aboutsummaryrefslogtreecommitdiff
path: root/roles/network/tasks/vlans.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/network/tasks/vlans.yaml')
-rw-r--r--roles/network/tasks/vlans.yaml39
1 files changed, 39 insertions, 0 deletions
diff --git a/roles/network/tasks/vlans.yaml b/roles/network/tasks/vlans.yaml
new file mode 100644
index 0000000..f71d1e4
--- /dev/null
+++ b/roles/network/tasks/vlans.yaml
@@ -0,0 +1,39 @@
+- name: Add VLAN configuration
+ ansible.builtin.raw: "robocfg vlan {{ item }} ports '1t 5t'"
+ loop: "{{ network.vlans }}"
+
+- name: Bind VLANs to eth0
+ ansible.builtin.raw: "vconfig add eth0 {{ item }}"
+ loop: "{{ network.vlans }}"
+ ignore_errors: true
+
+- name: Bring VLANs up
+ ansible.builtin.raw: "ip link set dev vlan{{ item }} up"
+ loop: "{{ network.vlans }}"
+
+- name: Create bridges
+ ansible.builtin.raw: "brctl addbr br{{ item }}"
+ loop: "{{ network.vlans }}"
+ ignore_errors: true
+
+- name: Add vlans to bridges
+ ansible.builtin.raw: "brctl addif br{{ item }} vlan{{ item }}"
+ loop: "{{ network.vlans }}"
+ ignore_errors: true
+
+- name: Setup IP Ranges for VLANs
+ ansible.builtin.raw: "ip addr add 192.168.{{ item }}.1/24 dev br{{ item }}"
+ loop: "{{ network.vlans }}"
+ ignore_errors: true
+
+- name: Bring bridges up
+ ansible.builtin.raw: "ip link set dev br{{ item }} up"
+ loop: "{{ network.vlans }}"
+
+- name: Allow INPUT from bridges #This allows packets to reach the router
+ ansible.builtin.raw: "iptables -A INPUT -i br{{ item }} -j ACCEPT"
+ loop: "{{ network.vlans }}"
+
+- name: Allow INPUT from bridges #This allows packets to be forwarded to other interfaces
+ ansible.builtin.raw: "iptables -A FORWARD -i br{{ item }} -j ACCEPT"
+ loop: "{{ network.vlans }}"
generated by cgit (git 2.34.1) at 2025-09-05 03:57:18 +0000