From e831bfc351b718695ee56c682db4bc458444fa3e Mon Sep 17 00:00:00 2001
From: Gary Kotton <gkotton@vmware.com>
Date: Tue, 12 Dec 2017 01:36:19 -0800
Subject: [PATCH] NSX|V3: improve ENS exception limitations

ENS backed networks do not support port security. Ensure that a
bad request execption is raised from neutron and not an internal
error.

Change-Id: Ic139e20eb3eea2687e0263625f9075f6ebd75959
---
 vmware_nsx/plugins/nsx_v3/plugin.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/vmware_nsx/plugins/nsx_v3/plugin.py b/vmware_nsx/plugins/nsx_v3/plugin.py
index f46d2a7009..d4a7b98664 100644
--- a/vmware_nsx/plugins/nsx_v3/plugin.py
+++ b/vmware_nsx/plugins/nsx_v3/plugin.py
@@ -303,7 +303,10 @@ class NsxV3Plugin(agentschedulers_db.AZDhcpAgentSchedulerDbMixin,
                                  nsx_exc.SecurityGroupMaximumCapacityReached:
                                  webob.exc.HTTPBadRequest,
                                  nsx_lib_exc.NsxLibInvalidInput:
-                                 webob.exc.HTTPBadRequest})
+                                 webob.exc.HTTPBadRequest,
+                                 nsx_exc.NsxENSPortSecurity:
+                                 webob.exc.HTTPBadRequest,
+                                 })
 
     def _init_fwaas(self, resource, event, trigger, **kwargs):
         self.fwaas_callbacks = None