In this blog we’ll be visiting the topics of IP addresses and subnetting on Google Cloud. IP addressing and subnetting can be confusing to many, but addressing is a very important requirement in your network.
An IP address is a unique identifier for a network and a host. To separate an IP address into network and host segments a subnet mask is used. You can compare this to a city block which has a street and buildings with numbers. The IP addresses and city block analogy can be mapped as follows:
Network portion – This would be equivalent to the street address. One street may have many buildings on it. e.g 192.168.10.20/24 the 192.168.10 represents the network and the /24 represent the subnet mask (this will be explained in a later section).
The host portion – This is equivalent to the building number. This is where the building is located on the street. E.g. 192.168.10.20/24 the .20 represents the host on the network.
There are two versions of IP, IPv4 and IPv6 each with different address formats. IPV6 addressing was created due to limitations in the amount of available IPv4 addresses. One of the main drivers for increased consumption of IPv4 addressing was the growth of the internet.
An IPV4 address consists of 32 binary bits, divided into 4 octets. This can be written in dotted decimal format. eg. 192.168.20.1 or binary.
An IPV6 address consists of 128 bits, divided into 16 bit hexadecimal fields. Example of IPV6 address is 2001:DB8:7654:3210:FEDC:BA98:764:3203
IP addresses exist both on-prem and in the cloud. Let’s explore a few IP options like private, secondary, external and Bring your own IP (BYOIP) that can be used in Google Cloud.
Private addresses (RFC 1918)
Private IP addresses are taken from a reserved block of address that can be used internally within a network. This range is defined as a Request For Comments (RFC) standard RFC1918. These private address ranges are not unique to Google Cloud and can be used by any enterprise. Private IP addresses are non internet routable, meaning they cannot connect directly to the internet. The private IP ranges are:
10.0.0.0 -10.255.255.255 (/8)
172.16.0.0 – 172.31.255.255 (/12)
192.168.0.0 -192.168.255.255 (/16)
Default Reserved IP addresses
To help make this clearer let’s look at the same 192.168.10.20 network with a /24 subnet.
The /24 means 24 bits out of the 32 bits will be used by the network.
The remaining 8 bits will be used by the host. To determine the total amount of addresses we can use the formula 28 = 256.
In a standard network the first address and last address is reserved. These are known as the network address and the broadcast address. e.g. 192.168.10.0 and 192.168.10.255.
Because of this reservation the formula for available host addresses is 2n – 2. This would be 28 – 2 = 254
In Google Cloud because 4 addresses are reserved the formula becomes 28 – 4 so a /24 network would have 252 addresses available for hosts.
Ephemeral IP addresses are assigned automatically to your VMs and services in Google Cloud. This is done via DHCP. You can also manually assign a reserved static internal IP address to your VMs if stable addresses are required.
The smallest subnet available in GCP is /29 which means 4 hosts or 23 – 4. This is different from on-prem private addresses in which the smallest subnet can be a /30 or /31 for point-to-point links. Please keep this in mind when assigning address subnets.
Privately used public IP (PUPI) addresses
These are addresses that would under normal circumstances be routable on the internet. When used in your VPC they are treated as private addresses and not advertised to the internet routing table. PUPI addresses can be used in Google Kubeternes Engine (GKE) as in this example.
Secondary IP Addresses are additional addresses that can be assigned to your virtual machines. An example of this would be assigning an alias IP address to your VM from the secondary IP address range for use by a particular service running on the VM.
External IP addresses are internet routable and allow direct communication to the internet. Just like private IP addresses, ephemeral external IP addresses can be automatically assigned or you can reserve static external IP addresses to use on your VMs, load balancers, and other services where they can be applied.
External IPv4 addresses are a limited resource and should be used with care. Both static and ephemeral external IP addresses incur cost. If you reserve a static external IP address and do not assign it to a resource, you will be charged at a higher rate than for static and ephemeral external IP addresses that are in use.
Bring your own IP (BYOIP)
With this catchy name it accurately describes that you can bring public IP addresses that you own to use on your Google Cloud resources. This requires a little process that you can read more about in the VPC BYOIP documentation .
Prohibited subnet ranges
There are certain ranges that are prohibited from being assigned to your Google Cloud resources. You can get a list of these ranges here.
IPv6 can be enabled in certain regions. Some on the basic steps to enable IPv6 address are:
Create a custom VPC and add a subnet in any of the following regions
Common Google Cloud services that use IP addressing
There are several services that use IP addressing. These are the most common, but this is not a complete list:
Google Kubernetes Engine (Containers, Clusters, Pods, Services, Ingress)
Some helpful advice
Google Cloud helps you by handling a lot of the standard issues with IP addressing so that you can create a project and begin building. As your enterprises and projects evolve you may want to connect to on-prem facilities, other projects, and other clouds. To save yourself a bunch of headaches, spend some time planning your IP address assignments.
This is especially relevant so that you can avoid the problem of overlapping IP addresses. Take time to consider the following as you plan:
Estimated growth plans
Existing subnets in other environments
Possibility of acquisitions
To learn more about IP addressing on Google Cloud, check the following links:
Cloud BlogRead More