Segment cannot be created or edited because the subnet overlaps with an LB VIP
Article ID: 325100
Updated On:
Products
VMware NSX
Issue/Introduction
Symptoms:
- Creating or Editing a Segment fails with the error
"IP address A.B.C.D/X overlaps with LbVirtualServer <> that has IP address A.B.C.D."
- The segment and the LB Virtual Server are configured on separate Tier 1 Gateways
- The LB VIP is an IP in the range of the Segment IP subnet
- Note: if the Segment and Virtual Server are configured on the same Tier 1 Gateway, this error is expected.
- On the NSX manager "get log-file policy.log" may have a log entry like this example
2020-01-28T08:06:26.621Z INFO http-nio-127.0.0.1-6440-exec-28 NsxBaseRestController - - [nsx@6876 comp="nsx-manager" level="INFO" subcomp="policy"] Error in API /policy/api/v1/infra/segments/LS1 caused by exception com.vmware.nsx.management.common.exceptions.InvalidArgumentException: {"moduleName":"Policy","errorCode":500105,"errorMessage":"Address 192.168.1.192/26 overlaps with LbVirtualServer path=[/infra/lb-virtual-servers/HTTP_LB] that has IP address 192.168.1.192"}
Environment
VMware NSX-T Data Center 2.x
VMware NSX-T Data Center
VMware NSX-T Data Center
Cause
When a Segment is created or edited, a validation check is performed to ensure the Segment subnet does not overlap with LB Virtual Server IP address.
This check is designed to be per Tier 1 Gateway however this issue is caused when the validation checks IPs in use on all Tier 1 Gateways.
This check is designed to be per Tier 1 Gateway however this issue is caused when the validation checks IPs in use on all Tier 1 Gateways.
Resolution
This issue is resolved in VMware NSX-T Data Center 3.0, available at VMware Downloads.
Workaround:
To bypass this validation check, delete the Virtual Server, then create/edit the Segment and recreate the Virtual Server
Feedback
Yes
No
Powered by
