Creating Openstack Network and Subnets

Posted on 143 views

In this part of Openstack deep dive series, we’ll look at Creating Openstack Network and Subnet using Openstack command line interface. Last we looked at:

Here, I’ll show you how to create provider networks, one with VLAN, and another one without VLAN. This guide is based on Openstack Train release and  OpenStack Neutron network service.

Assumption:  You have a running Openstack setup, how to setup Openstack from scratch will be covered on another tutorial.

What is Provider network?

Before launching an instance on Openstack, you must create the necessary virtual network infrastructure. An instance uses a provider (external) network that connects to the physical network infrastructure via layer-2 (bridging/switching). This network includes a DHCP server that provides IP addresses to instances.

Below is a diagram showing you an overview of a provider network ( source: Opentack website):

Creating Openstack Network and Subnets

Creating Provider Network (on Controller node)

Ensure you’ve configure OpenStack CLI before you can proceed with this guide:

How to create provider network on controller node (without VLAN) :

openstack network create --share --external \
  --provider-physical-network provider \
  --provider-network-type flat provider

How to create provider network on controller node (with VLAN ) :

openstack network create --share --external \
  --provider-physical-network provider \
  --provider-network-type vlan \
  --provider-segment 203 provider

Explanation of options used:

  • –share: allows all projects to use the virtual network.
  • –external: defines the virtual network to be external, for internal network, use –internal.
  • –provider-physical-network provider: connect the flat virtual network to the flat (native/untagged) physical network
  • –provider-network-type: specifies network type, flat or vlan
  • –provider-segment: defines vlan id

Replace 203 with your VLAN ID. This VLAN id will be used on compute nodes.

Confirm that indeed the network was created successfully using command:

$ openstack network list

You should get output similar to one below:


Your ml2_conf.ini file should have a line:

flat_networks = provider

Creating  IPv4 subnet on the provider network:

Now that you have provider network added, next step is defining subnet for the network.

openstack subnet create --subnet-range \
  --gateway --network provider \
  --allocation-pool start=,end= \
  --dns-nameserver provider-v4

If you have public ip pool, replace with it.

Create a IPv6 subnet on the provider network (Optional)

If you would like IPv6 address assigned to instances launched, create IPv6 subnet like below:

openstack subnet create --subnet-range fd00:203:0:113::/64 \
  --gateway fd00:203:0:113::1 --ip-version 6 \
  --ipv6-address-mode slaac --network provider \
  --dns-nameserver 2001:4860:4860::8844 provider-v6

Confirm settings:

openstack subnet list

With these settings, you should be ready to configure compute nodes.

Configuring compute nodes:

On you compute nodes, you should tag interface with VLAN ID configured on provider network. In my case, this is vlan 203. My vlan interface has below configuration:

[[email protected] ~]# cat /etc/sysconfig/network-scripts/ifcfg-p55p2.203 

Note that base system used is CentOS 7. Configuration will vary for Ubuntu Base OS.

On compute nodes, the file linuxbridge_agent.ini: should have mapping like below:

physical_interface_mappings = provider:p55p2

Once Linux bridge has been configured on compute nodes, a bridge will be created. See below


From the output above, you can see bridge called brqa54af9d4-d2 whose interface is p55p2.203. p55p2.203 is a sub-interface associated with physical interface p55p2

You are ready to create a new instance on provider network created previously:

openstack server create --flavor m1.tiny --image CoreOS-x86_64 \
 --nic net-id=a54af9d4-d297-45b6-a98c-79d84add5f2e --security-group default \
 --key-name josphat coreos-test-vm

For how to add images to openstack, add ssh keys and flavors refer to these links:

That’s all.  Please follow us on twitter and facebook to receive daily updates.


Gravatar Image
A systems engineer with excellent skills in systems administration, cloud computing, systems deployment, virtualization, containers, and a certified ethical hacker.