Use the following best practices to help build your network topology.
- Enable graceful restart on your on-premises (peer) BGP device. With grace restart, traffic between networks won't be disrupted in the event of a Cloud Router or BGP device failure as long as the BGP session is re-established within the graceful restart period.
- If graceful restart is not supported or enabled on your device, you should configure two peer devices with one tunnel each to provide redundancy. If you don't, VPN tunnel traffic can be disrupted in the event of Cloud Router or peer BGP device failure.
- For high reliability, set up redundant routers and BGP sessions even if your peer device supports graceful restart. In the event of non-transient failures, you'll be protected even if one path fails. For more information, see Redundant Cloud VPN tunnels.
- If you want to connect your on-premises network to multiple GCP projects using dynamic routing, use Shared VPC with Cloud Router. Create a Shared VPC host project network and connect it to your on-premises network. Then, share this network with service projects that require access to your on-premises network. The service projects can use the Cloud Router and VPN in the host project to communicate with the on-premises network. Cloud Router doesn't support route propagation to other Cloud Routers. For example, you can't create a hub and spoke network in GCP.