Networks, subnets, and ports make up the foundation of Neutron's logical network architecture. A network describes a layer 2 segment, and is typically used to define a boundary such as a VLAN. A subnet is an IPv4 or IPv6 address block that is associated with the network. Networks can be associated with one or more subnets. Lastly, a port represents a switch port on a logical switch that spans the entire cloud. A port object contains information about the device it is associated with, including its MAC addresses, IP addresses, and device ID. A device could be a virtual machine instance interface, a virtual router interface, or some other device that will be connected to the virtual network.
Network objects in OpenStack have many attributes that describe how that network connects the physical and virtual infrastructures. The following table describes a few of these details:
|
|
|
|---|---|
|
|
This describes the physical interface used for this network. The label here is an alias for interfaces such as |
|
|
This describes the segment ID, such as VLAN ID or VXLAN VNI. It may not be used for all network types. |
|
|
This describes the network type, such as Flat, VLAN, VXLAN, and GRE. |
|
|
Boolean (true or false) is used to determine if the network is eligible for use as a floating IP pool. |
The role of the user creating a network determines which attributes can be specified by that user at network creation. An administrative user can specify details such as the physical network or segmentation ID when creating a network. Regular users must rely on Neutron to automatically provision the network based on details set in Neutron configuration files, including a pool of segmentation IDs per physical network from which to choose from. Networks that are created specifically to connect virtual devices to the physical network infrastructure are often referred to as provider networks, since their attributes are deliberately set based on the environment or data center in which they reside. Provider networks are typically shared across projects or tenants and often provide connectivity to upstream devices that can facilitate routing in and out of the environment. Networks that are created by regular users are referred to as tenant networks, and are typically only used by the project or tenant that created them. In most cases, tenant networks must be connected to virtual routers, which are in turn connected to provider networks, and can provide connectivity in and out of connected tenant networks. In the following sections, we will look at common tasks involving those resources.