Configure your Google Cloud resources

To configure the Google Cloud resources needed for Cross-Cloud Interconnect, complete the following tasks:

  • Create two VLAN attachments, one for each of your Cross-Cloud Interconnect connections.
  • Configure Border Gateway Protocol (BGP) sessions, one for each VLAN attachment.

Before you begin

This section lists required permissions, resources, and setup steps.

Required roles

Before proceeding, you need the required permissions. Ask your administrator to make sure that you have the Compute Network Admin (roles/compute.networkAdmin) IAM role on the project. For more information about granting roles, see Manage access to projects, folders, and organizations.

Required resources

Make sure that you have the following resources.

VPC network

If you don't already have a Virtual Private Cloud (VPC) network, create one. For more information, see Create and manage VPC networks.

Cloud Router

To configure Cross-Cloud Interconnect, you need a Cloud Router. If you're working in the Google Cloud console, you can create your Cloud Router at the same time that you create your VLAN attachments.

If you want to create a Cloud Router in advance, see Create a Cloud Router to connect a VPC network to a peer network. Give the Cloud Router an ASN of 16550 or any private ASN.

Place the Cloud Router in a region that's supported for your Google Cloud location.

Project selection

If you're using the Google Cloud CLI, set your project ID by using the gcloud config set command.

gcloud config set project PROJECT_ID

The gcloud CLI instructions on this page assume that you have set your project ID.

Check port status in Google Cloud

Before proceeding, verify that each of your Cross-Cloud Interconnect ports is receiving a signal from AWS.

Console

  1. In the Google Cloud console, go to the Cloud Interconnect page.

    2. Go to Cloud Interconnect

  2. Click the name of your Cross-Cloud Interconnect connection.
  3. On the Interconnect details page, make sure that the value in the Status column is Active.

    If Google Cloud displays a page titled Cross-Cloud Interconnect order confirmation, then your connection isn't ready for configuration.

Create VLAN attachments

A VLAN attachment is a logical connection between a single region in your VPC network and a peer network (in this case, your AWS network).

To qualify for the service level agreement (SLA), create at least one VLAN attachment for each Cross-Cloud Interconnect connection. You can also create more attachments for each connection, but certain quotas and limits apply.

Console

  1. In the Google Cloud console, go to the Cloud Interconnect page.

    2. Go to Cloud Interconnect

  2. Click the name of your primary Cross-Cloud Interconnect connection.
  3. On the Interconnect details page, click Add VLAN attachment.
  4. Fill out the Select interconnects & redundancy form:
    • In the Redundancy section, select Create a redundant pair of VLAN attachments (recommended).
    • In the Interconnects section, do the following:
      • Make sure that the Interconnect A field displays the name of your primary Cross-Cloud Interconnect port.
      • Set the Interconnect B field to the name of your redundant Cross-Cloud Interconnect port.
  5. Click Continue.
  6. Fill out the Create VLAN attachment for Interconnect A form:
    • Enter a name.
    • Optional: Enter a description.
    • Select a Cloud Router from the Cloud Router list. If no routers are listed, click Create new router and follow the prompts to add a new one. The Cloud Router must be located in a region that's supported for your Google Cloud location. Give the Cloud Router an ASN of 16550 or any private ASN.
    • Enter a VLAN ID that's between 2 and 4094 and unique among the VLAN attachments associated with this connection.
  7. Expand the Advanced options section of the form and make any needed changes:
    • If you want to specify an IP address range for the attachment, set the Allocate BGP IP address field to manually and enter a range. Otherwise, leave this field set to automatically.
    • For Capacity, choose a capacity setting for the attachment.
    • Optional: If appropriate, change the MTU value from its default of 1440. For help with this field, see Cloud Interconnect MTU.

    We recommend leaving the IPv4 subnet mask set to /29.

  8. Click Next.

    The page updates to show a form for the second attachment.

  9. Enter details about the redundant attachment:
    • Enter a name.
    • Optional: Enter a description.
    • Select a Cloud Router that's in the same region as the router that you used for the first attachment. You can use the same Cloud Router.
    • Enter a VLAN ID for the redundant attachment. We recommend using the same value that you used for the first attachment.
    • If you want to manually select a range for the IP address, expand the Advanced options form. Set the Allocate BGP IP address field to manually and enter a range.
  10. Click Next, and continue to the next section, Configure BGP sessions.

gcloud

Use the gcloud compute interconnects attachments dedicated create command.

We recommend not setting a value for --subnet-length and accepting the default value of 29.

Complete the following steps:

  1. Create the primary attachment:

    gcloud compute interconnects attachments dedicated create VLAN_ATTACHMENT_NAME \
    --interconnect CONNECTION \
    --router ROUTER \
    --region REGION \
    --bandwidth BANDWIDTH \
    --vlan ID \
    --mtu MTU

    Replace the following:

    • VLAN_ATTACHMENT_NAME: the name for this VLAN attachment
    • CONNECTION: the name of your primary Cross-Cloud Interconnect connection
    • ROUTER: the Cloud Router that you want to use for the attachment; unless you are using global dynamic routing mode, the router must be located in a supported Google Cloud location
    • REGION: the region where the Cloud Router is located
    • BANDWIDTH: the bandwidth for this VLAN attachment in Mbps or Gbps—for example, for 50 Mbps, enter 50m, or for 10 Gbps, enter 10g
    • ID: a number between 2 and 4094 that's unique among the VLAN attachments associated with this connection
    • MTU: the MTU to use

      If you don't set a value, the default of 1440 is used. For help with setting this field, see Cloud Interconnect MTU.

    2. Configure custom IP address ranges

    Alternatively, you can create the VLAN attachments with custom IP address ranges. Before you begin, you must enable the Network Connectivity API in your project. In addition, you need the networkconnectivity.internalRanges.create permission, which is granted by the Compute Network Admin role (roles/compute.networkAdmin).

    Use the following command to configure custom IP address ranges: 

    gcloud compute interconnects attachments dedicated create VLAN_ATTACHMENT_NAME \
    --interconnect CONNECTION \
    --router ROUTER \
    --region REGION \
    --bandwidth BANDWIDTH \
    --vlan ID \
    --mtu MTU \
    --candidate-cloud-router-ipv6-address=ADDRESS_RANGE_1 \
    --candidate-customer-router-ipv6-address=ADDRESS_RANGE_2

    Replace the following:

    • VLAN_ATTACHMENT_NAME: the name for this VLAN attachment
    • CONNECTION: the name of your primary Cross-Cloud Interconnect connection
    • ROUTER: the Cloud Router that you want to use for the attachment; unless you are using global dynamic routing mode, the router must be located in a supported Google Cloud location
    • REGION: the region where the Cloud Router is located
    • BANDWIDTH: the bandwidth for this VLAN attachment in Mbps or Gbps—for example, for 50 Mbps, enter 50m, or for 10 Gbps, enter 10g
    • ID: a number that's unique among the VLAN attachments associated with this connection
    • MTU: the MTU to use

      If you don't set a value, the default of 1440 is used. For help with setting this field, see Cloud Interconnect MTU.

    • ADDRESS_RANGE_1: the IPv6 address range that you want to assign to the Cloud Router end of your VLAN attachment, like 2001:db8::1/125
    • ADDRESS_RANGE_2: the IPv6 address range that you want to assign to the customer router end of your VLAN attachment

  2. Create the redundant attachment:

    gcloud compute interconnects attachments dedicated create VLAN_ATTACHMENT_NAME_2 \
    --interconnect CONNECTION_2 \
    --router ROUTER_2 \
    --region REGION\  
    --bandwidth BANDWIDTH \
    --vlan ID \
    --mtu MTU

    Replace the following:

    • VLAN_ATTACHMENT_NAME_2: the name that you want to give to this VLAN attachment
    • CONNECTION_2: the name of your redundant Cross-Cloud Interconnect connection
    • ROUTER_2: the Cloud Router that you want to use for the redundant attachment

      It must be located in the same region as the Cloud Router that you used for the primary attachment. You can also use the same Cloud Router that you used for the primary attachment.

    • REGION: the region where the Cloud Router is located

    The following fields use the same values as the primary attachment:

    • BANDWIDTH
    • ID
    • MTU

Configure BGP sessions

Cross-Cloud Interconnect uses BGP to exchange routes between your VPC network and your AWS network. To that end, configure a BGP session for each of your VLAN attachments. The sessions aren't active until you configure your AWS resources, but you can configure the Google Cloud side of the sessions now.

Console

  1. Configure the first session.
    1. Do one of the following:
      • If the Configure Cloud Routers form is displayed, locate the name of your primary VLAN attachment and click Configure.
      • If the form isn't open, go to the Cloud Interconnect