All configurations made from the Global Manager are made in Policy mode. Manager mode is not available in NSX Federation.

See NSX Manager for more information about the two modes.

Configuration Maximums

An NSX Federation environment has the following configuration maximums:

  • For most configurations, the Local Manager cluster has the same configuration maximums as an NSX Manager cluster. Go to VMware Configuration Maximums tool and select NSX-T Data Center.

    Select the NSX Federation category for NSX-T Data Center in the VMware Configuration Maximums tool for exceptions and other NSX Federation-specific values.

  • For a given location, the following configurations contribute to the configuration maximum:
    • Objects that were created on the Local Manager.
    • Objects that were created on the Global Manager and include the location in its span.

    You can view the capacity and usage on each Local Manager. See View the Usage and Capacity of Categories of Objects.

    You can view the capacity and usage on each Local Manager. See View the Usage and Capacity of Categories of Objects in the NSX-T Data Center Administration Guide.

Feature Support

Table 1. Features Supported in NSX Federation
Feature Details Related Links
Tier-0 Gateway
  • 3.0.1 and later: Active Active and Active Standby
  • 3.0.0: Active Active only
 Add a Tier-0 Gateway from Global Manager
Tier-1 Gateway Add a Tier-1 Gateway from Global Manager
Segments Layer 2 Bridge is not supported. Add a Segment from Global Manager
Groups Some limitations. See Security in NSX Federation. Create Groups from Global Manager
Distributed Firewall Create DFW Policies and Rules from Global Manager
Gateway Firewall Create Gateway Policies and Rules from Global Manager
Network Address Translation (NAT)
  1. Tier-0 gateway:
    • Active Active: You can configure stateless NAT only, that is, with action type Reflexive.
    • Active Standby: You can create stateful or stateless NAT rules.
  2. Tier-1 gateway:
    • You can create stateful or stateless NAT rules.
    • Stateless NAT rules are pushed to all locations in the gateway's span unless scoped to one or more locations specifically.
    • Stateful NAT rules are also pushed to all locations in the gateway's span or to the specific location selected. However, stateful NAT rules are realized and enforced only on the primary location.
Configure SNAT/DNAT/No SNAT/No DNAT/Reflexive NAT
DNS See Add a DNS Forwarder Service
DHCP and SLAAC
  • DHCP Relay is supported on segments and gateways.
  • DHCPv4 server is supported on gateways with DHCP static bindings configured on segments.
  • IPv6 addresses can be assigned using SLAAC with DNS Through RA (DAD detects duplicates within a location only).
Using objects created on Global Manager in a Local Manager configuration
  1. Most configurations are supported. For example:
    • Connecting a Local Manager tier-1 gateway to a Global Manager tier-0 gateway.
    • Using a Global Manager group in a Local Manager distributed firewall rule.
  2. These configurations are not supported:
    • Connecting a Local Manager segment to a Global Manager tier-0 or tier-1 gateway.
    • Connecting a load balancer to a Global Manager tier-1 gateway.
Backup and Restore
  • 3.0.1 and later: backup with FQDN or IP is supported.
  • 3.0.0: backup with FQDN is not supported.
 Backup and Restore in NSX Federation
vMotion between locations Cold migration between locations is not supported.