IP addresses


Many Google Cloud resources can have internal IP addresses and external IP addresses. For example, you can assign an internal and external IP address to Compute Engine virtual machine (VM) instances. Instances use these addresses to communicate with other Google Cloud resources and external systems.

Each VM instance network interface must have one primary internal IPv4 address. Each network interface can also have one or more alias IPv4 ranges, and one external IPv4 address. If the VM is connected to a subnet that supports IPv6, each network interface can also have internal or external IPv6 addresses assigned.

An instance can communicate with instances on the same Virtual Private Cloud (VPC) network, using the VM's internal IPv4 address. If the VMs have IPv6 configured, you can also use one of the VM's internal or external IPv6 addresses. As a best practice, use internal IPv6 addresses for internal communication.

To communicate with the internet, you can use an external IPv4 or external IPv6 address configured on the instance. If no external address is configured on the instance, Cloud NAT can be used for IPv4 traffic.

Similarly, you must use the instance's external IPv4 or external IPv6 to connect to instances outside of the same VPC network. However, if the networks are connected in some way, such as by using VPC Network Peering, you can use the instance's internal IP address.

For information about identifying the internal and external IP address for your instances, see Locating the external and internal IP address for an instance.

Try it for yourself

If you're new to Google Cloud, create an account to evaluate how Compute Engine performs in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.

Try Compute Engine free

External IP addresses

If you need to communicate with the internet or with resources in another VPC network, you can assign an external IPv4 or IPv6 address to an instance. If firewall rules or hierarchical firewall policies allow the connection, sources from outside a VPC network can reach a specific resource using its external IP address. Only resources with an external IP address can directly communicate with resources outside of the VPC network. Communicating with a resource using an external IP address can cause additional billed charges.

Internal IP addresses

VM interfaces are assigned IP addresses from the subnet that they are connected to. Each VM interface has one primary internal IPv4 address, which is assigned from the subnet's primary IPv4 range. If the subnet has an internal IPv6 range, then in addition to the primary internal IPv4 address, you can optionally configure the VM interface with a primary internal IPv6 address.

Internal IPv4 addresses can be assigned in the following ways:

  • Compute Engine assigns a single IPv4 address from the primary IPv4 subnet ranges automatically.
  • You can assign a specific internal IPv4 address when you create a VM instance. You can also reserve a static internal IPv4 address for your project and assign that address to a VM instance.

Internal IPv6 addresses can be assigned to VMs that are connected to a subnet that has an internal IPv6 range in the following ways:

Instances can also have alias IP addresses and ranges. If you have more than one service running on a VM, you can assign each service its own unique IP address.

Internal DNS names

Google Cloud automatically resolves the fully qualified DNS name (FQDN) of an instance to the internal IP addresses of the instance. Internal DNS names work only within the instance's VPC network.

For more information about fully qualified domain names (FQDN), see Internal DNS.

What's next