The OpenStack Networking service provides a comprehensive and extensible networking service to the cloud. Some features include, but are not limited to, the ability for instances to reach an external network outside of the cloud as well as the ability for each user of the cloud to create multiple internal subnets of their own. Install the OpenStack Networking server: # apt-get install neutron-server # yum install openstack-neutron openstack-neutron-openvswitch # zypper install openstack-neutron Configure the OpenStack Networking service: Edit /etc/neutron/neutron.conf: [DEFAULT] verbose = True rabbit_password = password [keystone_authtoken] admin_tenant_name = service admin_user = neutron admin_password = password [DEFAULT] core_plugin = \ neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2 auth_strategy = keystone fake_rabbit = False rpc_backend=neutron.openstack.common.rpc.impl_qpid qpid_username = guest qpid_password = guest [DEFAULT] verbose = True rabbit_password = password core_plugin = \ neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2 [keystone_authtoken] admin_tenant_name = service admin_user = neuron admin_password = password Edit /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini: [database] connection = mysql://neutron:password@localhost/neutron [ovs] tenant_network_type = gre tunnel_id_ranges = 1:1000 enable_tunneling = True local_ip = 10.10.10.10 [securitygroup] firewall_driver = \ neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver [database] connection = mysql://neutron:password@localhost/neutron [ovs] enable_tunneling = False [securitygroup] firewall_driver = \ neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver It's more handy to choose tunnel mode since you don't have to configure your physical switches for VLANs. The Fedora kernel module for OpenVSwitch has been compiled without support for tunnels. To use gre tunnels, the module must be recompiled. Edit /etc/neutron/api-paste.ini: [filter:authtoken] paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory auth_host = 127.0.0.1 auth_port = 35357 auth_protocol = http admin_tenant_name = service admin_user = neutron admin_password = password Enable the OVS plugin: # ln -s /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini \ /etc/neutron/plugin.ini Set SELinux to permissive mode: # setenforce 0 # sed -i 's/SELINUX=enforcing/SELINUX=permissive/g' /etc/sysconfig/selinux Start the services: # service neutron-server restart # service neutron-server restart # chkconfig neutron-server on # systemctl restart openstack-neutron.service # systemctl enable openstack-neutron.service