Site-to-cloud topologies that use a third-party appliance

Network Connectivity Center lets you use a third-party network virtual appliance to establish connectivity between an external site and your Virtual Private Cloud (VPC) network resources. To establish this type of connectivity, you use the Router appliance feature. Using Router appliance in this way is supported in all Google Cloud regions.

Router appliance

The Router appliance feature lets you install a network virtual appliance within Google Cloud and use it as the backing resource for a spoke.

To create a router appliance instance, you install a virtual appliance image on a Compute Engine virtual machine (VM) and complete additional setup steps. This setup includes establishing Border Gateway Protocol (BGP) peering between the VM and a Cloud Router. BGP enables the dynamic exchange of routes between the Cloud Router and the Router appliance instance. Route exchange lets you establish connectivity between your VPC network and other networks. We recommend using an image provided by a supported Network Connectivity Center partner. For more information about Router appliance, see the Router appliance overview.

Network Connectivity Center lets you use a hub-and-spoke architecture for network connectivity. For information about Network Connectivity Center, see the Network Connectivity Center overview. For more information about Router appliance, see the Router appliance overview.

Connect a site to a VPC network

In the following topology, a router appliance instance serves as the backing resource for a Network Connectivity Center spoke. The router appliance instance connects with a peer router in an on-premises network. The router appliance instance also peers with a Cloud Router. Routes from the on-premises network are dynamically exchanged with the VPC network.

Use a Router appliance spoke to connect to a VPC network
Use a Router appliance spoke to connect a site to a VPC network (click to enlarge)

Connect a site to two VPC networks

In the following topology, a router appliance instance has interfaces in two VPC networks. Each interface has been used to create a Router appliance spoke. In this case, routes from the on-premises network are propagated to each VPC network. Connectivity between the two VPC networks is determined by the features of the network virtual appliance.

Creating BGP sessions for router appliances
Use Router appliance spokes to connect a site to two VPC networks (click to enlarge)

For a detailed description of this topology and instructions about how to configure it, see Establish connectivity by using a third-party appliance.

Use load-balanced router appliance instances

The following topology shows a site that uses load-balanced router appliance instances to connect to Google Cloud. Both router appliance instances are backing resources for the same spoke.

Use load-balanced router appliance instances.
Use load-balanced router appliance instances (click to enlarge)

For a detailed description of this topology and instructions about how to configure it, see Create router appliance instances.

What's next