MAC learning for VMware Integrated OpenStack with NSX-T removes port security and security groups. With an NSX-T deployment, the connectivity for multiple MAC addresses behind a single vNIC is provided by NSX-T MAC learning.

For more information about MAC learning with an NSX-T deployment, see Understanding MAC Management Switching Profile in the NSX-T Administration Guide for your version of NSX-T.


  1. Log in to the OpenStack Management Server.
  2. Enable MAC learning and disable port security features.
    neutron port-update <port_id> --port-security-enabled false --no-security-groups --mac-learning-enabled true

    To return to the default setting, enable the port security feature, apply a security group, and disable NSX-T MAC learning.

    neutron port-update <port_id> --port-security-enabled true --security-group <SECURITY_GROUP_ID> --mac-learning-enabled false