NSX|V prevent adding illegal routes

The nsx-v backend does not suport adding a route where the
nexthop is part of the destination.
This patch skips it (instead of failing at the backend)
and also skips a tempest test that tries the same thing

Change-Id: I41181d43cffbf0e5cbb63069ed864683834c77b9

devstack/nsx_v/devstackgaterc

@@ -23,6 +23,7 @@ r="^(?!.*"
 
 r="$r(?:tempest\.api\.network\.test_ports\.PortsTestJSON\.test_create_update_port_with_second_ip.*)"
 r="$r|(?:tempest\.api\.network\.test_floating_ips\.FloatingIPTestJSON\.test_create_update_floatingip_with_port_multiple_ip_address.*)"
+r="$r|(?:tempest\.api\.network\.test_routers\.RoutersTest\.test_update_delete_extra_route.*)"
 
 # End list of exclusions.
 r="$r)"

vmware_nsx/plugins/nsx_v/vshield/edge_utils.py

@@ -2225,6 +2225,14 @@ def update_routes(edge_manager, context, router_id, routes, nexthop=None):
         else:
             vnic_binding = nsxv_db.get_edge_vnic_binding(
                 context.session, edge_id, route['network_id'])
+            if (netaddr.IPAddress(route['nexthop']) in
+                netaddr.IPNetwork(route['destination'])):
+                # check that the nexthop is not in the destination
+                LOG.error("Cannot add route with nexthop %(nexthop)s "
+                          "contained in the destination: %(dest)s.",
+                          {'dest': route['destination'],
+                           'nexthop': route['nexthop']})
+                continue
             if vnic_binding and vnic_binding.get('vnic_index'):
                 edge_routes.append({
                     'vnic_index': vnic_binding['vnic_index'],