To connect to a resource in an external network (an on-premises network or another Virtual Private Cloud (VPC) network), the external network and Cloud Data Fusion instance must be connected through the same VPC network.
To connect an external network to the Cloud Data Fusion VPC network using Cloud VPN tunnels with border gateway protocol (BGP) routing or VLAN attachments, do the following:
- Ensure your VPC network is connected to the external network using a Cloud VPN tunnel or a VLAN attachment for Dedicated Interconnect or Partner Interconnect.
- Ensure the BGP sessions on the Cloud Router managing your Cloud VPN tunnels or VLAN attachments have received specific prefixes (destinations) from your external network. Default routes (destination 0.0.0.0/0) cannot be imported into the Cloud Data Fusion VPC network because that network has its own local default route. Local routes for a destination are always used, even though the Cloud Data Fusion peering is configured to import custom routes from your VPC network.
- Identify the peering connections
produced by the private services connection. Depending on the service, the
private services connection might create one or more of the following peering
connections, but not necessarily all of them:
datafusion-googleapis-comservicenetworking-googleapis-com
- Update all of the peering connections to enable Export custom routes.
- Identify the allocated range used by the private services connection.
- Create a Cloud Router custom route advertisement for the allocated range on the Cloud Routers managing BGP sessions for your Cloud VPN tunnels or VLAN attachments.
What's next
- Learn how to create a private instance in Cloud Data Fusion.