From c62bf49fea2323aa3013158ee9b7b1e89147682b Mon Sep 17 00:00:00 2001
From: Fred Rolland <frolland@nvidia.com>
Date: Thu, 13 Nov 2025 16:55:42 +0200
Subject: [PATCH] fix: add OCP multus namespaceIsolation note

Signed-off-by: Fred Rolland <frolland@nvidia.com>
---
 docs/openshift/deployment-guide-openshift.rst | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/openshift/deployment-guide-openshift.rst b/docs/openshift/deployment-guide-openshift.rst
index c3b260ef..470e3f59 100644
--- a/docs/openshift/deployment-guide-openshift.rst
+++ b/docs/openshift/deployment-guide-openshift.rst
@@ -342,6 +342,10 @@ In OCP, some components are deployed by default like Multus and CNI Plugins, whe
 
 In addition, since there is no use of the Helm chart, the configuration should be done via the NicClusterPolicy CRD.
 
+.. note::
+   In OCP, Multus is configured with `namespaceIsolation` enabled by default. This means that Pods using secondary networks should be deployed in the same namespace as the `network-attachment-definition` CR unless the NAD is in one of the following namespaces: `default`, `openshift-multus`, `openshift-sriov-network-operator` and `openshift-cnv`.
+   The namespace of the NAD can be set in the `networkNamespace` field in `HostDeviceNetwork`, `MacvlanNetwork`, `IPoIBNetwork`, `OVSNetwork` and `SriovNetwork`.
+
 Following are examples of NicClusterPolicy configuration for OCP.
 
 """"""""""""""""""""""""""""""""""""""""""""""""""""""""""""