Stay organized with collections
Save and categorize content based on your preferences.
This page describes how to create and manage Google Distributed Cloud
subnetwork resources in a Distributed Cloud connected zone.
On Distributed Cloud connected servers, you can only configure subnetworks
with VLAN IDs. CIDR-based subnetworks are not supported on
Distributed Cloud connected servers.
You can create up to 20 subnetworks within each network.
The subnetwork is a VLAN within the parent network. As such, each subnetwork
must have a globally unique VLAN ID. Distributed Cloud connected
does not allow the reuse of VLAN IDs.
To have Distributed Cloud connected assign an unused VLAN ID at
random, specify 0 as the VLAN ID when you create the subnetwork.
The subnetwork is accessible to all nodes in your
Distributed Cloud connected zone.
Create a subnetwork
To create a Distributed Cloud subnetwork, complete the steps
in this section.
To complete this task, you must have the
Edge Network Admin role
(roles/edgenetwork.admin) in your Google Cloud project.
gcloud
Use the gcloud edge-cloud networking subnets create command:
PROJECT_ID: the ID of the target Google Cloud project.
REGION: the Google Cloud region to which the target
Distributed Cloud connected zone belongs.
ZONE_NAME: the name of the target
Distributed Cloud connected zone.
SUBNETWORK_ID: an ID that uniquely identifies this
subnetwork.
LABELS: a list of labels to apply to this subnetwork
resource.
NETWORK_NAME: the network that encapsulates this
subnetwork.
IPV4_RANGE: the IPv4 address range that this
subnetwork covers in the IP address/prefix format.
IPV6_RANGE: the IPv6 address range that this
subnetwork covers in the IP address/prefix format.
VLAN_ID: the target VLAN ID for this subnetwork.
List subnetworks
To list subnetworks provisioned within a Distributed Cloud
connected zone, complete the steps in this section.
To complete this task, you must have the
Edge Network Viewer role
(roles/edgenetwork.viewer) in your Google Cloud project.
gcloud
Use the gcloud edge-cloud networking subnets list command:
gcloud edge-cloud networking subnets list \
--location=REGION \
--zone=ZONE_NAME
Replace the following:
REGION: the Google Cloud region to which the target
Distributed Cloud connected zone belongs.
ZONE_NAME: the name of the target
Distributed Cloud connected zone.
API
Make a GET request to the projects.locations.zones.subnets.list
method:
GET /v1/projects/PROJECT_ID/locations/REGION/zones/ZONE_NAME/subnets?filter=FILTER&pageSize=PAGE_SIZE&orderBy=SORT_BY&pageToken=PAGE_TOKEN
Replace the following:
PROJECT_ID: the ID of the target Google Cloud project.
REGION: the Google Cloud region to which the target
Distributed Cloud connected zone belongs.
ZONE_NAME: the name of the target
Distributed Cloud connected zone.
FILTER: an expression that constrains the returned
results to specific values.
PAGE_SIZE: the number of results to return per page.
SORT_BY: a comma-delimited list of field names by which
the returned results are sorted. The default sort order is ascending; for
descending sort order, prefix the desired field with ~.
PAGE_TOKEN: a token received in the response to the
last list request in the nextPageToken field in the response. Send this
token to receive a page of results.
Get information about a subnetwork
To get information about a Distributed Cloud subnetwork,
complete the steps in this section.
To complete this task, you must have the
Edge Network Viewer role
(roles/edgenetwork.viewer) in your Google Cloud project.
gcloud
Use the gcloud edge-cloud networking subnets describe command:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eThis page details how to create and manage Google Distributed Cloud subnetwork resources within a Distributed Cloud connected zone, using VLAN IDs.\u003c/p\u003e\n"],["\u003cp\u003eYou can create up to 20 subnetworks per network, and each must have a globally unique VLAN ID, or you can set the VLAN ID to 0 to have one randomly assigned.\u003c/p\u003e\n"],["\u003cp\u003eSubnetworks are accessible to all nodes within a Distributed Cloud connected zone.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003egcloud\u003c/code\u003e CLI and API are both available to create, list, describe, and delete subnetworks.\u003c/p\u003e\n"],["\u003cp\u003eEdge Network Admin role is needed for creating and deleting subnetworks, while the Edge Network Viewer role is needed for listing and getting subnetwork information.\u003c/p\u003e\n"]]],[],null,["# Create and manage subnetworks\n\nThis page describes how to create and manage Google Distributed Cloud\nsubnetwork resources in a Distributed Cloud connected zone.\n\nOn Distributed Cloud connected servers, you can only configure subnetworks\nwith VLAN IDs. CIDR-based subnetworks are not supported on\nDistributed Cloud connected servers.\n\nFor more information about Distributed Cloud subnetworks,\nsee [How Distributed Cloud connected works](/distributed-cloud/edge/1.7.0/docs/how-it-works).\n| **Note:** The Google Cloud CLI instructions on this page assume that you are using [Cloud Shell](/shell/docs) or another environment with `bash` installed.\n\nKeep the following in mind:\n\n- You can create up to 20 subnetworks within each network.\n- The subnetwork is a VLAN within the parent network. As such, each subnetwork must have a globally unique VLAN ID. Distributed Cloud connected does not allow the reuse of VLAN IDs.\n- To have Distributed Cloud connected assign an unused VLAN ID at random, specify `0` as the VLAN ID when you create the subnetwork.\n- The subnetwork is accessible to all nodes in your Distributed Cloud connected zone.\n\nCreate a subnetwork\n-------------------\n\nTo create a Distributed Cloud subnetwork, complete the steps\nin this section.\n\nTo complete this task, you must have the\n[Edge Network Admin role](/distributed-cloud/edge/1.7.0/docs/permissions#edge-network-admin)\n(`roles/edgenetwork.admin`) in your Google Cloud project. \n\n### gcloud\n\nUse the `gcloud edge-cloud networking subnets create` command: \n\n```\ngcloud edge-cloud networking subnets create SUBNETWORK_NAME \\\n --network=NETWORK_NAME \\\n --ipv4-range=IPV4_RANGE \\\n --ipv6-range=IPV6_RANGE \\\n --vlan-id=VLAN_ID \\\n --location=REGION \\\n --zone=ZONE_NAME\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_NAME\u003c/var\u003e: a descriptive name that uniquely identifies this subnetwork.\n- \u003cvar translate=\"no\"\u003eNETWORK_NAME\u003c/var\u003e: the network that encapsulates this subnetwork.\n- \u003cvar translate=\"no\"\u003eIPV4_RANGE\u003c/var\u003e: the IPv4 address range that this subnetwork covers in the IP address/prefix format.\n- \u003cvar translate=\"no\"\u003eIPV6_RANGE\u003c/var\u003e: the IPv6 address range that this subnetwork covers in the IP address/prefix format.\n- \u003cvar translate=\"no\"\u003eVLAN_ID\u003c/var\u003e: the target VLAN ID for this subnetwork.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n\n### API\n\nMake a `POST` request to the `projects.locations.zones.subnets.create`\nmethod: \n\n```\n POST /v1/projects/PROJECT_ID/locations/REGION/zones/ZONE_NAME/subnets?subnetId=SUBNETWORK_ID\n {\n \"labels\": { LABELS,\n },\n \"network\": { NETWORK_NAME,\n },\n \"ipv4Cidr\": { IPV4_RANGE,\n },\n \"ipv6Cidr\": { IPV6_RANGE,\n }, \n \"vlanId\": { VLAN_ID,\n },\n } \n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: the ID of the target Google Cloud project.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_ID\u003c/var\u003e: an ID that uniquely identifies this subnetwork.\n- \u003cvar translate=\"no\"\u003eLABELS\u003c/var\u003e: a list of labels to apply to this subnetwork resource.\n- \u003cvar translate=\"no\"\u003eNETWORK_NAME\u003c/var\u003e: the network that encapsulates this subnetwork.\n- \u003cvar translate=\"no\"\u003eIPV4_RANGE\u003c/var\u003e: the IPv4 address range that this subnetwork covers in the IP address/prefix format.\n- \u003cvar translate=\"no\"\u003eIPV6_RANGE\u003c/var\u003e: the IPv6 address range that this subnetwork covers in the IP address/prefix format.\n- \u003cvar translate=\"no\"\u003eVLAN_ID\u003c/var\u003e: the target VLAN ID for this subnetwork.\n\nList subnetworks\n----------------\n\nTo list subnetworks provisioned within a Distributed Cloud\nconnected zone, complete the steps in this section.\n\nTo complete this task, you must have the\n[Edge Network Viewer role](/distributed-cloud/edge/1.7.0/docs/permissions#edge-network-viewer)\n(`roles/edgenetwork.viewer`) in your Google Cloud project. \n\n### gcloud\n\nUse the `gcloud edge-cloud networking subnets list` command: \n\n```\ngcloud edge-cloud networking subnets list \\\n --location=REGION \\\n --zone=ZONE_NAME\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n\n### API\n\nMake a `GET` request to the `projects.locations.zones.subnets.list`\nmethod: \n\n```\n GET /v1/projects/PROJECT_ID/locations/REGION/zones/ZONE_NAME/subnets?filter=FILTER&pageSize=PAGE_SIZE&orderBy=SORT_BY&pageToken=PAGE_TOKEN\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: the ID of the target Google Cloud project.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n- \u003cvar translate=\"no\"\u003eFILTER\u003c/var\u003e: an expression that constrains the returned results to specific values.\n- \u003cvar translate=\"no\"\u003ePAGE_SIZE\u003c/var\u003e: the number of results to return per page.\n- \u003cvar translate=\"no\"\u003eSORT_BY\u003c/var\u003e: a comma-delimited list of field names by which the returned results are sorted. The default sort order is ascending; for descending sort order, prefix the desired field with `~`.\n- \u003cvar translate=\"no\"\u003ePAGE_TOKEN\u003c/var\u003e: a token received in the response to the last list request in the `nextPageToken` field in the response. Send this token to receive a page of results.\n\nGet information about a subnetwork\n----------------------------------\n\nTo get information about a Distributed Cloud subnetwork,\ncomplete the steps in this section.\n\nTo complete this task, you must have the\n[Edge Network Viewer role](/distributed-cloud/edge/1.7.0/docs/permissions#edge-network-viewer)\n(`roles/edgenetwork.viewer`) in your Google Cloud project. \n\n### gcloud\n\nUse the `gcloud edge-cloud networking subnets describe` command: \n\n```\ngcloud edge-cloud networking subnets describe SUBNETWORK_NAME \\\n --location=REGION \\\n --zone=ZONE_NAME\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_NAME\u003c/var\u003e: the name of the target subnetwork.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n\n### API\n\nMake a `GET` request to the `projects.locations.zones.subnets.get`\nmethod: \n\n```\n GET /v1/projects/PROJECT_ID/locations/REGION/zones/ZONE_NAME/subnets/SUBNETWORK_ID\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: the ID of the target Google Cloud project.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_NAME\u003c/var\u003e: the name of the target subnetwork.\n\nThis operation returns detailed information about the resource, including its\nprovisioning state:\n\n- `PENDING`: the resource has not yet begun provisioning and has not yet been propagated throughout the zone.\n- `PROVISIONING`: the resource is being provisioned; you must wait until it has been propagated throughout the zone.\n- `RUNNING`: the resource has been successfully provisioned and propagated throughout the zone; it is ready to use.\n- `FAILED`: the provisioning of the resource was not successful; the resource has not been propagated throughout the zone.\n\nDelete a subnetwork\n-------------------\n\nTo delete a Distributed Cloud subnetwork, complete the steps\nin this section.\n\nTo complete this task, you must have the\n[Edge Network Admin role](/distributed-cloud/edge/1.7.0/docs/permissions#edge-network-admin)\n(`roles/edgenetwork.admin`) in your Google Cloud project. \n\n### gcloud\n\nUse the `gcloud edge-cloud networking subnets delete` command: \n\n```\ngcloud edge-cloud networking subnets delete SUBNETWORK_NAME \\\n --location=REGION \\\n --zone=ZONE_NAME\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_NAME\u003c/var\u003e: the name of the target subnetwork.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n\n### API\n\nMake a `DELETE` request to the `projects.locations.zones.subnets.delete`\nmethod: \n\n```\n DELETE /v1/projects/PROJECT_ID/locations/REGION/zones/ZONE_NAME/subnets/SUBNETWORK_ID\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: the ID of the target Google Cloud project.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_NAME\u003c/var\u003e: the name of the target subnetwork.\n\nWhat's next\n-----------\n\n- [Deploy workloads on Google Distributed Cloud connected](/distributed-cloud/edge/1.7.0/docs/deploy)\n- [Manage interconnects](/distributed-cloud/edge/1.7.0/docs/interconnects)\n- [Create and manage interconnect attachments](/distributed-cloud/edge/1.7.0/docs/attachments)\n- [Create and manage networks](/distributed-cloud/edge/1.7.0/docs/networks)\n- [Create and manage routers](/distributed-cloud/edge/1.7.0/docs/routers)\n- [Create and manage VPN connections](/distributed-cloud/edge/1.7.0/docs/vpn-connections)\n- [Manage zones](/distributed-cloud/edge/1.7.0/docs/zones)"]]
