OpenStack Networking Basics
OpenStack provides the ability to create networks at will. It includes virtual constructs such as Network, Subnet, Ports, and Router. These represent the physical structure virtually. Almost any conceivable real‑world construct can be modeled virtually. Below the most important resources are presented.
Network
In a network, Ports and Subnets are attached. The IPv6 protocol defines link‑local IP addresses (fe80::/64) for direct reachability on a link. This would already be sufficient to ensure connectivity for several servers. In most cases, however, this is not enough, so at least one Subnet must be created on a network.
~ : openstack network create mynetwork
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2025-04-08T13:56:11Z |
| description | |
| dns_domain | |
| id | 46d8a371-4243-4461-8e96-08a7f17d2ea8 |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | False |
| is_vlan_transparent | None |
| mtu | 1500 |
| name | mynetwork |
| port_security_enabled | True |
| project_id | f7f8ed8191a048248c38982cd4b3d240 |
| provider:physical_network | None |
| provider:segmentation_id | None |
| qos_policy_id | None |
| revision_number | 1 |
| router:external | Internal |
| segments | None |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | |
| tenant_id | f7f8ed8191a048248c38982cd4b3d240 |
| updated_at | 2025-04-08T13:56:11Z |
+---------------------------+--------------------------------------+
Subnets
IPv6 Subnet
Setting up an IPv6 Subnet differs slightly from IPv4 because IPv6 does not use NAT, and the subnet must be served from a globally unique prefix. If you have your own IPv6 prefix and want to use it in our OpenStack, feel free to do so. Our MyEngineer is happy to help.
For global prefixes there are so‑called SubnetPools. These are referenced when creating Subnets and provide a /64 subnet from the pool. Server addressing can be done via dhcpv6-stateful, dhcpv6-stateless or slaac. The most common method is slaac. Note that with slaac no nameserver can currently be delivered. Therefore the IPv6 address mode and RA mode must be set to dhcpv6-stateless.
~ : subnetpool=$(openstack subnet pool list -f value -c ID)
~ : openstack subnet create mynet6 \
--network mynetwork \
--ip-version 6 \
--subnet-pool "$subnetpool" \
--ipv6-address-mode slaac --ipv6-ra-mode slaac
+----------------------+----------------------------------------------------------+
| Field | Value |
+----------------------+----------------------------------------------------------+
| allocation_pools | 2a02:ed80:80:101::2-2a02:ed80:80:101:ffff:ffff:ffff:ffff |
| cidr | 2a02:ed80:80:101::/64 |
| created_at | 2025-04-08T13:59:56Z |
| description | |
| dns_nameservers | |
| dns_publish_fixed_ip | None |
| enable_dhcp | True |
| gateway_ip | 2a02:ed80:80:101::1 |
| host_routes | |
| id | eba3de1d-831f-423b-96bd-7d593ef36bf2 |
| ip_version | 6 |
| ipv6_address_mode | slaac |
| ipv6_ra_mode | slaac |
| name | mynet6 |
| network_id | 46d8a371-4243-4461-8e96-08a7f17d2ea8 |
| project_id | f7f8ed8191a048248c38982cd4b3d240 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | 21661540-2488-44b2-807d-34a2ab6ab59f |
| tags | |
| updated_at | 2025-04-08T13:59:56Z |
+----------------------+----------------------------------------------------------+
IPv4 Subnet
Provisioning an IPv4 Subnet is similar to IPv6, but a concrete subnet range must be specified. Future servers will obtain their IPs from this range. Using a SubnetPool is still possible and can simplify managing many subnets.
~ : openstack subnet create mynet \
--network mynetwork \
--dns-nameserver 8.8.8.8 \
--subnet-range 192.168.199.0/24
+----------------------+--------------------------------------+
| Field | Value |
+----------------------+--------------------------------------+
| allocation_pools | 192.168.199.2-192.168.199.254 |
| cidr | 192.168.199.0/24 |
| created_at | 2025-04-08T13:58:05Z |
| description | |
| dns_nameservers | 8.8.8.8 |
| dns_publish_fixed_ip | None |
| enable_dhcp | True |
| gateway_ip | 192.168.199.1 |
| host_routes | |
| id | 85ba3173-4f53-4bda-9919-d39ff33f347b |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | mynet |
| network_id | 46d8a371-4243-4461-8e96-08a7f17d2ea8 |
| project_id | f7f8ed8191a048248c38982cd4b3d240 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2025-04-08T13:58:05Z |
+----------------------+--------------------------------------+
Routing
For a connected server to reach the Internet, a Router must be created and attached to the network. A Router must always be connected to all subnets.
Router Provisioning
~ : openstack router create --external-gateway public-network myrouter
+-------------------------+------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------------------------+------------------------------------------------------------------------------------------------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2025-04-09T04:49:31Z |
| description | |
| enable_ndp_proxy | None |
| external_gateway_info | {"network_id":"6f740510-e841-4e8e-8695-23e2e25c8c3d","external_fixed_ips":[{"subnet_id":"2bda200d-c066-4e96-a25e-20e9739f8f4b","ip_address":"185.11.253.52"},{"subnet_id":"2df4fb3d-1ee5-47f7-b1aa-8aec963aec73","ip_address":"2a02:ed80:80:0:f816:3eff:fe91:f845"}],"enable_snat":true} |
| flavor_id | None |
| id | 1e50fbab-5982-43f8-9b83-8c152e5147f8 |
| name | myrouter |
| project_id | f7f8ed8191a048248c38982cd4b3d240 |
| revision_number | 3 |
| routes | |
| status | ACTIVE |
| tags | |
| tenant_id | f7f8ed8191a048248c38982cd4b3d240 |
| updated_at | 2025-04-09T04:49:34Z |
+-------------------------+------------------------------------------------------------------------------------------------------------------------------+
Subnet Attachments
```shell ~ : openstack network list --long -c ID -c Name -c Subnets +--------------------------------------+---------------------------+----------------------------------------------------------------------------+ | ID | Name | Subnets | +--------------------------------------+---------------------------+----------------------------------------------------------------------------+ | 46d8a371-4243-4461-8e96-08a7f17d2ea8 | mynetwork | 85ba3173-4f53-4bda-9919-d39ff33f347b, eba3de1d-831f-423b-96bd-7d593ef36bf2 | +--------------------------------------+---------------------------+----------------------------------------------------------------------------+
~ : openstack router add subnet 1e50fbab-5982-43f8-9b83-8c152e5147f8 85ba3173-4f53-4bda-9919-d39ff33f347b ~ : openstack router add subnet 1e50fbab-5982-43f8-9b83-8c152e5147f8 eba3de1d-831f-423b-96bd-7d593ef36bf2