diff --git a/cmd/server/config.go b/cmd/server/config.go
index 24db0c21..11262ba8 100644
--- a/cmd/server/config.go
+++ b/cmd/server/config.go
@@ -17,6 +17,8 @@ const (
 	seccompProfilePath  = "/etc/ocid/seccomp.json"
 	apparmorProfileName = "ocid-default"
 	cgroupManager       = "cgroupfs"
+	cniConfigDir        = "/etc/cni/net.d/"
+	cniBinDir           = "/opt/cni/bin/"
 )
 
 var commentedConfigTemplate = template.Must(template.New("config").Parse(`
@@ -81,6 +83,17 @@ cgroup_manager = "{{ .CgroupManager }}"
 # pause is the path to the statically linked pause container binary, used
 # as the entrypoint for infra containers.
 pause = "{{ .Pause }}"
+
+# The "ocid.network" table contains settings pertaining to the
+# management of CNI plugins.
+[ocid.network]
+
+# network_dir is is where CNI network configuration
+# files are stored.
+network_dir = "{{ .NetworkDir }}"
+
+# plugin_dir is is where CNI plugin binaries are stored.
+plugin_dir = "{{ .PluginDir }}"
 `))
 
 // TODO: Currently ImageDir isn't really used, so we haven't added it to this
@@ -113,6 +126,10 @@ func DefaultConfig() *server.Config {
 			Pause:    pausePath,
 			ImageDir: filepath.Join(ocidRoot, "store"),
 		},
+		NetworkConfig: server.NetworkConfig{
+			NetworkDir: cniConfigDir,
+			PluginDir:  cniBinDir,
+		},
 	}
 }
 
diff --git a/cmd/server/main.go b/cmd/server/main.go
index 334dfecb..5195d437 100644
--- a/cmd/server/main.go
+++ b/cmd/server/main.go
@@ -66,6 +66,12 @@ func mergeConfig(config *server.Config, ctx *cli.Context) error {
 	if ctx.GlobalIsSet("cgroup-manager") {
 		config.CgroupManager = ctx.GlobalString("cgroup-manager")
 	}
+	if ctx.GlobalIsSet("cni-config-dir") {
+		config.NetworkDir = ctx.GlobalString("cni-config-dir")
+	}
+	if ctx.GlobalIsSet("cni-plugin-dir") {
+		config.PluginDir = ctx.GlobalString("cni-plugin-dir")
+	}
 	return nil
 }
 
@@ -157,6 +163,14 @@ func main() {
 			Name:  "cgroup-manager",
 			Usage: "cgroup manager (cgroupfs or systemd)",
 		},
+		cli.StringFlag{
+			Name:  "cni-config-dir",
+			Usage: "CNI configuration files directory",
+		},
+		cli.StringFlag{
+			Name:  "cni-plugin-dir",
+			Usage: "CNI plugin binaries directory",
+		},
 	}
 
 	// remove once https://github.com/urfave/cli/pull/544 lands
diff --git a/docs/ocid.8.md b/docs/ocid.8.md
index aad95477..c0bbc353 100644
--- a/docs/ocid.8.md
+++ b/docs/ocid.8.md
@@ -21,6 +21,8 @@ ocid - Enable OCI Kubernetes Container Runtime daemon
 [**--selinux**]
 [**--seccomp-profile**=[*value*]]
 [**--apparmor-profile**=[*value*]]
+[**---cni-config-dir**=[*value*]]
+[**---cni-plugin-dir**=[*value*]]
 [**--version**|**-v**]
 
 # DESCRIPTION
@@ -86,6 +88,12 @@ ocid is meant to provide an integration path between OCI conformant runtimes and
 **--apparmor_profile**=""
   Name of the apparmor profile to be used as the runtime's default (default: "ocid-default")
 
+**--cni-config-dir**=""
+  CNI configuration files directory (defautl: "/etc/cni/net.d/")
+
+**--cni-plugin-dir**=""
+  CNI plugin binaries directory (defautl: "/opt/cni/bin/")
+
 **--version, -v**
   Print the version
 
diff --git a/docs/ocid.conf.5.md b/docs/ocid.conf.5.md
index 20a95dd8..4d554640 100644
--- a/docs/ocid.conf.5.md
+++ b/docs/ocid.conf.5.md
@@ -69,6 +69,14 @@ The `ocid` table supports the following options:
 **pause**=""
   Path to the pause executable (default: "/usr/libexec/ocid/pause")
 
+## OCID.NETWORK TABLE
+
+**network_dir**=""
+  Path to CNI configuration files (default: "/etc/cni/net.d/")
+
+**plugin_dir**=""
+  Path to CNI plugin binaries (default: "/opt/cni/bin/")
+
 # SEE ALSO
 ocid(8)
 
diff --git a/server/config.go b/server/config.go
index 20bd1663..b13e42fc 100644
--- a/server/config.go
+++ b/server/config.go
@@ -14,6 +14,7 @@ type Config struct {
 	APIConfig
 	RuntimeConfig
 	ImageConfig
+	NetworkConfig
 }
 
 // This structure is necessary to fake the TOML tables when parsing,
@@ -93,6 +94,15 @@ type ImageConfig struct {
 	ImageDir string `toml:"image_dir"`
 }
 
+// NetworkConfig represents the "ocid.network" TOML config table
+type NetworkConfig struct {
+	// NetworkDir is where CNI network configuration files are stored.
+	NetworkDir string `toml:"network_dir"`
+
+	// PluginDir is where CNI plugin binaries are stored.
+	PluginDir string `toml:"plugin_dir"`
+}
+
 // tomlConfig is another way of looking at a Config, which is
 // TOML-friendly (it has all of the explicit tables). It's just used for
 // conversions.
@@ -102,6 +112,7 @@ type tomlConfig struct {
 		API     struct{ APIConfig }     `toml:"api"`
 		Runtime struct{ RuntimeConfig } `toml:"runtime"`
 		Image   struct{ ImageConfig }   `toml:"image"`
+		Network struct{ NetworkConfig } `toml:"network"`
 	} `toml:"ocid"`
 }
 
@@ -110,6 +121,7 @@ func (t *tomlConfig) toConfig(c *Config) {
 	c.APIConfig = t.Ocid.API.APIConfig
 	c.RuntimeConfig = t.Ocid.Runtime.RuntimeConfig
 	c.ImageConfig = t.Ocid.Image.ImageConfig
+	c.NetworkConfig = t.Ocid.Network.NetworkConfig
 }
 
 func (t *tomlConfig) fromConfig(c *Config) {
@@ -117,6 +129,7 @@ func (t *tomlConfig) fromConfig(c *Config) {
 	t.Ocid.API.APIConfig = c.APIConfig
 	t.Ocid.Runtime.RuntimeConfig = c.RuntimeConfig
 	t.Ocid.Image.ImageConfig = c.ImageConfig
+	t.Ocid.Network.NetworkConfig = c.NetworkConfig
 }
 
 // FromFile populates the Config from the TOML-encoded file at the given path.
diff --git a/server/server.go b/server/server.go
index cfa2e8e0..b2e2cc3c 100644
--- a/server/server.go
+++ b/server/server.go
@@ -310,7 +310,7 @@ func New(config *Config) (*Server, error) {
 	}
 	sandboxes := make(map[string]*sandbox)
 	containers := oci.NewMemoryStore()
-	netPlugin, err := ocicni.InitCNI("")
+	netPlugin, err := ocicni.InitCNI(config.NetworkDir)
 	if err != nil {
 		return nil, err
 	}