Enabling multiple VPC networks to access the same VLAN attachment

This page describes how Virtual Private Cloud (VPC) networks can access VLAN attachments for Dedicated Interconnect or Partner Interconnect that are located in a different VPC network. This functionality is supported by Shared VPC or VPC Network Peering.

For VPC networks that don't use Shared VPC or VPC Network Peering, you must create additional VLAN attachments.

Using Cloud Interconnect with Shared VPC

You can use Shared VPC to share your VLAN attachment in a project with other VPC networks. Choosing Shared VPC is preferable if you need to create many projects and would like to prevent individual project owners from managing their connectivity back to your on-premises network.

In this scenario, the host project contains a common Shared VPC network usable by VMs in service projects. Because VMs in the service projects use this network, Service Project Admins don't need to create other VLAN attachments or Cloud Routers in the service projects.

In this scenario, you must create VLAN attachments and Cloud Routers for a Cloud Interconnect connection only in the Shared VPC host project. The combination of a VLAN attachment and its associated Cloud Router are unique to a given Shared VPC network.

Service Project Admins can create VMs in subnets that exist in a host project's Shared VPC network based on the permissions they have to the host project. VMs that use the Shared VPC network can use the custom dynamic routes for VLAN attachments available to that network.

For more information about setting up a Shared VPC network, see the Shared VPC overview and Provisioning Shared VPC.

Using Cloud Interconnect with VPC Network Peering

If you have a small number of projects (2-3) or if you need to connect VPC networks between different organizations, you can use VPC Network Peering. Using Shared VPC is recommended over using VPC Network Peering because Shared VPC is easier to configure and scale.

With VPC Network Peering, you land VLAN attachments in one VPC network and then peer that network with one or more other VPC networks that you want to have access to your on-premises network.

For information about VPC Network Peering, see the VPC Network Peering overview.