Using Routes

This page describes creating and working with Google Cloud Platform (GCP) Virtual Private Cloud (VPC) routes. A route tells the network where to forward packets that have a destination IP address that matches the route. Review the Routes Overview before attempting to modify your VPC network's routing table.

Every network has auto-created routes that handle routing within the VPC network and to the Internet. You can create routes that override these routes if you want packets to be forwarded to a VPN tunnel, a specially configured instance, or some other destination other than the one specified by the auto-created routes.

Listing routes

To see what routes a network has already, you can list your current routes.

Console

Go to the Routes page in the Google Cloud Platform Console.
Go to the Routes page

gcloud

gcloud compute routes list

Describing routes

You can view details on individual routes.

Console

  1. Go to the Routes page in the Google Cloud Platform Console.
    Go to the Routes page
  2. Click the name of a route.

gcloud

gcloud compute routes describe [ROUTE]

Adding a route

See the parameters for Individual routes for explanations of the possible fields.

Console

  1. Go to the Routes page in the Google Cloud Platform Console.
    Go to the Routes page
  2. Click Create route.
  3. Specify a Name for the route.
  4. Select the Network where you want to create the route.
  5. Specify the Destination IP range for the route.
  6. Specify the Priority of the route.
  7. Specify Instance tags if you only want the route to apply to instances with that tag.
  8. Specify the Next hop for the route.
    • Specify Default internet gateway if you want the route to send packets out of the network via the subnet's default gateway.
    • Select Specify an instance and select an instance if you want the route to forward traffic to a particular instance.
    • Select Specify IP address and specify an IP address if you want the route to send traffic to that IP address.
    • Select Specify VPN tunnel and select a tunnel if you want the route to send traffic to a Cloud VPN tunnel.
  9. Click Create.

gcloud

gcloud compute routes create [ROUTE] \
--destination-range [DEST_RANGE] \
--network [NETWORK]\
[--next-hop-address=[ADDRESS]] |
[--next-hop-gateway=default-internet-gateway]  |
[--next-hop-instance=[INSTANCE_NAME] |
[--next-hop-vpn-tunnel=[VPN_TUNNEL]]

One and only one of the following must be specified for a given route:

  • --next-hop-address=[ADDRESS] - specify the --next-hop-address flag and an IP address if you want the route to to send traffic to that IP address.
  • --next-hop-gateway=default-internet-gateway - specify this flag and the default-internet-gateway parameter if you want the route to send packets out of the network via the subnet's default gateway.
  • --next-hop-instance=[INSTANCE_NAME] - specify this flag and the name of an instance if you want the route to forward traffic to a particular instance.
  • --next-hop-vpn-tunnel=[VPN_TUNNEL] - specify this flag and a tunnel name if you want the route to send traffic to a Cloud VPN tunnel.

See the SDK documentation for more details.

Deleting a route

You can delete a route that you don't want anymore.

Console

  1. Go to the Routes page in the Google Cloud Platform Console.
    Go to the Routes page
  2. Select the checkbox next to the rule you want to delete.
  3. Click Delete.
  4. Click Delete to confirm.

gcloud

gcloud compute routes delete [ROUTE]

Enabling IP forwarding for instances

By default, a Compute Engine instance cannot forward a packet unless the source IP address of packet matches the IP address of the instance. Similarly, Compute Engine won't deliver a packet whose destination IP address is different than the IP address of the instance receiving the packet. However, both capabilities are required if you want to use instances to help route packets. To disable this source and destination IP check, enable the canIpForward field, which allows an instance to send and receive packets with non-matching destination or source IPs.

Console

  1. Go to the VM instances page.
    Go to the VM instances page
  2. Click the Create instance button.
  3. Click Management, disk, networking, SSH keys.
  4. Click Networking.
  5. Set IP forwarding to On.
  6. Specify any other instance parameters you desire.
  7. Click Create.

gcloud

To set the canIpForward field using the gcloud command-line tool, use the --can-ip-forward flag when creating your instance:

gcloud compute instances create ... --can-ip-forward

What's next

Monitor your resources on the go

Get the Google Cloud Console app to help you manage your projects.

Send feedback about...

Compute Engine Documentation