Public Network Provider¶
DO NOT USE (for now)
Working with flat network providers messed up the networking on the host machine. The production setup will use
vlan so there is not much sense to continue insisting on this setup.
Key Steps Overview¶
- Admin creates the public network provider (flat network with the 81.196.110.112/28 subnet).
- Admin creates a shared router that connects to the public network (consuming only one public IP).
- Tenants create private local-net networks for their VMs.
- Tenants allocate floating IPs from the public provider network to their VMs for direct internet access.
Step-by-Step Configuration¶
Step 1: Admin Creates the Shared "Public" Network Provider¶
The admin creates the public network provider that assigns IPs from the 81.196.110.112/28 range.
Go to Admin > Networks > Create Network:
| Field | Value |
|---|---|
| Name: | public |
| Project: | admin |
| Provider Network Type: | flat |
| Physical Network: | public |
| Enable Admin State: | Checked |
| Shared: | Checked |
| External Network: | Checked |
| Create Subnet: | Checked |
| Availability Zone: | nova |
| MTU | leave_empty |
Warning
public has to be defined in the provider_networks section in the openstack_user_config.yml
| Field | Value |
|---|---|
| Subnet Name: | public-subnet |
| Network Address: | 81.196.110.112/28 |
| IP Version: | IPv4 |
| Gateway IP: | 81.196.110.113 |
| Disable Gateway: | Unchecked |
| Field | Value |
|---|---|
| Enable DHCP | Checked |
| Allocation Pools: | 81.196.110.118,81.196.110.126 |
| DNS Name Servers: | 1.1.1.1 |
| Host Routes: | leave_empty |
Warning
The public network (81.196.110.112/28) is not managed by an external router (e.g., FortiGate router). DHCP should be checked for the public-subnet
This network is shared among all tenants, allowing their routers to connect to the public network.
Equivalent CLI Command
openstack network create office\
--project admin \
--share \
--external \
--provider-network-type flat \
--provider-physical-network office
openstack subnet create public-subnet\
--project admin \
--network public \
--subnet-range 81.196.110.112/28 \
--gateway 81.196.110.113 \
--dns-nameserver 1.1.1.1 \
--allocation-pool start=81.196.110.118,end=81.196.110.126
Step 2: Admin Creates the Shared "Public" Router¶
| Field | Value |
|---|---|
| Router Name: | public-router |
| Project: | admin |
| Enable Admin State: | Checked |
| External Network: | public |
| Enable SNAT: | Checked |
| Availability Zone Hints: | nova |
openstack router create public-router \
--project admin \
--external-gateway public \
--enable-snat \
--availability-zone-hint nova