From de438d1af35ec2719bec64abbf3b2e42c16409e2 Mon Sep 17 00:00:00 2001
From: Adit Sarfaty <asarfaty@vmware.com>
Date: Wed, 12 Jun 2019 12:07:37 +0300
Subject: [PATCH] NSX|P: Set ipsec endpoints advertisment

Depends-on: I4bfa618937efd03f2ec3fcc5c9733554023f0701
Change-Id: Ic4c5f69a726e5fa17324e6abfe65a02dbc1ce6ba
---
 vmware_nsx/services/vpnaas/nsxp/ipsec_driver.py | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/vmware_nsx/services/vpnaas/nsxp/ipsec_driver.py b/vmware_nsx/services/vpnaas/nsxp/ipsec_driver.py
index 404442c4be..7cc7dd9dad 100644
--- a/vmware_nsx/services/vpnaas/nsxp/ipsec_driver.py
+++ b/vmware_nsx/services/vpnaas/nsxp/ipsec_driver.py
@@ -194,6 +194,7 @@ class NSXpIPsecVpnDriver(common_driver.NSXcommonIPsecVpnDriver):
         services = self.vpn_plugin.get_vpnservices(
             context.elevated(), filters=filters)
         rule_name_pref = 'VPN advertisement service'
+        has_connections = False
         for srv in services:
             # use only services with non-errored connections
             filters = {'vpnservice_id': [srv['id']],
@@ -202,6 +203,7 @@ class NSXpIPsecVpnDriver(common_driver.NSXcommonIPsecVpnDriver):
                 context.elevated(), filters=filters)
             if not connections:
                 continue
+            has_connections = True
             if srv['subnet_id']:
                 subnet = self.l3_plugin.get_subnet(
                     context.elevated(), srv['subnet_id'])
@@ -223,6 +225,10 @@ class NSXpIPsecVpnDriver(common_driver.NSXcommonIPsecVpnDriver):
         self._nsxpolicy.tier1.update_advertisement_rules(
             router_id, rules, name_prefix=rule_name_pref)
 
+        # Also update the ipsec endpoints advertisement
+        self._nsxpolicy.tier1.update_route_advertisement(
+            router_id, ipsec_endpoints=has_connections)
+
     def _nsx_tags(self, context, object):
         return self._nsxpolicy.build_v3_tags_payload(
             object, resource_type='os-vpn-connection-id',