 KiB
Django/Jinja
102 lines
2.6 KiB
Django/Jinja
terminal length default 0
|
|
no ip http server
|
|
line console
|
|
line telnet
|
|
line ssh
|
|
|
|
port-channel load-balance src-dst-ip
|
|
|
|
ip ssh server
|
|
|
|
vlan {{ vlans | map(attribute='vid') | compact_numlist }}
|
|
|
|
{% for iface in interfaces | selectattr('lag') %}
|
|
interface {{ iface.name }}
|
|
{% if iface.enabled %} no{% endif %} shutdown
|
|
channel-group {{ iface.lag.name | select('in', '0123456789') | join('') }} mode active
|
|
|
|
{% endfor %}
|
|
|
|
{%- set mgmt = namespace(ip=false, gw=false) %}
|
|
{%- for iface in interfaces | rejectattr('lag') %}
|
|
interface {{ iface.name }}
|
|
{% if iface.type.value != 'lag' %}
|
|
{% if iface.enabled %} no shutdown{% else %} shutdown{% endif %}
|
|
{% endif %}
|
|
|
|
{%+ if iface.mode and iface.mode.value == 'access' %}
|
|
switchport mode access
|
|
{% if iface.untagged_vlan and iface.untagged_vlan.vid != 1 %}
|
|
switchport access vlan {{ iface.untagged_vlan.vid }}
|
|
{% else %}
|
|
no switchport access vlan
|
|
{% endif %}
|
|
{% if voice_vlan is defined and not iface.mgmt_only %}
|
|
voice vlan enable
|
|
{% else %}
|
|
no voice vlan enable
|
|
{% endif %}
|
|
|
|
{%+ elif iface.mode and iface.mode.value == 'tagged' %}
|
|
switchport mode trunk
|
|
switchport trunk allowed vlan {{ (iface.tagged_vlans or vlans) | map(attribute='vid') | compact_numlist }}
|
|
|
|
{%+ else %}
|
|
|
|
{% endif %}
|
|
|
|
{%- if iface.mgmt_only and iface.ip_addresses %}
|
|
{% set mgmt.ip = iface.ip_addresses[0].address %}
|
|
{% if iface.custom_fields.gateway %}
|
|
{% set mgmt.gw = iface.custom_fields.gateway.address %}
|
|
{% endif %}
|
|
{% endif %}
|
|
|
|
{% if iface.name in ifaces_dhcp | default([]) %}
|
|
ip dhcp snooping trust
|
|
{% else %}
|
|
no ip dhcp snooping trust
|
|
{% endif %}
|
|
{% endfor %}
|
|
|
|
{%- if mgmt.ip %}
|
|
interface Vlan1
|
|
ip address {{ mgmt.ip | ipaddr('address') }} {{ mgmt.ip | ipaddr('netmask') }}
|
|
{% endif %}
|
|
|
|
voice vlan mac-address 2C-3E-CF-00-00-00 FF-FF-FF-00-00-00 description Cisco
|
|
voice vlan mac-address 3C-0E-23-00-00-00 FF-FF-FF-00-00-00 description Cisco
|
|
voice vlan mac-address B8-38-61-00-00-00 FF-FF-FF-00-00-00 description Cisco
|
|
voice vlan mac-address C4-14-3C-00-00-00 FF-FF-FF-00-00-00 description Cisco
|
|
|
|
{% if voice_vlan is defined %}
|
|
voice vlan {{ voice_vlan }}
|
|
{% else %}
|
|
no voice vlan
|
|
{% endif %}
|
|
|
|
snmp-server
|
|
snmp-server name {{ inventory_hostname }}
|
|
snmp-server location {{ rack }}
|
|
{# SNMP engine ID must be exactly 24 hex digits #}
|
|
snmp-server engineID local {{ snmp_engine_id }}
|
|
snmp-server group public v3 priv read CommunityView
|
|
|
|
sntp enable
|
|
{% for address in ntp %}
|
|
sntp server {{ address }}
|
|
{% endfor %}
|
|
|
|
ntp access-group default nomodify noquery
|
|
|
|
{% if ifaces_dhcp | default(false) %}
|
|
ip dhcp snooping
|
|
{% else %}
|
|
no ip dhcp snooping
|
|
{% endif %}
|
|
|
|
{% if mgmt.gw %}
|
|
ip route 0.0.0.0 0.0.0.0 {{ mgmt.gw | ipaddr('address') }} primary
|
|
{% endif %}
|
|
|
|
no ddp |