diff --git a/roles/network_plugin/calico/defaults/main.yml b/roles/network_plugin/calico/defaults/main.yml
index d010bcebea881e6a6e6d4972f818ed7d58e949d2..d7108a4add23b93441652a82ebfaee12b85823dc 100644
--- a/roles/network_plugin/calico/defaults/main.yml
+++ b/roles/network_plugin/calico/defaults/main.yml
@@ -72,3 +72,5 @@ calico_datastore: "etcd"
 typha_enabled: false
 # Number of typha replicas
 typha_replicas: 1
+
+calico_feature_control: {}
diff --git a/roles/network_plugin/calico/templates/cni-calico.conflist.j2 b/roles/network_plugin/calico/templates/cni-calico.conflist.j2
index f9c50e13357ee7d0231b118a4b108567ea131c17..cfee547d78ddb5045313d6deccce53524bef8748 100644
--- a/roles/network_plugin/calico/templates/cni-calico.conflist.j2
+++ b/roles/network_plugin/calico/templates/cni-calico.conflist.j2
@@ -28,6 +28,15 @@
         "subnet": "usePodCidr"
       },
 {% endif %}
+{% if (calico_feature_control is defined) and (calico_feature_control|length > 0) %}
+      "feature_control": {
+        {% for fc in calico_feature_control -%}
+        {% set fcval = calico_feature_control[fc] -%}
+          "{{ fc }}": {{ (fcval | string | lower) if (fcval == true or fcval == false) else "\"" + fcval + "\"" }}{{ "," if not loop.last else "" }}
+        {% endfor -%}
+      {{- "" }}
+      },
+{% endif %}
 {% if enable_network_policy %}
       "policy": {
         "type": "k8s"