addons: bridge: disable ip fwding on a bridge with no ip and no upperifaces

Ticket: CM-8363
Reviewed By: purna, balki, julien
Testing Done: Tested bridge bringup with and without addr and svi's

Signed-off-by: Roopa Prabhu <roopa@cumulusnetworks.com>

diff --git a/addons/bridge.py b/addons/bridge.py
index 53093ccad7a2628b342a46fee17f4e60a21324a1..00df4842089c882bef69cfe96f26dbe26a5d6518 100644 (file)
--- a/addons/bridge.py
+++ b/addons/bridge.py
@@ -673,6 +673,21 @@ class bridge(moduleBase):
             return True
         return False
 
+    def _set_bridge_forwarding(self, ifaceobj):
+        """ set ip forwarding to 0 if bridge interface does not have a
+        ip nor svi """
+        if not ifaceobj.upperifaces and not ifaceobj.get_attr_value('address'):
+            # set forwarding = 0
+            if self.sysctl_get('net.ipv4.conf.%s.forwarding' %ifaceobj.name) == '1':
+                self.sysctl_set('net.ipv4.conf.%s.forwarding' %ifaceobj.name, 0)
+            if self.sysctl_get('net.ipv6.conf.%s.forwarding' %ifaceobj.name) == '1':
+                self.sysctl_set('net.ipv6.conf.%s.forwarding' %ifaceobj.name, 0)
+        else:
+            if self.sysctl_get('net.ipv4.conf.%s.forwarding' %ifaceobj.name) == '0':
+                self.sysctl_set('net.ipv4.conf.%s.forwarding' %ifaceobj.name, 1)
+            if self.sysctl_get('net.ipv6.conf.%s.forwarding' %ifaceobj.name) == '0':
+                self.sysctl_set('net.ipv6.conf.%s.forwarding' %ifaceobj.name, 1)
+
     def _apply_bridge_settings(self, ifaceobj):
         try:
             if self._is_config_stp_state_on(ifaceobj):
@@ -688,6 +703,8 @@ class bridge(moduleBase):
                 if self._is_running_stp_state_on(ifaceobj.name):
                    self.brctlcmd.set_stp(ifaceobj.name, 'no')
 
+            self._set_bridge_forwarding(ifaceobj)
+
             # Use the brctlcmd bulk set method: first build a dictionary
             # and then call set
             bridgeattrs = { k:v for k,v in