When running the smoke_tests_isolation errand against the Isolation Segment deployment, you may see failures indicating: " Error: Response exceeded maximum allowed length":

Task 3412804
Task 3412804 | 15:44:27 | Preparing deployment: Preparing deployment
Task 3412804 | 15:44:27 | Deprecation: Top level 'properties' in addons are deprecated. Please define 'properties' at the job level.
Task 3412804 | 15:44:33 | Warning: Executing errand on multiple instances in parallel. Use the '--instance" flag to run the errand on a single instance.
Task 3412804 | 15:44:33 | Preparing deployment: Preparing deployment (00:00:06)
Task 3412804 | 15:44:33 | Running errand: isolated_diego_cell/##### (6)
---
Task 3412804 | 16:03:51 | Running errand: isolated_diego_cell/##### (29) (00:08:22)
L Erron: Response exceeded maximum allowed length

Debug logging for this task shows a 502 error after the app instance starts:

Waiting for app SMOKES-APP-9f8867ee-5be8 to start…
\nOUT:
\nERR: Instances starting…
\nERR: Instances starting…
\nERR: Instances starting…
---
\nOUT: buildpacks:         
\nOUT: isolation segment:   segment_4
\nOUT: \tname             version   detect output   buildpack name
\nOUT: \truby_buildpack   1.10.31   ruby            ruby
\nOUT: \nOUT: type:            web
\nOUT: sidecars:       
\nOUT: instances:       1/1
\nOUT: memory usage:    1024M
\nOUT: start command:   bundle exec rackup config.ru -p $PORT
\nOUT:      state     since                  cpu    memory     disk       logging        cpu entitlement   details
\nOUT: #0   running   2025-09-15T16:00:48Z   0.0%   0B of 1G   0B of 1G   0B/s of 0B/s   0.0%             
\n\nCMD\u003e cf app --guid SMOKES-APP-9f8867ee-5be8
\nOUT: 5785e86c-7059-4e55-bed6-0f28e40cee3a
\n\nCMD\u003e cf app SMOKES-APP-9f8867ee-5be8
\nOUT: Showing health and status for app SMOKES-APP-9f8867ee-5be8 in org system / space CF_SMOKE_TEST_SPACE as smoke_tests…
---
\nOUT:      state     since                  cpu    memory
    disk       logging        cpu entitlement   details
\nOUT: #0   running   2025-09-15T16:00:49Z   0.0%   0B of 1G   0B of 1G   0B/s of 0B/s   0.0%             
\nHTTP Request: https://SMOKES-APP-9f8867ee-5be8.apps.###.###00.####.###/json\nInstance #: 0\nResponse Code: 502

TAS v6.0.18

The smoke test is designed to fail based on certain configurations. In this scenario, the configuration was the following:

Isolation Segments (segment_4)

• Compute Isolation: Enabled
• Network Isolation: Isolation segment only (Dedicated Router, LB, and Domain)

TAS GoRouter

• reject_all: Reject requests for all isolation segments
• GoRouter Manifest

Domains

• TAS shared domain: apps.###.###00.####.### → goes to TAS Gorouters
• Isolation Segment domain: apps4.###.###00.####.###→ goes to Isolation Segment Router

In this case, it pushes the application to the isolation segment domain, but it then tries to access it using the shared apps domain. This hits the TAS GoRouters, which in this scenario is configured to reject_all isolation segment traffic and results in the 502.

This issue arises due to an incorrect configuration where a custom org/space/domain is not specified for the isolation segment. This config is located under Smoke Tests in the Isolation Segment tile.

Since 2021, the CF apps domain has been used for the `apps_domain` in isoseg tests unless a custom org/space/domain has been set. The `isolation_segment_domain` value is used only in a subset of the isoseg tests if it is specified. Specifying a custom org/space/domain for the isolation segment will resolve the issue.