Creating VLAN Attachments

Partner VLAN attachments (also known as InterconnectAttachments) connect your Virtual Private Cloud networks with your on-premises network through your service provider's network by allocating VLANs on your service provider's interconnect.

For information about Dedicated Interconnect VLAN attachments, see Creating VLAN Attachments in the Dedicated Interconnect how-to guide.

Interconnect attachments (VLANs) only support 10 Gbps / 1.25M packets per second (pps) of traffic. To achieve higher throughput into a VPC network, you must configure multiple attachments into the VPC network. For each BGP session, you should use the same MED values to allow the traffic to use ECMP over all of the configured interconnect attachments.

Billing for partner VLAN attachments starts as soon as your service provider completes their configurations, whether or not you pre-activated your attachments. Your service provider has configured your attachments when they are in the PENDING_CUSTOMER or ACTIVE state. Billing stops when you or the service provider deletes them (when the VLAN attachments are in the DEFUNCT state).

If you have multiple interconnect attachments (VLANs), including those in different projects, you can pair them with a Partner Interconnect connection from the same service provider, or with Partner Interconnect connections from different service providers.

Creating VLAN attachments

Console

  1. Go to the Cloud Interconnect VLAN attachments tab in the Google Cloud Platform Console.
    Go to VLAN attachments tab
  2. Click Add VLAN attachment.
  3. Select Partner Interconnect to create Partner VLAN attachments, and then click Continue.
  4. Click I already have a service provider.
  5. Select Create a redundant pair of VLANs. Redundancy provides higher availability than a single connection. For example, during scheduled maintenance, one attachment might go down but the other can continue to serve traffic. For more information, see the Redundancy section in the Partner Interconnect Overview page.

    If you're creating an attachment for testing purposes or don't require high availability, select Create a single VLAN to create just one VLAN attachment.

  6. For the Network and Region fields, select the VPC network and GCP region where your attachments will connect to.

  7. Specify the details of your VLAN attachments.

    • Cloud Router — A Cloud Router to associate with this attachment. You can only choose a Cloud Router in the VPC network and region that you selected with an ASN of 16550. If you don't have an existing Cloud Router, create one with an ASN of 16550. For redundancy, each VLAN attachment must be associated with a unique Cloud Router. Google automatically adds an interface and a BGP peer on the Cloud Router.
    • VLAN attachment name — A name for the attachment. This name is displayed in the console and used by the gcloud command-line tool to reference the attachment, such as my-attachment.
  8. Click Create to create the attachments, which takes a few moments to complete.

  9. After creation is complete, copy the pairing keys. You'll share these keys with your service provider when you request a connection with them.

    If you're requesting a layer 3 connection from your service provider, you can pre-activate the attachment by selecting Enable. Activating attachments enables you to confirm that you're connecting to the expected service provider. Pre-activating attachments enables you to skip this activation step and allows the attachments to start passing traffic immediately after your service provider completes their configuration.

  10. Click OK to view a list of your VLAN attachments.

gcloud

You must have an existing Cloud Router in the network and region that you want to reach from your on-premises network. The Cloud Router must have an ASN of 16550. If you don't have an existing Cloud Router, create one before you create the VLAN attachment. When you create the Cloud Router, use 16550 for the BGP ASN.

  1. Create an InterconnectAttachment of type PARTNER, specifying the name of your Cloud Router and the edge availability domain of the VLAN attachment. Google automatically adds an interface and a BGP peer on the Cloud Router. The attachment generates a pairing key that you'll need to share with your service provider.

    The following example creates a partner attachment in edge availability domain 1 and is associated with the my-router Cloud Router, which is in the us-central1 region.

    gcloud compute interconnects attachments partner create my-attachment \
      --region us-central1 \
      --router my-router \
      --edge-availability-domain availability-domain-1

    If you're requesting a layer 3 connection from your service provider, you can pre-activate the attachment by using the --admin-enabled flag. Activating attachments enables you to confirm that you're connecting to the expected service provider. Pre-activating attachments enables you to skip this activation step and allows the attachments to start passing traffic immediately after your service provider completes their configuration.

    gcloud compute interconnects attachments partner create my-attachment \
      --region us-central1 \
      --router my-router \
      --edge-availability-domain availability-domain-1 \
      --admin-enabled
  2. Describe the attachment to retrieve its pairing key. You'll need to share this key with your service provider when you request a connection with them.

    gcloud compute interconnects attachments describe my-attachment \
      --region us-central1
    adminEnabled: false
    edgeAvailabilityDomain: AVAILABILITY_DOMAIN_1
    creationTimestamp: '2017-12-01T08:29:09.886-08:00'
    id: '7976913826166357434'
    kind: compute#interconnectAttachment
    labelFingerprint: 42WmSpB8rSM=
    name: my-attachment
    pairingKey: 7e51371e-72a3-40b5-b844-2e3efefaee59/us-central1/1
    region: https://www.googleapis.com/compute/v1/projects/customer-project/regions/us-central1
    router: https://www.googleapis.com/compute/v1/projects/customer-project/regions/us-central1/routers/my-router
    selfLink: https://www.googleapis.com/compute/v1/projects/customer-project/regions/us-central1/interconnectAttachments/my-attachment
    state: PENDING_PARTNER
    type: PARTNER
    • The pairingKey field contains the pairing key that you'll need to share with your service provider. Treat the pairing key as sensitive information until your VLAN attachment is configured.
    • The state of the VLAN attachment is PENDING_PARTNER until you request a connection with your service provider and they complete your VLAN attachment configuration. Afterwards, the state of the attachment will be ACTIVE or PENDING_CUSTOMER.

If you're building redundancy with a duplicate attachment, repeat these steps for the second attachment but specify a different edge availability domain. Also, when you request connections from your service provider, you must select the same metro (city) for both attachments for them to be redundant. For more information, see the Redundancy section in the Partner Interconnect Overview page.

What's next?

¿Te ha resultado útil esta página? Enviar comentarios:

Enviar comentarios sobre...