"does not have spare capacity to satisfy new block subnet ... Error code 520012" when enabling Default Outbound NAT on VPC Connectivity Profile
search cancel

"does not have spare capacity to satisfy new block subnet ... Error code 520012" when enabling Default Outbound NAT on VPC Connectivity Profile

book

Article ID: 438937

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • When attempting to enable Default Outbound NAT on a VPC Connectivity Profile, the operation fails with the error:

IpAddressBlock [/infra/ip-blocks/<IP block>] does not have spare capacity to satisfy new block subnet /orgs/default/projects/default/vpcs/VPC/ip-address-pools/<address pool>/ip-subnets/<subnet ID> of size 1. (Error code: 520012)


  • The IP Block has no free IP when queried via API

    GET "https://NSX_Manager/policy/api/v1/infra/ip-blocks/<UUID>/usage"
    Enter host password for user 'admin':
    "used_ip_ranges" : [ "192.168.1.0 - 192.168.1.31" ],
    "available_ip_ranges" : [ ],
    "used_ips_count" : "32".
    "available_ips_count" : "0"

Environment

VMware Cloud Foundation
VMware NSX 

 

Cause

The issue is caused by a lack of available IP addresses within the allocated IP Address Block. Enabling Outbound NAT requires at least one free IP address from the block to satisfy the requirement for the VPC IP Address Pool. This may occur if the public subnet is already configured to a size that consumes the entire capacity of the block (e.g., a size 32 subnet in a block of 32 addresses), leaving no spare capacity for the NAT service.

Resolution

To resolve this issue, reduce the size of the public subnet to less than the size of the IP address block which will free up an IP addresses and allow NAT to be enabled.

Powered by Wolken Software