When configuring some network resources, you should be aware of certain restrictions.

NSX-T Tagging Limits

NSX-T has the following limits on tagging an object:

  • The scope has a limit of 20 characters.

  • The tag has a limit of 40 characters.

  • Each object can have no more than 15 tags.

These limits might cause issues when Kubernetes or OpenShift annotations are copied to NSX-T scopes and tags and the limits are exceeded. For example, if a tag is for a switch port and the tag is used in a firewall rule, the rule might not be applied as expected because the annotation key or value was truncated when copied to a scope or tag.

Configuring Network Policies

When creating a NetworkPolicy resource, in the podSelector field, the matchLabels field must have no more than one label and the matchExpressions field must be empty. Otherwise, NCP will fail to implement the network policy.