MAC learning enables network connectivity for multiple MAC addresses behind a single vNIC. MAC learning is useful for distributing workloads in large OpenStack deployments.

MAC learning in VMware Integrated OpenStack is implemented differently for NSX-T and NSX-V deployments.

  • For NSX-T deployments, MAC learning in VMware Integrated OpenStack is provided by NSX-T MAC learning. For more information, see Understanding MAC Management Switching Profile in the NSX-T Administration Guide for your version of NSX-T.

  • For NSX-V deployments, MAC learning in VMware Integrated OpenStack is implemented by enabling forged transmit and promiscuous mode. The guest must request promiscuous mode.

The following conditions apply to MAC learning:

  • MAC learning is not compatible with port security or security groups.

  • For NSX-V deployments, performance will be affected because vNICs that request promiscuous mode receive a copy of every packet.

  • For NSX-V deployments, no RARP requests are generated for the multiple MAC addresses behind a single vNIC when a virtual machine is migrated with vMotion. This can result in a loss of connectivity.

Procedure

  1. Log in to the OpenStack Management Server.
  2. Disable port security and security groups on the port where you want to configure MAC learning.
    neutron port-update port_id --port-security-enabled false --no-security-groups
  3. Enable MAC learning on the port.
    neutron port-update port_id --mac-learning-enabled true