Creating and Managing Networks Using the CLI

A network allows connected resources to communicate. A router directs network traffic between different networks and is required for accessing instances on a private network from the external network. This topic provides basic instructions on creating a network and a router. For more information on networks, refer to the Networking Overview. For more information on creating a private network for launching instances, see Creating a Network for Instances.

Prerequisites—You must prepare your environment to access the command-line interface:

Creating a Network

$ openstack network create <NETWORK_NAME>
| Field                     | Value                 |
| admin_state_up            | UP                    |
| availability_zone_hints   | None                  |
| availability_zones        | None                  |
| created_at                | None                  |
| description               | None                  |
| dns_domain                | None                  |
| id                        | <network_id>          |
| ipv4_address_scope        | None                  |
| ipv6_address_scope        | None                  |
| is_default                | None                  |
| is_vlan_transparent       | None                  |
| mtu                       | 0                     |
| name                      | <network_name>        |
| port_security_enabled     | False                 |
| project_id                | None                  |
| provider:network_type     | None                  |
| provider:physical_network | None                  |
| provider:segmentation_id  | None                  |
| qos_policy_id             | None                  |
| revision_number           | None                  |
| router:external           | Internal              |
| segments                  | None                  |
| shared                    | False                 |
| status                    | ACTIVE                |
| subnets                   |                       |
| updated_at                | None                  |

Some fields of the created network are only visible to administrators.

Creating a Subnet

$ openstack subnet create <SUBNET_NAME> --network <NETWORK_NAME> --subnet-range <CIDR>

The subnet create command uses the following parameters:

  • NETWORK_NAME—The name or ID of the network to which the subnet belongs.
  • CIDR—The CIDR of the subnet, for example
  • SUBNET_NAME—The name of the subnet.

For information on the advanced use of the subnet subcommand (with examples), see the Administrator Guide.

Creating a Router

$ openstack router create <ROUTER_NAME>

If you receive an error message, verify the router name is not identical to an existing router.

The unique router identifier returned is required to perform the following steps. Replace ROUTER_ID with the unique identifier of the router.

To set the external gateway:

This establishes an external gateway to the public network.

$ openstack router set <ROUTER_ID> --external-gateway <PUBLIC_NETWORK_ID>

So that private network resources can communicate with an external network, add a connection between the router and the private network.

$ openstack router add subnet <ROUTER_ID> <SUBNET_ID>

To create a static route:

You can configure a routing entry by indicating a destination CIDR and the next-hop IP address. This route is static and does not change. Static routes are useful as a fail-safe in the event that a dynamic route is unavailable or as an override of an existing dynamic route.

$ openstack router set <ROUTER_ID> --route destination=<SUBNET_CIDR>,gateway=<NEXT_HOP_IP_ADDRESS>

Creating Ports

When you create a port without specifying an IP address, the system allocates a MAC address and applies a DOWN status.

$ openstack port create <PORT_NAME> --network <NETWORK_ID>

To create a port with a specified IP address:

$ openstack port create <PORT_NAME> --network <NETWORK_ID> --fixed-ip subnet=<SUBNET_ID>,ip_address=

When you create a port, you can specify any unallocated IP in the subnet even if the address is not in a pre-defined pool of allocated IP addresses (set by your cloud provider).

To query a port with a fixed IP address:

$ openstack port list --fixed-ip ip-address=
| ID         | Name | MAC Address       | Fixed IP Addresses                                | Status |
| <port_id>  |      | fa:16:3e:d7:07:ae | ip_address='', subnet_id='<subnet_id>' | ACTIVE |