HCX Network Extension might be allowed or prevented under certain conditions.
Detected and Restricted Source Network Types
- vSphere cluster infrastructure networks (ESXi VMkernel networks).
- HCX Network Profile networks (Distributed Port Groups or Segments selected in a Network Profile).
- Untagged networks (Distributed Port Groups with VLAN type None, ID 0 or NULL).
- Private VLAN (PVLAN) networks.
Unsupported Source Configurations
HCX Network Extension does not support the following source configurations:
- vSphere Standard Switch (VSS) networks.
- Cisco Nexus 1000v or other third-party switches.
- Cisco Application Centric Infrastructure (ACI) with VMware Virtual Machine Monitor (VMM).
- vSphere Distributed Switches configured with LACP.
- Virtual machine networks must only be extended with a single solution. HCX does not support Network Extension for networks already extended to the same NSX router by an external solution. For example, HCX Network Extension or NSX L2 VPN can be used to provide connectivity, but both must not be used simultaneously. Using multiple bridging solutions simultaneously can result in a network outage.
- Virtual machine networks with shared or overlapping VLAN configurations should not be extended to the same destination router. This can result in a network outage.
- Secondary subnets in a single distributed port group.
Unsupported Destination Configurations
HCX Network Extension does not support the following destination configurations:
- NSX-T Global Federation configurations.
HCX does not integrate with the NSX Global Manager (only the NSX Local Manager).
- NSX-T environments without a Tier 1 Router.
- NSX-T environments without an Overlay Transport Zone.
- HCX supports one Network Extension to a maximum of 3 distinct destinations or routers.
- One HCX Network Extension configuration cannot be extended multiple times to the same destination/router.
- Daisy-chain "L" network extension (extending extensions) is only supported to one additional environment in the same data center, public cloud provider, and region.
- Daisy-chain extension is not supported with source networks based on NSX distributed routing.
- Daisy-chain extension can lower end-to-end network performance due to the combined latency and additional layer of packet and encryption processing.
- One HCX Network Extension appliance can only connect to one Distributed Virtual Switch or NSX Transport Zone.
- One HCX Network Extension configuration cannot use multiple HCX Network Extension appliances.
- HCX Network Extension does not detect or mitigate loops.
- Virtual machine networks that span more than one vCenter Server should not be extended from more than one vCenter to the same destination router. This can result in a network outage.
- HCX Network Extension does not detect or mitigate IP conflicts on the network.
- HCX Network Extension does not detect or mitigate MAC conflicts on the network.
- For a cloud/site pair, a given network can be extended through only one appliance and is subject to the resource and the performance limitations of that appliance.
- When a network is extended using an incorrect gateway IP or Prefix, unextending and re-extending the network with the correct information will fail due to the mismatch on the NSX tier-1 gateway configuration at the destination. In this case, it is necessary to remove manually the previous network extension segment from the destination NSX manager.
- HCX Network Extension connects to an existing segment on the target site if it has the same gateway IP and Prefix configured for the extension, and it disconnects the NSX tier-1 interface from the segment. If the NSX tier-1 interface was previously connected and in service, all communication to the gateway on that cloud segment is disrupted.