REST Resource: routers

string

[Output Only] Type of resource. Always compute#router for routers.

string (uint64 format)

[Output Only] The unique identifier for the resource. This identifier is defined by the server.

string

[Output Only] Creation timestamp in RFC3339 text format.

string

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

string

An optional description of this resource. Provide this property when you create the resource.

string

[Output Only] URI of the region where the router resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.

string

URI of the network to which this router belongs.

object

Router interfaces. To create a BGP peer that uses a router interface, the interface must have one of the following fields specified:

• linkedVpnTunnel
• linkedInterconnectAttachment
• subnetwork

string

Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

string

URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a subnetwork.

string

URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a subnetwork.

string

IP address and range of the interface.

• For Internet Protocol version 4 (IPv4), the IP range must be in the RFC3927 link-local IP address space. The value must be a CIDR-formatted string, for example, 169.254.0.1/30. Note: Do not truncate the IP address, as it represents the IP address of the interface.
• For Internet Protocol version 6 (IPv6), the value must be a unique local address (ULA) range from fdff:1::/64 with a mask length of 126 or less. This value should be a CIDR-formatted string, for example, fc00:0:1:1::1/112. Within the router's VPC, this IPv6 prefix will be reserved exclusively for this connection and cannot be used for any other purpose.

enum

[Output Only] The resource that configures and manages this interface.

• MANAGED_BY_USER is the default value and can be managed directly by users.
• MANAGED_BY_ATTACHMENT is an interface that is configured and managed by Cloud Interconnect, specifically, by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of interface when the PARTNER InterconnectAttachment is created, updated, or deleted.

string

The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM.

string

Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundantInterface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundantInterface must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

string

The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here.

enum

IP version of this interface.

object

BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273.

string

Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

string

Name of the interface the BGP peer is associated with.

string

IP address of the interface inside Google Cloud Platform.

string

IP address of the BGP interface outside Google Cloud Platform.

integer (uint32 format)

Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value.

integer (uint32 format)

The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win.

enum

User-specified flag to indicate which mode to use for advertisement.

enum

User-specified list of prefix groups to advertise in custom mode, which currently supports the following option:

• ALL_SUBNETS: Advertises all of the router's own VPC subnets. This excludes any routes learned for subnets that use VPC Network Peering.

object

User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertiseMode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.

string

The IP range to advertise. The value must be a CIDR-formatted string.

string

User-specified description for the IP range.

enum

[Output Only] The resource that configures and manages this BGP peer.

• MANAGED_BY_USER is the default value and can be managed by you or other users
• MANAGED_BY_ATTACHMENT is a BGP peer that is configured and managed by Cloud Interconnect, specifically by an InterconnectAttachment of type PARTNER. Google automatically creates, updates, and deletes this type of BGP peer when the PARTNER InterconnectAttachment is created, updated, or deleted.

enum

The status of the BGP peer connection.

If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE.

object

BFD configuration for the BGP peering.

enum

The BFD session initialization mode for this BGP peer.

If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is DISABLED.

integer (uint32 format)

The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router.

If set, this value must be between 1000 and 30000.

The default is 1000.

integer (uint32 format)

The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router.

If set, this value must be between 1000 and 30000.

The default is 1000.

integer (uint32 format)

The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable.

If set, the value must be a value between 5 and 16.

The default is 5.

string

URI of the VM instance that is used as third-party router appliances such as Next Gen Firewalls, Virtual Routers, or Router Appliances. The VM instance must be located in zones contained in the same region as this Cloud Router. The VM instance is the peer side of the BGP session.

boolean

Enable IPv6 traffic over BGP Peer. It is enabled by default if the peerIpAddress is version 6.

string

IPv6 address of the interface inside Google Cloud Platform.

string

IPv6 address of the BGP interface outside Google Cloud Platform.

string

Present if MD5 authentication is enabled for the peering. Must be the name of one of the entries in the Router.md5_authentication_keys. The field must comply with RFC1035.

integer

The user-defined custom learned route priority for a BGP session. This value is applied to all custom learned route ranges for the session. You can choose a value from 0 to 65335. If you don't provide a value, Google Cloud assigns a priority of 100 to the ranges.

object

A list of user-defined custom learned route IP address ranges for a BGP session.

string

The custom learned route IP address range. Must be a valid CIDR-formatted prefix. If an IP address is provided without a subnet mask, it is interpreted as, for IPv4, a /32 singular IP address range, and, for IPv6, /128.

boolean

Enable IPv4 traffic over BGP Peer. It is enabled by default if the peerIpAddress is version 4.

string

IPv4 address of the interface inside Google Cloud Platform.

string

IPv4 address of the BGP interface outside Google Cloud Platform.

string

routers.list of export policies applied to this peer, in the order they must be evaluated. The name must correspond to an existing policy that has ROUTE_POLICY_TYPE_EXPORT type.

Note that Route Policies are currently available in preview. Please use Beta API to use Route Policies.

string

routers.list of import policies applied to this peer, in the order they must be evaluated. The name must correspond to an existing policy that has ROUTE_POLICY_TYPE_IMPORT type.

Note that Route Policies are currently available in preview. Please use Beta API to use Route Policies.

object

BGP information specific to this router.

integer (uint32 format)

Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN.

enum

User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM.

enum

User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertiseMode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups.

object

User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertiseMode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges.

string

The IP range to advertise. The value must be a CIDR-formatted string.

string

User-specified description for the IP range.

integer (uint32 format)

The interval in seconds between BGP keepalive messages that are sent to the peer.

Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer.

BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers.

If set, this value must be between 20 and 60. The default is 20.

string

Explicitly specifies a range of valid BGP Identifiers for this Router. It is provided as a link-local IPv4 range (from 169.254.0.0/16), of size at least /30, even if the BGP sessions are over IPv6. It must not overlap with any IPv4 BGP session ranges.

Other vendors commonly call this "router ID".

string

[Output Only] Server-defined URL for the resource.

object

A list of NAT services created in this router.

string

Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035.

enum

Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC.

enum

The network tier to use when automatically reserving NAT IP addresses. Must be one of: PREMIUM, STANDARD. If not specified, then the current  project-level default tier is used.

enum

routers.list of NAT-ted endpoint types supported by the Nat Gateway. If the list is empty, then it will be equivalent to include ENDPOINT_TYPE_VM

enum

Specify the Nat option, which can take one of the following values:

• ALL_SUBNETWORKS_ALL_IP_RANGES: All of the IP ranges in every Subnetwork are allowed to Nat.
• ALL_SUBNETWORKS_ALL_PRIMARY_IP_RANGES: All of the primary IP ranges in every Subnetwork are allowed to Nat.
• LIST_OF_SUBNETWORKS: A list of Subnetworks are allowed to Nat (specified in the field subnetwork below)

object

A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above.

string

URL for the subnetwork resource that will use NAT.

enum

Specify the options for NAT ranges in the Subnetwork. All options of a single value are valid except NAT_IP_RANGE_OPTION_UNSPECIFIED. The only valid option with multiple values is: ["PRIMARY_IP_RANGE", "LIST_OF_SECONDARY_IP_RANGES"] Default: [ALL_IP_RANGES]

string

A list of the secondary ranges of the Subnetwork that are allowed to use NAT. This can be populated only if "LIST_OF_SECONDARY_IP_RANGES" is one of the values in sourceIpRangesToNat.

string

A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project.

string

A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only.

enum

Specify the NatIpAllocateOption, which can take one of the following values:

• MANUAL_ONLY: Uses only Nat IP addresses provided by customers. When there are not enough specified Nat IPs, the Nat service fails for new VMs.
• AUTO_ONLY: Nat IPs are allocated by Google Cloud Platform; customers can't specify any Nat IPs. When choosing AUTO_ONLY, then natIp should be empty.

integer

Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM.

integer

Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled.

If Dynamic Port Allocation is not enabled, this field has no effect.

If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set.

If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config.

boolean

Enable Dynamic Port Allocation.

If not specified, it is disabled by default.

If set to true,

• Dynamic Port Allocation will be enabled on this NAT config.
• enableEndpointIndependentMapping cannot be set to true.
• If minPorts is set, minPortsPerVm must be set to a power of two greater than or equal to 32. If minPortsPerVm is not set, a minimum of 32 ports will be allocated to a VM from this NAT config.

integer

Timeout (in seconds) for UDP connections. Defaults to 30s if not set.

integer

Timeout (in seconds) for ICMP connections. Defaults to 30s if not set.

integer

Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set.

integer

Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set.

integer

Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set.

object

Configure logging on this NAT.

boolean

Indicates whether or not to export logs. This is false by default.

enum

Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:

• ERRORS_ONLY: Export logs only for connection failures.
• TRANSLATIONS_ONLY: Export logs only for successful connections.
• ALL: Export logs for all connections, successful and unsuccessful.

object

A list of rules associated with this NAT.

integer (uint32 format)

An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT.

string

An optional description of this rule.

string

CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding action is enforced.

The following examples are valid match expressions for public NAT:

inIpRange(destination.ip, '1.1.0.0/16') || inIpRange(destination.ip, '2.2.0.0/16')

destination.ip == '1.1.0.1' || destination.ip == '8.8.8.8'

The following example is a valid match expression for private NAT:

nexthop.hub == '//networkconnectivity.googleapis.com/projects/my-project/locations/global/hubs/hub-1'

object

The action to be enforced for traffic that matches this rule.

string

A list of URLs of the IP resources used for this NAT rule. These IP addresses must be valid static external IP addresses assigned to the project. This field is used for public NAT.

string

A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT rule only. This field is used for public NAT.

string

A list of URLs of the subnetworks used as source ranges for this NAT Rule. These subnetworks must have purpose set to PRIVATE_NAT. This field is used for private NAT.

string

A list of URLs of subnetworks representing source ranges to be drained. This is only supported on patch/update, and these subnetworks must have previously been used as active ranges in this NAT Rule. This field is used for private NAT.

boolean

boolean

Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments).

object

Keys used for MD5 authentication.

string

Name used to identify the key.

Must be unique within a router. Must be referenced by exactly one bgpPeer. Must comply with RFC1035.

string

[Input only] Value of the key.

For patch and update calls, it can be skipped to copy the value from the previous configuration. This is allowed if the key with the same name existed before the operation. Maximum length is 80 characters. Can only contain printable ASCII characters.