diff --git a/vmware_nsx/plugins/nsx_v/plugin.py b/vmware_nsx/plugins/nsx_v/plugin.py index 66c0573104..452693ac3d 100644 --- a/vmware_nsx/plugins/nsx_v/plugin.py +++ b/vmware_nsx/plugins/nsx_v/plugin.py @@ -1929,6 +1929,8 @@ class NsxVPluginV2(addr_pair_db.AllowedAddressPairsMixin, raise n_exc.InvalidInput(error_message=err_msg) def update_router(self, context, router_id, router): + # Validate that the gateway information is relevant + self._extract_external_gw(context, router, is_extract=False) # Toggling the distributed flag is not supported if 'distributed' in router['router']: r = self.get_router(context, router_id) diff --git a/vmware_nsx/tests/unit/nsx_v/test_plugin.py b/vmware_nsx/tests/unit/nsx_v/test_plugin.py index 060a5ac968..b91d0167f1 100644 --- a/vmware_nsx/tests/unit/nsx_v/test_plugin.py +++ b/vmware_nsx/tests/unit/nsx_v/test_plugin.py @@ -1900,8 +1900,30 @@ class L3NatTest(test_l3_plugin.L3BaseForIntTests, NsxVPluginV2TestCase): def test_router_add_gateway_no_subnet(self): self.skipTest('No support for no subnet gateway set') + def _set_net_external(self, net_id): + self._update('networks', net_id, + {'network': {external_net.EXTERNAL: True}}) + + def _add_external_gateway_to_router(self, router_id, network_id, + expected_code=webob.exc.HTTPOk.code, + neutron_context=None, ext_ips=None): + ext_ips = ext_ips or [] + body = {'router': + {'external_gateway_info': {'network_id': network_id}}} + if ext_ips: + body['router']['external_gateway_info'][ + 'external_fixed_ips'] = ext_ips + return self._update('routers', router_id, body, + expected_code=expected_code, + neutron_context=neutron_context) + def test_router_add_gateway_no_subnet_forbidden(self): - self.skipTest('TBD - unblock gate') + with self.router() as r: + with self.network() as n: + self._set_net_external(n['network']['id']) + self._add_external_gateway_to_router( + r['router']['id'], n['network']['id'], + expected_code=webob.exc.HTTPBadRequest.code) class L3NatTestCaseBase(test_l3_plugin.L3NatTestCaseMixin):