Neutron overlay network

asked 2017-06-29 14:40:04 -0600

Alex Usov gravatar image

updated 2017-06-29 15:32:52 -0600

Hi everyone.

I'm building my home OpenStack Ocata lab, but I need to come up with a sound network design before actually building one. I intend to deploy overlay network based on VXLAN to provide connectivity between instances of the same project. Suppose I have the following setup:

controller host with 2 NICs: eth0 (, prefix /24, not routable to/from the Internet) and eth1 (, prefix /24)

compute-1 host with 2 NICs: eth0 (, prefix /24, not routable to/from the Internet) and eth1 (, prefix /24)

compute-2 host with 2 NICs: eth0 (, prefix /24, not routable to/from the Internet) and eth1 (, prefix /24)

default gateway for is, it provides access to the Internet, while is internal only network.

I'm using this guide as reference. As I understand it, I have to create provider network first (as admin), then comes tenant network (as a regular user), and connect them together via router. What's confusing is what IP range and gateway should I use when creating provider network? Do I simply pick any not occupied range from and use as gateway? Are the following commands correct for creating the network infrastructure, assuming provider network is mapped to physical interface eth1?

openstack network create --share --external --provider-physical-network provider --provider-network-type flat provider
openstack subnet create --network provider --dns-nameservers **--subnet-range --allocation-pool start=,end= --gateway**
openstack network create selfservice
openstack subnet create --network selfservice --dns-nameserver --subnet-range --gateway
openstack router create router
neutron router-interface-add router selfservice
neutron router-gateway-set router provider

Thank you in advance.

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2017-06-29 15:14:44 -0600

You are correct, the external network should map to a real network in your environment. The range of not already used IPs will determine how many floating IPs are available to your tenants. The gw is the real one.

Your commands look good!

edit flag offensive delete link more


Thanks for the answer. One more question: what if I want to use both VXLAN and GRE protocols for building tenant networks? Do I just specify them in the directive tenant_network_types in ML2 plugin configuration? And if so, how do I select which one of them I want to use for a particular network?

Alex Usov gravatar imageAlex Usov ( 2017-06-29 15:31:45 -0600 )edit

Admins could select network type, tenant member users could not. Have a look at this

Antonio G. gravatar imageAntonio G. ( 2017-06-29 15:58:37 -0600 )edit

Right, forgot about that. Also, if you don't mind: do I need to take of persistence of virtual network interfaces Neutron creates or it recreates them automatically on reboot using information from database? I couldn't find any information on how to make a vNIC inside a namespace persistent.

Alex Usov gravatar imageAlex Usov ( 2017-06-29 18:16:20 -0600 )edit

Everything is recreated or started automatically after nodes reboot. From VM perspective, there is a parameter in nova.conf that allows you to resume the specific state of a VM after node reboot.

Antonio G. gravatar imageAntonio G. ( 2017-06-30 00:16:39 -0600 )edit

And the last one: if I create subnet in provider network with --no-dhcp option, does that mean no dhcp namespace will be created and I'll have to assign IP to a VM attached to this network manually? And if I enable DHCP for provider network isn't it going to interfere with DHCP on the physical net?

Alex Usov gravatar imageAlex Usov ( 2017-06-30 05:46:12 -0600 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2017-06-29 14:40:04 -0600

Seen: 340 times

Last updated: Jun 29 '17