diff --git a/pkg/anonymization/anonymizer.go b/pkg/anonymization/anonymizer.go
index 76cccadb3..d0990363d 100644
--- a/pkg/anonymization/anonymizer.go
+++ b/pkg/anonymization/anonymizer.go
@@ -137,14 +137,17 @@ func NewAnonymizerFromConfigClient(
 		return nil, err
 	}
 
-	// for egress subnets
+	var networks []string
+
+	// hostsubnets are needed for egress subnets (on SDN clusters only)
 	hostSubnets, err := networkClient.HostSubnets().List(ctx, metav1.ListOptions{})
 	if err != nil {
-		return nil, err
+		klog.Infof("unable to find HostSubnets, could be OVN cluster: %v", err)
+		networks = getNetworksForAnonymizer(networksConfig, clusterConfigV1, nil)
+	} else {
+		networks = getNetworksForAnonymizer(networksConfig, clusterConfigV1, hostSubnets.Items)
 	}
 
-	networks := getNetworksForAnonymizer(networksConfig, clusterConfigV1, hostSubnets.Items)
-
 	secretsClient := kubeClient.CoreV1().Secrets(secretNamespace)
 
 	return NewAnonymizer(baseDomain, networks, secretsClient)
@@ -226,6 +229,13 @@ func getNetworksForAnonymizer(
 		}
 	}
 
+	// ovn clusters don't have hostsubnet objects and their egress CIDR is 192.168.126.0/18
+	// nolint:lll
+	// https://docs.openshift.com/container-platform/4.8/networking/ovn_kubernetes_network_provider/configuring-egress-ips-ovn.html#configuring-egress-ips-ovn
+	if len(hostSubnets) == 0 {
+		networks = append(networks, "192.168.126.0/18")
+	}
+
 	sortNetworks(networks)
 
 	return networks