Configure Passthrough for Networking Devices

You can configure a port to allow SR-IOV or DirectPath I/O passthrough and then create OpenStack instances that use physical hardware interfaces.

Important: This feature is offered in VMware Integrated OpenStack Carrier Edition only. For more information, see VMware Integrated OpenStack Licensing.

This procedure uses OpenStack Neutron to enable passthrough for networking devices. For non-networking devices, see Configure Passthrough for Non-Networking Devices.

Prerequisites

Verify that your OpenStack deployment is using VDS or NSX Data Center for vSphere networking. Deployments with NSX-T Data Center do not support passthrough.
Enable SR-IOV or DirectPath I/O in vSphere:
- To enable SR-IOV, see Enable SR-IOV on a Host Physical Adapter in vSphere Networking.
- To enable DirectPath I/O, see Enable Passthrough for a Network Device on a Host in vSphere Networking.
Create a dedicated compute cluster for SR-IOV devices. DRS rules do not apply to these devices.
To persist the MAC address of a physical device, add its cluster as a compute node before enabling direct passthrough on the device. If direct passthrough has already been enabled, you can disable it, restart the cluster, and enable direct passthrough again.

Procedure

Log in to the OpenStack Management Server as viouser.
Switch to the root user and load the cloud administrator credentials file.
```
sudo su -
source ~/cloudadmin.rc
```
Log in to the OpenStack Management Server.

Create a provider network for SR-IOV devices.

neutron net-create network-name --tenant-id project-uuid --provider:network_type {vlan | portgroup | nsx-net} --provider:physical_network physical-id [--provider:segmentation_id vlan-id]

Option	Description
network-name	Enter a name for the network.
--tenant-id	Specify the UUID of the project for which to create the port. You can find the UUID of a project by running the openstack project list command.
--provider:network_type	Enter `vlan` or `portgroup`.
--provider:physical_network	For a VLAN network, specify the managed object identifier (MOID) of the distributed switch. For a port group network, specify the MOID of the port group.
--provider:segmentation_id	If you want to create a VLAN-based network, enter the VLAN ID.

Create a passthrough-enabled port.

neutron port-create network-id --tenant-id project-uuid --name port-name --vnic_type {direct | direct-physical}

Option	Description
network-id	Specify the UUID of the network on which to create the port. You can find the UUID of a network by running the openstack network list command.
--tenant-id	Specify the UUID of the project for which to create the port. You can find the UUID of a project by running the openstack project list command.
--name	Enter a name for the port.
--vnic_type	Enter `direct` for SR-IOV or `direct-physical` for direct passthrough.

Note: Port security is not supported for direct and direct-physical ports and will be automatically disabled for the port created.

Results

You can now deploy passthrough-enabled virtual machines by configuring them with the port that you created during this procedure.