ivucica
commented
1 year ago Internal code change created which should resolve the immediate pain of these two issues. Once submitted internally, it should be published externally too.
Closed ivucica closed 1 year ago
ivucica
commented
1 year ago Internal code change created which should resolve the immediate pain of these two issues. Once submitted internally, it should be published externally too.
ivucica
commented
1 year ago Fixed in 9e9812ed78b7c70bc6137ecd956f3ff6c460f214
0.0.0.0/[anything]is rejected with HTTP 400:Web UI also rejects 0.0.0.0/8 with the same message. If
/0is the sole member ofsource_groupsordestination_groups, it is easy to deal with: we can just useANY. However, if we have0.0.0.0/8as a, for example, part of set subtraction, then this is not the right way out. I'd say it's a bug in NSX-T to not support these use cases: it will happily accept0.0.0.1as a valid IP, but not as a part of the subnet spec.Additionally, if we have port range consisting of one port (e.g.
1234-1234) this will get rejected, and1234should be submitted. Otherwise we get this HTTP 400 error (it was guesswork which of the rules caused it, but it looks like1234-1234was the culprit).