Configure multiprotocol BGP for IPv4 or IPv6 BGP sessions
Cloud Router lets you enable and disable IPv4 or IPv6 route exchange in individual Border Gateway Protocol (BGP) sessions that use multiprotocol BGP (MP-BGP). With MP-BGP, you can exchange IPv6 routes over an IPv4 BGP session or IPv4 routes over an IPv6 BGP session.
To exchange both IPv4 and IPv6 traffic in a single BGP session, you must select the IPv4 and IPv6 (dual stack) stack type in your Network Connectivity product, such as HA VPN or Dedicated Interconnect.
You can enable or disable IPv4 or IPv6 route exchange in a specific BGP session by modifying the configuration of the BGP peer. Disabling IPv4 or IPv6 route exchange is useful if you need to troubleshoot IPv4- or IPv6-specific network issues. Another reason might be that you want to disable traffic temporarily in a dual-stack HA VPN tunnel without deleting the tunnel and gateway.
If you disable IPv4 or IPv6 route exchange in a BGP session and then later re-enable it, IPv4 or IPv6 next hop addresses that were previously assigned are not relinquished. You can reuse those IPv4 or IPv6 next hop addresses if IPv4 or IPv6 is enabled in the BGP session again.
Before you begin
gcloud
If you want to use the command-line examples in this guide, do the following:
- Install or update to the latest version of the Google Cloud CLI.
- Set a default region and zone.
API
If you want to use the API examples in this guide, set up API access.
Configure an IPv4 BGP session
This section describes how to modify the configuration of an IPv4 BGP session.
You cannot disable IPv4 route exchange in an IPv4 BGP session.
Enable IPv6 route exchange over an IPv4 session
This procedure assumes that you are modifying IPv4 BGP sessions that have already been created for HA VPN tunnels or VLAN attachments for Cloud Interconnect.
It also assumes that you have configured the associated HA VPN gateway or VLAN attachment to use the IPv4 and IPv6 (dual stack) stack type as described in the following procedures:
- Create an HA VPN to a peer VPN gateway
- Create HA VPN gateways to connect VPC networks
- Create VLAN attachments Dedicated Interconnect
To enable IPv6 route exchange in an existing IPv4 BGP session, perform the following steps.
Console
For HA VPN
To configure a BGP session for HA VPN, in the Google Cloud console, go to the Cloud VPN tunnels page.
Select the Cloud VPN tunnel that contains the BGP session to update.
On the VPN tunnel details page, click Edit BGP session.
In the Multiprotocol BGP section, click the Enable IPv6 traffic toggle to the on position.
Optional: You can allocate the IPv6 BGP addresses for HA VPN tunnels manually or automatically.
- To allocate the addresses automatically, select Automatically.
- To allocate the addresses manually:
- Enter the IPv6 address for the Cloud Router BGP IPv6 next hop
field. This address is an IPv6 address used by
Cloud Router for this Cloud VPN tunnel. This
IPv6 address is advertised as the next hop for the IPv6 routes
that Cloud Router advertises to its BGP peer. The
address must be in the range
2600:2d00:0:2::/63
. - Enter the IPv6 address for the Peer BGP IPv6 next hop field.
This address is the IPv6 address of the on-premises router or
peer VPN device. This IPv6 address is the next hop for the IPv6
routes learned from the BGP peer of Cloud Router. The
address must be in the range
2600:2d00:0:2::/63
.
- Enter the IPv6 address for the Cloud Router BGP IPv6 next hop
field. This address is an IPv6 address used by
Cloud Router for this Cloud VPN tunnel. This
IPv6 address is advertised as the next hop for the IPv6 routes
that Cloud Router advertises to its BGP peer. The
address must be in the range
Click Save and continue.
For Dedicated Interconnect
To configure a BGP session for Dedicated Interconnect, go to the VLAN attachments page.
Select the VLAN attachment that contains the BGP session to update.
On the VLAN attachment details page, click Edit BGP session.
In the Multiprotocol BGP section, click the Enable IPv6 traffic toggle to the on position.
Click Save and continue.
gcloud
Run the update-bgp-peer
command. Use the --enable-ipv6
flag
to allow the BGP session to exchange IPv6 routes, as shown in the following
example:
gcloud compute routers update-bgp-peer ROUTER_NAME \ --peer-name=PEER_NAME \ --enable-ipv6
Optionally, when you enable IPv6 traffic for a BGP session used in an HA VPN tunnel, you can specify IPv6 next hop addresses:
gcloud compute routers update-bgp-peer ROUTER_NAME \ --peer-name=PEER_NAME \ --enable-ipv6 \ --ipv6-nexthop-address=IPV6_NEXTHOP_ADDRESS \ --peer-ipv6-nexthop-address=PEER_IPV6_NEXTHOP_ADDRESS
Replace the following:
IPV6_NEXTHOP_ADDRESS
: the IPv6 address used by Cloud Router for this Cloud VPN tunnel. This IPv6 address is advertised as the next hop for the IPv6 routes that Cloud Router advertises to its BGP peer.The address must be in the IPv6 range
2600:2d00:0:2::/63
.PEER_IPV6_NEXTHOP_ADDRESS
: the IPv6 address of the on-premises router. This IPv6 address is the next hop for the IPv6 routes learned from the BGP peer of the Cloud Router. The address must be in the range2600:2d00:0:2::/63
.
If you don't specify the next hop addresses, Google Cloud automatically
assigns unused addresses from the 2600:2d00:0:2::/63
IPv6 range for you.
API
Use the
routers.patch
method to update the bgpPeers[]
field.
The bgpPeers[]
field accepts an array of BGP peers. When you PATCH
this
field, you overwrite the existing array of BGP peers with the new array
included in your request.
Send a
GET
request to get the current array of BGP peers for the router. For details, see View BGP session configuration.Send a
PATCH
request with a new array of BGP peers. For each BGP peer for which you want to enable IPv6 in the BGP session, setbgpPeers[].enableIpv6
toTRUE
.PATCH https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/regions/REGION/routers/ROUTER_NAME { "bgpPeers": [ BGP_PEERS ] }
Replace the following:
PROJECT_ID
: the project that contains the Cloud RouterREGION
: the region where the Cloud Router is locatedROUTER_NAME
: the name of the Cloud RouterBGP_PEERS
: the contents of the new array of BGP peers
The following example enables IPv6 in the session for the first BGP peer:
{ "name": "peer-1", "interfaceName": "if-peer-1", "ipAddress": "169.254.10.1", "peerIpAddress": "169.254.10.2", "peerAsn": 64512, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv6": true }, { "name": "peer-2", "interfaceName": "if-peer-2", "ipAddress": "169.254.20.1", "peerIpAddress": "169.254.20.2", "peerAsn": 64513, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv6": false " }
Additionally, if you are enabling IPv6 traffic for a BGP session used in an HA VPN tunnel, you can specify IPv6 next hop addresses:
{ "name": "peer-1", "interfaceName": "if-peer-1", "ipAddress": "169.254.10.1", "peerIpAddress": "169.254.10.2", "peerAsn": 64512, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv6": true, "ipv6NexthopAddress": "2600:2d00:0:2:0:0:1:5", "peerIpv6NexthopAddress": "2600:2d00:0:2:0:0:1:6" }, { "name": "peer-2", "interfaceName": "if-peer-2", "ipAddress": "169.254.20.1", "peerIpAddress": "169.254.20.2", "peerAsn": 64513, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv6": false }
Use the values of
ipv6NexthopAddress
andpeerIpv6NexthopAddress
to configure your on-premises router or peer VPN device.To view example configurations for HA VPN and your peer VPN device, see Set up third-party VPNs for IPv4 and IPv6 traffic.
To view example configurations for Dedicated Interconnect and your on-premises router, see Set up on-premises routers for IPv4 and IPv6 traffic.
Disable IPv6 route exchange over an IPv4 BGP session
This procedure assumes that you are modifying an existing IPv4 BGP session that previously enabled IPv6.
Console
For HA VPN
In the Google Cloud console, go to the Cloud VPN tunnels page.
Select the Cloud VPN tunnel that contains the BGP session to update.
On the VPN tunnel details page, click Edit BGP session.
To disable IPv6 route exchange, click the Enable IPv6 traffic toggle to the off position.
Click Save and continue.
For Dedicated Interconnect
In the Google Cloud console, go to the VLAN attachments page.
Select the VLAN attachment that contains the BGP session to update.
On the VLAN attachment details page, click Edit BGP session.
To disable IPv6 route exchange, click the Enable IPv6 traffic toggle to the off position.
Click Save and continue.
gcloud
Run the update-bgp-peer command. Use the --no-enable-ipv6 flag to prevent the BGP session from exchanging IPv6 routes, as shown in the following example:
gcloud compute routers update-bgp-peer ROUTER_NAME \ --peer-name=PEER_NAME \ --no-enable-ipv6
API
Use the
routers.patch
method to update the bgpPeers[]
field.
The bgpPeers[]
field accepts an array of BGP peers. When you PATCH
this
field, you overwrite the existing array of BGP peers with the new array
included in your request.
Send a
GET
request to get the current array of BGP peers for the router. For details, see View BGP session configuration.Send a
PATCH
request with a new array of BGP peers. For each BGP peer for which you want to disable IPv6 in the BGP session, setbgpPeers[].enableIpv6
toFALSE
.PATCH https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/regions/REGION/routers/ROUTER_NAME { "bgpPeers": [ BGP_PEERS ] }
Replace the following:
PROJECT_ID
: the project that contains the Cloud RouterREGION
: the region where the Cloud Router is locatedROUTER_NAME
: the name of the Cloud RouterBGP_PEERS
: the contents of the new array of BGP peers
The following example disables IPv6 in the session for the first BGP peer:
{ "name": "peer-1", "interfaceName": "if-peer-1", "ipAddress": "169.254.10.1", "peerIpAddress": "169.254.10.2", "peerAsn": 64512, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv6": false }, { "name": "peer-2", "interfaceName": "if-peer-2", "ipAddress": "169.254.20.1", "peerIpAddress": "169.254.20.2", "peerAsn": 64513, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv6": false }
Configure an IPv6 BGP session
This section describes how to modify the configuration of an IPv6 BGP session.
You cannot disable IPv6 route exchange in an IPv6 BGP session.
Enable IPv4 route exchange over an IPv6 BGP session
This procedure assumes that you are modifying IPv6 BGP sessions that have already been created for HA VPN tunnels or VLAN attachments.
It also assumes that you have already configured an IPv4 and IPv6 (dual stack) HA VPN gateway or VLAN attachment as described in the following procedures:
- Create an HA VPN to a peer VPN gateway
- Create HA VPN gateways to connect VPC networks
- Create VLAN attachments (Dedicated Interconnect)
To enable IPv4 route exchange in an existing IPv6 BGP session, perform the following steps.
Console
For HA VPN
To configure a BGP session for HA VPN, in the Google Cloud console, go to the Cloud VPN tunnels page.
Select the Cloud VPN tunnel that contains the BGP session to update.
On the VPN tunnel details page, click Edit BGP sessions.
In the Multiprotocol BGP section, click the Enable IPv4 traffic toggle to the on position.
Optional: You can allocate the IPv6 BGP addresses for HA VPN tunnels manually or automatically.
- To allocate the addresses automatically, select Automatically.
- To allocate the addresses manually:
- Select Manually.
- Enter the IPv6 address for the Cloud Router BGP IPv6 address
field. This address is an IPv6 address used by
Cloud Router for this Cloud VPN tunnel. This
IPv6 address is advertised as the next hop for the IPv6 routes
that Cloud Router advertises to its BGP peer. The
address must be in the range
2600:2d00:0:2::/63
. - Enter the IPv6 address for the BGP peer IPv6 address field.
This address is the IPv6 address of the on-premises router or
peer VPN device. This IPv6 address is the next hop for the IPv6
routes learned from the BGP peer of Cloud Router. The
address must be in the range
2600:2d00:0:2::/63
.
Optional: You can allocate the Cloud Router BGP IPv4 next hop addresses for HA VPN tunnels manually or automatically.
- To allocate the addresses automatically, select Automatically.
- To allocate the addresses manually:
- Select Manually.
- Enter the IPv4 address for the Cloud Router BGP IPv4 next
hop field. This address is an IPv4 address used by
Cloud Router for this Cloud VPN tunnel. This
IPv4 address is advertised as the next hop for the IPv4 routes
that Cloud Router advertises to its BGP peer. The
address must be a link-local address within the same
/30
subnet as the BGP peer IPv4 address. - Enter the IPv4 address for the Peer BGP IPv4 next hop field.
This address is the IPv4 address of the on-premises router or
peer VPN device. This IPv4 address is the next hop for the IPv6
routes learned from the BGP peer of Cloud Router. The
address must be a link-local address within the same
/30
subnet as the Cloud Router BGP IPv4 address.
Click Save and continue.
For Dedicated Interconnect
To configure a BGP session for Dedicated Interconnect, go to the VLAN attachments page.
Select the VLAN attachment that contains the BGP session to update.
On the VLAN attachment details page, click Edit BGP session.
In the Multiprotocol BGP section, click the Enable IPv4 traffic toggle to the on position.
Click Save and continue.
gcloud
Run the update-bgp-peer
command. Use the --enable-ipv4
flag
to allow the BGP session to exchange IPv4 routes, as shown in the following
example:
gcloud compute routers update-bgp-peer ROUTER_NAME \ --peer-name=PEER_NAME \ --enable-ipv4
Optionally, when you enable IPv4 traffic for an IPv6 BGP session used in an HA VPN tunnel, you can specify the IPv4 next hop addresses:
gcloud compute routers update-bgp-peer ROUTER_NAME \ --peer-name=PEER_NAME \ --enable-ipv4 \ --ipv4-nexthop-address=IPV4_NEXTHOP_ADDRESS \ --peer-ipv4-nexthop-address=PEER_IPV4_NEXTHOP_ADDRESS
Replace the following:
IPV4_NEXTHOP_ADDRESS
: the IPv4 address used by Cloud Router for this HA VPN tunnel. This IPv4 address is advertised as the next hop for the IPv4 routes that Cloud Router advertises to its BGP peer. The address must be in the IPv4 link-local range169.254.0.0/16
.PEER_IPV4_NEXTHOP_ADDRESS
: the IPv4 address of the on-premises router. This IPv4 address is the next hop for the IPv4 routes learned from the BGP peer of Cloud Router. The address must be in the IPv4 link-local range169.254.0.0/16
.If you don't specify the next-hop addresses, Google Cloud automatically assigns unused addresses from the IPv4 link-local
169.254.0.0/16
range for you.
API
Use the
routers.patch
method
to update the bgpPeers[]
field.
The bgpPeers[]
field accepts an array of BGP peers. When you PATCH
this
field, you overwrite the existing array of BGP peers with the new array
included in your request.
Send a
GET
request to get the current array of BGP peers for the router. For details, see View BGP session configuration.Send a
PATCH
request with a new array of BGP peers. For each BGP peer for which you want to enable IPv4 in the BGP session, setbgpPeers[].enableIpv4
toTRUE
.PATCH https://compute.googleapis.com/compute/projects/PROJECT_ID/regions/REGION/routers/ROUTER_NAME { "bgpPeers": [ BGP_PEERS ] }
Replace the following:
PROJECT_ID
: the project that contains the Cloud RouterREGION
: the region where the Cloud Router is locatedROUTER_NAME
: the name of the Cloud RouterBGP_PEERS
: the contents of the new array of BGP peers
The following example enables IPv4 in the session for the first BGP peer:
{ "name": "peer-1", "interfaceName": "if-peer-1", "ipAddress": "fdff:1::1", "peerIpAddress": "fdff:1::2", "peerAsn": 64512, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv4": true }, { "name": "peer-2", "interfaceName": "if-peer-2", "ipAddress": "fdff:1::3", "peerIpAddress": "fdff:1::4", "peerAsn": 64513, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv4": false }
Additionally, if you are enabling IPv4 traffic for a BGP session used in an HA VPN tunnel, you can specify IPv4 next hop addresses:
{ "name": "peer-1", "interfaceName": "if-peer-1", "ipAddress": "fdff:1::1", "peerIpAddress": "fdff:1::2", "peerAsn": 64512, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv4": true, "ipv4NexthopAddress": "169.254.0.1", "peerIpv4NexthopAddress": "169.254.0.2" }, { "name": "peer-2", "interfaceName": "if-peer-2", "ipAddress": "fdff:1::3", "peerIpAddress": "fdff:1::4", "peerAsn": 64513, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv4": false }
Disable IPv4 route exchange over an IPv6 BGP session
This procedure assumes that you are modifying an existing IPv6 BGP session that previously exchanged IPv4 routes.
Console
For HA VPN
In the Google Cloud console, go to the Cloud VPN tunnels page.
Select the Cloud VPN tunnel that contains the BGP session to update.
On the VPN tunnel details page, click Edit BGP session.
In the Multiprotocol BGP section, click the Enable IPv4 traffic toggle to the off position.
Click Save and continue.
For Dedicated Interconnect
In the Google Cloud console, go to the VLAN attachments page.
Select the VLAN attachment that contains the BGP session to update.
On the VLAN attachment details page, click Edit BGP sessions.
In the Multiprotocol BGP section, click the Enable IPv4 traffic toggle to the off position.
Click Save and continue.
gcloud
Run the update-bgp-peer
command. Use the --no-enable-ipv4
flag to
prevent the IPv6 BGP session from exchanging IPv4 routes, as shown
in the following example:
gcloud compute routers update-bgp-peer ROUTER_NAME \ --peer-name=PEER_NAME \ --no-enable-ipv4
API
Use the
routers.patch
method
to update the bgpPeers[]
field.
The bgpPeers[]
field accepts an array of BGP peers. When you PATCH
this
field, you overwrite the existing array of BGP peers with the new array
included in your request.
Send a
GET
request to get the current array of BGP peers for the router. For details, see View BGP session configuration.Send a
PATCH
request with a new array of BGP peers. For each BGP peer for which you want to disable IPv4 in the BGP session, setbgpPeers[].enableIpv4
toFALSE
.PATCH https://compute.googleapis.com/compute/projects/PROJECT_ID/regions/REGION/routers/ROUTER_NAME { "bgpPeers": [ BGP_PEERS ] }
Replace the following:
PROJECT_ID
: the project that contains the Cloud RouterREGION
: the region where the Cloud Router is locatedROUTER_NAME
: the name of the Cloud RouterBGP_PEERS
: the contents of the new array of BGP peers
The following example disables IPv4 in the session for the first BGP peer:
{ "name": "peer-1", "interfaceName": "if-peer-1", "ipAddress": "fdff:1::1", "peerIpAddress": "fdff:1::2", "peerAsn": 64512, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv4": false }, { "name": "peer-2", "interfaceName": "if-peer-2", "ipAddress": "fdff:1::3", "peerIpAddress": "fdff:1::4", "peerAsn": 64513, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv4": false }
Separate an existing IPv4 MP-BGP session to use IPv4 and IPv6 BGP sessions
Existing Cloud Router IPv4 MP-BGP sessions use IPv4 control packets even when exchanging routing information about IPv6 BGP prefixes. IPv6-based BGP sessions can be used in combination with IPv4-based BGP sessions in dual-stack networks. This section describes how to modify an existing IPv4 MP-BGP session to use separate IPv4 and IPv6 BGP sessions.
Console
For HA VPN
To configure a BGP session for HA VPN, in the Google Cloud console, go to the Cloud VPN tunnels page.
Find the Cloud VPN tunnel that contains the BGP session to update.
On the VPN tunnel details page, click Edit BGP sessions.
Select a BGP session type. To enable route exchange for IPv4 and IPv6 select Both.
Optional: You can allocate the BGP IPv4 addresses for HA VPN tunnels manually or automatically.
- To allocate the addresses automatically, select Automatically.
- To allocate the addresses manually:
- Select Manually.
- Enter the IPv4 address for the Cloud Router BGP IPv4 address.
This address is an IPv4 address used by Cloud Router
for this Cloud VPN tunnel. This IPv4 address is
advertised as the next hop for the IPv4 routes that
Cloud Router advertises to its BGP peer.
The address must be a link-local address within the same
/30
subnet as the BGP peer IPv4 address. - Enter the IPv4 address for the BGP peer IPv4 address.
This address is the IPv4 address of the on-premises router or peer
VPN device. This IPv4 address is the next hop for the IPv6 routes
learned from the BGP peer of Cloud Router.
The address must be a link-local address within the same
/30
subnet as the Cloud Router BGP IPv4 address.
Optional: You can allocate the BGP IPv6 addresses for HA VPN tunnels manually or automatically.
- To allocate the addresses automatically, select Automatically.
- To allocate the addresses manually:
- Select Manually.
- Enter the IPv6 address for the Cloud Router BGP IPv6 address.
This address is an IPv6 address used by Cloud Router
for this Cloud VPN tunnel. This IPv6 address is
advertised as the next hop for the IPv6 routes that
Cloud Router advertises to its BGP peer.
The address must be in the range
fdff:1::/64
. - Enter the IPv6 address for the BGP peer IPv6 address. This
address is the IPv6 address of the on-premises router or peer VPN
device. This IPv6 address is the next hop for the IPv6 routes
learned from the BGP peer of Cloud Router. The address
must be in the range
fdff:1::/64
.
Click Save and continue.
For Dedicated Interconnect
To configure a BGP session for Dedicated Interconnect, go to the VLAN attachments page.
Select the VLAN attachment that contains the BGP session to update.
On the VLAN attachment details page, click Edit BGP session.
Select a BGP session type. To enable route exchange for IPv4 and IPv6 select Both.
In the IPv4 BGP session section, enter the ASN value for the on-premises side of the BGP session in Peer ASN.
In the IPv6 BGP session section, enter the ASN value for the on-premises side of the BGP session in Peer ASN.
Click Save and continue.
gcloud
To avoid a conflict with the new IPv6 BGP, disable IPv6 route exchange on your existing IPv4 BGP session.
Run the following command:
gcloud compute routers update-bgp-peer ROUTER_NAME --peer-name=PEER_NAME \ --no-enable-ipv6
Replace the following:
ROUTER_NAME
: the name of the Cloud RouterPEER_NAME
: the name of the BGP peer
Add the new IPv6 interface:
gcloud compute routers add-interface ROUTER_NAME \ --interface-name=INTERFACE_NAME \ --interconnect-attachment=ATTACHMENT_NAME \ --ip-version=IPV6
Replace the following:
INTERFACE_NAME
: the name of the interfaceATTACHMENT_NAME
: the name of the VLAN attachment
Add the new IPv6 BGP peer:
gcloud compute routers add-bgp-peer ROUTER_NAME \ --peer-name=PEER_NAME \ --interface=INTERFACE_NAME \ --peer-asn=PEER_ASN
Replace the following:
PEER_ASN
: the BGP peer's ASN
To configure the on-premises BGP session, get the VLAN attachment's IPv6 address:
gcloud compute interconnects attachments describe ATTACHMENT_NAME
The output is similar to the following:
adminEnabled: true edgeAvailabilityDomain: AVAILABILITY_DOMAIN_1 bandwidth: BPS_1G cloudRouterIpAddress: 169.254.67.201/29 cloudRouterIpv6Address: 2600:2d00:0:1::1/125 creationTimestamp: '2017-12-01T08:31:11.580-08:00' customerRouterIpAddress: 169.254.67.202/29 customerRouterIpv6Address: 2600:2d00:0:1::2/125 description: Interconnect for Customer 1 id: '7193021941765913888' interconnect: https://www.googleapis.com/compute/projects/partner-project/global/interconnects/lga-2 kind: compute#interconnectAttachment labelFingerprint: 42WmSpB8rSM= name: partner-attachment partnerMetadata: interconnectName: New York (2) partnerName: Partner Inc portalUrl: https://partner-portal.com region: https://www.googleapis.com/compute/projects/partner-project/regions/us-central1 selfLink: https://www.googleapis.com/compute/projects/partner-project/regions/us-central1/interconnectAttachments/customer-attachment stackType: IPV4_IPV6 state: ACTIVE type: PARTNER vlanTag8021q: 1000
The relevant IPv6 addresses are listed under
cloudRouterIPv6Address
andcustomerRouterIpv6Address
.
API
Use the
routers.patch
method
to update the bgpPeers[]
field.
The bgpPeers[]
field accepts an array of BGP peers. When you PATCH
this
field, you overwrite the existing array of BGP peers with the new array
included in your request.
Send a
GET
request to get the current array of BGP peers for the router. For details, see View BGP session configuration.Send a
PATCH
request with a new array of BGP peers. For each BGP peer for which you want to enable IPv6 in the BGP session, setbgpPeers[].enableIpv6
toTRUE
andbgpPeers[].enableIpv4
toFALSE
.PATCH https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/regions/REGION/routers/ROUTER_NAME { "bgpPeers": [ BGP_PEERS ] }
Replace the following:
PROJECT_ID
: the project that contains the Cloud RouterREGION
: the region where the Cloud Router is locatedROUTER_NAME
: the name of the Cloud RouterBGP_PEERS
: the contents of the new array of BGP peers
The following example enables IPv6 in the session for the first BGP peer:
{ "name": "peer-1", "interfaceName": "if-peer-1", "ipAddress": "169.254.10.1", "peerIpAddress": "169.254.10.2", "peerAsn": 64512, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv6": true, "enableIpv4": false }, { "name": "peer-2", "interfaceName": "if-peer-2", "ipAddress": "169.254.20.1", "peerIpAddress": "169.254.20.2", "peerAsn": 64513, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv6": false }
Additionally, if you are enabling IPv6 traffic for a BGP session used in an HA VPN tunnel, you can specify IPv6 next hop addresses:
{ "name": "peer-1", "interfaceName": "if-peer-1", "ipAddress": "169.254.10.1", "peerIpAddress": "169.254.10.2", "peerAsn": 64512, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv6": true, "enableIpv4": false, "ipv6NexthopAddress": "2600:2d00:0:2:0:0:1:5", "peerIpv6NexthopAddress": "2600:2d00:0:2:0:0:1:6" }, { "name": "peer-2", "interfaceName": "if-peer-2", "ipAddress": "169.254.20.1", "peerIpAddress": "169.254.20.2", "peerAsn": 64513, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv6": false }
Use the values of
ipv6NexthopAddress
andpeerIpv6NexthopAddress
to configure your on-premises router or peer VPN device.To view example configurations for HA VPN and your peer VPN device, see Set up third-party VPNs for IPv4 and IPv6 traffic.
To view example configurations for Dedicated Interconnect and your on-premises router, see Set up on-premises routers for IPv4 and IPv6 traffic.
Combine separate IPv4 and IPv6 BGP sessions onto a single IPv4 MP-BGP session
You can combine separate IPv4 and IPv6 BGP sessions into a single IPv4 MP-BGP session. In this case, IPv4 control packets are used to exchange routing information for both IPv4 and IPv6 BGP sessions. The following procedures describe how to convert separate IPv4 and IPv6 BGP sessions into a single IPv4 MP-BGP session:
Console
For HA VPN
To configure a BGP session for HA VPN, in the Google Cloud console, go to the Cloud VPN tunnels page.
Find the Cloud VPN tunnel that contains the BGP session to update.
On the VPN tunnel details page, click Edit BGP sessions.
Select a BGP session type. To enable route exchange for IPv4 select IPv4 BGP session.
To enable MP-BGP, in the Multiprotocol BGP section, click the Enable IPv6 traffic toggle to the on position.
Optional: You can allocate the IPv4 BGP addresses for HA VPN tunnels manually or automatically.
- To allocate the addresses automatically, in the Allocate BGP IPv4 address section, select Automatically.
- To allocate the addresses manually:
- Select Manually.
- Enter the IPv4 address for the Cloud Router BGP IPv4 address.
This address is an IPv4 address used by Cloud Router for
this Cloud VPN tunnel. This IPv4 address is advertised
as the next hop for the IPv4 routes that Cloud Router
advertises to its BGP peer. The address must be a link-local
address within the same
/30
subnet as the BGP peer IPv4 address. - Enter the IPv4 address for the BGP peer IPv4 address. This
address is the IPv4 address of the on-premises router or peer VPN
device. This IPv4 address is the next hop for the IPv6 routes
learned from the BGP peer of Cloud Router. The address
must be a link-local address within the same
/30
subnet as the Cloud Router BGP IPv4 address.
Optional: You can allocate the IPv6 BGP next hop addresses for HA VPN tunnels manually or automatically.
- To allocate the addresses automatically, in the Allocate BGP IPv6 next hop section, select Automatically.
- To allocate the addresses manually:
- Select Manually.
- Enter the IPv6 address for the Cloud Router BGP IPv6 next
hop. This address is an IPv6 address used by
Cloud Router for this Cloud VPN tunnel. This
IPv6 address is advertised as the next hop for the IPv6 routes
that Cloud Router advertises to its BGP peer. The
address must be in the range
2600:2d00:0:2::/63
. - Enter the IPv6 address for the Peer BGP IPv6 next hop. This
address is the IPv6 address of the on-premises router or peer VPN
device. This IPv6 address is the next hop for the IPv6 routes
learned from the BGP peer of Cloud Router. The address
must be in the range
2600:2d00:0:2::/63
.
Click Save and continue.
For Dedicated Interconnect
To configure a BGP session for Dedicated Interconnect, go to the VLAN attachments page.
Select the VLAN attachment that contains the BGP session to update.
On the VLAN attachment details page, click Edit BGP session.
Select a BGP session type. To enable route exchange for IPv4 select IPv4 BGP session.
To enable MP-BGP, in the Multiprotocol BGP section, click the Enable IPv6 traffic toggle to the on position.
Click Save and continue.
gcloud
Remove the IPv6 BGP peer:
gcloud compute routers remove-bgp-peer ROUTER_NAME \ --peer-name=PEER_NAME
Remove the IPv6 BGP interface:
gcloud compute routers remove-interface ROUTER_NAME \ --interface-name=INTERFACE_NAME
Enable IPv4 MP-BGP:
gcloud compute routers update-bgp-peer ROUTER_NAME \ --peer-name=PEER_NAME \ --enable-ipv6
API
Use the
routers.patch
method to update the bgpPeers[]
field.
The bgpPeers[]
field accepts an array of BGP peers. When you PATCH
this
field, you overwrite the existing array of BGP peers with the new array
included in your request.
Send a
GET
request to get the current array of BGP peers for the router. For details, see View BGP session configuration.Send a
PATCH
request with a new array of BGP peers. For each BGP peer for which you want to enable IPv6 in the BGP session, setbgpPeers[].enableIpv6
toTRUE
andbgpPeers[].enableIpv4
toFALSE
.PATCH https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/regions/REGION/routers/ROUTER_NAME { "bgpPeers": [ BGP_PEERS ] }
Replace the following:
PROJECT_ID
: the project that contains the Cloud RouterREGION
: the region where the Cloud Router is locatedROUTER_NAME
: the name of the Cloud RouterBGP_PEERS
: the contents of the new array of BGP peers
The following example enables IPv4 and disable IPv6 in the session for the first BGP peer:
{ "name": "peer-1", "interfaceName": "if-peer-1", "ipAddress": "169.254.10.1", "peerIpAddress": "169.254.10.2", "peerAsn": 64512, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv6": false, "enableIpv4": true }, { "name": "peer-2", "interfaceName": "if-peer-2", "ipAddress": "169.254.20.1", "peerIpAddress": "169.254.20.2", "peerAsn": 64513, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv6": false }
Additionally, if you are enabling IPv6 traffic for a BGP session used in an HA VPN tunnel, you can specify IPv6 next hop addresses:
{ "name": "peer-1", "interfaceName": "if-peer-1", "ipAddress": "169.254.10.1", "peerIpAddress": "169.254.10.2", "peerAsn": 64512, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv6": false, "enableIpv4": true, "ipv6NexthopAddress": "2600:2d00:0:2:0:0:1:5", "peerIpv6NexthopAddress": "2600:2d00:0:2:0:0:1:6" }, { "name": "peer-2", "interfaceName": "if-peer-2", "ipAddress": "169.254.20.1", "peerIpAddress": "169.254.20.2", "peerAsn": 64513, "advertisedRoutePriority": 100, "advertiseMode": "DEFAULT", "advertisedGroups": [], "advertisedIpRanges": [], "enable": "TRUE", "enableIpv6": false }
Use the values of
ipv6NexthopAddress
andpeerIpv6NexthopAddress
to configure your on-premises router or peer VPN device.To view example configurations for HA VPN and your peer VPN device, see Set up third-party VPNs for IPv4 and IPv6 traffic.
To view example configurations for Dedicated Interconnect and your on-premises router, see Set up on-premises routers for IPv4 and IPv6 traffic.
What's next
- To disable or end a BGP session, see Disable or remove BGP sessions.