From c0c7707d0d262d54b95a1e63bdb91b9a43ffc58f Mon Sep 17 00:00:00 2001
From: Anuradha Karuppiah <anuradhak@cumulusnetworks.com>
Date: Tue, 3 Nov 2020 14:34:46 -0800
Subject: [PATCH] zebra: fix problem with SVI IP being advertised even if
 disabled

SVI IP is being advertised unconditionally i.e. even if disabled (and
that is the default config). This can be problematic when the SVI address
is re-used across racks.

Added the user config condition in all the relevant places where the
SVI advertisement is triggered.

Signed-off-by: Anuradha Karuppiah <anuradhak@cumulusnetworks.com>
---
 zebra/zebra_evpn.c  | 21 ++++++++++++++++-----
 zebra/zebra_vxlan.c | 10 ++++++++++
 2 files changed, 26 insertions(+), 5 deletions(-)

diff --git a/zebra/zebra_evpn.c b/zebra/zebra_evpn.c
index b232c664bc..2bab2997a3 100644
--- a/zebra/zebra_evpn.c
+++ b/zebra/zebra_evpn.c
@@ -151,6 +151,9 @@ void zebra_evpn_print(zebra_evpn_t *zevpn, void **ctxt)
 						 buf, sizeof(buf)));
 		json_object_string_add(json, "advertiseGatewayMacip",
 				       zevpn->advertise_gw_macip ? "Yes" : "No");
+		json_object_string_add(json, "advertiseSviMacip",
+				       zevpn->advertise_svi_macip ? "Yes"
+								  : "No");
 		json_object_int_add(json, "numMacs", num_macs);
 		json_object_int_add(json, "numArpNd", num_neigh);
 	}
@@ -194,6 +197,8 @@ void zebra_evpn_print(zebra_evpn_t *zevpn, void **ctxt)
 			num_neigh);
 		vty_out(vty, " Advertise-gw-macip: %s\n",
 			zevpn->advertise_gw_macip ? "Yes" : "No");
+		vty_out(vty, " Advertise-svi-macip: %s\n",
+			zevpn->advertise_svi_macip ? "Yes" : "No");
 	}
 }
 
@@ -569,7 +574,9 @@ void zebra_evpn_gw_macip_add_for_evpn_hash(struct hash_bucket *bucket,
 		return;
 
 	/* Add primary SVI MAC-IP */
-	zebra_evpn_add_macip_for_intf(vlan_if, zevpn);
+	if (advertise_svi_macip_enabled(zevpn)
+	    || advertise_gw_macip_enabled(zevpn))
+		zebra_evpn_add_macip_for_intf(vlan_if, zevpn);
 
 	if (advertise_gw_macip_enabled(zevpn)) {
 		/* Add VRR MAC-IP - if any*/
@@ -927,12 +934,16 @@ void zebra_evpn_read_mac_neigh(zebra_evpn_t *zevpn, struct interface *ifp)
 	if (vlan_if) {
 
 		/* Add SVI MAC-IP */
-		zebra_evpn_add_macip_for_intf(vlan_if, zevpn);
+		if (advertise_svi_macip_enabled(zevpn)
+		    || advertise_gw_macip_enabled(zevpn))
+			zebra_evpn_add_macip_for_intf(vlan_if, zevpn);
 
 		/* Add VRR MAC-IP - if any*/
-		vrr_if = zebra_get_vrr_intf_for_svi(vlan_if);
-		if (vrr_if)
-			zebra_evpn_add_macip_for_intf(vrr_if, zevpn);
+		if (advertise_gw_macip_enabled(zevpn)) {
+			vrr_if = zebra_get_vrr_intf_for_svi(vlan_if);
+			if (vrr_if)
+				zebra_evpn_add_macip_for_intf(vrr_if, zevpn);
+		}
 
 		neigh_read_for_vlan(zns, vlan_if);
 	}
diff --git a/zebra/zebra_vxlan.c b/zebra/zebra_vxlan.c
index 424c00d5eb..b36a9612a7 100644
--- a/zebra/zebra_vxlan.c
+++ b/zebra/zebra_vxlan.c
@@ -4493,6 +4493,16 @@ int zebra_vxlan_add_del_gw_macip(struct interface *ifp, struct prefix *p,
 		return -1;
 	}
 
+	/* VRR IP is advertised only if gw-macip-adv-enabled */
+	if (IS_ZEBRA_IF_MACVLAN(ifp)) {
+		if (!advertise_gw_macip_enabled(zevpn))
+			return 0;
+	} else {
+		/* SVI IP is advertised if gw or svi macip-adv-enabled */
+		if (!advertise_svi_macip_enabled(zevpn)
+		    && !advertise_gw_macip_enabled(zevpn))
+			return 0;
+	}
 
 	memcpy(&macaddr.octet, ifp->hw_addr, ETH_ALEN);
 
-- 
2.39.5