Creating VLAN Attachments

A VLAN attachment (also known as an InterconnectAttachment) allocates a VLAN on an interconnect and associates that VLAN with a single Cloud Router. Use VLAN attachments to control which VPC networks can reach your on-premises network through an interconnect. Note that each VLAN attachment has a data transfer rate of up to 10 Gbps.

You can create VLAN attachments for interconnects that have passed all tests and are ready to use. When you create the VLAN attachment, specify a Cloud Router that's in the region containing the subnets that you want to reach. The VLAN attachment automatically allocates a VLAN and BGP peering IP addresses. Use that information to configure your on-premises router and establish a BGP session with Cloud Router.

Billing for VLAN attachments start as soon as create them and stop as soon as you delete them.

Console

  1. Go to the Interconnects page in the Google Cloud Platform Console.
    Go to Interconnects page
  2. For the interconnect that you want to configure, select Configure.
  3. Select Add VLAN attachment to attach a new VLAN to your interconnect.
    • Name — A name for the attachment. This name is displayed in the console and used by the gcloud command-line tool to reference the interconnect, such as my-attachment.
    • Router — A Cloud Router to associate with this attachment. The Cloud Router must be in the VPC network that you want to connect to. If you don't have an existing Cloud Router, create one. Use any private ASN (64512-65535 or 4200000000-4294967294) for the BGP AS number.
  4. If you want to connect multiple VPC networks, attach additional VLANs to your interconnect.
  5. After you're done adding VLAN attachments, select Create. The attachment takes a few moments to create.
  6. For each attachment, select Configure to add a BGP session to your Cloud Router's interface.
    • Name — A name for the BGP session.
    • Peer ASN — The public or private ASN of your on-premises router.
    • Advertised route priority — (Optional) The base value Cloud Router uses to calculate route metrics. All routes advertised for this session will use this base value. For more information, see Route metrics.
    • The Cloud Router and on-premises BGP IP addresses are already allocated by the VLAN attachment.
  7. After you've added BGP sessions, select Save configuration. The console displays a list of the attachments. The BGP sessions are inactive until you configure BGP on your on-premises router.

If you're building redundancy with a duplicate interconnect, repeat these steps for the second interconnect, and specify a different Cloud Router. For more information, see the Redundancy section in the Overview page.

gcloud

You must have an existing Cloud Router in the network and region that you want to reach from your on-premises network. If you don't, create one before you create a VLAN attachment. When you create the Cloud Router, use any private ASN (64512-65535 or 4200000000-4294967294) for the BGP AS number.

  1. Create an InterconnectAttachment, specifying your the names of your interconnect and Cloud Router. The attachment allocates a VLAN on your interconnect that connects to the Cloud Router.

    The following example creates an attachment for the my-interconnect interconnect that connects to the my-router Cloud Router, which is in the us-central1 region.

    gcloud compute interconnects attachments create my-attachment \
      --region us-central1 \
      --router my-router \
      --interconnect my-interconnect

  2. Describe the attachment to retrieve the resources that it allocated, such as the VLAN ID and BGP peering addresses, as shown in the following example. Use these values to configure your Cloud Router and your on-premises router.

    gcloud compute interconnects attachments describe my-attachment \
      --region us-central1

    cloudRouterIpAddress: 169.254.180.81/29
    creationTimestamp: '2017-05-22T10:31:40.829-07:00'
    customerRouterIpAddress: 169.254.180.82/29
    id: '2973197662755397267'
    interconnect: https://www.googleapis.com/compute/v1/projects/my-project/global/interconnects/myinterconnect
    kind: compute#interconnectAttachment
    name: my-attachment
    operationalStatus: ACTIVE
    privateInterconnectInfo:
      tag8021q: 1000
    region: https://www.googleapis.com/compute/v1/projects/my-project/regions/us-central1
    router: https://www.googleapis.com/compute/v1/projects/my-project/regions/us-central1/routers/my-router
      

    • The VLAN tag (1000) identifies traffic that will go across this attachment. You'll need this value to configure a tagged VLAN subinterface on your on-premises router.
    • The Cloud Router IP address (169.254.180.81/29) is a link local IP address. Assign this address to a Cloud ROuter interface. You'll use this same address for the BGP neighbor on your on-premises router.
    • The customer router IP address (169.254.180.82/29) is a link local IP address. On the Cloud Router, configure a BGP peer with this address over the interface that has the Cloud Router address assigned to it. You'll assign this address to the VLAN subinterface on your on-premises router.
  3. On your Cloud Router, add an interface that connects to the VLAN attachment. For the IP address, use the Cloud Router IP address that was allocated by your attachment.

    gcloud compute routers add-interface my-router \
      --region us-central1 \
      --ip-address 169.254.180.81 \
      --mask-length 29 \
      --interface-name my-router-i1 \
      --interconnect-attachment my-attachment

  4. Add a BGP peer to the interface. For the peer IP address, use the customer router IP address that was allocated by your attachment. For the peer ASN value, use the same number that you will configure on your on-premises router.

    To specify a base priority value, use the --advertised-route-priority flag. Cloud Router uses this value to calculate route metrics for all routes it advertises for this session. For more information, see Route metrics in the Cloud Router documentation.

    You can also use the beta command with the --advertisement-mode, --advertisement-groups, and --advertisement-ranges flags to specify custom route advertisements. For more information, see Route advertisements in the Cloud Router documentation.

    gcloud compute routers add-bgp-peer my-router \
      --interface my-router-i1 \
      --region us-central1 \
      --peer-name bgp-for-my-interconnect \
      --peer-ip-address 169.254.180.82 \
      --peer-asn 65201

If you're building redundancy with a duplicate interconnect, repeat these steps for the second interconnect, and specify a different Cloud Router. For more information, see the Redundancy section in the Overview page.

What's next

On your on-premises router, configure a VLAN subinterface and a BGP peer by using the values allocated by your VLAN attachment. For more information, see Configuring On-premises Router.

Send feedback om...