Ansible to Configure DHCP IP-Helper Address on Multiple Devices

In this post we'll be configuring ip-helper address on multiple devices using Ansible. We'll be defining the interfaces to be configured for different devices in host_vars.

In ansible, host-specific variables can be defined in the host_vars sub-directory either in the home directory of user executing ansible play or in /etc/ansible. Each file/directory in the host_vars sub-directory is name after the host it represents, e.g. host variable for device router-01 are stored in either ~/host_vars/router-01 or /etc/ansible/host_vars/router-01


Define variables for different interfaces of various devices that would be configured by Ansible play.

$ mkdir host_vars

$ vi host_vars/ios-xe-01.yml
---
dhcp_interfaces:
  - interface: loopback 30

$ vi host_vars/ios-xe-02.yml
---
dhcp_interfaces:
  - interface: loopback 25
  - interface: loopback 35



Let's view the roles in tree view

$ tree host_vars/
host_vars/
├── ios-xe-01.yml
└── ios-xe-02.yml
0 directories, 2 files 



Create inventory file

$ vi inv_cisco-router 
# Asible Inventory file for cisco XE routers

[hosts]
ios-xe-01
ios-xe-02

[hosts:vars]
ansible_network_os=ios
ansible_user=developer
ansible_ssh_pass=C1sco12345



Create playbook for configuring ip-helper address

$ vi play_helper-addr.yml
---
- name: Configure ip-helper on multiple devices
  hosts: all
  gather_facts: no
  connection: network_cli
  tasks:
    - ios_config:
        lines:
          - ip helper-address 10.200.200.10
          - ip helper-address 10.200.200.20
        parents: interface {{ item.interface }}
      with_items: "{{ dhcp_interfaces }}" 


Let's run the playbook

$ ansible-playbook play_helper-addr.yml -i inv_cisco-router
PLAY [Configure ip-helper on multiple devices] *******************************************************************************************
TASK [ios_config] ************************************************************************************************************************
changed: [ios-xe-01] => (item={'interface': 'loopback 25'})
changed: [ios-xe-02] => (item={'interface': 'loopback 35'})
changed: [ios-xe-02] => (item={'interface': 'loopback 30'})
PLAY RECAP *******************************************************************************************************************************
ios-xe-mgmt-latest.cisco.com : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0
ios-xe-mgmt.cisco.com      : ok=1    changed=1    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

 


Let's verify the IP helper address on devices
ios-xe-01#show ip helper-address 
Interface                  Helper-Address  VPN     VRG Name        VRG State
Loopback30                 10.200.200.10   0       None            Unknown
                           10.200.200.20   0       None            Unknown
ios-xe-02#show ip helper-address 
Interface                  Helper-Address  VPN     VRG Name        VRG State
Loopback25                 10.200.200.10   0       None            Unknown
                           10.200.200.20   0       None            Unknown
Loopback35                 10.200.200.10   0       None            Unknown
                           10.200.200.20   0       None            Unknown

Comments

Post a Comment

Popular posts from this blog

Ansible-Playbook to display output of multiple show commands (using stdout_lines with Loop)

 In this playbook, we we'll see how we can get display of multiple show commands in stdout_lines format. We can make use of loops (or with_items) for submitting multiple commands, but debug output with stdout_lines does not gives the formatted result as it would give for single command. So in case of multiple commands, we can debug the output of each command separately in stdout_lines format.
Read more

Filtering Routes in BGP using Route-maps and Prefix-list

Image
Order of preference of attributes in BGP The order of preference varies based on whether the attributes are applied for inbound updates or outbound updates. For inbound updates the order of preference is:     route-map     filter-list     prefix-list, distribute-list For outbound updates the order of preference is:     prefix-list, distribute-list     filter-list     route-map NOTE: The attributes prefix-list and distribute-list are mutually exclusive, and only one command (neighbor distribute-list or neighbor prefix-list) can be applied to each inbound or outbound direction for a particular neighbor. Scenario: We own the AS500 and advertising a network block of 192.0.2.0/24 and 180.179.179.0/16 to two different ISPs. Objectives: Configure router R1 to establish eBGP neighbor relationship with ISP1. Configure router R1 to establish eBGP neighbor relationship with ISP2. Advertise  192.0.2.0/24 network to ISP1 only. Advertise 180.179.179.0/16 network to ISP2 only. Receive routes having n
Read more

Ansible Playbook for Network OS Upgrade with pre and post checks

You have 100s of network switches or routers that you need to upgrade. How much time would it take for you to do the upgrades? There are a lot number of sub-tasks involved while upgrading IOS image of a Cisco router or a switch. This time of upgradation can be reduced through automation from various Enterprise Configuration Management tools that also have ability to upgrade network OS. Though these tools give an easy to use graphical interface, but this requires you to have appropriate license and also restricts you to customize your upgrade process.
Read more

Ansible-playbook for backing up running config of Cisco IOS

This ansible-playbook can be used to backup running configuration from Cisco IOS devices. You can refer to my earlier post Getting Started with your first ansible-playbook for Network Automation  to know about the parameters used in this playbook. Inventory file # Inventory file for Ansible [XE] ios-xe-mgmt.cisco.com:8181 ios-xe-mgmt-latest.cisco.com:8181 [XR] sbx-iosxr-mgmt.cisco.com:8181 [all:vars] ansible_network_os=ios Playbook --- - name: Define Parameters   hosts: XE   gather_facts: no   connection: network_cli   tasks:    - name: backup the config      ios_config:       backup: yes      register: backup_config    - name: Store the config to directory      copy:       src: "{{ backup_config.backup_path }}"       dest: "/tmp/backups/{{ inventory_hostname }}" Running the playbook [prashant@Prashant-VM01 ~]$ ansible-playbook play03.yml -i /home/prashant/inventory -u developer -k SSH password: PLAY [Define Parameters] **********************************************
Read more

Cisco ASA Active/Active Failover Configuration

Image
Active/Active failover is only available to security appliances in multiple context mode. In an Active/Active failover configuration, both security appliances can pass network traffic. In Active/Active failover, you divide the security contexts on the security appliance into failover groups. A failover group is simply a logical group of one or more security contexts. You can create a maximum of two failover groups on the security appliance. The admin context is always a member of failover group 1. Any unassigned security contexts are also members of failover group 1 by default. We have already seen the configuration for Active/Standby failover in the previous article. This article focuses on how to configure an Active/Active Failover configuration on ASA Security Appliance.
Read more

VMware NSX Traffic Flow — East-West & North-South

Image
Understanding how traffic is flowing in NSX environment is an important aspect to successfully maintain and troubleshoot networks having NSX. In this post we'll understand hop-by-hop flow of traffic in East-West and North-South directions. East-West: VMs on Same Subnet, Same Host VM-1 has IP address 172.16.20.6 and VM-2 has IP address 172.16.20.7 VM-1 vNIC è Logical Switch (Segment ID 5002) è VM-2 vNIC
Read more

Creating MPLS Layer 3 VPN

Image
When used with MPLS, the VPN feature allows several sites to interconnect transparently through a service provider's network. One service provider network can support several different IP VPNs. Each of these appears to its users as a private network, separate from all other networks. Within a VPN, each site can send IP packets to any other site in the same VPN. Each VPN is associated with one or more VPN routing and forwarding instances (VRFs). A VRF consists of an IP routing table, a derived Cisco express forwarding (CEF) table, and a set of interfaces that use this forwarding table.
Read more

Export or Backup Azure Network Security Groups into CSV using PowerShell

There could be many use cases where you may want to export Network Security Groups into CSV. You might have question, how to export or backup Azure Network Security Groups into CSV. Here is the PowerShell script that you can use to export Azure Network Security Groups into CSV using PowerShell script. This script will export Network Security Group along with rules of all Active subscriptions into a CSV.
Read more