From 5df1156cc25e3d326fde450879b52cf6174a09bc Mon Sep 17 00:00:00 2001
From: Doug Szumski <doug@stackhpc.com>
Date: Fri, 20 Jul 2018 14:39:21 +0100
Subject: [PATCH] Support configuring rp_filter mode

Change-Id: Iaceef08bde7bdee153040afdcfd800c7c4141c07
Story: 2003056
Task: 23093
---
 ansible/roles/ip-routing/defaults/main.yml | 4 ++++
 ansible/roles/ip-routing/tasks/main.yml    | 4 ++--
 2 files changed, 6 insertions(+), 2 deletions(-)
 create mode 100644 ansible/roles/ip-routing/defaults/main.yml

diff --git a/ansible/roles/ip-routing/defaults/main.yml b/ansible/roles/ip-routing/defaults/main.yml
new file mode 100644
index 000000000..1046ec520
--- /dev/null
+++ b/ansible/roles/ip-routing/defaults/main.yml
@@ -0,0 +1,4 @@
+---
+
+# See kernel doc for more detail: /Documentation/networking/ip-sysctl.txt
+ip_routing_rp_filter_mode: 0
diff --git a/ansible/roles/ip-routing/tasks/main.yml b/ansible/roles/ip-routing/tasks/main.yml
index aeb896b82..f2a1a2e0f 100644
--- a/ansible/roles/ip-routing/tasks/main.yml
+++ b/ansible/roles/ip-routing/tasks/main.yml
@@ -6,6 +6,6 @@
     sysctl_set: "yes"
   with_items:
     - { name: "net.ipv4.ip_forward", value: 1}
-    - { name: "net.ipv4.conf.all.rp_filter", value: 0}
-    - { name: "net.ipv4.conf.default.rp_filter", value: 0}
+    - { name: "net.ipv4.conf.all.rp_filter", value: "{{ ip_routing_rp_filter_mode }}"}
+    - { name: "net.ipv4.conf.default.rp_filter", value: "{{ ip_routing_rp_filter_mode }}"}
   become: True