Carrier Peering enables you to access Google applications, such as G Suite, by using a service provider to obtain enterprise-grade network services that connect your infrastructure to Google.
When connecting to Google through a service provider, you can get connections with higher availability and lower latency, using one or more links. Work with your service provider to get the connection you need.
Unless you need to access G Suite applications as described in the use case below, Partner Interconnect is the recommended way to connect to Google through a service provider. Refer to the Considerations to choose a product.
To access G Suite applications from an on-premises network, an organization might need a DMZ (perimeter network) to reach Google's network. The DMZ enables organizations to expose an isolated subnetwork to the public Internet instead of their entire network. Instead of setting up and maintaining a DMZ, the organization can work with a service provider so that their traffic travels on a dedicated link from their systems to Google. With the dedicated link, the organization gets a higher availability and lower latency connection to Google's network.
If used with Google Cloud, Carrier Peering doesn't produce any custom routes in a VPC network. Traffic sent from resources in a VPC network leaves by way of a route whose next hop is either a default Internet gateway (a default route, for example) or a Cloud VPN tunnel.
To send traffic through Carrier Peering using a route whose next hop is a Cloud VPN tunnel, the IP address of your on-premises network's VPN gateway must be in your configured destination range.
Carrier Peering exists outside of Google Cloud. Instead of Carrier Peering, the recommended methods of access to Google Cloud are Partner Interconnect, which uses a service provider, or Dedicated Interconnect, which provides a direct connection to Google.
See the next section to determine which of these solutions is right for you.
How to choose
The following table describes the differences between Direct Peering and Cloud Interconnect.
|Carrier Peering||Cloud Interconnect|
|Can be used by Google Cloud, but does not require it||Requires Google Cloud|
|Gives you direct access to G Suite and Google services, including the full suite of Google Cloud products, from your on-premises network through a service provider's network.||Does not give you access to G Suite, but gives you access to all other Google Cloud products and services from your on-premises network. Also allows access to supported APIs and services using Private Google Access from on-premises hosts.|
|Has service provider costs||Has maintenance costs (pricing)|
|Reduced Internet egress rates to your on-premises network from Google Cloud resources in the same continental location and in an enabled project (details)||Standard egress rates for traffic sent through an interconnect apply (pricing)|
|Connects to Google's edge network through a service provider||Connects to Google's edge network|
|Does not use any Google Cloud objects; configuration is opaque to Google Cloud projects||Uses Google Cloud objects, such as interconnects, interconnect attachments (VLANs), and Cloud Routers|
|You need to contact Google if you need to change the destination IP address ranges to your on-premises network.||You can easily change the destination IP address ranges for your on-premises network by adjusting the routes that your routers share with Cloud Routers in your project.|
|Routes to your on-premises network do not appear in any VPC network of your Google Cloud project.||Routes to your on-premises network are learned by Cloud Routers in your project and applied as custom dynamic routes in your VPC network.|
Google Cloud egress traffic through Carrier Peering connections is billed to the originating Google Cloud project at the following rates:
- NA: $0.04/GB
- EU: $0.05/GB
- APAC: $0.06/GB
To receive this pricing, you must notify the Google sales team after signing up with one of the providers. All other traffic, including ingress traffic through the connection, is billed at standard Google Cloud Platform rates.
Google Cloud Platform traffic sent to an in-region connection is charged in a similar manner to the Direct Peering pricing structure.
Service Provider fees:
Consult your service provider to find out what they will charge to provide connections to you.
Review the list of service providers and choose the option that best suit your needs.
Where are the connections physically located?
Service providers offer service in a range of locations around the world. Please contact them for local availability of their service. Please note that Google and its networking partners are working to increase the number of locations throughout the world where Google's networks connect with carrier networks to deliver the best possible experience.
Can I purchase connections from multiple service providers?
Yes, you can purchase from multiple service providers. Doing so may be helpful in situations where you want to connect disparate parts of your WAN that are managed and provisioned separately by different providers. In such a case, you would have a commercial relationship with both providers for connectivity.
Does Google offer a Service Level Agreement (SLA)?
Customers should consult with their network service provider to determine whether that provider may offer an SLA. Google does not offer an SLA with this program
Is the Carrier Peering connection secure?
Google has no control over the connection traffic while it traverses the provider's network; we encourage customers who have security needs to consider using strong encryption.
Can I connect to the Internet via this connection?
No, you cannot connect to non Google services through the Carrier Peering connection.