This page describes the steps to successfully create and configure a Dedicated Interconnect connection.
To create and configure a Cloud Interconnect connection for Dedicated Interconnect, follow these steps:
Decide if you want MACsec for Cloud Interconnect.
MACsec for Cloud Interconnect can help you secure traffic on Cloud Interconnect connections. If you want MACsec for Cloud Interconnect, you must select it when you order a Dedicated Interconnect connection.
MACsec for Cloud Interconnect is available for 100‑Gbps links, regardless of location. If you want a 10G‑Gpbs link with MACsec support, verify that it is available in your desired locations.
Order a Dedicated Interconnect connection
Submit an order, specifying the details of your connection. Google then emails you an order confirmation. After your resources have been allocated, you receive another email with your LOA-CFAs.
-
Send the LOA-CFAs to your vendor. They provision the connections between the Google peering edge and your on-premises network. Google automatically starts testing the light levels on each allocated port after 24 hours.
-
If the light level of your physical ports is within the expected threshold, the ports are operational and Google sends you an automated email containing configuration details for connectivity testing. Apply these configurations to your router so that Google can confirm connectivity. This process confirms the IP connectivity of your connection's production configuration.
If you don't apply these configurations (or apply them incorrectly), Google sends an automated email with troubleshooting information.
If the light level of your physical ports is not within the expected threshold, Google sends an automated email to notify you of the failure.
After all tests have passed, your Dedicated Interconnect connection is ready to use.
-
When your connection is ready to use, you need to connect Virtual Private Cloud (VPC) networks to your on-premises network. To do that, first create a VLAN attachment, specifying an existing Cloud Router that's in the VPC network that you want to reach.
If you want to deploy HA VPN over Cloud Interconnect, you must create encrypted VLAN attachments.
-
After you create a VLAN attachment, to start sending traffic between networks, you need to configure your on-premises router to establish a BGP session with your Cloud Router. To configure your on-premises router, use the VLAN ID, interface IP address, and peering IP address provided by the VLAN attachment.
Optional: Configure HA VPN over Cloud Interconnect
If you are deploying HA VPN over Cloud Interconnect, you must build the HA VPN tunnels that carry IPsec-encrypted traffic over your VLAN attachment.