This page is about the implementation as it was released in newton, based on v4 of the trunk port spec.


Neutron extension to access lots of neutron networks over a single vNIC as tagged/encapsulated traffic.

As of Newton implementations exist for

Work is ongoing for

  • OpenDaylight and
  • Ironic.

API-CLI mapping

CLI verb (openstack client) HTTP method URL CLI verb (as in the spec, obsolete)
network trunk create POST /v2.0/trunks trunk-create
network trunk delete DELETE /v2.0/trunks/$trunk_id trunk-delete
network trunk list GET /v2.0/trunks trunk-list
network trunk show GET /v2.0/trunks/$trunk_id trunk-show
network trunk set PUT /v2.0/trunks/$trunk_id/add_subports trunk-subport-add
network trunk unset PUT /v2.0/trunks/$trunk_id/remove_subports trunk-subport-delete
network subport list GET /v2.0/trunks/$trunk_id/get_subports trunk-subport-list

CLI usage example

# Business as usual.
openstack network create net0
openstack network create net1
openstack network create net2
openstack subnet create --network net0 --subnet-range subnet0
openstack subnet create --network net1 --subnet-range subnet1
openstack subnet create --network net2 --subnet-range subnet2

openstack port create --network net0 port0 # will become a parent port

# As of newton there's no automation to tell the guest OS the MAC addresses of child ports. So
#     # (a) either create child ports having the same MAC address as the parent port
#     # (remember, they are on different networks),
#     # NOTE This approach is affected by a bug of the openvswitch firewall driver:
#     # https://bugs.launchpad.net/neutron/+bug/1626010
#            openstack port create --network ... parent-port
#            parent_mac="$( openstack port show parent-port | awk '/ mac_address / { print $4 }' )"
#            openstack port create --mac-address "$parent_mac" --network ... child-port
#            openstack network trunk create --parent-port parent-port trunk0
#            openstack network trunk set --subport port=child-port,segmentation-type=vlan,segmentation-id=101 trunk0
#            openstack server-create --nic port-id=parent-port ... --wait vm0
#            ssh vm0 sudo ip link add link eth0 name eth0.101 type vlan id 101
#            # eth0 and eth0.101 have the same MAC address
#     # (b) or create the VLAN subinterfaces with MAC addresses as random-assigned by neutron.
#            openstack port create --network ... parent-port
#            openstack port create --network ... child-port
#            child_mac="$( openstack port show child-port | awk '/ mac_address / { print $4 }' )"
#            openstack network trunk create --parent-port parent-port trunk0
#            openstack network trunk set --subport port=child-port,segmentation-type=vlan,segmentation-id=101 trunk0
#            openstack server-create --nic port-id=parent-port ... --wait vm0
#            ssh vm0 sudo ip link add link eth0 name eth0.101 address "$child_mac" type vlan id 101
#            # eth0 and eth0.101 have different MAC addresses
# We follow option (a) here:
parent_mac="$( openstack port show port0 | awk '/ mac_address / { print $4 }' )"

openstack port create --network net1 --mac-address "$parent_mac" port1 # will become a child port: at trunk create time
openstack port create --network net2 --mac-address "$parent_mac" port2 # will become a child port: later

# Create a trunk using port0 as parent port (ie. turn port0 into a trunk port).
openstack network trunk create --parent-port port0 trunk0
# A port can be part of one trunk only.
# Error expected: Port UUID is currently in use and is not eligible for use as a parent port.
openstack network trunk create --parent-port port0 trunk1

openstack network trunk list
openstack network trunk show trunk0

openstack network trunk delete trunk0

# A trunk can be created with subports too.
openstack network trunk create --parent-port port0 --subport port=port1,segmentation-type=vlan,segmentation-id=101 trunk0
openstack network trunk list
openstack network trunk show trunk0
openstack network subport list --trunk trunk0

# Use an image with support for vlan interfaces. CirrOS will not cut it.
# But see also: https://etherpad.openstack.org/p/cirros-respin
# eg: sudo ip link add ... type vlan ...
wget --timestamping --tries=1 https://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img
openstack image create --disk-format qcow2 --public --file trusty-server-cloudimg-amd64-disk1.img vlan-capable-image

# The only vNIC in your instance corresponds to the parent port, so boot your instance with the parent port given.
# Do not add child ports as NICs to 'nova boot / openstack server create'.
openstack server create --flavor ds512M --image vlan-capable-image --nic port-id=port0 --wait vm0

# The typical cloud image will auto-configure the first NIC (eg. eth0) only and not the vlan interfaces (eg. eth0.VLAN-ID).
ssh VM0-ADDRESS sudo ip link add link eth0 name eth0.101 type vlan id 101

# Error expected: Failed to add subports to trunk 'trunk0': Port UUID is in use by another trunk.
openstack network trunk set --subport port=port1,segmentation-type=vlan,segmentation-id=999 trunk0
# Error expected: Failed to add subports to trunk 'trunk0': segmentation_type vlan and segmentation_id 101 already in use on trunk UUID.
openstack network trunk set --subport port=port2,segmentation-type=vlan,segmentation-id=101 trunk0
# Add subports to a running instance.
openstack network trunk set --subport port=port2,segmentation-type=vlan,segmentation-id=102 trunk0
openstack network trunk show trunk0

# Again you need to bring your subport vlan interfaces up.
ssh VM0-ADDRESS sudo ip link add link eth0 name eth0.102 type vlan id 102

# Delete subports from a running instance.
ssh VM0-ADDRESS sudo ip link delete dev eth0.102
openstack network trunk unset --subport port2 trunk0

# Cannot delete ports used as parent or subports. Delete the trunk first.
# Error expected: FIXME HttpException: Conflict
openstack port delete port0
# Error expected: FIXME HttpException: Conflict
openstack port delete port1

# Clean up.
openstack server delete vm0
openstack network trunk delete trunk0
openstack port delete port2 port1 port0
openstack network delete net2 net1 net0


