Hi all, If I understand correctly, OVN Logical Switches will learn MAC addresses and store them in the FDB table only on ports with port security disabled. If the port security is enabled on a port, configured addresses are used instead to make forwarding decisions.
What are possible cons of having both port security, and dynamic MAC learning? This could be nice in some situations when MAC moves between ports, for example if VRRP is used. Such toggle flag could be implemented on a logical switch-basis, to prevent unecessary growth of the FDB table. Or maybe I am missing something, and VRRP with a virtual MAC address can be implemented without forcing dynamic MAC learning? During tests I could not force traffic towards virtual MAC to steer to another port, although GARP was sent. Disabling port security and switching to dynamic MAC learning immediately solved the problem. Any help is appreciated! Regards, Renat. _______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss