Creating Cloud Routers

Cloud Router dynamically exchanges routes between a Virtual Private Cloud (VPC) network and your on-premises network. After you create a Cloud Router, you can establish BGP sessions between the Cloud Router and your on-premises router.

When you create a Cloud Router, you can use its default route advertisements or specify custom advertisements. By default, Cloud Router advertises subnets in its region for regional dynamic routing or all subnets in a VPC network for global dynamic routing. With custom route advertisements, you choose which routes the Cloud Router advertises, such as external static IP addresses or specific CIDR ranges.

For more information, see the following sections of the Cloud Router overview:

Before you begin

If you want to use the command-line examples in this guide, do the following:

  1. Install or update to the latest version of the gcloud command-line tool.
  2. Set a default region and zone.

If you want to use the API examples in this guide, set up API access.

Create a Cloud Router

To create a Cloud Router, follow these steps.

Console

  1. In the Google Cloud Console, go to the Create a Cloud Router page.

    Go to Create a Cloud Router

  2. Specify the Cloud Router's details:

    • Name: The name of the Cloud Router. This name is displayed in the Cloud Console and is used by the gcloud command-line tool to reference the Cloud Router—for example, my-router.
    • Description (optional): A description of the Cloud Router.
    • Network: The VPC network that contains the instances that you want to reach—for example, my-network.
    • Region: The region where you want to locate the Cloud Router—for example, asia-east1.
    • Google ASN: The private ASN (64512-65534, 4200000000-4294967294) for the Cloud Router that you are configuring. It can be any private ASN that you aren't already using as a peer ASN in the same region and network—for example, 65001.
    • BGP peer keepalive interval: The interval between two successive BGP keepalive messages that are sent to the peer router. This value must be an integer between 20 and 60 that specifies the number of seconds for the interval. The default is 20 seconds. For more information, see Managing BGP timers.
  3. Optional: To specify custom route advertisements, go to the Advertised routes section. For more information about the following steps, see Custom route advertisements.

    1. To specify custom Routes, select Create custom routes.
    2. Choose whether to advertise the subnets visible to the Cloud Router. Enabling this option mimics the Cloud Router's default behavior.
    3. To add an advertised route, select Add custom route, and then configure it.
  4. To save your settings and create a Cloud Router, click Create. Your new Cloud Router appears on the Cloud Router listing page. To view its details and to configure a BGP session, select it.

gcloud

  • To create a Cloud Router in the region that contain the instances that you want to reach, run the create command:

    gcloud compute routers create ROUTER_NAME \
        --project=PROJECT_ID \
        --network=NETWORK \
        --asn=ASN_NUMBER \
        --region=REGION
    

    Replace the following:

    • ROUTER_NAME: the name of the Cloud Router
    • PROJECT_ID: the project ID for the project that contains the Cloud Router
    • NETWORK: the VPC network that contains the instances that you want to reach
    • ASN_NUMBER: any private ASN (64512-65534, 4200000000-4294967294) that you are not already using in the on-premises network
    • REGION: the region where you want to locate the Cloud Router; the Cloud Router advertises all subnets in the region where it's located
  • To create a Cloud Router with custom route advertisements, set the --advertisement-mode to custom and use the --set-advertisement-ranges and --set-advertisement-groups flags to specify route advertisements.

    The --set-advertisement-ranges flag accepts a list of CIDR ranges. The --set-advertisement-groups flag accepts Google-defined groups that the Cloud Router dynamically advertises. Currently, the only valid value is all_subnets, which advertises subnets based on the VPC network's dynamic routing mode (similar to the default advertisements).

    The following example advertises subnets and the custom IP ranges 1.2.3.4 and 6.7.0.0/16:

    gcloud compute routers create ROUTER_NAME \
        --project=PROJECT_ID \
        --network=NETWORK \
        --asn=ASN_NUMBER \
        --advertisement-mode custom \
        --set-advertisement-groups all_subnets \
        --set-advertisement-ranges 1.2.3.4,6.7.0.0/16
    
  • To set the keepalive timer for a BGP peer, use the --keepalive-interval option, which sets the interval between BGP keepalive messages that are sent to the peer router. This value must be an integer between 20 and 60 that specifies the number of seconds for the interval. The default is 20 seconds.

API

  • Use the routers.insert method:

       POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/regions/REGION/routers
       {
         "bgp": {
           "asn": "ASN_NUMBER"
           "keepaliveInterval": KEEPALIVE_INTERVAL
         },
         "name": "ROUTER_NAME",
         "network": "NETWORK"
       }
    

    Replace the following:

    • PROJECT_ID: the ID of the project that contains the VPC network
    • REGION: the region where you want to locate the Cloud Router
    • ASN_NUMBER: the private ASN (64512-65534, 4200000000-4294967294) for the Cloud Router that you are configuring; it can be any private ASN that you aren't already using as a peer ASN in the same region and network—for example, 65001
    • KEEPALIVE_INTERVAL (optional): the keepalive timer for Cloud Router that sets the interval between BGP keepalive messages that are sent to the peer router

      This value must be an integer between 20 and 60 that specifies the number of seconds for the interval. The default is 20 seconds.

    • ROUTER_NAME: the name of the Cloud Router; this name is displayed in the Cloud Console and is used by the gcloud command-line tool to reference the Cloud Router

    • NETWORK: the network that contains the instances that you want to reach

  • To create a Cloud Router with custom route advertisements, set the bgp.advertiseMode field to CUSTOM and use the bgp.advertisedGroups[] and bgp.advertisedIpRanges[] fields to specify route advertisements.

    The bgp.advertisedIpRanges[] field accepts an array of CIDR ranges. The bgp.advertisedGroups[] field accepts Google-defined groups that the Cloud Router dynamically advertises. Currently, the only valid value is ALL_SUBNETS, which advertises subnets based on the VPC network's dynamic routing mode (similar to the default advertisements).

    The following example advertises subnets and the custom IP address ranges 1.2.3.4 and 6.7.0.0/16:

       POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/regions/REGION/routers
       {
         "bgp": {
           "asn": "ASN_NUMBER",
           "advertiseMode": "CUSTOM",
           "advertisedGroups": [
             "ALL_SUBNETS"
           ],
           "advertisedIpRanges": [
             {
               "range": "1.2.3.4",
               "description": "First example range"
             },
             {
               "range": "6.7.0.0/16",
               "description": "Second example range"
             }
           ]
         },
         "name": "ROUTER_NAME",
         "network": "NETWORK"
       }
      

Terraform

Use a Terraform module.

module "cloud_router" {
  source  = "terraform-google-modules/cloud-router/google"
  version = "~> 0.4"

  name   = "my-router"
  region = "us-central1"

  bgp = {
    # The ASN (16550, 64512 - 65534, 4200000000 - 4294967294) can be any private ASN
    # not already used as a peer ASN in the same region and network or 16550 for Partner Interconnect.
    asn = "65001"
  }

  # project = "my-project-id"
  project = var.project
  # network = "my-network"
  network = var.network
}

What's next