Friday, March 29, 2024
No menu items!
HomeCloud ComputingIP addressing options in Google Cloud: Networking basics

IP addressing options in Google Cloud: Networking basics

In this blog we’ll be visiting the topics of IP addresses and subnetting on Google Cloud. IP addressing and subnetting can be confusing to many, but addressing is a very important requirement in your network.

An IP address is a unique identifier for a network and a host. To separate an IP address into network and host segments a subnet mask is used. You can compare this to a city block which has a street and buildings with numbers. The IP addresses and city block analogy can be mapped as follows:

Network portion – This would be equivalent to the street address. One street may have many buildings on it. e.g 192.168.10.20/24 the 192.168.10 represents the network and the /24 represent the subnet mask (this will be explained in a later section).

The host portion – This is equivalent to the building number. This is where the building is located on the street. E.g. 192.168.10.20/24 the .20 represents the host on the network.

There are two versions of IP, IPv4 and IPv6 each with different address formats. IPV6 addressing was created due to limitations in the amount of available IPv4 addresses. One of the main drivers for increased consumption of IPv4 addressing was the growth of the internet.

An IPV4 address consists of 32 binary bits, divided into 4 octets. This can be written in dotted decimal format. eg. 192.168.20.1 or binary.

An IPV6 address consists of 128 bits, divided into 16 bit hexadecimal fields. Example of IPV6 address is 2001:DB8:7654:3210:FEDC:BA98:764:3203

IP addresses exist both on-prem and in the cloud. Let’s explore a few IP options like private, secondary, external and Bring your own IP (BYOIP) that can be used in Google Cloud.

Private addresses (RFC 1918)

Private IP addresses are taken from a reserved block of address that can be used internally within a network. This range is defined as a Request For Comments (RFC) standard RFC1918. These private address ranges are not unique to Google Cloud and can be used by any enterprise. Private IP addresses are non internet routable, meaning they cannot connect directly to the internet. The private IP ranges are:

10.0.0.0 -10.255.255.255 (/8)

172.16.0.0 – 172.31.255.255 (/12)

192.168.0.0 -192.168.255.255 (/16)

Default Reserved IP addresses

In Google Cloud primary subnets, 4 IP addresses are automatically reserved. These Reserved IP addresses are:

Network address

Default gateway

Second-to-last address

Broadcast address

To help make this clearer let’s look at the same 192.168.10.20 network with a /24 subnet. 

The /24 means 24 bits out of the 32 bits will be used by the network.

The remaining 8 bits will be used by the host. To determine the total amount of addresses we can use the formula 28 = 256.

In a standard network the first address and last address is reserved. These are known as the network address and the broadcast address. e.g.  192.168.10.0 and 192.168.10.255. 

Because of this reservation the formula for available host addresses is 2n – 2. This would be 28 – 2 = 254

In Google Cloud because 4 addresses are reserved the formula becomes 28 – 4 so a /24 network would have 252 addresses available for hosts.

Address assignment

Ephemeral IP addresses are assigned automatically to your VMs and services in Google Cloud. This is done via DHCP.  You can also manually assign a reserved static internal IP address to your VMs if stable addresses are required.

Subnet limitations

The smallest subnet available in GCP is /29 which means 4 hosts or 23 – 4. This is different from on-prem private addresses in which the smallest subnet can be a /30 or /31 for point-to-point links. Please keep this in mind when assigning address subnets.

Privately used public IP (PUPI) addresses

These are addresses that would under normal circumstances be routable on the internet. When used in your VPC they are treated as private addresses and not advertised to the internet routing table. PUPI addresses can be used in Google Kubeternes Engine (GKE) as in this  example

Secondary addresses 

Secondary IP Addresses are additional addresses that can be assigned to your virtual machines. An example of this would be assigning an alias IP address to your VM from the secondary IP address range for use by a particular service running on the VM.

External Addresses

External IP addresses are internet routable and allow direct communication to the internet. Just like private IP addresses, ephemeral external IP addresses can be automatically assigned or you can reserve static external IP addresses to use on your VMs, load balancers, and other services where they can be applied. 

External IPv4 addresses are a limited resource and should be used with care. Both static and ephemeral external IP addresses incur cost. If you reserve a static external IP address and do not assign it to a resource, you will be charged at a higher rate than for static and ephemeral external IP addresses that are in use.

Bring your own IP (BYOIP)

With this catchy name it accurately describes that you can bring public IP addresses that you own to use on your Google Cloud resources. This requires a little process that you can read more about in the VPC BYOIP documentation .

Prohibited subnet ranges

There are certain ranges that are prohibited from being assigned to your Google Cloud resources. You can get a list of these ranges here.

IPv6 addresses

IPv6 can be enabled in certain regions. Some on the basic steps to enable IPv6 address are:

Create a custom VPC and add a subnet in any of the following regions

asia-east1

asia-south1

europe-west2

us-west2

Next enable IPv6 on the subnet.

code_block[StructValue([(u’code’, u’gcloud compute networks subnets update SUBNET \rn –stack-type=IPV4_IPV6 \rn –ipv6-access-type=EXTERNAL \rn –region=REGION’), (u’language’, u”)])]

Next you create or enable IPv6 on an existing VM in the applicable region

Next you can also create an IPv6 instance template

code_block[StructValue([(u’code’, u’gcloud compute instance-templates create NAME \rn –ipv6-network-tier=PREMIUM \rn –stack-type=IPV4_IPV6 \rn –subnet=SUBNET \rn –region=REGION \rn –tags=TAGS \rn –image=IMAGENAME’), (u’language’, u”)])]

Common Google Cloud services that use IP addressing

There are several services that use IP addressing. These are the most common, but this is not a complete list:

VMs 

Databases

Load Balancers

Google Kubernetes Engine (Containers, Clusters, Pods, Services, Ingress)

Some helpful advice

Google Cloud helps you by handling a lot of the standard issues with IP addressing so that you can create a project and begin building. As your enterprises and projects evolve you may want to connect to on-prem facilities, other projects, and other clouds. To save yourself a bunch of headaches, spend some time planning your IP address assignments.

This is especially relevant so that you can avoid the problem of overlapping IP addresses. Take time to consider the following as you plan:

Estimated growth plans 

Upcoming expansions 

Existing subnets in other environments

Scaling requirements

Possibility of acquisitions 

To learn more about IP addressing on Google Cloud, check the following links:

Documentation: IP Addressing

Blog post: Understanding IP address management in GKE

Video: IP addressing in the cloud 

Video: BYOIP on Google Cloud

Git:  IPAM Autopilot

Floating IP addresses in Compute Engine

Want to ask a question, find out more or share a thought? Please connect with me on Twitter or Linkedin and send me a message.

Related Article

From your device to Google Cloud API: Networking basics

In this post we’ll look at some networking touchpoints that occur when you decide to access a Google Cloud API and build in the cloud env…

Read Article

Cloud BlogRead More

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments