Updated on 2025-08-19 GMT+08:00

Creating a Port

Function

This API is used to create a port that carries private IP addresses of a subnet. The port can be allocated to other cloud service resources, such as an ECS or a virtual IP address.

URI

POST /v1/{project_id}/ports

Table 1 describes the parameters.
Table 1 Parameter description

Parameter

Mandatory

Description

project_id

Yes

Specifies the project ID. For details about how to obtain a project ID, see Obtaining a Project ID.

Request Parameters

Table 2 Request parameter

Parameter

Mandatory

Type

Description

port

Yes

port object

Specifies the port objects. For details, see Table 3.

Table 3 Description of the port field

Parameter

Mandatory

Type

Description

name

No

String

  • Specifies the port name.
  • The value can contain up to 255 characters. This parameter is left blank by default.

network_id

Yes

String

  • Specifies the ID of the network that the port belongs to.
  • The network ID must exist.
NOTE:

To obtain the network ID:

  • Method 1: Log in to the VPC console and click the target subnet on the Subnets page. You can view the network ID on the displayed page.
  • Method 2: Call the API for querying subnets. For details, see Querying Subnets.

admin_state_up

No

Boolean

  • Specifies the administrative state of the port.
  • The default value is true.

device_owner

No

String

  • Definition: Specifies the device that the port belongs to, that is, a cloud service resource that uses a private IP address in the subnet.
  • Range: Currently, only "" and neutron:VIP_PORT are supported. neutron:VIP_PORT indicates the port of a virtual IP address.

fixed_ips

No

Array of fixed_ip objects

  • Specifies the port IP address. For example, the value is "fixed_ips": [{"subnet_id": "4dc70db6-cb7f-4200-9790-a6a910776bba", "ip_address": "192.169.25.79"}]. For details, see Table 4.
  • A port supports only one fixed IP address that cannot be changed.

tenant_id

No

String

Specifies the project ID.

security_groups

No

Array of strings

Specifies the UUID of the security group, for example, "security_groups": ["a0608cbf-d047-4f54-8b28-cd7b59853fff"]. This is an extended attribute.

allowed_address_pairs

No

Array of allowed_address_pairs objects

  • Specifies a set of zero or more allowed address pairs. An address pair consists of an IP address and MAC address. This attribute is extended. For details, see parameter allowed_address_pair in Table 5.
  • The IP address cannot be 0.0.0.0/0.
  • Configure a dedicated security group for the port if the parameter allowed_address_pairs has a large CIDR block (subnet mask less than 24).
  • If the value of allowed_address_pairs is 1.1.1.1/0, the source/destination check is disabled.
  • If the virtual IP address is bound to a cloud server:
    • The value of mac_address can be left blank or set to the MAC address of the NIC bound to the cloud server.
    • Set allowed_address_pairs of the cloud server network interface to 1.1.1.1/0.

extra_dhcp_opts

No

Array of extra_dhcp_opt objects

Specifies the extended option (extended attribute) of DHCP. For details, see Table 6.

Table 4 fixed_ip objects

Parameter

Mandatory

Type

Description

subnet_id

No

String

  • Specifies the subnet ID.

    If you use the management console, the value of this parameter is the IPv4 Subnet ID or IPv6 Subnet ID value.

  • You cannot change the parameter value.

ip_address

No

String

  • Specifies the port IP address.
  • You cannot change the parameter value.
Table 5 allowed_address_pairs objects

Parameter

Mandatory

Type

Description

ip_address

Yes

String

  • Specifies the IP address.
  • You cannot set it to 0.0.0.0/0.
  • Configure a dedicated security group for the port if the parameter allowed_address_pairs has a large CIDR block (subnet mask less than 24).
  • If the value of allowed_address_pairs is 1.1.1.1/0, the source/destination check is disabled.
  • Set allowed_address_pairs of the cloud server network interface to 1.1.1.1/0.
  • If the value of parameter allowed_address_pairs is specified, parameter ip_address is mandatory.

mac_address

No

String

Specifies the MAC address. By default, the MAC address of the local port is used.

Table 6 extra_dhcp_opt object

Parameter

Mandatory

Type

Description

opt_name

No

String

Specifies the name of the DHCP option. The value of this parameter can only be 51, indicating the DHCP lease time of the IPv4 network interface. If the value of this parameter is set to 651, indicating the DHCP lease time of the IPv6 network interface.

opt_value

No

String

  • Specifies the value of the DHCP option.
  • If the value of opt_name is 51 or 651, the value format of opt_value is Xh, indicating that the DHCP lease time is X hours.
  • The value of X is -1 or from 1 to 175200. If the value is -1, the DHCP lease time is infinite.

Example Request

  • Create a port. Set its network ID to 28a1c93c-9a5e-4a9f-813b-e495bdef7d34, subnet ID to 06bc2359-d75e-4f96-82f4-313e39c7148c, IP address to 192.168.0.38, and associated security group to f2c5b3fc-b971-4a86-87b9-032586260e3e.
    POST https://{Endpoint}/v1/{project_id}/ports
    
    {
        "port": {
            "fixed_ips": [
                {
                    "ip_address": "192.168.0.38",
                    "subnet_id": "06bc2359-d75e-4f96-82f4-313e39c7148c"
                }
            ],
            "network_id": "28a1c93c-9a5e-4a9f-813b-e495bdef7d34",
            "security_groups": [
                "f2c5b3fc-b971-4a86-87b9-032586260e3e"
            ]
        }
    }

Response Parameters

Table 7 Response parameter

Parameter

Type

Description

port

port object

Specifies the port objects. For details, see Table 8.

Table 8 Description of the port field

Parameter

Type

Description

id

String

Specifies the port ID that uniquely identifies the port.

name

String

  • Specifies the port name.
  • The value can contain up to 255 characters. This parameter is left blank by default.

network_id

String

  • Specifies the ID of the network that the port belongs to.
  • The network ID must exist.
NOTE:

To obtain the network ID:

  • Method 1: Log in to the VPC console and click the target subnet on the Subnets page. You can view the network ID on the displayed page.
  • Method 2: Call the API for querying subnets. For details, see Querying Subnets.

admin_state_up

Boolean

  • Specifies the administrative state of the port.
  • The default value is true.

mac_address

String

  • Specifies the MAC address of the port.
  • The MAC address is assigned by the system not specified by users.

fixed_ips

Array of fixed_ip objects

  • Specifies the port IP address. For example, the value is "fixed_ips": [{"subnet_id": "4dc70db6-cb7f-4200-9790-a6a910776bba", "ip_address": "192.169.25.79"}]. For details, see Table 9.
  • In IPv4 scenarios, a port supports only one fixed IP address that cannot be changed. In IPv6 scenarios, a port supports a maximum of two fixed IP addresses that cannot be changed.

device_id

String

  • Definition: Specifies the ID of the device that the port belongs to. The device ID indicates the ID of the cloud service resource that uses the private IP address in the subnet, for example, the cloud server ID or load balancer ID.

device_owner

String

  • Definition: Specifies the device that the port belongs to, that is, a cloud service resource that uses a private IP address in the subnet.
  • Range:
    • network:dhcp: DHCP service
    • network:router_interface_distributed: Subnet gateway address
    • compute:xxx: Private IP address of a cloud server network interface. XXX specifies the AZ name. For example, compute:aa-bb-cc indicates that the private IP address is used by a cloud server in the AZ aa-bb-cc.
    • neutron:VIP_PORT: Virtual IP address
    • neutron:LOADBALANCERV2: Shared load balancer
    • neutron:LOADBALANCERV3: Dedicated load balancer
    • network:endpoint_interface: VPC endpoint
    • network:nat_gateway: NAT gateway
    • network:ucmp: UCMP port, which is used by Enterprise Router.

tenant_id

String

Specifies the project ID.

status

String

  • Specifies the port status. The status of a HANA SR-IOV VM port is always DOWN.
  • The value can be ACTIVE, BUILD, or DOWN.

security_groups

Array of strings

Specifies the security group UUID (extended attribute).

allowed_address_pairs

Array of allowed_address_pairs objects

  • Specifies a set of zero or more allowed address pairs. An address pair consists of an IP address and MAC address. For details, see Table 10.
  • The IP address cannot be 0.0.0.0/0.
  • Configure a dedicated security group for the port if the parameter allowed_address_pairs has a large CIDR block (subnet mask less than 24).
  • If the value of allowed_address_pairs is 1.1.1.1/0, the source/destination check is disabled.
  • Set allowed_address_pairs of the cloud server network interface to 1.1.1.1/0.
  • If the value of allowed_address_pairs is the IP address of the ECS NIC, the port corresponding to the virtual IP address is bound.

extra_dhcp_opts

Array of extra_dhcp_opt objects

Specifies the extended option (extended attribute) of DHCP. For details, see Table 11.

binding:vif_details

binding:vif_details object

For details, see Table 12.

binding:profile

Object

Specifies the user-defined settings. This is an extended attribute.

Note:

  • The internal_elb field is in boolean type and is available to common tenants. Set the value of this parameter to true only when you assign a virtual IP address to an internal network load balancer. Common tenants do not have the permission to change the value of this field, which is maintained by the system.

    Example:

    {"internal_elb": true}

  • The disable_security_groups field is in boolean type and is available to common tenants. The default value is false. In high-performance communication scenarios, you can set the parameter value to true, which makes this parameter to be available to common tenants. You can specify this parameter when creating a port. Currently, the value of this parameter can only be set to true.

    Example:

    {"disable_security_groups": true }

    Currently, the value can only be set to true. When the value is set to true, the FWaaS function does not take effect.

binding:vnic_type

String

  • Specifies the type of the bound vNIC.
  • normal indicates software switching. direct indicates SR-IOV PCIe passthrough, which is not supported.

dns_assignment

Array of dns_assignment objects

  • Specifies the default private network domain name information of the primary NIC.
  • The system automatically sets this parameter, and you are not allowed to configure or change the parameter value.

dns_name

String

  • Specifies the default private network DNS name of the primary NIC.
  • The system automatically sets this parameter, and you are not allowed to configure or change the parameter value.

instance_id

String

  • Specifies the ID of the instance to which the port belongs, for example, RDS instance ID.
  • The system automatically sets this parameter, and you are not allowed to configure or change the parameter value.

instance_type

String

  • Specifies the type of the instance to which the port belongs, for example, RDS.
  • The system automatically sets this parameter, and you are not allowed to configure or change the parameter value.

port_security_enabled

Boolean

  • Specifies whether the security option is enabled for the port. If the option is not enabled, the security group and DHCP snooping do not take effect.

zone_id

String

Specifies the availability zone that the port belongs to.

enable_efi

Boolean

  • Specifies whether to enable efi. If efi is enabled, the port supports vRoCE. The default value is false.

ipv6_bandwidth_id

String

  • Specifies the ID of the shared bandwidth associated with the IPv6 network interface.
  • This parameter is displayed only when the IPv6 network interface is associated with a shared bandwidth.
Table 9 fixed_ip object

Parameter

Type

Description

subnet_id

String

  • Specifies the subnet ID.

    If you use the management console, the value of this parameter is the IPv4 Subnet ID or IPv6 Subnet ID value.

  • You cannot change the parameter value.

ip_address

String

Specifies the port IP address.

Table 10 allowed_address_pairs objects

Parameter

Type

Description

ip_address

String

  • Specifies the IP address.
  • You cannot set it to 0.0.0.0/0.
  • Configure a dedicated security group for the port if the parameter allowed_address_pairs has a large CIDR block (subnet mask less than 24).
  • If the value of allowed_address_pairs is 1.1.1.1/0, the source/destination check is disabled.
  • Set allowed_address_pairs of the cloud server network interface to 1.1.1.1/0.

mac_address

String

Specifies the MAC address. By default, the MAC address of the local port is used.

Table 11 extra_dhcp_opt object

Parameter

Type

Description

opt_name

String

Specifies the name of the DHCP option. The value of this parameter can only be 51, indicating the DHCP lease time of the IPv4 network interface. If the value of this parameter is set to 651, indicating the DHCP lease time of the IPv6 network interface.

opt_value

String

  • Specifies the value of the DHCP option.
  • If the value of opt_name is 51 or 651, the value format of opt_value is Xh, indicating that the DHCP lease time is X hours.
  • The value of X is -1 or from 1 to 175200. If the value is -1, the DHCP lease time is infinite.
Table 12 binding:vif_details object

Parameter

Type

Description

primary_interface

Boolean

If the value is true, this is the primary NIC.

port_filter

Boolean

Specifies the port used for filtering in security groups to protect against MAC or IP spoofing.

ovs_hybrid_plug

Boolean

Specifies that OVS hybrid plug should be used by Nova APIs.

Table 13 dns_assignment object

Parameter

Type

Description

hostname

String

Specifies the host name of the port.

ip_address

String

Specifies the port IP address.

fqdn

String

Specifies the private network fully qualified domain name (FQDN) of the port.

Example Response

{
    "port": {
        "id": "d00f9c13-412f-4855-8af3-de5d8c24cd60",
        "name": "test",
        "status": "DOWN",
        "admin_state_up": "true",
        "fixed_ips": [
            {
                "subnet_id": "70f2e74b-e660-410a-b754-0ca46744348a",
                "ip_address": "10.128.1.10"
            }
        ],
        "dns_name": "",
        "mac_address": "fa:16:3e:d7:f2:6c",
        "network_id": "5b808927-13c9-4e60-a4f4-ed6ffe225167",
        "tenant_id": "43f2d1cca56a40729dcb17212482f34d",
        "device_id": "",
        "device_owner": "",
        "security_groups": [
            "02b4e8ee-74fa-4a31-802e-5490df11245e"
        ],
        "extra_dhcp_opts": [],
        "allowed_address_pairs": [],
        "binding:vnic_type": "normal",
        "enable_efi": false
    }
}

Status Code

See Status Codes.

Error Code

See Error Codes.