Chapter 11. L2 address masking

You can use L2 address masking to filter out specific L2 frames, such as multicast frames. This allows you to add a single rule with a specific mask, which reduces the number of rules needed.

Below a couple of important facts about L2 address masking in MidoNet:

  • OpenStack security group rules don’t match L2 fields, so this feature is provided for customers who directly access/use MidoNet’s API and CLI.
  • Old rules that do not include values for the hw-dst-mask attribute in the CLI should be interpreted as having the values for this field/attribute set to the default: ffff.ffff.ffff

See Chapter 7, Rule chains for information about rule chains, including information about the hw-src-mask and hw-dst-mask attributes used to implement this feature.

Questions? Discuss on Mailing Lists or Chat.
Found an error? Report a bug.

loading table of contents...