Creating virtual compute networks

Limitations

  • IPv6 subnets are not available for virtual compute networks.

Prerequisites

To add a virtual compute network

Admin panel

  1. On the Compute > Network > Networks tab, click Create network.
  2. On the Network configuration step:

    1. Enable or disable IP address management:

      • With IP address management enabled, VMs connected to the network will automatically be assigned IP addresses from allocation pools by the built-in DHCP server and use custom DNS servers. Additionally, spoofing protection will be enabled for all VM network ports by default. Each VM network interface will be able to accept and send IP packets only if it has IP and MAC addresses assigned. You can disable spoofing protection manually for a VM interface, if required.
      • With IP address management disabled, VMs connected to the network will obtain IP addresses from the DHCP servers in that network, if any. Also, spoofing protection will be disabled for all VM network ports, and you cannot enable it manually. This means that each VM network interface, with or without assigned IP and MAC addresses, will be able to accept and send IP packets.

      In any case, you will be able to manually assign static IP addresses from inside the VMs.

    2. Select the Virtual network type.
    3. Specify a network name.
    4. Click Next.

  3. If you enabled IP address management, you will move on to the IP address management step, where you can add an IPv4 subnet:

    1. In the Subnets section, click Add and select IPv4 subnet.
    2. In the Add IPv4 subnet window, specify the network’s IPv4 address range and, optionally, specify a gateway. If you leave the Gateway field blank, the gateway will be omitted from network settings.
    3. Enable or disable the built-in DHCP server:

      • With the DHCP server enabled, VM network interfaces will automatically be assigned IP addresses: either from allocation pools or, if there are no pools, from the network’s entire IP range. The DHCP server will receive the first two IP addresses from the IP pool. For example:

        • In a subnet with CIDR 192.168.128.0/24 and without a gateway, the DHCP server will be assigned the IP addresses 192.168.128.1 and 192.168.128.2.
        • In a subnet with CIDR 192.168.128.0/24 and the gateway IP address set to 192.168.128.1, the DHCP server will be assigned the IP addresses 192.168.128.2 and 192.168.128.3.
      • With the DHCP server disabled, VM network interfaces will still get IP addresses, but you will have to manually assign them inside VMs.

      The virtual DHCP service will work only within the current network and will not be exposed to other networks.

    4. Specify one or more allocation pools (ranges of IP addresses that will be automatically assigned to VMs).
    5. Specify DNS servers that will be used by virtual machines. These servers can be delivered to VMs via the built-in DHCP server or by using the cloud-init network configuration (if cloud-init is installed in the VM).
    6. Click Add.
  4. On the Summary step, review the configuration, and then click Create network.

Command-line interface

Use the following command:

vinfra service compute network create [--dhcp | --no-dhcp]
                                      [--dns-nameserver <dns-nameserver>]
                                      [--allocation-pool <allocation-pool>]
                                      [--gateway <gateway> | --no-gateway]
                                      [--rbac-policies <rbac-policies>]
                                      [--physical-network <physical-network>]
                                      [--vlan-network <vlan-network>]
                                      [--vlan <vlan>] [--cidr <cidr>]
                                      [--ipv6-address-mode <ipv6-address-mode>]
                                      <network-name>
--dhcp
Enable DHCP.
--no-dhcp
Disable DHCP.
--dns-nameserver <dns-nameserver>
DNS server IP address. This option can be used multiple times.
--allocation-pool <allocation-pool>
Allocation pool to create inside the network in the format: ip_addr_start-ip_addr_end. This option can be used multiple times.
--gateway <gateway>
Gateway IP address
--no-gateway
Do not configure a gateway for this network.
--rbac-policies <rbac-policies>

Comma-separated list of RBAC policies in the format: <target>:<target_id>:<action> | none. Valid targets: project, domain. Valid actions: direct, full, routed. ‘*’ is valid target_id for all targets. Pass none to clear out all existing policies.

Example: domain:default:routed,project:uuid1:full

--physical-network <physical-network>
An infrastructure network to link to a physical network
--vlan-network <vlan-network>
A VLAN network to link
--vlan <vlan>
Virtual network VLAN ID
--cidr <cidr>
Subnet range in CIDR notation
--ipv6-address-mode <ipv6-address-mode>
IPv6 address mode: dhcpv6-stateful, dhcpv6-stateless, slaac
<network-name>
Network name

For example, to create a virtual network myprivnet with enabled IP management and specified network settings, run:

# vinfra service compute network create myprivnet 
--cidr 192.168.128.0/24 \
--gateway 192.168.128.1 --dns-nameserver 8.8.8.8
+---------------------+----------------------------------------------------+
| Field               | Value                                              |
+---------------------+----------------------------------------------------+
| allocation_pools    | - end: 192.168.128.254                             |
|                     |   start: 192.168.128.2                             |
| cidr                | 192.168.128.0/24                                   |
| dns_nameservers     | - 8.8.8.8                                          |
| enable_dhcp         | True                                               |
| gateway_ip          | 192.168.128.1                                      |
| id                  | fa6d0ead-32de-4ce2-b620-5529a15eb52a               |
| ip_version          | 4                                                  |
| ipam_enabled        | True                                               |
| name                | myprivnet                                          |
| physical_network    |                                                    |
| project_id          | b906404c55bb44729da99987536ac5bc                   |
| rbac_policies       | []                                                 |
| router_external     | False                                              |
| shared              | False                                              |
| spoofing_protection | True                                               |
| subnet              | allocation_pools:                                  |
|                     | - end: 192.168.128.254                             |
|                     |   start: 192.168.128.2                             |
|                     | cidr: 192.168.128.0/24                             |
|                     | dns_nameservers:                                   |
|                     | - 8.8.8.8                                          |
|                     | enable_dhcp: true                                  |
|                     | gateway_ip: 192.168.128.1                          |
|                     | id: e607dd29-ffe1-46d8-a189-1baf392d1520           |
|                     | ip_version: 4                                      |
|                     | ipv6_address_mode: null                            |
|                     | ipv6_ra_mode: null                                 |
|                     | network_id: fa6d0ead-32de-4ce2-b620-5529a15eb52a   |
| subnets             | - allocation_pools:                                |
|                     |   - end: 192.168.128.254                           |
|                     |     start: 192.168.128.2                           |
|                     |   cidr: 192.168.128.0/24                           |
|                     |   dns_nameservers:                                 |
|                     |   - 8.8.8.8                                        |
|                     |   enable_dhcp: true                                |
|                     |   gateway_ip: 192.168.128.1                        |
|                     |   id: e607dd29-ffe1-46d8-a189-1baf392d1520         |
|                     |   ip_version: 4                                    |
|                     |   ipv6_address_mode: null                          |
|                     |   ipv6_ra_mode: null                               |
|                     |   network_id: fa6d0ead-32de-4ce2-b620-5529a15eb52a |
| tags                | []                                                 |
| type                | virtual                                            |
| vlan_id             |                                                    |
+---------------------+----------------------------------------------------+

The new compute network will appear in the vinfra service compute network list output:

# vinfra service compute network list -c id -c name -c cidr -c allocation_pools
+----------------+---------------+------------------+---------------------------------+
| id             | name          | cidr             | allocation_pools                |
+----------------+---------------+------------------+---------------------------------+
| 22674f9d-<...> | mypubnet      | 10.136.16.0/22   | - 10.136.18.141-10.136.18.148   |
| 8f0dc747-<...> | mypubnet_vlan | 10.136.16.0/22   | - 10.136.18.131-10.136.18.138   |
| a0019b43-<...> | myprivnet     | 192.168.128.0/24 | - 192.168.128.2-192.168.128.254 |
+----------------+---------------+------------------+---------------------------------+