vmware-tanzu
diff --git a/‎build/yaml/crd/vpc/crd.nsx.vmware.com_subnets.yaml‎
Lines changed: 1 addition & 0 deletions b/‎build/yaml/crd/vpc/crd.nsx.vmware.com_subnets.yaml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎build/yaml/crd/vpc/crd.nsx.vmware.com_subnetsets.yaml‎
Lines changed: 1 addition & 0 deletions b/‎build/yaml/crd/vpc/crd.nsx.vmware.com_subnetsets.yaml‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎docs/ref/apis/vpc.md‎
Lines changed: 3 additions & 2 deletions b/‎docs/ref/apis/vpc.md‎
Lines changed: 3 additions & 2 deletions
diff --git a/‎go.mod‎
Lines changed: 1 addition & 1 deletion b/‎go.mod‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎go.sum‎
Lines changed: 2 additions & 2 deletions b/‎go.sum‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎pkg/apis/vpc/v1alpha1/subnet_types.go‎
Lines changed: 17 additions & 16 deletions b/‎pkg/apis/vpc/v1alpha1/subnet_types.go‎
Lines changed: 17 additions & 16 deletions
diff --git a/‎pkg/controllers/common/utils.go‎
Lines changed: 62 additions & 0 deletions b/‎pkg/controllers/common/utils.go‎
Lines changed: 62 additions & 0 deletions
diff --git a/‎pkg/controllers/common/utils_test.go‎
Lines changed: 188 additions & 0 deletions b/‎pkg/controllers/common/utils_test.go‎
Lines changed: 188 additions & 0 deletions
@@ -167,6 +167,7 @@ spec:
                     - DHCPServer
                     - DHCPRelay
                     - DHCPDeactivated
+                    - DHCPServerStateless
                     type: string
                 type: object
                 x-kubernetes-validations:
 
@@ -116,6 +116,7 @@ spec:
                     - DHCPServer
                     - DHCPRelay
                     - DHCPDeactivated
+                    - DHCPServerStateless
                     type: string
                 type: object
                 x-kubernetes-validations:
 
@@ -207,6 +207,7 @@ _Appears in:_
 | `DHCPDeactivated` |  |
 | `DHCPServer` |  |
 | `DHCPRelay` |  |
+| `DHCPServerStateless` |  |
 
 
 #### DHCPv6ServerAdditionalConfig
@@ -908,7 +909,7 @@ _Appears in:_
 
 | Field | Description | Default | Validation |
 | --- | --- | --- | --- |
-| `mode` _[DHCPConfigMode](#dhcpconfigmode)_ | DHCP Mode. DHCPDeactivated will be used if it is not defined. |  | Enum: [DHCPServer DHCPRelay DHCPDeactivated] <br /> |
+| `mode` _[DHCPConfigMode](#dhcpconfigmode)_ | DHCP Mode. DHCPDeactivated will be used if it is not defined. |  | Enum: [DHCPServer DHCPRelay DHCPDeactivated DHCPServerStateless] <br /> |
 | `dhcpServerAdditionalConfig` _[DHCPServerAdditionalConfig](#dhcpserveradditionalconfig)_ | Additional DHCP server config for a VPC Subnet. |  |  |
 
 
@@ -1236,7 +1237,7 @@ _Appears in:_
 
 | Field | Description | Default | Validation |
 | --- | --- | --- | --- |
-| `vpc` _string_ | NSX path of the VPC the Namespace is associated with.<br />If vpc is set, only defaultSubnetSize takes effect, other fields are ignored. |  |  |
+| `vpc` _string_ | NSX path of the VPC the Namespace is associated with.<br />If vpc is set, only defaultSubnetSize and defaultIPv6PrefixLength take effect, other fields are ignored. |  |  |
 | `subnets` _[SharedSubnet](#sharedsubnet) array_ | Shared Subnets the Namespace is associated with. |  |  |
 | `nsxProject` _string_ | NSX Project the Namespace is associated with. |  |  |
 | `vpcConnectivityProfile` _string_ | VPCConnectivityProfile Path. This profile has configuration related to creating VPC transit gateway attachment. |  |  |
 
@@ -34,7 +34,7 @@ require (
 	github.com/vmware/govmomi v0.53.1
 	github.com/vmware/vsphere-automation-sdk-go/lib v0.8.0
 	github.com/vmware/vsphere-automation-sdk-go/runtime v0.8.0
-	github.com/vmware/vsphere-automation-sdk-go/services/nsxt v0.0.0-20260310075027-d32fca6a7b22
+	github.com/vmware/vsphere-automation-sdk-go/services/nsxt v0.0.0-20260506074423-13747423203f
 	github.com/vmware/vsphere-automation-sdk-go/services/nsxt-mp v0.0.0-20260310075027-d32fca6a7b22
 	go.uber.org/automaxprocs v1.6.0
 	go.uber.org/zap v1.27.1
 
@@ -175,8 +175,8 @@ github.com/vmware/vsphere-automation-sdk-go/lib v0.8.0 h1:u1SXOTM6D4Ygb3jeidj2Rd
 github.com/vmware/vsphere-automation-sdk-go/lib v0.8.0/go.mod h1:8d5JTwjpM/Z03n/IZb0fwmXkJNWvWwuLXBqoakqYio4=
 github.com/vmware/vsphere-automation-sdk-go/runtime v0.8.0 h1:KnDIX9LY0nru7iMQTg0sy9vChhyorPo5OdASM2MaAcI=
 github.com/vmware/vsphere-automation-sdk-go/runtime v0.8.0/go.mod h1:DzLetYAmw1+vj7bqElRWEpuy40WYE/woL3alsymYa/c=
-github.com/vmware/vsphere-automation-sdk-go/services/nsxt v0.0.0-20260310075027-d32fca6a7b22 h1:yDMJj+UG0u9aDdC0Q1byw8QEjfPd8gm7QKB2mo2oU1I=
-github.com/vmware/vsphere-automation-sdk-go/services/nsxt v0.0.0-20260310075027-d32fca6a7b22/go.mod h1:C3JVOHRVLrGBQ8kTWAiGYlRz5UQC5qAcTdt3tvA+5P0=
+github.com/vmware/vsphere-automation-sdk-go/services/nsxt v0.0.0-20260506074423-13747423203f h1:HvbZGTOUm9rJDG7ngNQSd5UC5ikiZI/M3cUai8u5+Jg=
+github.com/vmware/vsphere-automation-sdk-go/services/nsxt v0.0.0-20260506074423-13747423203f/go.mod h1:C3JVOHRVLrGBQ8kTWAiGYlRz5UQC5qAcTdt3tvA+5P0=
 github.com/vmware/vsphere-automation-sdk-go/services/nsxt-mp v0.0.0-20260310075027-d32fca6a7b22 h1:SKbUc9p+LFUwtPvjk9WCwrjstN6NpewgPx4eWSIZq+k=
 github.com/vmware/vsphere-automation-sdk-go/services/nsxt-mp v0.0.0-20260310075027-d32fca6a7b22/go.mod h1:ugk9I4YM62SSAox57l5NAVBCRIkPQ1RNLb3URxyTADc=
 github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
 
@@ -14,21 +14,22 @@ type ConnectivityState string
 type IPAddressType string
 
 const (
-	AccessModePublic              string            = "Public"
-	AccessModePrivate             string            = "Private"
-	AccessModeProject             string            = "PrivateTGW"
-	AccessModeL2Only              string            = "L2Only"
-	DHCPConfigModeDeactivated     string            = "DHCPDeactivated"
-	DHCPConfigModeServer          string            = "DHCPServer"
-	DHCPConfigModeRelay           string            = "DHCPRelay"
-	DHCPv6ConfigModeDeactivated   DHCPv6ConfigMode  = "DHCPDeactivated"
-	DHCPv6ConfigModeServer        DHCPv6ConfigMode  = "DHCPServer"
-	DHCPv6ConfigModeRelay         DHCPv6ConfigMode  = "DHCPRelay"
-	ConnectivityStateConnected    ConnectivityState = "Connected"
-	ConnectivityStateDisconnected ConnectivityState = "Disconnected"
-	IPAddressTypeIPv4             IPAddressType     = "IPv4"
-	IPAddressTypeIPv6             IPAddressType     = "IPv6"
-	IPAddressTypeIPv4IPv6         IPAddressType     = "IPv4IPv6"
+	AccessModePublic                string            = "Public"
+	AccessModePrivate               string            = "Private"
+	AccessModeProject               string            = "PrivateTGW"
+	AccessModeL2Only                string            = "L2Only"
+	DHCPConfigModeDeactivated       string            = "DHCPDeactivated"
+	DHCPConfigModeServer            string            = "DHCPServer"
+	DHCPConfigModeRelay             string            = "DHCPRelay"
+	DHCPv6ConfigModeDeactivated     DHCPv6ConfigMode  = "DHCPDeactivated"
+	DHCPv6ConfigModeServer          DHCPv6ConfigMode  = "DHCPServer"
+	DHCPv6ConfigModeRelay           DHCPv6ConfigMode  = "DHCPRelay"
+	DHCPv6ConfigModeServerStateless DHCPv6ConfigMode  = "DHCPServerStateless"
+	ConnectivityStateConnected      ConnectivityState = "Connected"
+	ConnectivityStateDisconnected   ConnectivityState = "Disconnected"
+	IPAddressTypeIPv4               IPAddressType     = "IPv4"
+	IPAddressTypeIPv6               IPAddressType     = "IPv6"
+	IPAddressTypeIPv4IPv6           IPAddressType     = "IPv4IPv6"
 )
 
 // SubnetSpec defines the desired state of Subnet.
@@ -162,7 +163,7 @@ type DHCPServerAdditionalConfig struct {
 // +kubebuilder:validation:XValidation:rule="(!has(self.mode)|| self.mode=='DHCPDeactivated' || self.mode=='DHCPRelay' ) && (!has(self.dhcpServerAdditionalConfig) || !has(self.dhcpServerAdditionalConfig.reservedIPRanges) || size(self.dhcpServerAdditionalConfig.reservedIPRanges)==0) || has(self.mode) && self.mode=='DHCPServer'", message="DHCPServerAdditionalConfig must be cleared when Subnet has DHCP relay enabled or DHCP is deactivated."
 type SubnetDHCPConfig struct {
 	// DHCP Mode. DHCPDeactivated will be used if it is not defined.
-	// +kubebuilder:validation:Enum=DHCPServer;DHCPRelay;DHCPDeactivated
+	// +kubebuilder:validation:Enum=DHCPServer;DHCPRelay;DHCPDeactivated;DHCPServerStateless
 	Mode DHCPConfigMode `json:"mode,omitempty"`
 	// Additional DHCP server config for a VPC Subnet.
 	DHCPServerAdditionalConfig DHCPServerAdditionalConfig `json:"dhcpServerAdditionalConfig,omitempty"`
 
@@ -616,3 +616,65 @@ func PodIsDeleted(pod *v1.Pod) bool {
 	return pod.Status.Phase == v1.PodSucceeded ||
 		pod.Status.Phase == v1.PodFailed
 }
+
+// ConvertCRIPAddressTypeToNSX converts CR IPAddressType to NSX API format
+// v1alpha1 format: IPV4, IPV6, IPV4IPV6
+// NSX format: IPV4, IPV6, IPV4_IPV6
+func ConvertCRIPAddressTypeToNSX(crType v1alpha1.IPAddressType) string {
+	switch crType {
+	case v1alpha1.IPAddressTypeIPv4:
+		return "IPV4"
+	case v1alpha1.IPAddressTypeIPv6:
+		return "IPV6"
+	case v1alpha1.IPAddressTypeIPv4IPv6:
+		return "IPV4_IPV6"
+	default:
+		return "IPV4" // Default to IPv4
+	}
+}
+
+// ConvertNSXIPAddressTypeToCR converts NSX API IPAddressType to CR format
+// NSX format: IPV4, IPV6, IPV4_IPV6
+// v1alpha1 format: IPV4, IPV6, IPV4IPV6
+func ConvertNSXIPAddressTypeToCR(nsxType string) v1alpha1.IPAddressType {
+	switch nsxType {
+	case "IPV4":
+		return v1alpha1.IPAddressTypeIPv4
+	case "IPV6":
+		return v1alpha1.IPAddressTypeIPv6
+	case "IPV4_IPV6":
+		return v1alpha1.IPAddressTypeIPv4IPv6
+	default:
+		return v1alpha1.IPAddressTypeIPv4 // Default to IPv4
+	}
+}
+
+// IntersectIPAddressTypes computes the intersection of multiple IP address types
+// Returns the most restrictive common type, or error if no intersection
+// Example:
+// intersection of [IPv4IPv6, IPv6] should equal IPv6
+// intersection of [IPv4IPv6, IPv4] should equal IPv4
+func IntersectIPAddressTypes(types []v1alpha1.IPAddressType) (v1alpha1.IPAddressType, error) {
+	if len(types) == 0 {
+		return "", fmt.Errorf("no IP address types provided")
+	}
+
+	result := types[0]
+
+	for _, t := range types[1:] {
+		if result == t {
+			continue
+		}
+
+		if result == v1alpha1.IPAddressTypeIPv4IPv6 {
+			result = t // Dual-stack intersects to the more specific type
+		} else if t == v1alpha1.IPAddressTypeIPv4IPv6 {
+			// Dual-stack with single-stack: keep single-stack (more restrictive)
+			continue
+		} else if result != t {
+			return "", fmt.Errorf("no intersection between IP address types %s and %s", result, t)
+		}
+	}
+
+	return result, nil
+}
@@ -1174,3 +1174,191 @@ func TestPodIsDeleted(t *testing.T) {
 		})
 	}
 }
+
+func TestConvertCRIPAddressTypeToNSX(t *testing.T) {
+	tests := []struct {
+		name     string
+		crType   v1alpha1.IPAddressType
+		expected string
+	}{
+		{
+			name:     "IPv4 conversion",
+			crType:   v1alpha1.IPAddressTypeIPv4,
+			expected: "IPV4",
+		},
+		{
+			name:     "IPv6 conversion",
+			crType:   v1alpha1.IPAddressTypeIPv6,
+			expected: "IPV6",
+		},
+		{
+			name:     "IPv4IPv6 conversion",
+			crType:   v1alpha1.IPAddressTypeIPv4IPv6,
+			expected: "IPV4_IPV6",
+		},
+		{
+			name:     "empty type defaults to IPv4",
+			crType:   v1alpha1.IPAddressType(""),
+			expected: "IPV4",
+		},
+		{
+			name:     "unknown type defaults to IPv4",
+			crType:   v1alpha1.IPAddressType("Unknown"),
+			expected: "IPV4",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			result := ConvertCRIPAddressTypeToNSX(tt.crType)
+			assert.Equal(t, tt.expected, result)
+		})
+	}
+}
+
+func TestConvertNSXIPAddressTypeToCR(t *testing.T) {
+	tests := []struct {
+		name     string
+		nsxType  string
+		expected v1alpha1.IPAddressType
+	}{
+		{
+			name:     "IPV4 conversion",
+			nsxType:  "IPV4",
+			expected: v1alpha1.IPAddressTypeIPv4,
+		},
+		{
+			name:     "IPV6 conversion",
+			nsxType:  "IPV6",
+			expected: v1alpha1.IPAddressTypeIPv6,
+		},
+		{
+			name:     "IPV4_IPV6 conversion",
+			nsxType:  "IPV4_IPV6",
+			expected: v1alpha1.IPAddressTypeIPv4IPv6,
+		},
+		{
+			name:     "empty type defaults to IPv4",
+			nsxType:  "",
+			expected: v1alpha1.IPAddressTypeIPv4,
+		},
+		{
+			name:     "unknown type defaults to IPv4",
+			nsxType:  "UNKNOWN",
+			expected: v1alpha1.IPAddressTypeIPv4,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			result := ConvertNSXIPAddressTypeToCR(tt.nsxType)
+			assert.Equal(t, tt.expected, result)
+		})
+	}
+}
+
+func TestIntersectIPAddressTypes(t *testing.T) {
+	tests := []struct {
+		name        string
+		types       []v1alpha1.IPAddressType
+		expected    v1alpha1.IPAddressType
+		expectedErr bool
+		errMsg      string
+	}{
+		{
+			name:        "single IPv4 type",
+			types:       []v1alpha1.IPAddressType{v1alpha1.IPAddressTypeIPv4},
+			expected:    v1alpha1.IPAddressTypeIPv4,
+			expectedErr: false,
+		},
+		{
+			name:        "single IPv6 type",
+			types:       []v1alpha1.IPAddressType{v1alpha1.IPAddressTypeIPv6},
+			expected:    v1alpha1.IPAddressTypeIPv6,
+			expectedErr: false,
+		},
+		{
+			name:        "dual stack IPv4IPv6",
+			types:       []v1alpha1.IPAddressType{v1alpha1.IPAddressTypeIPv4IPv6},
+			expected:    v1alpha1.IPAddressTypeIPv4IPv6,
+			expectedErr: false,
+		},
+		{
+			name:        "IPv4IPv6 with IPv4 returns IPv4",
+			types:       []v1alpha1.IPAddressType{v1alpha1.IPAddressTypeIPv4IPv6, v1alpha1.IPAddressTypeIPv4},
+			expected:    v1alpha1.IPAddressTypeIPv4,
+			expectedErr: false,
+		},
+		{
+			name:        "IPv4IPv6 with IPv6 returns IPv6",
+			types:       []v1alpha1.IPAddressType{v1alpha1.IPAddressTypeIPv4IPv6, v1alpha1.IPAddressTypeIPv6},
+			expected:    v1alpha1.IPAddressTypeIPv6,
+			expectedErr: false,
+		},
+		{
+			name:        "IPv4 with IPv4 same type",
+			types:       []v1alpha1.IPAddressType{v1alpha1.IPAddressTypeIPv4, v1alpha1.IPAddressTypeIPv4},
+			expected:    v1alpha1.IPAddressTypeIPv4,
+			expectedErr: false,
+		},
+		{
+			name:        "IPv6 with IPv6 same type",
+			types:       []v1alpha1.IPAddressType{v1alpha1.IPAddressTypeIPv6, v1alpha1.IPAddressTypeIPv6},
+			expected:    v1alpha1.IPAddressTypeIPv6,
+			expectedErr: false,
+		},
+		{
+			name:        "IPv4 with IPv6 no intersection",
+			types:       []v1alpha1.IPAddressType{v1alpha1.IPAddressTypeIPv4, v1alpha1.IPAddressTypeIPv6},
+			expected:    "",
+			expectedErr: true,
+			errMsg:      "no intersection",
+		},
+		{
+			name:        "IPv4 with IPv6 with IPv4IPv6 returns IPv4",
+			types:       []v1alpha1.IPAddressType{v1alpha1.IPAddressTypeIPv4, v1alpha1.IPAddressTypeIPv6, v1alpha1.IPAddressTypeIPv4IPv6},
+			expected:    "",
+			expectedErr: true,
+			errMsg:      "no intersection",
+		},
+		{
+			name:        "empty slice",
+			types:       []v1alpha1.IPAddressType{},
+			expected:    "",
+			expectedErr: true,
+			errMsg:      "no IP address types provided",
+		},
+		{
+			name:        "IPv4 with IPv4IPv6 returns IPv4",
+			types:       []v1alpha1.IPAddressType{v1alpha1.IPAddressTypeIPv4, v1alpha1.IPAddressTypeIPv4IPv6},
+			expected:    v1alpha1.IPAddressTypeIPv4,
+			expectedErr: false,
+		},
+		{
+			name:        "IPv6 with IPv4IPv6 returns IPv6",
+			types:       []v1alpha1.IPAddressType{v1alpha1.IPAddressTypeIPv6, v1alpha1.IPAddressTypeIPv4IPv6},
+			expected:    v1alpha1.IPAddressTypeIPv6,
+			expectedErr: false,
+		},
+		{
+			name:        "IPv4IPv6 with IPv4 with IPv6 no intersection",
+			types:       []v1alpha1.IPAddressType{v1alpha1.IPAddressTypeIPv4IPv6, v1alpha1.IPAddressTypeIPv4, v1alpha1.IPAddressTypeIPv6},
+			expected:    "",
+			expectedErr: true,
+			errMsg:      "no intersection",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			result, err := IntersectIPAddressTypes(tt.types)
+			if tt.expectedErr {
+				assert.Error(t, err)
+				assert.Contains(t, err.Error(), tt.errMsg)
+			} else {
+				assert.NoError(t, err)
+				assert.Equal(t, tt.expected, result)
+			}
+		})
+	}
+}