OpenStack Networking provides a rich tenant-facing API for defining network connectivity and addressing in the cloud. The OpenStack Networking project gives operators the ability to leverage different networking technologies to power their cloud networking. It is a virtual network service that provides a powerful API to define the network connectivity and addressing used by devices from other services, such as OpenStack Compute. It has a rich API which consists of the following components.
When using VlanManager to separate tenants, we can manually assign VLANs and network ranges to them by creating a secure multi-tenant environment. We can also have OpenStack to manage this association for us, so that when we create a project it automatically gets assigned to these details..

To gain in-depth knowledge and be on par with practical experience, then explore  OpenStack Training course.

Getting started

To begin with, ensure you’re logged in to the Controller server (our OpenStack VirtualBox Virtual Machine, controller, created in, Starting Openstack Compute). If this was created using Vagrant, you can log into this box using the following command:

vagrant ssh controller

How to achieve it…

Carry out the following steps to configure networking in OpenStack to automatically assign new tenants’ individual VLANs and private (fixed) IP ranges:

  • In the file /etc/nova/nova.conf, ensure there is a flag called vlan_start with a VLAN ID, for example:
  • We can now create a range of networks, each with 256 addresses available, by issuing the following command:

Create a range of networks

  • This creates 10 networks, with 256 IP addresses starting from 0.0.0/24 to and starting from VLAN ID 100 to VLAN ID 110.


You can specify an alternative VLAN start ID on the command line by adding in the —vlan=id option, where id is a number.

How it works…

By specifying the —num_networks option and specifying the —network_size option (the number of IPs in each of the created networks), we can tell our OpenStack environment to create multiple networks within the range specified by — fixed_range_v4. When projects are created now, rather than having to manually associate an address range with a tenant, they are automatically assigned a VLAN, starting from the –vlan_start ID, as specified in /etc/nova/nova.conf.

Frequently Asked OpenStack Interview Question & Answers

Modifying a tenant’s fixed network

Subscribe to our youtube channel to get new updates..!

To ensure that our OpenStack environment is able to separate traffic from one tenant to another, we assign different fixed ranges to each. When a fixed network is no longer required, or we want to assign a particular tenant to a specific network, we can use the nova-manage command to modify these details.

Getting ready

To begin with, ensure you’re logged in to the OpenStack API server as well as to a client that can access the keystone environment.

How to do it…

To assign a particular network to a tenant, carry out the following steps:

  • On a client that has access to the keystone command, run the following commands to list the projects available:


An example of running the previous commands is as follows:

Previous Commands

  • To view the list of networks and ranges available, issue the following command on an OpenStack API host:
sudo nova-manage network list

An example of running the previous commands is as follows:

previous commands

  • The output shown lists network ranges and their associated project IDs. From this, we can see that we have not assigned to a project (where it says None under the project column). To assign this network range to the development tenant, we issue the following commands:

Development tenant,

  • When we view the output now for that network range, we will have this project ID assigned to it and any instances spawned under this tenant will be assigned an address in this range.
Explore OpenStack Sample Resumes! Download & Edit, Get Noticed by Top Employers!  Download Now!

How it works…

When configuring tenants in our OpenStack environment, it is recommended (although not a requirement) to have their own private (fixed) range assigned to them. This allows for those instances in each particular tenant to be kept separated through their different ranges along with appropriately set security group rules.
The syntax to modify a network is as follows:

Syntax to modify a network


Related Pages:
Openstack Tutorial