• When using HCX, Network Extension (NE) policy-routes cannot be modified or updated through the wizard.
  • Prefix addition in HCX Policy Routes doesn't trigger an API call to NSX-T until the "Submit" button is clicked.
  • Adding both valid and invalid prefixes and then clicking "Submit" results in a failed NSX-T put call (500 error), with neither prefix programmed in the NSX-T manager Tier-0 prefix list.
  • Removing the invalid prefix and leaving only the valid one allows a successful NSX-T put call upon clicking "Submit," programming the valid prefix into the NSX-T manager Tier-0 prefix list.
    
    
• In the /common/logs/admin/web.log from HCX Connector, the following error can be observed: 
  

  2024-01-24 18:02:42.512 UTC [https-jsse-nio-8443-exec-8, Ent: HybridityAdmin, , TxId: TxId: ########-####-####-####-############] ERROR c.v.h.n.util.NetworkExtensionUtils- Failed to create prefix list for tier0 <tier0-name> policy routes. Response: {"status":"failure","statusCode":400,"details":"","result":{"httpStatus":"BAD_REQUEST","error_code":503041,"module_name":"Policy","error_message":"Invalid network CIDR 192.168.0.0\/1."}}

• Below is the screenshot from the Browser Developer Console, confirming the invalid prefix.
  

VMware HCX 4.8

If invalid routes are added in HCX UI, the customer will not be able to modify (add/remove) the policy route.

This is a known issue in HCX 4.8

This issue is resolved in VMware HCX 4.9, available at Broadcom downloads.
If you are having difficulty finding and downloading software, please review the Download Broadcom products and software KB.