In an IPv6-only cluster where the MachineNetwork is a VLAN, we are unable to perform L2 connectivity checks, as described in OCPBUGS-31631.

From the description in that bug, this appears to be because nmap is unable to handle getting the return packets with a VLAN header on them.
This can be avoided by adding:

   vlan:
      reorder-headers: true

in the NMState config - previously this was apparently the default, but in recent versions of NMState it is not.

The fix to that bug ignores the failure of the L2 check and validates the L3 check instead, but I think we could actually fix the data collection by continuing to do the ping with nmap (or potentially even just ping6) but then getting the MAC address by doing something like:

ip -j neighbour | jq -r '.[] | select(.dev == "<device>" and .dst == "<ip_addr>").lladdr'

Incidentally, the same thing should work for IPv4 so that could save having separate implementations.