Hi
If a new NAT rule is added to the NAT service of the edge gateway and the description for the rule is set.
GatewayNatRuleType rIn = OBJECT_FACTORY.createGatewayNatRuleType();
NatRuleType ruleIn = OBJECT_FACTORY.createNatRuleType();
ruleIn.setDescription("something");
....
gateway.configureServices(edgeGatewayServiceConfiguration).waitForTask(TIMEOUT);
The retrieved description for the rule is empty.
Here are the POST and GET requests (I removed the irrelevant sections so they are not so long)
The relevant section is highlighted..
How to file this bug?
Best wishes,
Denes
POST (configuration)
<ns6:EdgeGatewayServiceConfiguration xmlns="http://www.vmware.com/vcloud/versions" xmlns:ns2="http://schemas.dmtf.org/ovf/envelope/1" xmlns:ns3="http://schemas.dmtf.org/wbem/wscim/1/common" xmlns:ns4="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_VirtualSystemSettingData" xmlns:ns5="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_ResourceAllocationSettingData" xmlns:ns6="http://www.vmware.com/vcloud/v1.5" xmlns:ns7="http://www.vmware.com/schema/ovf" xmlns:ns8="http://schemas.dmtf.org/ovf/environment/1" xmlns:ns9="http://www.vmware.com/vcloud/extension/v1.5">
<ns6:GatewayDhcpService>
<ns6:IsEnabled>true</ns6:IsEnabled>
<ns6:Pool>
<ns6:IsEnabled>true</ns6:IsEnabled>
<ns6:Network href="https://172.16.1.20/api/admin/network/e448fc1e-8985-46be-8b29-f6ff789b660e" name="internalNetForVdc1" type="application/vnd.vmware.vcloud.orgVdcNetwork+xml"/>
<ns6:DefaultLeaseTime>3600</ns6:DefaultLeaseTime>
<ns6:MaxLeaseTime>7200</ns6:MaxLeaseTime>
<ns6:LowIpAddress>192.168.0.4</ns6:LowIpAddress>
<ns6:HighIpAddress>192.168.0.253</ns6:HighIpAddress>
</ns6:Pool>
</ns6:GatewayDhcpService>
<ns6:FirewallService>
<ns6:IsEnabled>true</ns6:IsEnabled>
<ns6:DefaultAction>drop</ns6:DefaultAction>
<ns6:LogDefaultAction>false</ns6:LogDefaultAction>
</ns6:FirewallService>
<ns6:NatService>
<ns6:IsEnabled>true</ns6:IsEnabled>
<ns6:NatRule>
<ns6:Description>5e8e2682-247d-4691-b2c5-7cbcf396ec09</ns6:Description>
<ns6:RuleType>DNAT</ns6:RuleType>
<ns6:IsEnabled>false</ns6:IsEnabled>
<ns6:GatewayNatRule>
<ns6:Interface href="https://172.16.1.20/api/admin/network/3489b129-4e3e-40e9-89c3-4ffd526348ed" name="kukuPublicNetwork" type="application/vnd.vmware.admin.network+xml"/>
<ns6:OriginalIp>172.16.11.2</ns6:OriginalIp>
<ns6:OriginalPort>any</ns6:OriginalPort>
<ns6:TranslatedIp>127.1.0.0</ns6:TranslatedIp>
<ns6:TranslatedPort>any</ns6:TranslatedPort>
<ns6:Protocol>any</ns6:Protocol>
</ns6:GatewayNatRule>
</ns6:NatRule>
</ns6:NatService>
</ns6:EdgeGatewayServiceConfiguration>
<EdgeGateway xmlns="http://www.vmware.com/vcloud/v1.5" status="1" name="edgeGatewayName1" id="urn:vcloud:gateway:7a400781-cf7c-4d90-8b4f-dad58ab39328" type="application/vnd.vmware.admin.edgeGateway+xml" href="https://172.16.1.20/api/admin/edgeGateway/7a400781-cf7c-4d90-8b4f-dad58ab39328" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.vmware.com/vcloud/v1.5 http://172.16.1.20/api/v1.5/schema/master.xsd">
<Configuration>
<EdgeGatewayServiceConfiguration>
<NatService>
<IsEnabled>true</IsEnabled>
<NatRule>
<!-- no description field here -->
<RuleType>DNAT</RuleType>
<IsEnabled>false</IsEnabled>
<Id>65538</Id>
<GatewayNatRule>
<Interface type="application/vnd.vmware.admin.network+xml" name="kukuPublicNetwork" href="https://172.16.1.20/api/admin/network/3489b129-4e3e-40e9-89c3-4ffd526348ed"/>
<OriginalIp>172.16.11.2</OriginalIp>
<OriginalPort>any</OriginalPort>
<TranslatedIp>127.1.0.0</TranslatedIp>
<TranslatedPort>any</TranslatedPort>
<Protocol>any</Protocol>
</GatewayNatRule>
</NatRule>
</NatService>
</EdgeGatewayServiceConfiguration>
</Configuration>
</EdgeGateway>
NAT rules aren't supposed to have a description
Hi
I think NAT rules should have a description field. It is clearly defined in
and in the REST XSD definitions
<xs:complexType name="NatRuleType">
<xs:annotation>
<xs:documentation source="since">0.9</xs:documentation>
<xs:documentation xml:lang="en">
Represents a NAT rule.
</xs:documentation>
</xs:annotation>
<xs:complexContent>
<xs:extension base="VCloudExtensibleType">
<xs:sequence>
<xs:element name="Description" type="xs:string" minOccurs="0" maxOccurs="1">
<xs:annotation>
<xs:documentation source="since">1.0</xs:documentation>
<xs:documentation source="modifiable">always</xs:documentation>
<xs:documentation xml:lang="en">
Description of NAT rule.
</xs:documentation>
<xs:documentation source="required">false</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="RuleType" type="xs:string" minOccurs="0" maxOccurs="1">
<xs:annotation>
<xs:appinfo><meta:version added-in="5.1"/></xs:appinfo>
<xs:documentation source="modifiable">always</xs:documentation>
<xs:documentation xml:lang="en">
Type of NAT rule. One of: SNAT (source NAT), DNAT (destination NAT)
</xs:documentation>
<xs:documentation source="required">false</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="IsEnabled" type="xs:boolean" minOccurs="0" maxOccurs="1">
<xs:annotation>
<xs:appinfo><meta:version added-in="5.1"/></xs:appinfo>
<xs:documentation source="modifiable">always</xs:documentation>
<xs:documentation xml:lang="en">
Used to enabled or disable NAT rule.
</xs:documentation>
<xs:documentation source="required">false</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="Id" type="xs:int" minOccurs="0" maxOccurs="1">
<xs:annotation>
<xs:appinfo><meta:version added-in="5.1"/></xs:appinfo>
<xs:documentation source="modifiable">always</xs:documentation>
<xs:documentation xml:lang="en">
Id of the rule. Can be used to track syslog messages.
</xs:documentation>
<xs:documentation source="required">false</xs:documentation>
</xs:annotation>
</xs:element>
<xs:choice>
<xs:element name="GatewayNatRule" type="GatewayNatRuleType">
<xs:annotation>
<xs:appinfo><meta:version added-in="5.1"/></xs:appinfo>
<xs:documentation source="modifiable">always</xs:documentation>
<xs:documentation xml:lang="en">
Defines SNAT and DNAT types.
</xs:documentation>
<xs:documentation source="required">false</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="OneToOneBasicRule" type="NatOneToOneBasicRuleType">
<xs:annotation>
<xs:documentation source="modifiable">always</xs:documentation>
<xs:documentation xml:lang="en">
Maps one internal IP address to one external IP address.
</xs:documentation>
<xs:documentation source="required">false</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="OneToOneVmRule" type="NatOneToOneVmRuleType">
<xs:annotation>
<xs:documentation source="modifiable">always</xs:documentation>
<xs:documentation xml:lang="en">
Maps one VM NIC to one external IP addresses.
</xs:documentation>
<xs:documentation source="required">false</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="PortForwardingRule" type="NatPortForwardingRuleType">
<xs:annotation>
<xs:documentation source="modifiable">always</xs:documentation>
<xs:documentation xml:lang="en">
Port forwarding internal to external IP addresses.
</xs:documentation>
<xs:documentation source="required">false</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="VmRule" type="NatVmRuleType">
<xs:annotation>
<xs:documentation source="modifiable">always</xs:documentation>
<xs:documentation xml:lang="en">
Port forwarding VM NIC to external IP addresses.
</xs:documentation>
<xs:documentation source="required">false</xs:documentation>
</xs:annotation>
</xs:element>
</xs:choice>
</xs:sequence>
</xs:extension>
</xs:complexContent>
</xs:complexType>
Thanks,
Denes
Must be a mistake in the docs then
Hi
It is ok to have a mistake in the documentation, but the webservice XSD is like a very - very strict definition.
Why do you think it is a mistake for me it sound like a bug.
D.
I'll check and let you know
You are trying to set NatRuleType instead of GatewayNatRuleType
GatewayNatRuleType is for Gateway NAt service and does not have description
Here is schema for both NAtRuleType and GatewyaRuleType:
<NatRuleType xmlns="http://www.vmware.com/vcloud/v1.5">
<Description> xs:string </Description>
<RuleType> xs:string </RuleType>
<IsEnabled> xs:boolean </IsEnabled>
<Id> xs:int </Id>
</NatRuleType>
<GatewayNatRuleType xmlns="http://www.vmware.com/vcloud/v1.5">
<Interface href="xs:anyURI" id="xs:string" name="xs:string" type="xs:string"/>
<OriginalIp> IpAddressType </OriginalIp>
<OriginalPort> xs:string </OriginalPort>
<TranslatedIp> IpAddressType </TranslatedIp>
<TranslatedPort> xs:string </TranslatedPort>
<Protocol> xs:string </Protocol>
<IcmpSubType> xs:string </IcmpSubType>
</GatewayNatRuleType>
Could you also file SR for this to remove description from xsd?
Currently, it raises validation error if you try to update exisiting nat rule with description. Ideally, NAT rules should have description to distinguish the rule.
Hi
Would it be possible not to remove the description field. It would be very usefull to identify NAT rules
it one have may rules on the edge gateway.
I am using the both the GatewayNatRuleType and NatRuleType classes and set the description in the NatRuleType
Where can I file a SR?
D.
private static String requestIp(NatServiceType natService, ReferenceType externalNetwork, String externalIp, ReferenceType internalNetwork, String internalIp){
UUID uuid = UUID.randomUUID();
GatewayNatRuleType rIn = OBJECT_FACTORY.createGatewayNatRuleType();
rIn.setProtocol("any");
rIn.setOriginalIp(externalIp);
rIn.setOriginalPort("any");
rIn.setTranslatedPort("any");
rIn.setTranslatedIp(internalIp);
rIn.setInterface(externalNetwork);
NatRuleType ruleIn = OBJECT_FACTORY.createNatRuleType();
ruleIn.setDescription(uuid.toString());
ruleIn.setRuleType("DNAT");
ruleIn.setIsEnabled(false);
ruleIn.setGatewayNatRule(rIn);
natService.getNatRule().add(ruleIn);
return VMWARE_FAIL+externalIp;
//return uuid; HACK BUG vmware fails to save the description field of the NAT rule
}
void foo(){
String compositeId = requestIp(nat, gInterface.getNetwork(), cAddress, internalNetRef, NOT_USED_INTERNAL_IP);
GatewayFeaturesType edgeGatewayServiceConfiguration = gateway.getResource().getConfiguration().getEdgeGatewayServiceConfiguration();
gateway.configureServices(edgeGatewayServiceConfiguration).waitForTask(TIMEOUT);
}
You can use the vmware website to file an SR, or call vmware support and file SR over the phone