diff --git a/calico-enterprise/getting-started/bare-metal/about.mdx b/calico-enterprise/getting-started/bare-metal/about.mdx
index 83e5ed21fb..157eba6a4b 100644
--- a/calico-enterprise/getting-started/bare-metal/about.mdx
+++ b/calico-enterprise/getting-started/bare-metal/about.mdx
@@ -58,6 +58,19 @@ To learn how to restrict traffic to/from hosts and VMs using Calico network poli
   - Your operating system includes the `ipset` and `conntrack` kernel dependencies.
 - For everything else, your non-cluster host or VM meets $[prodname] [system requirements](../install-on-clusters/requirements.mdx)
 
+### Supported Data Planes
+
+BPF is not supported on a non-cluster host, but non-cluster hosts are able to
+connect to a BPF cluster. By default a non-cluster host connecting to a BPF
+cluster will use nftables, but can be configured to use iptables.
+
+|   OS    | Cluster Data Plane |  Non-Cluster Host Data Plane  |
+| :-----: | :----------------: | :---------------------------: |
+| RHEL 8  |         Any         |           iptables            |
+| RHEL 9+ |         Any         | nftables (default) / iptables |
+| Ubuntu  |         Any         | nftables (default) / iptables |
+| Debian  |         Any         | nftables (default) / iptables |
+
 ## How to
 
 ### Set up your Kubernetes cluster to work with a non-cluster host or VM