IP addresses


Many Google Cloud resources can have internal IP addresses and external IP addresses. For example, you can assign an internal and external IP address to Compute Engine virtual machine (VM) instances. Instances use these addresses to communicate with other Google Cloud resources and external systems.

Each VM instance network interface must have one primary internal IPv4 address. Each network interface can also have one or more alias IPv4 ranges, and one external IPv4 address. If the VM is connected to a subnet that supports IPv6, each network interface can also have internal or external IPv6 addresses assigned.

An instance can communicate with instances on the same Virtual Private Cloud (VPC) network, using the VM's internal IPv4 address. If the VMs have IPv6 configured, you can also use one of the VM's internal or external IPv6 addresses. As a best practice, use internal IPv6 addresses for internal communication.

To communicate with the internet, you can use an external IPv4 or external IPv6 address configured on the instance. If no external address is configured on the instance, Cloud NAT can be used for IPv4 traffic.

Similarly, you must use the instance's external IPv4 or external IPv6 to connect to instances outside of the same VPC network. However, if the networks are connected in some way, such as by using VPC Network Peering, you can use the instance's internal IP address.

For information about identifying the internal and external IP address for your instances, see View the network configuration for an instance.

Try it for yourself

If you're new to Google Cloud, create an account to evaluate how Compute Engine performs in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.

Try Compute Engine free

External IP addresses

If you need to communicate with the internet or with resources in another VPC network, you can assign an external IPv4 or IPv6 address to an instance. If firewall policy rules or hierarchical firewall policies allow the connection, sources from outside a VPC network can reach a specific resource using its external IP address. Resources with an external IP address can directly communicate with resources outside of the VPC network. VMs that are in different VPC networks can communicate using internal IP addresses in certain situations, like when the VPC networks are peered; these VMs don't need external IP addresses. Communicating with a resource using an external IP address can cause additional billed charges.

You can also reserve a static external address from the subnet's IPv4 or IPv6 range and assign it to an instance.

Internal IP addresses

VM interfaces are assigned IP addresses from the subnet that they are connected to. Each VM interface has one primary internal IPv4 address, which is assigned from the subnet's primary IPv4 range. If the subnet has an internal IPv6 range, then in addition to the primary internal IPv4 address, you can optionally configure the VM interface with a primary internal IPv6 address.

Internal IPv4 addresses can be assigned in the following ways:

  • Compute Engine assigns a single IPv4 address from the primary IPv4 subnet ranges automatically.
  • You can assign a specific internal IPv4 address when you create a VM instance.

Internal IPv6 addresses can be assigned to VMs that are connected to a subnet that has an internal IPv6 range in the following ways:

You can also reserve a static internal address from the subnet's IPv4 or IPv6 range and assign it to an instance.

Instances can also have alias IP addresses and ranges. If you have more than one service running on a VM, you can assign each service its own unique IP address.

Internal DNS names

Google Cloud automatically resolves the fully qualified DNS name (FQDN) of an instance to the internal IP addresses of the instance. Internal DNS names work only within the instance's VPC network.

For more information about fully qualified domain names (FQDN), see Internal DNS.

Regional and global IP addresses

When you list or describe IP addresses in your project, Google Cloud labels addresses as global or regional, which indicates how a particular address is being used. When you associate an address with a regional resource, such as a VM, Google Cloud labels the address as regional. Regions are Google Cloud regions, such as us-east4 or europe-west2.

Global IP addresses are used in the following configurations:

For instructions on how to create a global IP address, see Reserve a new static external IP address.

What's next