In this part of the NSX-T tidbits series, it’s about the current IPv6 support. During the writing of my IPv6 series, I needed to know which features are currently support in the current (3.1) version and found out there isn’t a good overview of it. After digging into blog posts the NSX documentation and release notes, I created the list below. If some features are missing, just let me know, so I can add them.

Feature overview

Mainly since NSX-T 2.4, IPv6 functionalities have been added. Amit Aneja wrote an excellent post on this matter with the release of NSX-T 2.4, early 2019. Check out his article Introducing IPv6 in NSX-T Data Center 2.4.

The NSX-T documentation on the other hand is not clear which features are available, so let’s sum up the IPv6 features based on the documentation and release notes since version 2.4 up to the latest, which at time of writing is 3.1.2.

CategoryVersionFeature
Tier-0 Gateway2.4MP-eBGP with IPv4 and IPv6 address families
Multi-hop eBGP
iBGP
ECMP support with static routes, eBGP and iBGP
Outbound and Inbound route influencing using Weight, Local Pref, AS Path prepend and MED
IPv6 Route Redistribution
IPv6 Route Aggregation
IPv6 Prefix List and Route map
3.1BGP can advertise IPv4 prefixes over IPv6 only BGP peers (RFC 5549)
Tier-0 / 1 Gateway2.4Static routes with IPv6 Next-hop
DHCPv6 relay
Neighbor Discovery (ND)
2.5Stateless Address Autoconfiguration (SLAAC)
Router Advertisement (RA); NSX-T Gateway provides IPv6 parameters
Duplicate Address Detection (DAD)
3.0NAT64; Stateful Network Address Translation from IPv6 to IPv4
Stateful DHCPv6 Support and associated parameters
Support for Load Balancer (LB) Virtual Servers and Members
Logical switching2.4Native IPv6 and Dual Stack Segments
Logical Routing2.4Native IPv6 and Dual Stack distributed routing
Firewall2.4L2-L4 stateful distributed firewall (DFW)
L2-L4 stateful edge firewall
Switch security2.4DHCPv6 server blocking
DHCPv6 client blocking
Router Advertisement (RA) Guard
IP Discovery2.4DHCPv6 Snooping
VM Tools IPv6
Neighbour Discovery (ND) Snooping
(by inspecting neighbor solicitation (NS) and neighbor advertisement (NA) messages)
Operations2.4Ping, Traceroute, Traceflow
Port Mirroring
IPFIX
Packet capture on all TN (KVM, ESX and Edge) with IPv6 filters

To conclude

By putting this info into the main IPv6 series, the post was getting too long. That’s why these are a good fit for a tidbit. If you’re interested in the IPv6 series, the different parts can be found here:

Useful links

Introducing IPv6 in NSX-T Data Center 2.4

NSX-T documentation


0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *