NSX Load Balancer configuration fails with Error Code 502111 when mixing IPv6 and IPv4 addresses
Article ID: 440872
Updated On:
Products
Issue/Introduction
In VMware NSX, configuring a native Layer 4 or Layer 7 Load Balancer virtual server fails during application. The system rejects the configuration if there is an IP family mismatch between the frontend Virtual Server and the backend Server Pool members.
The following explicit error message is displayed in the NSX Manager UI or returned via the API: IP address in virtual server, static pool member, SNAT IP pool and pool member customer settings should have the same IP version.(Error code: 502111)
Environment
VMware NSX
Cause
The native NSX Load Balancer engine does not support stateful IP version translation (such as NAT64 or translating an IPv6 VIP to IPv4 backend pool members) within a single load balancing instance. The Virtual Server, Server Pool members, and associated SNAT IP pools must all be configured within the exact same IP address family (all IPv4 or all IPv6).
Resolution
To resolve this issue, align the IP address families across the entire load balancing path using one of the following architectural models:
End-to-End IPv6 Configuration (Recommended):
Configure the backend application virtual machines with native IPv6 or dual-stack addresses.
Update the NSX Server Pool configuration to use the backend VMs' IPv6 addresses as static pool members.
Re-submit the configuration with the IPv6 Virtual Server.
Upstream NAT64/DNS64 Translation Gateway:
Maintain the backend Server Pool and the NSX Virtual Server within the native IPv4 family.
Deploy or configure an upstream network layer (such as a Tier-0 Gateway or an external physical firewall) to handle the NAT64 translation from external IPv6 clients into the internal IPv4 Virtual Server IP.
Feedback
