MAC learning enables network connectivity for multiple MAC addresses behind a single vNIC. MAC learning is useful for distributing workloads in large OpenStack deployments.
MAC learning in VMware Integrated OpenStack is implemented differently for NSX-T and NSX-V deployments.
For NSX-T deployments, MAC learning in VMware Integrated OpenStack is provided by NSX-T MAC learning. For more information, see Understanding MAC Management Switching Profile in the NSX-T Administration Guide for your version of NSX-T.
For NSX-V deployments, MAC learning in VMware Integrated OpenStack is implemented by enabling forged transmit and promiscuous mode. The guest must request promiscuous mode.
The following conditions apply to MAC learning:
MAC learning is not compatible with port security or security groups.
For NSX-V deployments, performance will be affected because vNICs that request promiscuous mode receive a copy of every packet.
For NSX-V deployments, no RARP requests are generated for the multiple MAC addresses behind a single vNIC when a virtual machine is migrated with vMotion. This can result in a loss of connectivity.
- Log in to the OpenStack Management Server.
- Disable port security and security groups on the port where you want to configure MAC learning.
neutron port-update port_id --port-security-enabled false --no-security-groups
- Enable MAC learning on the port.
neutron port-update port_id --mac-learning-enabled true