In this recipe, we will explore how to configure the interface IP address on Cisco IOS devices. We will use the sample topology to configure the VLAN interfaces on both the core switches. We will outline how to configure VRRP between the core switches for all the VLAN interfaces. We will configure the following IP addresses:

This recipe assumes that the interface and VLANs are configured as per the previous recipes in this chapter.

1. Update the group_vars/core.yml file with following data to define the SVI interfaces:

$ cat group_vars/core.yml
<-- Output Trimmed for brevity ------>
svi_interfaces:
  - name: Vlan10
    ipv4: 10.1.10.0/24
    vrrp: yes
    ospf: passive
 -  name: Vlan20
    ipv4: 10.1.20.0/24
    vrrp: yes
    ospf: passive
 -  name: Vlan100
    ipv4: 10.1.100.0/24
    vrrp: yes
    ospf: passive

2. Create core01.yml and core02.yml files under the host_vars folder and add the following content:

$ cat host_vars/core01.yml
 hst_svi_id: 1
 hst_vrrp_priority: 100
$ cat host_vars/core02.yml
 hst_svi_id: 2
 hst_vrrp_priority: 50

3. Update the pb_build_network.yml playbook with the following tasks to create and enable the L3 SVI interfaces:

- name: "PLAY 2: Configure Core Switches"
  hosts: core
  tags: l3_core
  tasks:
<-- Output Trimmed for brevity ------>
    - name: "Create L3 VLAN Interfaces"
      ios_l3_interface:
        name: "{{item.name }}"
        ipv4: "{{item.ipv4 | ipv4(hst_svi_id)}}"
      loop: "{{svi_interfaces}}"
      tags: l3_svi
    - name: "Enable the VLAN Interfaces"
      ios_interface:
        name: "{{ item.name }}"
        state: up
      loop: "{{ svi_interfaces }}"

4. Update the playbook with the following task to set up VRRP configuration on the SVI interfaces:

    - name: "Create VRRP Configs"
      ios_config:
        parents: interface {{ item.name }}
        lines:
          - vrrp {{item.name.split('Vlan')[1]}} priority {{ hst_vrrp_priority }}
          - vrrp {{item.name.split('Vlan')[1]}} ip {{item.ipv4 | ipv4(254)|ipaddr('address')}}
      loop: "{{svi_interfaces | selectattr('vrrp','equalto',true) | list }}"

In this section, we are configuring the IP addresses for the L3 VLAN interfaces on the core switches, as well as configuring VRRP on all the L3 VLAN interfaces to provide L3 redundancy.

We are using a new list data structure called svi_interfaces, which describes all the SVI interfaces with L3 IP addresses, and also some added parameters to control both the VRRP and OSPF configured on these interfaces. We also set up two new variables on each core router, hst_svi_id and hst_vrrp_priority, which we will use in the playbook to control the IP address on each core switch, as well as the VRPP priority.

We use the ios_l3_interface Ansible module to set the IPv4 addresses on the VLAN interfaces. On each core switch, we loop over the svi_interfaces data structure, and for each VLAN we configure the IPv4 address on the corresponding VLAN interface. We determine which IP address is configured on each router using the Ansible ipaddr filter, along with the hst_svi_id parameter {{item.ipv4 | ipv4(hst_svi_id)}} . So, for example, for VLAN10, we will assign 10.1.10.1/24 for core01 and 10.1.10.2/24 for core02.

For the VRRP part, we return to using the ios_config module to set up the VRRP configuration on all the VLAN interfaces, and we use hst_vrrp_priority to correctly set up core01 as the master VRRP for all VLANs.

The following is a sample of the configuration that is pushed on the devices after running the playbook:

Core01
 ========
 !
 interface Vlan10
 ip address 10.1.10.1 255.255.255.0
 vrrp 10 ip 10.1.10.254
 !
Core02
 =======
 !
 interface Vlan10
 ip address 10.1.10.2 255.255.255.0
 vrrp 10 ip 10.1.10.254
 vrrp 10 priority 50

For more information regarding ios_l3_interface and the different parameters supported by these modules, please consult the following URL:

https://docs.Ansible.com/Ansible/latest/modules/ios_l3_interface_module.html