Ask Your Question

Why can't I update mac address ?

asked 2017-08-22 01:32:56 -0500

FilipGontko gravatar image

updated 2017-08-22 02:55:26 -0500

Hello guys!

I have a problem that I can't update mac_address on my instance. It says it is disallowed by policy. I don't understand why.

neutron port-update a788ee80-355e-415a-afcf-bea667125838 mac_address=fa:16:3e:f1:ee:58

Please any suggestions ?

Thanks :)

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2017-08-22 02:57:48 -0500

My Neutron policy.json file contains this line:

"update_port:mac_address": "rule:admin_only or rule:context_is_advsvc"

This means that one has to be admin to change the MAC address, or have the advsvc role (that's what the second rule boils down to).

Your options are:

  • become admin, then change the MAC address
  • add the advsvc role to your non-admin user, then try again
  • remove the two rules from the policy, so that it looks like this: "update_port:mac_address": "", then try again

I am not sure what's the rationale for not allowing normal users to change the MAC address. Perhaps changing the MAC could cause repercussions not only for other users/projects, but also for the network infrastructure such as forwarding tables, caches etc on physical network devices.

edit flag offensive delete link more


Thank you!

FilipGontko gravatar imageFilipGontko ( 2017-08-22 03:51:49 -0500 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2017-08-22 01:32:56 -0500

Seen: 1,319 times

Last updated: Aug 22 '17