From db088c6e9c218812ee30b85e5a5b2784691ec6f1 Mon Sep 17 00:00:00 2001
From: Adit Sarfaty <asarfaty@vmware.com>
Date: Sun, 21 Jul 2019 09:56:30 +0300
Subject: [PATCH] NSX|V3+P: Fix address pairs validation

1. /32 cidr is allowed
2. ipv6 validation is not necessary as the backend supports cidrs.

Change-Id: If8027db6190486a2a0c6410ad119810f4938f13d
---
 vmware_nsx/plugins/common_v3/plugin.py | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/vmware_nsx/plugins/common_v3/plugin.py b/vmware_nsx/plugins/common_v3/plugin.py
index 396075a1b1..c5eaa6690b 100644
--- a/vmware_nsx/plugins/common_v3/plugin.py
+++ b/vmware_nsx/plugins/common_v3/plugin.py
@@ -323,9 +323,12 @@ class NsxPluginV3Base(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,
     def _validate_address_pairs(self, address_pairs):
         for pair in address_pairs:
             ip = pair.get('ip_address')
-            if len(ip.split('/')) > 1:
-                LOG.error("cidr is not supported in allowed address pairs")
-                raise nsx_exc.InvalidIPAddress(ip_address=ip)
+            # Validate ipv4 cidrs (No limitation on ipv6):
+            if ':' not in ip:
+                if len(ip.split('/')) > 1 and ip.split('/')[1] != '32':
+                    LOG.error("cidr %s is not supported in allowed address "
+                              "pairs", ip)
+                    raise nsx_exc.InvalidIPAddress(ip_address=ip)
 
     def _validate_number_of_address_pairs(self, port):
         address_pairs = port.get(addr_apidef.ADDRESS_PAIRS)