Chapter 19. Configure allowed-address-pairs


Allowed-address-pairs allow you to specify mac_address/ip_address (CIDR) pairs that pass through a port regardless of subnet. This enables the use of protocols such as VRRP, which floats an IP address between two instances to enable fast data plane failover.

Note

The allowed-address-pairs extension is currently only supported by the ML2 and Open vSwitch plug-ins.

19.1. Basic allowed-address-pairs operations

Create a port and allow one address pair:

# neutron port-create net1 --allowed-address-pairs type=dict list=true mac_address=<mac_address>,ip_address=<ip_cidr>

19.2. Adding allowed-address-pairs

# neutron port-update <port-uuid> --allowed-address-pairs type=dict list=true mac_address=<mac_address>,ip_address=<ip_cidr>
Note

OpenStack Networking prevents setting an allowed-address-pair that matches the mac_address and ip_address of a port. This is because such a setting would have no effect since traffic matching the mac_address and ip_address is already allowed to pass through the port.

Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.