Creating router appliance instances

Router appliance is one of several supported spoke types for Network Connectivity Center, a hub-and-spoke model for network connectivity management in Google Cloud. This page describes how to create a router appliance instance.

For more information about Router appliance, see the Router appliance overview.

For more information about Network Connectivity Center, see the Network Connectivity Center overview.

Configuration approaches

You can configure Compute Engine virtual machine instances for Router appliance through Google Cloud Marketplace (recommended) or manually, by using an image provided by you or by a vendor of your choice.

Configuring Router appliance through Cloud Marketplace

We recommend installing a virtual machine (VM) instance and its image by selecting a vendor in Cloud Marketplace.

Go to Cloud Marketplace

API considerations

Configuring Router appliance manually

To manually deploy a router appliance instance with an image that you provide (for example, quagga) or with an image provided by a vendor, follow the steps on this page.

For more information about Router appliance, see What's next.

Sample configuration

The sample configuration used on this page shows a Router appliance configuration that uses Compute Engine VM instances. Equal-cost multipath (ECMP) routing load balances traffic across the router appliance instances, and BGP distributes network routes to and from Virtual Private Cloud (VPC) networks and on-premises networks. Each on-premises network is connected through customer premises equipment (CPE) to a router appliance instance.

This configuration uses three VMs in the same VPC subnetwork (subnet), but in different zones. Each router appliance instance establishes a BGP session with each interface of a Cloud Router.

Alternatively, you can establish redundancy for a pair of router appliance instances by creating at least two VMs in different zones. In this alternative configuration, each VM must peer with a pair of redundant Cloud Router interfaces. This alternative configuration is not shown on this page. For more information about zones, see Regions and zones.

Creating BGP sessions for router appliances
Creating BGP sessions for router appliances (click to enlarge)

Before you begin

To make it easier to configure Router appliance, complete the following steps:

  1. Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.
  2. In the Google Cloud Console, on the project selector page, select or create a Google Cloud project.

    Go to project selector

  3. Make sure that billing is enabled for your Cloud project. Learn how to confirm that billing is enabled for your project.

  4. Install and initialize the Cloud SDK.
  1. If you are using the gcloud command-line tool, set your project ID with the following command. The gcloud instructions on this page assume that you have set your project ID before issuing commands. Thus, the commands don't include the --project option.
        gcloud config set project PROJECT_ID
        
  2. You can also use the project ID that has already been set:
        gcloud config list --format='text(core.project)'
        

VM interfaces and routing

For an overview of how VM interfaces are used for routing, see the use case for data transfer between sites in the Router appliance overview. The use case on this page provides a working example of this use case.

IP addresses and router appliance instances

When you establish peering from a router appliance instance to a Cloud Router, only RFC 1918 internal IP addresses are supported on the router appliance interface that peers with the Cloud Router.

To view IP addresses on a VM, see the following documents:

For definitions and detailed information about IP address types, see IP addresses.

Reserving a static internal IP address (Recommended)

We recommend assigning a static internal IP address to a router appliance instance so that the address doesn't change during reboot. This step ensures that BGP peering doesn't fail, because after the peer IP address for the router appliance instance is configured on Cloud Router, the address is fixed.

Alternatively, you can can create a VM without specifying any IP address options. In that case, the VM is created with an ephemeral internal IP address. You can promote these IP addresses to static addresses later.

For steps to assign an IP address by using either method, see Reserving static IP addresses.

IP addresses for BGP peering

A router appliance instance uses its internal IP address to peer with Cloud Router. The instance does not use a 169.254.x.x address for BGP peering.

Cloud Router also uses two RFC 1918 internal IP addresses to peer with the router appliance instance, one address for each interface. These IP addresses can be manually or automatically assigned from the subnet that contains both the router appliance instance and the Cloud Router.

Creating VPC resources

The following sections describe how to create a VPC network and subnet.

Create a VPC network

If you haven't already, create a VPC network. The following steps create a custom mode VPC network named network-a.

For more information about creating VPC networks, see Creating networks.

gcloud

To create a custom VPC network, enter this command:

  gcloud compute networks create NAME \
      --subnet-mode custom \
      --bgp-routing-mode global

Replace NAME with the name of the VPC network—for example, network-a.

API

To create a custom VPC network by using the Compute Engine API, see Using VPC.

Create a subnet

Create one subnet in network-a to contain the VM instances used as router appliance instances.

gcloud

To create a VPC subnet, enter this command:

  gcloud compute networks subnets create NAME \
      --network=NETWORK \
      --region=REGION \
      --range=RANGE

Replace the following:

  • NAME: the name of the subnet that contains the router appliance VM—for example, subnet-a-1
  • NETWORK: the network that contains the subnet—for example, network-a
  • REGION: the region that contains the subnet—for example, us-west1
  • RANGE: the IP range of the subnet in CIDR notation—for example, 10.0.1.0/24

API

To create a VPC subnet by using the Compute Engine API, see Using VPC.

Creating router appliance VMs

Create the VMs that act as router appliance instances. The sample configuration uses three VMs, router-app-a, router-app-b, and router-app-c.

When you create a VM for Router appliance, you must add an image to it. This image can be an image that you create or a custom image from your chosen vendor. To use an image from your vendor, see your vendor's documentation.

For more information about specifying images, see the following resources:

For detailed information about creating VMs, see Creating and starting a VM instance.

The examples in this section assume that you have reserved IP addresses for the router appliance instance. For more information, see IP addresses for Router appliance.

gcloud

To create the three router appliance VMs used in the example configuration, run the following command three times. Replace INSTANCE_NAME with the name of the VM acting as a router appliance instance.

In the following example, you assign the static internal IP address and static external IP address that you reserved earlier to the VM. You also specify the project that contains a vendor-provided image for the VM along with the name of the image.

  gcloud compute instances create INSTANCE_NAME \
      --project=PROJECT \
      --zone=ZONE \
      --machine-type=MACHINE_TYPE \
      --network-tier=NETWORK_TIER \
      --network-interface=[subnet=SUBNET,private-network-ip=INTERNAL_IP_ADDRESS] \
      --can-ip-forward \
      --image-project=IMAGE_PROJECT \
      --image=IMAGE

Replace the following:

  • INSTANCE_NAME: the name of the VM acting as a router appliance instance—for example, router-app-a, router-app-b, or router-app-c
  • PROJECT: the name of the project that contains the router appliance VMs—for example, my-project
  • ZONE: the Google Cloud zone that the VM is located in—for example, us-west1-a
  • MACHINE_TYPE: the machine type resource to use for the VM—for example, n1-standard-2
  • NETWORK_TIER: when creating the router appliance VMs, set the network tier to premium; this choice maximizes the extent to which traffic uses Google's network
  • SUBNET: the subnet assigned to the primary network interface for the VM—for example, subnet-a-1
  • INTERNAL_IP_ADDRESS: the RFC 1918 internal IP address that is assigned to the VM interface that connects to the Cloud Router—for example, 10.0.1.10
  • IMAGE_PROJECT: the name of the project that contains the image specified in the image field—for example, debian-cloud
  • IMAGE: the name of the image to install—for example, debian-10-buster-v20210217

API

To create the three router appliance VMs used in the example configuration, use the compute.instances.insert method to create each VM.

For additional creation methods, see Creating and starting a VM instance.

POST https://compute.googleapis.com/compute/v1/projects/PROJECT/zones/ZONE/instances
 {
   "machineType": "zones/ZONE/machineTypes/MACHINE_TYPE",
   "name": "INSTANCE_NAME",
   "canIpForward": "true",
   "networkInterfaces": [{
     "subnetwork": "regions/REGION/subnetworks/SUBNET",
     "networkIP": "INTERNAL_IP_ADDRESS",
     "accessConfigs": [{
         "networkTier": "NETWORK_TIER,
       }]
     }],
    "disks": [{
      "initializeParams": {
          "sourceImage": "projects/IMAGE_PROJECT/global/images/IMAGE"
      },
      "boot": true
   }]
 }

Replace the following:

  • PROJECT: the name of the project that contains the router appliance VMs—for example, my-project
  • ZONE: the Google Cloud zone that the VM is located in—for example, us-west1-a
  • MACHINE_TYPE: the machine type resource to use for the VM—for example, zones/us-west1-a/machineTypes/n1-standard-2
  • INSTANCE_NAME: the name of the VM—for example, router-app-a, router-app-b, or router-app-c
  • REGION: the region that contains the VM—for example, us-west1
  • SUBNET: the subnet assigned to the primary network interface for the VM—for example, regions/us-west1/subnetworks/subnet-a-1
  • INTERNAL_IP_ADDRESS: the RFC 1918 internal IP address that is assigned to the VM; configure the address for the VM interface that connects to the Cloud Router—for example, 10.0.1.10
  • NETWORK_TIER: when creating the router appliance VMs, set the network tier to premium; this choice maximizes the extent to which traffic uses Google's network
  • IMAGE_PROJECT: the name of the project that contains the image that you specify when creating the VM—for example, debian-cloud
  • IMAGE: the name of the image to use when creating the VM—for example, debian-10-buster-v20210217

Creating a firewall rule to allow BGP

Create a firewall rule that allows BGP traffic to network-a on TCP port 179.

For more information about firewall commands, see Using firewall rules.

gcloud

To create a VPC firewall rule by using the gcloud command-line tool, see Using VPC firewall rules.

API

To create a VPC firewall rule by using the Compute Engine API, see Using VPC firewall rules.

Creating a Cloud Router

In the sample configuration, you create a Cloud Router in network-a. Place the Cloud Router in the same region, us-west1, as the subnet that you created in the preceding section.

For more information, see Creating Cloud Routers.

gcloud

To create a Cloud Router, enter the following command:

  gcloud beta compute routers create NAME \
      --region=REGION \
      --network=NETWORK \
      --asn=ASN \
      --project=PROJECT_ID

Replace the following:

  • NAME: the name of the Cloud Router—for example, cloud-router-a
  • REGION: the region that contains the Cloud Router—for example, us-west1
  • NETWORK: the VPC network that contains the Cloud Router—for example, network-a
  • ASN: the autonomous system number (ASN) for the Cloud Router—this ASN must be a 16-bit or 32-bit private ASN as defined in RFC 6996—for example, 65000
  • PROJECT_ID: the project ID for the Cloud Router—for example, my-project

API

To create a Cloud Router, use the compute.routers.insert method.

POST https://compute.googleapis.com/compute/beta/projects/PROJECT_ID/region/REGION/routers
{
 "name": "NAME",
 "network": "NETWORK",
 "bgp": {
   "asn": ASN
  }
}

Replace the following:

  • PROJECT_ID: the project ID for the Cloud Router—for example, my-project
  • REGION: the region that contains the Cloud Router—for example, us-west1
  • NAME: the name of the Cloud Router—for example, cloud-router-a
  • NETWORK: the URI of the VPC network that contains the Cloud Router—for example, /global/networks/network-a
  • ASN: the autonomous system number (ASN) for the Cloud Router—this ASN must be a 16-bit or 32-bit private ASN as defined in RFC 6996—for example, 65000

Create two redundant interfaces on the Cloud Router

Create two redundant Cloud Router interfaces that, in the sample configuration, are associated with subnet-a-1.

The Cloud Router interface uses a regional internal IP address.

If you explicitly specify the internal IP address for the interface, the IP address must belong to the subnet's primary IP address range. It must not already be in use by another resource, such as a VM or a different Cloud Router interface. To reserve an IP address from the subnet in advance, create an address resource and then use the reserved IP address for the Cloud Router interface.

gcloud

To create two redundant interfaces on the Cloud Router, enter the following commands.

If you don't specify the --ip-address option, Google tries to find a free IP address from the subnet's primary IP range to assign to the interface.

  1. Create the first Cloud Router interface:

    gcloud beta compute routers add-interface NAME \
        --interface-name=INTERFACE_NAME \
        --ip-address=IP_ADDRESS \
        --subnetwork=SUBNET \
        --region=REGION \
        --project=PROJECT_ID
    
  2. Create the redundant Cloud Router interface:

    gcloud beta compute routers add-interface NAME \
        --interface-name=INTERFACE_NAME \
        --ip-address=IP_ADDRESS \
        --subnetwork=SUBNET \
        --redundant-interface=REDUNDANT_INTERFACE \
        --region=REGION \
        --project=PROJECT_ID
    

    Replace the following:

    • NAME: the name of the Cloud Router to update—for example, cloud-router-a
    • INTERFACE_NAME: the name of the interface—for example, router-appliance-interface-0 or router-appliance-interface-1
    • IP_ADDRESS: the RFC 1918 internal IP address to use for the interface—for example, 10.0.1.5 or 10.0.1.6
    • SUBNET: the subnet where the internal IP address resides—for example, subnet-a-1
    • REDUNDANT_INTERFACE: the redundant Cloud Router interface that peers with the same router appliance instance as the primary interface—for example, router-appliance-interface-0
    • REGION: the Google Cloud region where the Cloud Router resides—for example, us-west1
    • PROJECT_ID: the project ID for the Cloud Router—for example, my-project
  • The following command creates the first interface on the Cloud Router as described in the sample configuration:

    gcloud beta compute routers add-interface cloud-router-a \
        --interface-name=router-appliance-interface-0 \
        --ip-address=10.0.1.5 \
        --subnetwork=subnet-a-1 \
        --region=us-west1 \
        --project=my-project
    
  • The following command creates the redundant interfaces on the Cloud Router as described in the sample configuration:

    gcloud beta compute routers add-interface cloud-router-a \
        --interface-name=router-appliance-interface-1 \
        --ip-address=10.0.1.6 \
        --subnetwork=subnet-a-1 \
        --redundant-interface=router-appliance-interface-0 \
        --region=us-west1 \
        --project=my-project
    

API

To create two redundant interfaces on the Cloud Router, use the compute.routers.patch method.

If you don't specify the privateIpAddress option, Google tries to find a free IP address from the subnet's primary IP range to assign to the interface.

  1. Create the first Cloud Router interface:

    "PATCH
    https"://www.googleapis.com/compute/beta/projects/PROJECT_ID/regions/REGION/routers/NAME
    {
      "region":"REGION",
      "interfaces":[
        {
          "name":"INTERFACE_NAME",
          "privateIpAddress:"IP_ADDRESS",
          "subnetwork": "https":"//www.googleapis.com/compute/beta/projects/PROJECT_ID/regions/REGION/subnetworks/SUBNET"
        }
      ]
    }
    
  2. Create the redundant Cloud Router interface:

    "PATCH
    https"://www.googleapis.com/compute/beta/projects/PROJECT_ID/regions/REGION/routers/NAME
    {
      "region":"REGION",
      "interfaces":[
        {
          "name":"INTERFACE_NAME_1",
          "privateIpAddress:"IP_ADDRESS",
          "subnetwork": "https://www.googleapis.com/compute/beta/projects/PROJECT_ID/regions/REGION/subnetworks/SUBNET"
        },
        {
          "name":"INTERFACE_NAME_2",
          "privateIpAddress:"IP_ADDRESS",
          "subnetwork": "https://www.googleapis.com/compute/beta/projects/PROJECT_ID/regions/REGION/subnetworks/SUBNET",
          "redundantInterface": "INTERFACE_NAME_1"
        }
      ]
    }
    

    Replace the following:

    • PROJECT_ID: the project ID for the Cloud Router—for example, my-project
    • REGION: the Google Cloud region where the Cloud Router resides—for example, us-west1
    • NAME: the name of the Cloud Router to update—for example, cloud-router-a
    • NETWORK: the VPC network that contains the Cloud Router—for example,network-a
    • INTERFACE_NAME: the name of the interface—for example, router-appliance-interface-0 or router-appliance-interface-1
    • SUBNET: the URL for the subnet that contains the RFC 1918 internal IP address
    • IP_ADDRESS: the internal IP address to use for the interface—for example, 10.0.1.5 or 10.0.1.6
    • REDUNDANT_INTERFACE: the redundant Cloud Router interface that peers with the same router appliance instance as the primary interface—for example, router-appliance-interface-0
  • The following command creates the first interface on cloud-router-a as described in the sample configuration:

    "PATCH https"://www.googleapis.com/compute/beta/projects/my-project/regions/us-west1/routers/cloud-router-a
    {
    "region":"us-west1",
    "interfaces":[
      {
        "name":"router-appliance-interface-0",
        "privateIpAddress:"10.0.1.5",
        "subnetwork": "https://www.googleapis.com/compute/beta/projects/my-project/regions/us-west1/subnetworks/>"
      }
    ]
    }
    
  • The following command creates the redundant interfaces on cloud-router-a as described in the sample configuration:

    "PATCH https"://www.googleapis.com/compute/beta/projects/my-project/regions/us-west1/routers/cloud-router-a
    {
    "region":"us-west1",
    "interfaces":[
      {
        "name":"router-appliance-interface-0",
        "privateIpAddress:"10.0.1.5",
        "subnetwork": "https://www.googleapis.com/compute/beta/projects/my-project/regions/us-west1/subnetworks/subnet-a-1"
      },
      {
        "name":"router-appliance-interface-0",
        "privateIpAddress:"10.0.1.6",
        "subnetwork": "https://www.googleapis.com/compute/beta/projects/my-project/regions/us-west1/subnetworks/subnet-a-1",
        "redundantInterface": "router-appliance-interface-0"
      }
    ]
    }
    

Create two BGP peers, one for each interface on router-app-a

Create two BGP peers on the Cloud Router for the router appliance instance, one on each Cloud Router interface. This section describes how to create two BGP peers for router-app-a from the sample configuration. The next section describes how to create two BGP peers on router-app-b and on router-app-c.

The BGP peer IP address must be the primary internal IP address for the VM configured as a router appliance instance. In the sample configuration, the VM is router-app-a. It belongs to subnet-a-1.

The following example shows how to configure router-app-a as a BGP peer on both interfaces of Cloud Router cloud-router-a.

gcloud

To create two BGP peers on the Cloud Router for router-app-a, enter the following commands.

  1. Create the first BGP peer:

    gcloud beta compute routers add-bgp-peer NAME \
        --peer-name=PEER_NAME \
        --interface=INTERFACE \
        --peer-ip-address=PEER_IP_ADDRESS \
        --peer-asn=PEER_ASN \
        --instance=ROUTER_APPLIANCE \
        --instance-zone=ROUTER_APPLIANCE_ZONE \
        --region=REGION
    
  2. Create the second BGP peer:

    gcloud beta compute routers add-bgp-peer NAME \
        --peer-name=PEER_NAME \
        --interface=INTERFACE \
        --peer-ip-address=PEER_IP_ADDRESS \
        --peer-asn=PEER_ASN \
        --instance=ROUTER_APPLIANCE \
        --instance-zone=ROUTER_APPLIANCE_ZONE \
        --region=REGION
    

    Replace the following:

    • NAME: the name of the Cloud Router to update
    • PEER_NAME: the name of the BGP peering session to establish with the router appliance instance
    • INTERFACE: the name of the interface for this BGP peer
    • PEER_IP_ADDRESS: the internal IP address of the peer router (the router appliance instance)—this address must match the primary internal IP address for the VM's primary network interface (nic0)
    • PEER_ASN: the BGP autonomous system number (ASN) for this BGP peer—this ASN must be a 16-bit or 32-bit private ASN as defined in RFC 6996
    • ROUTER_APPLIANCE: the name of the VM acting as the router appliance instance
    • ROUTER_APPLIANCE_ZONE: the zone where the VM acting as the router appliance instance is located
    • REGION: the region where the VM acting as the router appliance instance is located

Following is an example of the sample configuration for router-app-a:

  gcloud beta compute routers add-bgp-peer cloud-router-a \
      --peer-name=router-appliance-bgp-peer-router-app-a-0 \
      --interface=router-appliance-interface-0 \
      --peer-ip-address=10.0.1.10 \
      --peer-asn=65001 \
      --instance=router-app-a \
      --instance-zone=us-west1-a \
      --region=us-west1
  gcloud beta compute routers add-bgp-peer cloud-router-a \
      --peer-name=router-appliance-bgp-peer-router-app-a-1 \
      --interface=router-appliance-interface-1 \
      --peer-ip-address=10.0.1.10 \
      --peer-asn=65001 \
      --instance=router-app-a \
      --instance-zone=us-west1-a \
      --region=us-west1

API

To create two BGP peers on the Cloud Router for router-app-a, use the compute.routers.patch method.

PATCH
https://compute.googleapis.com/compute/beta/projects/PROJECT_ID/region/REGION/routers/NAME
{
  "bgpPeers": [
  {
    "name": "PEER_NAME",
    "interfaceName": "INTERFACE_NAME",
    "ipAddress": "IP_ADDRESS",
    "peerIpAddress": "PEER_IP_ADDRESS",
    "routerApplianceInstance": "https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/zone/ROUTER_APPLIANCE_ZONE/instances/ROUTER_APPLIANCE_INSTANCE",
    "peerAsn": PEER_ASN,
  }
  {
    "name": "PEER_NAME",
    "interfaceName": "INTERFACE_NAME",
    "ipAddress": "IP_ADDRESS",
    "peerIpAddress": "PEER_IP_ADDRESS",
    "routerApplianceInstance": "https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/zone/ROUTER_APPLIANCE_ZONE/instances/ROUTER_APPLIANCE_INSTANCE",
    "peerAsn": PEER_ASN
   }
 ]
}

Replace the following:

  • PROJECT_ID: the project ID for the Cloud Router
  • REGION: the region where the VM acting as the router appliance instance resides
  • NAME: the name of the Cloud Router to update
  • PEER_NAME: the name of the BGP peering session to establish with the router appliance instance
  • INTERFACE_NAME: the name of the Cloud Router interface to add the peer to
  • IP_ADDRESS: the RFC 1918 internal IP address to use for the Cloud Router interface
  • PEER_IP_ADDRESS: the internal IP address of the VM acting as a router appliance instance
  • ROUTER_APPLIANCE_INSTANCE: the name in URL format for the VM acting as the router appliance instance
  • ROUTER_APPLIANCE_ZONE: the zone where the VM acting as the router appliance instance resides
  • PEER_ASN: the BGP autonomous system number (ASN) for this BGP peer—this ASN must be a 16-bit or 32-bit private ASN as defined in RFC 6996

Following is an example of the sample configuration for router-app-a:

PATCH
https://compute.googleapis.com/compute/beta/projects/my-project/region/us-west1/routers/cloud-router-a
{
  "bgpPeers": [
  {
    "name": "router-appliance-bgp-peer-router-app-a-0",
    "interfaceName": "router-appliance-interface-0",
    "ipAddress": "10.0.1.5",
    "peerIpAddress": "10.0.1.10",
    "routerApplianceInstance": "https://compute.googleapis.com/compute/v1/projects/my-project/zone/us-west1-a/instances/router-app-a",
    "peerAsn": 65001,
  }
  {
    "name": "router-appliance-bgp-peer-router-app-a-1",
    "interfaceName": "router-appliance-interface-1",
    "ipAddress": "10.0.1.6",
    "peerIpAddress": "10.0.1.10",
    "routerApplianceInstance": "https://compute.googleapis.com/compute/v1/projects/my-project/zone/us-west1-a/instances/router-app-a",
    "peerAsn": 65001
   }
 ]
}

Create two BGP peers, one for each interface on router-app-b and router-app-c

As described previously, Cloud Router can establish BGP sessions to multiple VMs configured as router appliance instances. These VMs must all belong to the same subnet. To create this configuration, you create additional BGP peering sessions on the same Cloud Router interfaces.

The preceding section described how to set up BGP peering for router-app-a. This section describes how to additionally configure router-app-b and router-app-c as BGP peers on both interfaces of Cloud Router cloud-router-a.

Sample router-app-b

gcloud

To create two BGP peers on the Cloud Router for router-app-b, use the following commands.

  • Sample configuration for the first BGP peer:

    gcloud beta compute routers add-bgp-peer cloud-router-a \
        --peer-name=router-appliance-bgp-peer-router-app-b-0 \
        --interface=router-appliance-interface-0 \
        --peer-ip-address=10.0.1.11 \
        --peer-asn=65002 \
        --instance=router-app-b \
        --instance-zone=us-west1-a \
        --region=us-west1
    
  • Sample configuration for the second BGP peer:

    gcloud beta compute routers add-bgp-peer cloud-router-a \
        --peer-name=router-appliance-bgp-peer-router-app-b-1 \
        --interface=router-appliance-interface-1 \
        --peer-ip-address=10.0.1.11 \
        --peer-asn=65002 \
        --instance=router-app-b \
        --instance-zone=us-west1-a \
        --region=us-west1
    

API

To create two BGP peers on the Cloud Router for router-app-b, use the compute.routers.patch method.

Refer to this example of the sample configuration:

PATCH
https://compute.googleaps.com/compute/beta/projects/my-project/region/us-west1/routers/cloud-router-a
{
  "bgpPeers": [
  {
    "name": "router-appliance-bgp-peer-router-app-b-0",
    "interfaceName": "router-appliance-interface-0",
    "ipAddress": "10.0.1.5",
    "peerIpAddress": "10.0.1.11",
    "routerApplianceInstance": "https://compute.googleapis.com/compute/v1/projects/my-project/zone/us-west1-a/instances/router-app-b",
    "peerAsn": 65002,
  }
  {
    "name": "router-appliance-bgp-peer-router-app-b-1",
    "interfaceName": "router-appliance-interface-1",
    "ipAddress": "10.0.1.6",
    "peerIpAddress": "10.0.1.11",
    "routerApplianceInstance": "https://compute.googleapis.com/compute/v1/projects/my-project/zone/us-west1-a/instances/router-app-b",
    "peerAsn": 65002
   }
 ]
}

Sample router-app-c

gcloud

To create two BGP peers on the Cloud Router for router-app-c, use the following commands.

  • Sample configuration for the first BGP peer:

    gcloud beta compute routers add-bgp-peer cloud-router-a \
        --peer-name=router-appliance-bgp-peer-router-app-c-0 \
        --interface=router-appliance-interface-0 \
        --peer-ip-address=10.0.1.12 \
        --peer-asn=65003 \
        --instance=router-app-c \
        --instance-zone=us-west1-a \
        --region=us-west1
    
  • Sample configuration for the second BGP peer:

    gcloud beta compute routers add-bgp-peer cloud-router-a \
        --peer-name=router-appliance-bgp-peer-router-app-c-1 \
        --interface=router-appliance-interface-1 \
        --peer-ip-address=10.0.1.12 \
        --peer-asn=65003 \
        --instance=router-app-c \
        --instance-zone=us-west1-a \
        --region=us-west1
    

API

To create two BGP peers on the Cloud Router for router-app-c, use the compute.router.patch method.

Refer to this example of the sample configuration:

PATCH
https://compute.googleaps.com/compute/beta/projects/my-project/region/us-west1/routers/cloud-router-a
{
  "bgpPeers": [
  {
    "name": "router-appliance-bgp-peer-router-app-c-0",
    "interfaceName": "router-appliance-interface-0",
    "ipAddress": "10.0.1.5",
    "peerIpAddress": "10.0.1.12",
    "routerApplianceInstance": "https://compute.googleapis.com/compute/v1/projects/my-project/zone/us-west1-a/instances/router-app-c",
    "peerAsn": 65003,
  }
  {
    "name": "router-appliance-bgp-peer-router-app-c-1",
    "interfaceName": "router-appliance-interface-1",
    "ipAddress": "10.0.1.6",
    "peerIpAddress": "10.0.1.12",
    "routerApplianceInstance": "https://compute.googleapis.com/compute/v1/projects/my-project/zone/us-west1-a/instances/router-app-c",
    "peerAsn": 64003
   }
 ]
}

Configuring BGP on the router appliance instance

To configure your router appliance instance for BGP connectivity to the Cloud Router, refer to the vendor documentation for your router appliance image.

Attaching the router appliance instance to a spoke

After you configure your router appliance instances, attach each router appliance instance to a spoke on a Network Connectivity Center hub. In addition to enabling data transfer through the hub, creating a spoke is required to enable BGP peering with the Cloud Router. For more information, see Creating a spoke.

You can associate a router appliance instance with a spoke that contains existing resources. For more information, see Spoke resource types and Quotas and limits.

What's next