Understanding Routing in GCP VPC
-
Lets understand how to create and manage routes in GCP VPC.
-
Lab Exercise
- Create a custom network with two subnets in us-central1 and us-east1
- Create one more custom network with two subnets in us-central and us-east
- Ensure they dont have colliding ip ranges
- Now create a firewall rule which allows anyone to access ssh (22 port) and also create a firewall rule to icmp in both the networks
- Now create a linux vm in vpca in subnet in region us-central1 with external and internal ip address
- Now create a linux vm in vpcb in subnet in region us-central1 with external and internal ip address
- Now login into vm in vpc a and try to ping
- yahoo.com
- vm in vpc b using external ip
- vm in vpc b using internal ip
- Now create one more vm in vpc a in us-east1 with no external ip
- Now from vm in vpca try to ping to vm 2 in vpc-a
- Now try to login using ssh from vm in vpca into vm2 in vpc-a
- you will not be able to ssh as keys are not shared
- Try connecting to ssh using browser session
- Check the interet access
- Try to access the vm in vpc-a from vm 2 in vpc-a using internal and external ip address
-
When we create a vpc in google cloud System Generated Routes are Created, There are two kinds of System Generated Routes
- Default Route:
- Default rout out of your vpc to external Internet
- Provides path for Private Google Access
- This can be deleted
- Subnet Route
- Defines a destination path for each vpc subnet
- Cannot be deleted
- Default Route:
-
Every Route will have single destination + single next hop
-
Note: Purpose of NAT Server
-
Create a Cloud NAT
-
Next Steps: Configure the cloud NAT to resolve the external communication to private instance
