---

- name: enable ipv4 forwarding
  shell: echo 1 > /proc/sys/net/ipv4/ip_forward

- name: ensure ipv4 forwarding is always enabled (enabled in permanent config)
  lineinfile:
    path: /etc/sysctl.conf
    regexp: '^net\.ipv4\.ip_forward'
    line: net.ipv4.ip_forward=1

- name: bind ip addresses of each subnet to interface
  shell: ip addr add {{ item.ip }}/{{ item.subnet }} dev {{ item.iface }}
  with_items: "{{ subnets }}"