[Neutron] How to change the MAC address of Gateway interface of the router
Sean Mooney
smooney at redhat.com
Sun May 17 23:25:59 UTC 2020
On Sat, 2020-05-16 at 17:05 +0000, Rahul Sharma wrote:
> Hi,
>
> I have setup a multi-host openstack cloud on AWS consisting of 3 servers i.e. Controller, Compute & Network
>
> Everything is working as expected. My requirement is that the compute instances should be able to communicate with the
> internet and vice-versa.
>
> However, AWS due to its security policies will drop all traffic that is sourced from the VMs because the VM traffic
> will have the MAC address of the gateway interface of the router when it hits the AWS switch. This MAC address is not
> know to AWS hence it drops this traffic. AWS will allow only that traffic that contains the registered MAC address as
> its source address
>
> So I need to change the MAC address of the gateway interface of the L3 router on the network node. I tried googling
> but could not find any solution.
>
> Is there any solution/command to do this ?
you might be able to do a neutorn port update to update the neutron port mac of the router
your other options is to not add an interface directly to br-ex and instead assign the wan netwroks
gateway ip to the br-ex directly and nat the traffic
https://www.rdoproject.org/networking/networking-in-too-much-detail/#nat-to-host-addres
>
> Thanks,
> Kaushik
More information about the openstack-discuss
mailing list