In this part of the NSX-T tidbits series, it’s about the current IPv6 support. During the writing of my IPv6 series, I needed to know which features are currently support in the current (3.1) version and found out there isn’t a good overview of it. After digging into blog posts the NSX documentation and release notes, I created the list below. If some features are missing, just let me know, so I can add them.
Feature overview
Mainly since NSX-T 2.4, IPv6 functionalities have been added. Amit Aneja wrote an excellent post on this matter with the release of NSX-T 2.4, early 2019. Check out his article Introducing IPv6 in NSX-T Data Center 2.4.
The NSX-T documentation on the other hand is not clear which features are available, so let’s sum up the IPv6 features based on the documentation and release notes since version 2.4 up to the latest, which at time of writing is 3.1.2.
| Category | Version | Feature |
| Tier-0 Gateway | 2.4 | MP-eBGP with IPv4 and IPv6 address families |
| Multi-hop eBGP | ||
| iBGP | ||
| ECMP support with static routes, eBGP and iBGP | ||
| Outbound and Inbound route influencing using Weight, Local Pref, AS Path prepend and MED | ||
| IPv6 Route Redistribution | ||
| IPv6 Route Aggregation | ||
| IPv6 Prefix List and Route map IPv6 Loopback Interfaces | ||
| 3.1 | BGP can advertise IPv4 prefixes over IPv6 only BGP peers (RFC 5549) | |
| Tier-0 / 1 Gateway | 2.4 | Static routes with IPv6 Next-hop |
| DHCPv6 relay | ||
| Neighbor Discovery (ND) | ||
| 2.5 | Stateless Address Autoconfiguration (SLAAC) | |
| Router Advertisement (RA); NSX-T Gateway provides IPv6 parameters | ||
| Duplicate Address Detection (DAD) | ||
| 3.0 | NAT64; Stateful Network Address Translation from IPv6 to IPv4 | |
| Stateful DHCPv6 Support and associated parameters | ||
| Support for Load Balancer (LB) Virtual Servers and Members | ||
| Logical switching | 2.4 | Native IPv6 and Dual Stack Segments |
| Logical Routing | 2.4 | Native IPv6 and Dual Stack distributed routing |
| Firewall | 2.4 | L2-L4 stateful distributed firewall (DFW) |
| L2-L4 stateful edge firewall | ||
| Switch security | 2.4 | DHCPv6 server blocking |
| DHCPv6 client blocking | ||
| Router Advertisement (RA) Guard | ||
| IP Discovery | 2.4 | DHCPv6 Snooping |
| VM Tools IPv6 | ||
| Neighbour Discovery (ND) Snooping (by inspecting neighbor solicitation (NS) and neighbor advertisement (NA) messages) | ||
| Operations | 2.4 | Ping, Traceroute, Traceflow |
| Port Mirroring | ||
| IPFIX | ||
| Packet capture on all TN (KVM, ESX and Edge) with IPv6 filters |
To conclude
By putting this info into the main IPv6 series, the post was getting too long. That’s why these are a good fit for a tidbit. If you’re interested in the IPv6 series, the different parts can be found here:
- Part 1: IPv6 Primer
- Part 2: IPv6 at home using 6RD
- Part 3: Native IPv6 in the Lab
- Part 4: IPSec VPN
- Part 5: IPv6 with NSX-T
0 Comments