Establish BGP sessions

Cloud Router uses Border Gateway Protocol (BGP) to exchange routes between your Virtual Private Cloud (VPC) network and your on-premises network. On Cloud Router, you configure an interface and a BGP peer for your on-premises router. The interface and BGP peer configuration together form a BGP session.

Within Google Cloud, a Cloud Router interface connects to exactly one of the following Google Cloud resources:

A Classic VPN tunnel using dynamic routing
Warning: Certain Classic VPN functionality is deprecated. For more information, see Classic VPN partial deprecation.
An HA VPN tunnel (using dynamic routing as required)
A VLAN attachment for Dedicated Interconnect
A VLAN attachment for Partner Interconnect
A router appliance instance

Cloud Routers support multiple interfaces each. You don't need to create a separate Cloud Router for each Cloud VPN tunnel or VLAN attachment. However, each Cloud Router uses the same ASN for all its BGP sessions. Because Partner Interconnect requires a public ASN, and all other types of interface require private ASNs, a Cloud Router that manages BGP sessions for a VLAN attachment on Partner Interconnect cannot manage BGP sessions for any other type of interface.

Cloud Router supports IPv6 route advertisements using multiprotocol BGP. If you enable IPv6 in the BGP peer during HA VPN configuration, you can exchange IPv6 traffic between your IPv6-enabled VPC network and the IPv6-addressed hosts in your on-premises network. The prefix exchange occurs over an IPv4-based BGP session. IPv6 is only supported for BGP sessions that are set up in HA VPN tunnels. For more information about enabling IPv6 in a BGP session, see Enable or disable IPv6 prefix exchange in BGP IPv4 sessions.

When you configure BGP for some hybrid connectivity resources, you can optionally configure the router's peering sessions to use MD5 authentication. For a list of products that support MD5 authentication, see Use MD5 authentication.

The following sections provide links that describe how to configure BGP sessions for each type of interface.

Cloud VPN

For HA VPN tunnels, see Create an HA VPN to a peer VPN gateway or Create an HA VPN to another HA VPN gateway.
For Classic VPN tunnels with dynamic routing, see Create Cloud VPN tunnels with dynamic routes.

Cloud Interconnect

For Dedicated Interconnect, see Create VLAN attachments (dedicated).
For Partner Interconnect, see Create VLAN attachments (partner).

Router appliance

For router appliance instances, see Set up a Cloud Router in the Network Connectivity Center documentation.

What's next

To update the base advertised route priority to change route metrics, see Update the base advertised route priority.
To disable or end a BGP session, see Disable or remove BGP sessions.
For information about checking Cloud Router status, see View router details.
For information about BGP session states, see BGP session states.