Chapter 2. Concepts

Network
Subnet
Port

Networking API v2.0 manages the following entities:

Network. An isolated virtual layer-2 domain. A network can also be a virtual, or logical, switch. See the section called “Network”.
Subnet. An IP version 4 or version 6 address block from which IP addresses that are assigned to VMs on a specified network are selected. See the section called “Subnet”.
Port. A virtual, or logical, switch port on a specified network. See the section called “Port”.

These entities have auto-generated unique identifiers and support basic create, read, update, and delete (CRUD) functions with the POST, GET, PUT, and DELETE verbs.

Network

A network is an isolated virtual layer-2 broadcast domain that is typically reserved for the tenant who created it unless the network is configured to be shared. Tenants can create multiple networks until they reach the thresholds specified by per-tenant quotas. See the section called “Quotas”.

In the Networking API v2.0, the network is the main entity. Ports and subnets are always associated with a network.

The following table describes the attributes for network objects.

Table 2.1. Network Attributes
Attribute	Type	Required	CRUD^[a]	Default Value	Validation Constraints	Notes
id	uuid-str	N/A	R	generated	N/A	UUID for the network.
name	String	No	CRU	None	N/A	Human-readable name for the network. Might not be unique.
admin_state_up	Bool	No	CRU	true	{true\|false}	The administrative state of network. If false (down), the network does not forward packets.
status	String	N/A	R	N/A	N/A	Indicates whether network is currently operational. Possible values include: ACTIVE DOWN BUILD ERROR Plug-ins might define additional values.
subnets	list(uuid-str)	No	R	Empty List	N/A	subnets associated with this network.
shared	Bool	No	CRU	False	{ True \| False }	Specifies whether the network resource can be accessed by any tenant or not.
tenant_id	uuid-str	No^[b]	CR	N/A	No constraint	Owner of network. Only admin users can specify a tenant_id other than its own.
^[a] C. Use the attribute in create operations. R. This attribute is returned in response to show and list operations. U. You can update the value of this attribute. D. You can delete the value of this attribute. ^[b]If OpenStack Networking is not running with the Keystone Identity service, the `tenant_id` attribute is required.

Subnet

A subnet represents an IP address block that can be used to assign IP addresses to virtual instances. Each subnet must have a CIDR and must be associated with a network. IPs can be either selected from the whole subnet CIDR or from allocation pools that can be specified by the user.

A subnet can also optionally have a gateway, a list of dns name servers, and host routes. This information is pushed to instances whose interfaces are associated with the subnet.

Table 2.2. Subnet Attributes
Attribute	Type	Required	CRUD^[a]	Default Value	Validation Constraints	Notes
id	uuid-str	N/A	R	generated	N/A	UUID representing the subnet
network_id	uuid-str	Yes	CR	N/A	network this subnet is associated with.
name	String	No	CRU	None	N/A	Human-readable name for the subnet. Might not be unique.
ip_version	int	Yes	CR	4	{ 4 \| 6 }	IP version
cidr	string	Yes	CR	N/A	valid cidr in the form <network_address>/<prefix>	cidr representing IP range for this subnet, based on IP version
gateway_ip	string	No	CRUD	first address in cidr	Valid IP address or null	default gateway used by devices in this subnet
dns_nameservers	list(str)	No	CRU	Empty list	No constraint	DNS name servers used by hosts in this subnet.
allocation_pools	list(dict)	No	CR	Every address in cidr, excluding gateway_ip if configured	start/end of range must be valid ip	Sub-ranges of cidr available for dynamic allocation to ports [ { "start": "10.0.0.2", "end": "10.0.0.254"} ]
host_routes	list(dict)	No	CRU	Empty List	[]	Routes that should be used by devices with IPs from this subnet (not including local subnet route).
enable_dhcp	Bool	No	CRU	True	{ True \| False }	Specifies whether DHCP is enabled for this subnet or not.
tenant_id	uuid-str	No^[b]	CR	N/A	No constraint	Owner of network. Only admin users can specify a tenant_id other than its own.
^[a] C. Use the attribute in create operations. R. This attribute is returned in response to show and list operations. U. You can update the value of this attribute. D. You can delete the value of this attribute. ^[b]If OpenStack Networking is not running with the Keystone Identity service, the `tenant_id` attribute is required.

Port

A port represents a virtual switch port on a logical network switch. Virtual instances attach their interfaces into ports. The logical port also defines the MAC address and the IP address(es) to be assigned to the interfaces plugged into them. When IP addresses are associated to a port, this also implies the port is associated with a subnet, as the IP address was taken from the allocation pool for a specific subnet.

Table 2.3. Port Attributes
Attribute	Type	Required	CRUD^[a]	Default Value	Validation Constraints	Notes
id	uuid-str	N/A	R	generated	N/A	UUID for the port.
network_id	uuid-str	Yes	CR	N/A	existing network identifier	Network that this port is associated with.
name	String	No	CRU	None	N/A	Human-readable name for the port. Might not be unique.
admin_state_up	bool	No	CRU	true	{true\|false}	Administrative state of port. If false (down), port does not forward packets.
status	string	N/A	R	N/A	N/A	Indicates whether network is currently operational. Possible values include: ACTIVE DOWN BUILD ERROR Plug-ins might define additional values.
mac_address	string	No	CR	generated	valid MAC in 6-octet form separated by colons	Mac address to use on this port.
fixed_ips	list(dict)	No	CRU	automatically allocated from pool	Valid IP address and existing subnet identifier	Specifies IP addresses for the port thus associating the port itself with the subnets where the IP addresses are picked from
device_id	str	No	CRUD	None	No constraint	identifies the device (e.g., virtual server) using this port.
device_owner	str	No	CRUD	None	No constraint	Identifies the entity (e.g.: dhcp agent) using this port.
tenant_id	uuid-str	No^[b]	CR	N/A	No constraint	Owner of port. Only admin users can specify a tenant_id other than its own.
security_groups	list(dict)	No	CRUD	None	Existing security group IDs	Specifies the IDs of any security groups associated with a port.
^[a] C. Use the attribute in create operations. R. This attribute is returned in response to show and list operations. U. You can update the value of this attribute. D. You can delete the value of this attribute. ^[b]If OpenStack Networking is not running with the Keystone Identity service, the `tenant_id` attribute is required.

Log a bug against this page

Legal notices

Prev		Next
	Home