This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Cloud Router BGP

Posted on 10-11-2022 03:46 PM
dusty_dev
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

I set up a hub VPC with 2 CRs. One for interconnects, and another for HA VPNs to connect to spoke VPCs. All CRs are set to advertise all subnets and learned routes. What do I need to allow end to end advertising of on prem prefixes learned over BGP? For eg: 10.0.0.0/24 is learned by Hub CR router that connects to the interconnect. The other Hub CR router that is used for HA VPN to other spoke VPCs should advertise the 10.0.0.0/24 down to the spoke VPC CRs. Do I need to add custom advertised subnet all along the way? I was hoping BGP dynamic propagation would take care of it. I'm not learning the routes in spoke VPCs.

0 1 1,248
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
Andre_Fiesco
Staff
Reply posted on --/--/---- --:-- AM

Do I need to add a custom advertised subnet all along the way?

Yes, you need to have a connection between them all the way. 

This is some of the information I was able to find regarding dynamic routing:

Each VPC network has an associated dynamic routing mode that controls the behavior of all of its Cloud Routers. Cloud Routers manage BGP sessions for Google Cloud connectivity products.

For a description of dynamic routing mode options, see Effects of dynamic routing mode in the Cloud Router documentation.

Route advertisements and internal IP addresses

The following IP addresses are advertised within a VPC network:

If you connect VPC networks using VPC Network Peering, subnet ranges using private IPv4 addresses are always exchanged. You can control whether subnet ranges using privately used public IPv4 addresses are exchanged. Global internal IPv4 addresses are never exchanged using peering. For additional details, see the VPC Network Peering documentation.

When you connect a VPC network to another network, such as an on-premises network, using a Google Cloud connectivity product like Cloud VPN, Cloud Interconnect, or Router appliance:

  • You can advertise the VPC network's internal IP addresses to another network (such as an on-premises network).
  • Though connectivity between a VPC network and another network (such as an on-premises network) can use private routing provided by a Google Cloud connectivity product, the other network's IP addresses might also be publicly routable. Keep this in mind if an on-premises network uses publicly routable IP addresses.
  • VM instances in a VPC network containing subnet ranges with privately used public IP addresses are not able to connect to external resources which use those same public IP addresses.
  • Take extra care when advertising privately used public IP addresses to another network (such as an on-premises network), especially when the other network can advertise those public IP addresses to the internet.

Here is more detailed information about Dynamic routing mode and a working example that can be helpful.  

0 Likes