Stay organized with collections
Save and categorize content based on your preferences.
This page describes how to create and manage Google Distributed Cloud
subnetwork resources in a Distributed Cloud connected zone.
On Distributed Cloud connected servers, you can only configure subnetworks
with VLAN IDs. CIDR-based subnetworks are not supported on
Distributed Cloud connected servers.
You can create up to 20 subnetworks within each network.
The subnetwork is a VLAN within the parent network. As such, each subnetwork
must have a globally unique VLAN ID. Distributed Cloud connected
does not allow the reuse of VLAN IDs.
To have Distributed Cloud connected assign an unused VLAN ID at
random, specify 0 as the VLAN ID when you create the subnetwork.
The subnetwork is accessible to all nodes in your
Distributed Cloud connected zone.
Create a subnetwork
To create a Distributed Cloud subnetwork, complete the steps
in this section.
To complete this task, you must have the
Edge Network Admin role
(roles/edgenetwork.admin) in your Google Cloud project.
gcloud
Use the gcloud edge-cloud networking subnets create command:
PROJECT_ID: the ID of the target Google Cloud project.
REGION: the Google Cloud region to which the target
Distributed Cloud connected zone belongs.
ZONE_NAME: the name of the target
Distributed Cloud connected zone.
SUBNETWORK_ID: an ID that uniquely identifies this
subnetwork.
LABELS: a list of labels to apply to this subnetwork
resource.
NETWORK_NAME: the network that encapsulates this
subnetwork.
IPV4_RANGE: the IPv4 address range that this
subnetwork covers in the IP address/prefix format.
IPV6_RANGE: the IPv6 address range that this
subnetwork covers in the IP address/prefix format.
VLAN_ID: the target VLAN ID for this subnetwork.
List subnetworks
To list subnetworks provisioned within a Distributed Cloud
connected zone, complete the steps in this section.
To complete this task, you must have the
Edge Network Viewer role
(roles/edgenetwork.viewer) in your Google Cloud project.
gcloud
Use the gcloud edge-cloud networking subnets list command:
gcloud edge-cloud networking subnets list \
--location=REGION \
--zone=ZONE_NAME
Replace the following:
REGION: the Google Cloud region to which the target
Distributed Cloud connected zone belongs.
ZONE_NAME: the name of the target
Distributed Cloud connected zone.
API
Make a GET request to the projects.locations.zones.subnets.list
method:
GET /v1/projects/PROJECT_ID/locations/REGION/zones/ZONE_NAME/subnets?filter=FILTER&pageSize=PAGE_SIZE&orderBy=SORT_BY&pageToken=PAGE_TOKEN
Replace the following:
PROJECT_ID: the ID of the target Google Cloud project.
REGION: the Google Cloud region to which the target
Distributed Cloud connected zone belongs.
ZONE_NAME: the name of the target
Distributed Cloud connected zone.
FILTER: an expression that constrains the returned
results to specific values.
PAGE_SIZE: the number of results to return per page.
SORT_BY: a comma-delimited list of field names by which
the returned results are sorted. The default sort order is ascending; for
descending sort order, prefix the desired field with ~.
PAGE_TOKEN: a token received in the response to the
last list request in the nextPageToken field in the response. Send this
token to receive a page of results.
Get information about a subnetwork
To get information about a Distributed Cloud subnetwork,
complete the steps in this section.
To complete this task, you must have the
Edge Network Viewer role
(roles/edgenetwork.viewer) in your Google Cloud project.
gcloud
Use the gcloud edge-cloud networking subnets describe command:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eThis page outlines how to create and manage Google Distributed Cloud subnetwork resources within a Distributed Cloud connected zone, which only supports VLAN ID-based subnetworks, not CIDR-based ones.\u003c/p\u003e\n"],["\u003cp\u003eEach subnetwork must have a globally unique VLAN ID within its parent network, and up to 20 subnetworks can be created within a single network; specifying \u003ccode\u003e0\u003c/code\u003e will let Distributed Cloud assign an unused VLAN ID at random.\u003c/p\u003e\n"],["\u003cp\u003eSubnetworks are accessible to all nodes in the Distributed Cloud connected zone, and you need the Edge Network Admin role to create or delete subnetworks, while the Edge Network Viewer role is required for listing and getting information about them.\u003c/p\u003e\n"],["\u003cp\u003eYou can use the \u003ccode\u003egcloud\u003c/code\u003e CLI tool or API to create, list, get information about, and delete subnetworks, with each operation requiring specific parameters like subnetwork name, network name, IPv4/IPv6 ranges, VLAN ID, region, and zone.\u003c/p\u003e\n"],["\u003cp\u003eA subnetwork's provisioning state can be monitored through the API, with possible states including \u003ccode\u003ePENDING\u003c/code\u003e, \u003ccode\u003ePROVISIONING\u003c/code\u003e, \u003ccode\u003eRUNNING\u003c/code\u003e, and \u003ccode\u003eFAILED\u003c/code\u003e, indicating its readiness and propagation status within the zone.\u003c/p\u003e\n"]]],[],null,["# Create and manage subnetworks\n\nThis page describes how to create and manage Google Distributed Cloud\nsubnetwork resources in a Distributed Cloud connected zone.\n\nOn Distributed Cloud connected servers, you can only configure subnetworks\nwith VLAN IDs. CIDR-based subnetworks are not supported on\nDistributed Cloud connected servers.\n\nFor more information about Distributed Cloud subnetworks,\nsee [How Distributed Cloud connected works](/distributed-cloud/edge/1.7.1/docs/how-it-works).\n| **Note:** The Google Cloud CLI instructions on this page assume that you are using [Cloud Shell](/shell/docs) or another environment with `bash` installed.\n\nKeep the following in mind:\n\n- You can create up to 20 subnetworks within each network.\n- The subnetwork is a VLAN within the parent network. As such, each subnetwork must have a globally unique VLAN ID. Distributed Cloud connected does not allow the reuse of VLAN IDs.\n- To have Distributed Cloud connected assign an unused VLAN ID at random, specify `0` as the VLAN ID when you create the subnetwork.\n- The subnetwork is accessible to all nodes in your Distributed Cloud connected zone.\n\nCreate a subnetwork\n-------------------\n\nTo create a Distributed Cloud subnetwork, complete the steps\nin this section.\n\nTo complete this task, you must have the\n[Edge Network Admin role](/distributed-cloud/edge/1.7.1/docs/permissions#edge-network-admin)\n(`roles/edgenetwork.admin`) in your Google Cloud project. \n\n### gcloud\n\nUse the `gcloud edge-cloud networking subnets create` command: \n\n```\ngcloud edge-cloud networking subnets create SUBNETWORK_NAME \\\n --network=NETWORK_NAME \\\n --ipv4-range=IPV4_RANGE \\\n --ipv6-range=IPV6_RANGE \\\n --vlan-id=VLAN_ID \\\n --location=REGION \\\n --zone=ZONE_NAME\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_NAME\u003c/var\u003e: a descriptive name that uniquely identifies this subnetwork.\n- \u003cvar translate=\"no\"\u003eNETWORK_NAME\u003c/var\u003e: the network that encapsulates this subnetwork.\n- \u003cvar translate=\"no\"\u003eIPV4_RANGE\u003c/var\u003e: the IPv4 address range that this subnetwork covers in the IP address/prefix format.\n- \u003cvar translate=\"no\"\u003eIPV6_RANGE\u003c/var\u003e: the IPv6 address range that this subnetwork covers in the IP address/prefix format.\n- \u003cvar translate=\"no\"\u003eVLAN_ID\u003c/var\u003e: the target VLAN ID for this subnetwork.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n\n### API\n\nMake a `POST` request to the `projects.locations.zones.subnets.create`\nmethod: \n\n```\n POST /v1/projects/PROJECT_ID/locations/REGION/zones/ZONE_NAME/subnets?subnetId=SUBNETWORK_ID\n {\n \"labels\": { LABELS,\n },\n \"network\": { NETWORK_NAME,\n },\n \"ipv4Cidr\": { IPV4_RANGE,\n },\n \"ipv6Cidr\": { IPV6_RANGE,\n }, \n \"vlanId\": { VLAN_ID,\n },\n } \n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: the ID of the target Google Cloud project.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_ID\u003c/var\u003e: an ID that uniquely identifies this subnetwork.\n- \u003cvar translate=\"no\"\u003eLABELS\u003c/var\u003e: a list of labels to apply to this subnetwork resource.\n- \u003cvar translate=\"no\"\u003eNETWORK_NAME\u003c/var\u003e: the network that encapsulates this subnetwork.\n- \u003cvar translate=\"no\"\u003eIPV4_RANGE\u003c/var\u003e: the IPv4 address range that this subnetwork covers in the IP address/prefix format.\n- \u003cvar translate=\"no\"\u003eIPV6_RANGE\u003c/var\u003e: the IPv6 address range that this subnetwork covers in the IP address/prefix format.\n- \u003cvar translate=\"no\"\u003eVLAN_ID\u003c/var\u003e: the target VLAN ID for this subnetwork.\n\nList subnetworks\n----------------\n\nTo list subnetworks provisioned within a Distributed Cloud\nconnected zone, complete the steps in this section.\n\nTo complete this task, you must have the\n[Edge Network Viewer role](/distributed-cloud/edge/1.7.1/docs/permissions#edge-network-viewer)\n(`roles/edgenetwork.viewer`) in your Google Cloud project. \n\n### gcloud\n\nUse the `gcloud edge-cloud networking subnets list` command: \n\n```\ngcloud edge-cloud networking subnets list \\\n --location=REGION \\\n --zone=ZONE_NAME\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n\n### API\n\nMake a `GET` request to the `projects.locations.zones.subnets.list`\nmethod: \n\n```\n GET /v1/projects/PROJECT_ID/locations/REGION/zones/ZONE_NAME/subnets?filter=FILTER&pageSize=PAGE_SIZE&orderBy=SORT_BY&pageToken=PAGE_TOKEN\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: the ID of the target Google Cloud project.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n- \u003cvar translate=\"no\"\u003eFILTER\u003c/var\u003e: an expression that constrains the returned results to specific values.\n- \u003cvar translate=\"no\"\u003ePAGE_SIZE\u003c/var\u003e: the number of results to return per page.\n- \u003cvar translate=\"no\"\u003eSORT_BY\u003c/var\u003e: a comma-delimited list of field names by which the returned results are sorted. The default sort order is ascending; for descending sort order, prefix the desired field with `~`.\n- \u003cvar translate=\"no\"\u003ePAGE_TOKEN\u003c/var\u003e: a token received in the response to the last list request in the `nextPageToken` field in the response. Send this token to receive a page of results.\n\nGet information about a subnetwork\n----------------------------------\n\nTo get information about a Distributed Cloud subnetwork,\ncomplete the steps in this section.\n\nTo complete this task, you must have the\n[Edge Network Viewer role](/distributed-cloud/edge/1.7.1/docs/permissions#edge-network-viewer)\n(`roles/edgenetwork.viewer`) in your Google Cloud project. \n\n### gcloud\n\nUse the `gcloud edge-cloud networking subnets describe` command: \n\n```\ngcloud edge-cloud networking subnets describe SUBNETWORK_NAME \\\n --location=REGION \\\n --zone=ZONE_NAME\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_NAME\u003c/var\u003e: the name of the target subnetwork.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n\n### API\n\nMake a `GET` request to the `projects.locations.zones.subnets.get`\nmethod: \n\n```\n GET /v1/projects/PROJECT_ID/locations/REGION/zones/ZONE_NAME/subnets/SUBNETWORK_ID\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: the ID of the target Google Cloud project.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_NAME\u003c/var\u003e: the name of the target subnetwork.\n\nThis operation returns detailed information about the resource, including its\nprovisioning state:\n\n- `PENDING`: the resource has not yet begun provisioning and has not yet been propagated throughout the zone.\n- `PROVISIONING`: the resource is being provisioned; you must wait until it has been propagated throughout the zone.\n- `RUNNING`: the resource has been successfully provisioned and propagated throughout the zone; it is ready to use.\n- `FAILED`: the provisioning of the resource was not successful; the resource has not been propagated throughout the zone.\n\nDelete a subnetwork\n-------------------\n\nTo delete a Distributed Cloud subnetwork, complete the steps\nin this section.\n\nTo complete this task, you must have the\n[Edge Network Admin role](/distributed-cloud/edge/1.7.1/docs/permissions#edge-network-admin)\n(`roles/edgenetwork.admin`) in your Google Cloud project. \n\n### gcloud\n\nUse the `gcloud edge-cloud networking subnets delete` command: \n\n```\ngcloud edge-cloud networking subnets delete SUBNETWORK_NAME \\\n --location=REGION \\\n --zone=ZONE_NAME\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_NAME\u003c/var\u003e: the name of the target subnetwork.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n\n### API\n\nMake a `DELETE` request to the `projects.locations.zones.subnets.delete`\nmethod: \n\n```\n DELETE /v1/projects/PROJECT_ID/locations/REGION/zones/ZONE_NAME/subnets/SUBNETWORK_ID\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: the ID of the target Google Cloud project.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_NAME\u003c/var\u003e: the name of the target subnetwork.\n\nWhat's next\n-----------\n\n- [Deploy workloads on Google Distributed Cloud connected](/distributed-cloud/edge/1.7.1/docs/deploy)\n- [Manage interconnects](/distributed-cloud/edge/1.7.1/docs/interconnects)\n- [Create and manage interconnect attachments](/distributed-cloud/edge/1.7.1/docs/attachments)\n- [Create and manage networks](/distributed-cloud/edge/1.7.1/docs/networks)\n- [Create and manage routers](/distributed-cloud/edge/1.7.1/docs/routers)\n- [Create and manage VPN connections](/distributed-cloud/edge/1.7.1/docs/vpn-connections)\n- [Manage zones](/distributed-cloud/edge/1.7.1/docs/zones)"]]
