Network object is an isolation layer, it's defined by the cloud administrator: isolation type (VLAN, VXLAN...), physical NIC.. The subnet is a free value to cloud users, this mechanism allows multiples users to use same L3 networks (overlapping). So the network is used by admin to isolate the client and subnet is used by client to "isolate" his instances (webfont / db ...). Isolation works only on layer3 because all subnets will use the same layer2 (defined by admin). It's very easy to verify: boot one instance on each subnet then capture the traffic: you will see ARP trames.

I dont know why Neutron drains all IP from last network but anyway the best practice is to create port then allocate to instance.

Does it mean that VM instances from both these subnets would be configured under the same VLAN? > yes

From: Anil Jangam <anilj.mailing@gmail.com>
Sent: Saturday, August 1, 2020 11:36 PM
To: openstack-discuss
Subject: Two subnets under same network context.

Hi,

I have observed that one can create two subnets under the same network scope. See below an example of the use case.

Screen Shot 2020-08-01 at 2.22.15 PM.png

Upon checking the data structures, I saw that the segment type (vlan) and segment id (55) is associated with the "network" object and not with the "subnet" (I was under impression that the segment type (vlan) and segment id (55) would be allocated to the "subnet").

When I create the VM instances, they always pick the IP address from the SUBNET1-2 IP range. If the segment (vlan 55) is associated with "network" then what is the reason two "subnets" are allowed under it?

Does it mean that VM instances from both these subnets would be configured under the same VLAN?

/anil.