From e89ed1a92b08d4d154c56999ab19457bacd00267 Mon Sep 17 00:00:00 2001
From: Christian Svensson <blue@cmd.nu>
Date: Mon, 19 Feb 2024 20:44:50 +0100
Subject: [PATCH] kamel: Fix for TTL leak from inner to outer VXLAN

See https://github.com/sonic-net/sonic-buildimage/issues/10050 for
details.
---
 orchagent/vxlanorch.cpp | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/orchagent/vxlanorch.cpp b/orchagent/vxlanorch.cpp
index 1983cf7286b..a1b149b870a 100644
--- a/orchagent/vxlanorch.cpp
+++ b/orchagent/vxlanorch.cpp
@@ -1925,7 +1925,7 @@ bool VxlanTunnelMapOrch::addOperation(const Request& request)
     if (vni_id >= MAX_VNI_ID)
     {
         SWSS_LOG_ERROR("Vxlan tunnel map vni id is too big: %d", vni_id);
-        return true;
+        return false;
     }
 
     tempPort.m_vnid = (uint32_t) vni_id;
@@ -1950,11 +1950,18 @@ bool VxlanTunnelMapOrch::addOperation(const Request& request)
 
     if (!tunnel_obj->isActive())
     {
+        auto encap_ttl  = static_cast<sai_uint32_t>(request.getAttrUint("encap_ttl"));
+        if (encap_ttl > 255)
+        {
+            SWSS_LOG_ERROR("Vxlan tunnel map encap TTL is too big: %d", encap_ttl);
+            return false;
+        }
         //@Todo, currently only decap mapper is allowed
         uint8_t mapper_list = 0;
         TUNNELMAP_SET_VLAN(mapper_list);
         TUNNELMAP_SET_VRF(mapper_list);
-        tunnel_obj->createTunnelHw(mapper_list,TUNNEL_MAP_USE_DEDICATED_ENCAP_DECAP);
+        tunnel_obj->createTunnelHw(mapper_list, TUNNEL_MAP_USE_DEDICATED_ENCAP_DECAP,
+                                   /* with_term */ true, static_cast<sai_uint8_t>(encap_ttl));
         if (!tunnel_orch->isDipTunnelsSupported())
         {
             Port tunPort;