Chapter 19. Configuring allowed-address-pairs


19.1. Overview of allowed-address-pairs

Use allowed-address-pairs to specify mac_address/ip_address (CIDR) pairs that pass through a port regardless of subnet. This enables the use of protocols such as VRRP, which floats an IP address between two instances to enable fast data plane failover.

Note

The allowed-address-pairs extension is currently supported only by the ML2 and Open vSwitch plug-ins.

19.2. Creating a port and allowing one address pair

  • Use the following command to create a port and allow one address pair:

    # openstack port create --network net1 --allowed-address mac_address=<mac_address>,ip_address=<ip_cidr> PORT_NAME

19.3. Adding allowed-address-pairs

  • Use the following command to add allowed address pairs:

    # openstack port set <port-uuid> --allowed-address mac_address=<mac_address>,ip_address=<ip_cidr>
Note

You cannot set an allowed-address pair that matches the mac_address and ip_address of a port. This is because such a setting has no effect since traffic matching the mac_address and ip_address is already allowed to pass through the port.

Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.