Resource: Router
Represents a Cloud Router resource.
For more information about Cloud Router, read the Cloud Router overview.
JSON representation |
---|
{ "kind": string, "id": string, "creationTimestamp": string, "name": string, "description": string, "region": string, "network": string, "interfaces": [ { "name": string, "linkedVpnTunnel": string, "linkedInterconnectAttachment": string, "ipRange": string, "managementType": enum, "privateIpAddress": string, "redundantInterface": string, "subnetwork": string, "ipVersion": enum } ], "bgpPeers": [ { "name": string, "interfaceName": string, "ipAddress": string, "peerIpAddress": string, "peerAsn": integer, "advertisedRoutePriority": integer, "advertiseMode": enum, "advertisedGroups": [ enum ], "advertisedIpRanges": [ { "range": string, "description": string } ], "managementType": enum, "enable": enum, "bfd": { "sessionInitializationMode": enum, "minTransmitInterval": integer, "minReceiveInterval": integer, "multiplier": integer }, "routerApplianceInstance": string, "enableIpv6": boolean, "ipv6NexthopAddress": string, "peerIpv6NexthopAddress": string, "md5AuthenticationKeyName": string, "customLearnedRoutePriority": integer, "customLearnedIpRanges": [ { "range": string } ], "enableIpv4": boolean, "ipv4NexthopAddress": string, "peerIpv4NexthopAddress": string, "exportPolicies": [ string ], "importPolicies": [ string ] } ], "bgp": { "asn": integer, "advertiseMode": enum, "advertisedGroups": [ enum ], "advertisedIpRanges": [ { "range": string, "description": string } ], "keepaliveInterval": integer, "identifierRange": string }, "selfLink": string, "nats": [ { "name": string, "type": enum, "autoNetworkTier": enum, "endpointTypes": [ enum ], "sourceSubnetworkIpRangesToNat": enum, "subnetworks": [ { "name": string, "sourceIpRangesToNat": [ enum ], "secondaryIpRangeNames": [ string ] } ], "natIps": [ string ], "drainNatIps": [ string ], "natIpAllocateOption": enum, "minPortsPerVm": integer, "maxPortsPerVm": integer, "enableDynamicPortAllocation": boolean, "udpIdleTimeoutSec": integer, "icmpIdleTimeoutSec": integer, "tcpEstablishedIdleTimeoutSec": integer, "tcpTransitoryIdleTimeoutSec": integer, "tcpTimeWaitTimeoutSec": integer, "logConfig": { "enable": boolean, "filter": enum }, "rules": [ { "ruleNumber": integer, "description": string, "match": string, "action": { "sourceNatActiveIps": [ string ], "sourceNatDrainIps": [ string ], "sourceNatActiveRanges": [ string ], "sourceNatDrainRanges": [ string ] } } ], "enableEndpointIndependentMapping": boolean } ], "encryptedInterconnectRouter": boolean, "md5AuthenticationKeys": [ { "name": string, "key": string } ] } |
Fields | |
---|---|
kind |
[Output Only] Type of resource. Always |
id |
[Output Only] The unique identifier for the resource. This identifier is defined by the server. |
creationTimestamp |
[Output Only] Creation timestamp in RFC3339 text format. |
name |
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression |
description |
An optional description of this resource. Provide this property when you create the resource. |
region |
[Output Only] URI of the region where the router resides. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body. |
network |
URI of the network to which this router belongs. |
interfaces[] |
Router interfaces. To create a BGP peer that uses a router interface, the interface must have one of the following fields specified:
|
interfaces[].name |
Name of this interface entry. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression |
interfaces[].linkedVpnTunnel |
URI of the linked VPN tunnel, which must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a subnetwork. |
interfaces[].linkedInterconnectAttachment |
URI of the linked Interconnect attachment. It must be in the same region as the router. Each interface can have one linked resource, which can be a VPN tunnel, an Interconnect attachment, or a subnetwork. |
interfaces[].ipRange |
IP address and range of the interface.
|
interfaces[].managementType |
[Output Only] The resource that configures and manages this interface.
|
interfaces[].privateIpAddress |
The regional private internal IP address that is used to establish BGP sessions to a VM instance acting as a third-party Router Appliance, such as a Next Gen Firewall, a Virtual Router, or an SD-WAN VM. |
interfaces[].redundantInterface |
Name of the interface that will be redundant with the current interface you are creating. The redundantInterface must belong to the same Cloud Router as the interface here. To establish the BGP session to a Router Appliance VM, you must create two BGP peers. The two BGP peers must be attached to two separate interfaces that are redundant with each other. The redundantInterface must be 1-63 characters long, and comply with RFC1035. Specifically, the redundantInterface must be 1-63 characters long and match the regular expression |
interfaces[].subnetwork |
The URI of the subnetwork resource that this interface belongs to, which must be in the same region as the Cloud Router. When you establish a BGP session to a VM instance using this interface, the VM instance must belong to the same subnetwork as the subnetwork specified here. |
interfaces[].ipVersion |
IP version of this interface. |
bgpPeers[] |
BGP information that must be configured into the routing stack to establish BGP peering. This information must specify the peer ASN and either the interface name, IP address, or peer IP address. Please refer to RFC4273. |
bgpPeers[].name |
Name of this BGP peer. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression |
bgpPeers[].interfaceName |
Name of the interface the BGP peer is associated with. |
bgpPeers[].ipAddress |
IP address of the interface inside Google Cloud Platform. |
bgpPeers[].peerIpAddress |
IP address of the BGP interface outside Google Cloud Platform. |
bgpPeers[].peerAsn |
Peer BGP Autonomous System Number (ASN). Each BGP interface may use a different value. |
bgpPeers[].advertisedRoutePriority |
The priority of routes advertised to this BGP peer. Where there is more than one matching route of maximum length, the routes with the lowest priority value win. |
bgpPeers[].advertiseMode |
User-specified flag to indicate which mode to use for advertisement. |
bgpPeers[].advertisedGroups[] |
User-specified list of prefix groups to advertise in custom mode, which currently supports the following option:
|
bgpPeers[].advertisedIpRanges[] |
User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertiseMode is CUSTOM and overrides the list defined for the router (in the "bgp" message). These IP ranges are advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges. |
bgpPeers[].advertisedIpRanges[].range |
The IP range to advertise. The value must be a CIDR-formatted string. |
bgpPeers[].advertisedIpRanges[].description |
User-specified description for the IP range. |
bgpPeers[].managementType |
[Output Only] The resource that configures and manages this BGP peer.
|
bgpPeers[].enable |
The status of the BGP peer connection. If set to FALSE, any active session with the peer is terminated and all associated routing information is removed. If set to TRUE, the peer connection can be established with routing information. The default is TRUE. |
bgpPeers[].bfd |
BFD configuration for the BGP peering. |
bgpPeers[].bfd.sessionInitializationMode |
The BFD session initialization mode for this BGP peer. If set to ACTIVE, the Cloud Router will initiate the BFD session for this BGP peer. If set to PASSIVE, the Cloud Router will wait for the peer router to initiate the BFD session for this BGP peer. If set to DISABLED, BFD is disabled for this BGP peer. The default is DISABLED. |
bgpPeers[].bfd.minTransmitInterval |
The minimum interval, in milliseconds, between BFD control packets transmitted to the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the corresponding receive interval of the other router. If set, this value must be between 1000 and 30000. The default is 1000. |
bgpPeers[].bfd.minReceiveInterval |
The minimum interval, in milliseconds, between BFD control packets received from the peer router. The actual value is negotiated between the two routers and is equal to the greater of this value and the transmit interval of the other router. If set, this value must be between 1000 and 30000. The default is 1000. |
bgpPeers[].bfd.multiplier |
The number of consecutive BFD packets that must be missed before BFD declares that a peer is unavailable. If set, the value must be a value between 5 and 16. The default is 5. |
bgpPeers[].routerApplianceInstance |
URI of the VM instance that is used as third-party router appliances such as Next Gen Firewalls, Virtual Routers, or Router Appliances. The VM instance must be located in zones contained in the same region as this Cloud Router. The VM instance is the peer side of the BGP session. |
bgpPeers[].enableIpv6 |
Enable IPv6 traffic over BGP Peer. It is enabled by default if the peerIpAddress is version 6. |
bgpPeers[].ipv6NexthopAddress |
IPv6 address of the interface inside Google Cloud Platform. |
bgpPeers[].peerIpv6NexthopAddress |
IPv6 address of the BGP interface outside Google Cloud Platform. |
bgpPeers[].md5AuthenticationKeyName |
Present if MD5 authentication is enabled for the peering. Must be the name of one of the entries in the Router.md5_authentication_keys. The field must comply with RFC1035. |
bgpPeers[].customLearnedRoutePriority |
The user-defined custom learned route priority for a BGP session. This value is applied to all custom learned route ranges for the session. You can choose a value from |
bgpPeers[].customLearnedIpRanges[] |
A list of user-defined custom learned route IP address ranges for a BGP session. |
bgpPeers[].customLearnedIpRanges[].range |
The custom learned route IP address range. Must be a valid CIDR-formatted prefix. If an IP address is provided without a subnet mask, it is interpreted as, for IPv4, a |
bgpPeers[].enableIpv4 |
Enable IPv4 traffic over BGP Peer. It is enabled by default if the peerIpAddress is version 4. |
bgpPeers[].ipv4NexthopAddress |
IPv4 address of the interface inside Google Cloud Platform. |
bgpPeers[].peerIpv4NexthopAddress |
IPv4 address of the BGP interface outside Google Cloud Platform. |
bgpPeers[].exportPolicies[] |
routers.list of export policies applied to this peer, in the order they must be evaluated. The name must correspond to an existing policy that has ROUTE_POLICY_TYPE_EXPORT type. Note that Route Policies are currently available in preview. Please use Beta API to use Route Policies. |
bgpPeers[].importPolicies[] |
routers.list of import policies applied to this peer, in the order they must be evaluated. The name must correspond to an existing policy that has ROUTE_POLICY_TYPE_IMPORT type. Note that Route Policies are currently available in preview. Please use Beta API to use Route Policies. |
bgp |
BGP information specific to this router. |
bgp.asn |
Local BGP Autonomous System Number (ASN). Must be an RFC6996 private ASN, either 16-bit or 32-bit. The value will be fixed for this router resource. All VPN tunnels that link to this router will have the same local ASN. |
bgp.advertiseMode |
User-specified flag to indicate which mode to use for advertisement. The options are DEFAULT or CUSTOM. |
bgp.advertisedGroups[] |
User-specified list of prefix groups to advertise in custom mode. This field can only be populated if advertiseMode is CUSTOM and is advertised to all peers of the router. These groups will be advertised in addition to any specified prefixes. Leave this field blank to advertise no custom groups. |
bgp.advertisedIpRanges[] |
User-specified list of individual IP ranges to advertise in custom mode. This field can only be populated if advertiseMode is CUSTOM and is advertised to all peers of the router. These IP ranges will be advertised in addition to any specified groups. Leave this field blank to advertise no custom IP ranges. |
bgp.advertisedIpRanges[].range |
The IP range to advertise. The value must be a CIDR-formatted string. |
bgp.advertisedIpRanges[].description |
User-specified description for the IP range. |
bgp.keepaliveInterval |
The interval in seconds between BGP keepalive messages that are sent to the peer. Hold time is three times the interval at which keepalive messages are sent, and the hold time is the maximum number of seconds allowed to elapse between successive keepalive messages that BGP receives from a peer. BGP will use the smaller of either the local hold time value or the peer's hold time value as the hold time for the BGP connection between the two peers. If set, this value must be between 20 and 60. The default is 20. |
bgp.identifierRange |
Explicitly specifies a range of valid BGP Identifiers for this Router. It is provided as a link-local IPv4 range (from 169.254.0.0/16), of size at least /30, even if the BGP sessions are over IPv6. It must not overlap with any IPv4 BGP session ranges. Other vendors commonly call this "router ID". |
selfLink |
[Output Only] Server-defined URL for the resource. |
nats[] |
A list of NAT services created in this router. |
nats[].name |
Unique name of this Nat service. The name must be 1-63 characters long and comply with RFC1035. |
nats[].type |
Indicates whether this NAT is used for public or private IP translation. If unspecified, it defaults to PUBLIC. |
nats[].autoNetworkTier |
The network tier to use when automatically reserving NAT IP addresses. Must be one of: PREMIUM, STANDARD. If not specified, then the current project-level default tier is used. |
nats[].endpointTypes[] |
routers.list of NAT-ted endpoint types supported by the Nat Gateway. If the list is empty, then it will be equivalent to include ENDPOINT_TYPE_VM |
nats[].sourceSubnetworkIpRangesToNat |
Specify the Nat option, which can take one of the following values:
|
nats[].subnetworks[] |
A list of Subnetwork resources whose traffic should be translated by NAT Gateway. It is used only when LIST_OF_SUBNETWORKS is selected for the SubnetworkIpRangeToNatOption above. |
nats[].subnetworks[].name |
URL for the subnetwork resource that will use NAT. |
nats[].subnetworks[].sourceIpRangesToNat[] |
Specify the options for NAT ranges in the Subnetwork. All options of a single value are valid except NAT_IP_RANGE_OPTION_UNSPECIFIED. The only valid option with multiple values is: ["PRIMARY_IP_RANGE", "LIST_OF_SECONDARY_IP_RANGES"] Default: [ALL_IP_RANGES] |
nats[].subnetworks[].secondaryIpRangeNames[] |
A list of the secondary ranges of the Subnetwork that are allowed to use NAT. This can be populated only if "LIST_OF_SECONDARY_IP_RANGES" is one of the values in sourceIpRangesToNat. |
nats[].natIps[] |
A list of URLs of the IP resources used for this Nat service. These IP addresses must be valid static external IP addresses assigned to the project. |
nats[].drainNatIps[] |
A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT only. |
nats[].natIpAllocateOption |
Specify the NatIpAllocateOption, which can take one of the following values:
|
nats[].minPortsPerVm |
Minimum number of ports allocated to a VM from this NAT config. If not set, a default number of ports is allocated to a VM. This is rounded up to the nearest power of 2. For example, if the value of this field is 50, at least 64 ports are allocated to a VM. |
nats[].maxPortsPerVm |
Maximum number of ports allocated to a VM from this NAT config when Dynamic Port Allocation is enabled. If Dynamic Port Allocation is not enabled, this field has no effect. If Dynamic Port Allocation is enabled, and this field is set, it must be set to a power of two greater than minPortsPerVm, or 64 if minPortsPerVm is not set. If Dynamic Port Allocation is enabled and this field is not set, a maximum of 65536 ports will be allocated to a VM from this NAT config. |
nats[].enableDynamicPortAllocation |
Enable Dynamic Port Allocation. If not specified, it is disabled by default. If set to true,
|
nats[].udpIdleTimeoutSec |
Timeout (in seconds) for UDP connections. Defaults to 30s if not set. |
nats[].icmpIdleTimeoutSec |
Timeout (in seconds) for ICMP connections. Defaults to 30s if not set. |
nats[].tcpEstablishedIdleTimeoutSec |
Timeout (in seconds) for TCP established connections. Defaults to 1200s if not set. |
nats[].tcpTransitoryIdleTimeoutSec |
Timeout (in seconds) for TCP transitory connections. Defaults to 30s if not set. |
nats[].tcpTimeWaitTimeoutSec |
Timeout (in seconds) for TCP connections that are in TIME_WAIT state. Defaults to 120s if not set. |
nats[].logConfig |
Configure logging on this NAT. |
nats[].logConfig.enable |
Indicates whether or not to export logs. This is false by default. |
nats[].logConfig.filter |
Specify the desired filtering of logs on this NAT. If unspecified, logs are exported for all connections handled by this NAT. This option can take one of the following values:
|
nats[].rules[] |
A list of rules associated with this NAT. |
nats[].rules[].ruleNumber |
An integer uniquely identifying a rule in the list. The rule number must be a positive value between 0 and 65000, and must be unique among rules within a NAT. |
nats[].rules[].description |
An optional description of this rule. |
nats[].rules[].match |
CEL expression that specifies the match condition that egress traffic from a VM is evaluated against. If it evaluates to true, the corresponding The following examples are valid match expressions for public NAT:
The following example is a valid match expression for private NAT:
|
nats[].rules[].action |
The action to be enforced for traffic that matches this rule. |
nats[].rules[].action.sourceNatActiveIps[] |
A list of URLs of the IP resources used for this NAT rule. These IP addresses must be valid static external IP addresses assigned to the project. This field is used for public NAT. |
nats[].rules[].action.sourceNatDrainIps[] |
A list of URLs of the IP resources to be drained. These IPs must be valid static external IPs that have been assigned to the NAT. These IPs should be used for updating/patching a NAT rule only. This field is used for public NAT. |
nats[].rules[].action.sourceNatActiveRanges[] |
A list of URLs of the subnetworks used as source ranges for this NAT Rule. These subnetworks must have purpose set to PRIVATE_NAT. This field is used for private NAT. |
nats[].rules[].action.sourceNatDrainRanges[] |
A list of URLs of subnetworks representing source ranges to be drained. This is only supported on patch/update, and these subnetworks must have previously been used as active ranges in this NAT Rule. This field is used for private NAT. |
nats[].enableEndpointIndependentMapping |
|
encryptedInterconnectRouter |
Indicates if a router is dedicated for use with encrypted VLAN attachments (interconnectAttachments). |
md5AuthenticationKeys[] |
Keys used for MD5 authentication. |
md5AuthenticationKeys[].name |
Name used to identify the key. Must be unique within a router. Must be referenced by exactly one bgpPeer. Must comply with RFC1035. |
md5AuthenticationKeys[].key |
[Input only] Value of the key. For patch and update calls, it can be skipped to copy the value from the previous configuration. This is allowed if the key with the same name existed before the operation. Maximum length is 80 characters. Can only contain printable ASCII characters. |
Methods |
|
---|---|
|
Retrieves an aggregated list of routers. |
|
Deletes the specified Router resource. |
|
Returns the specified Router resource. |
|
Retrieves runtime NAT IP information. |
|
Retrieves runtime Nat mapping information of VM endpoints. |
|
Retrieves runtime information of the specified router. |
|
Creates a Router resource in the specified project and region using the data included in the request. |
|
Retrieves a list of Router resources available to the specified project. |
|
Patches the specified Router resource with the data included in the request. |
|
Preview fields auto-generated during router create and update operations. |
|
Updates the specified Router resource with the data included in the request. |