Stay organized with collections
Save and categorize content based on your preferences.
This page describes how to create and manage Google Distributed Cloud
subnetwork resources in a Distributed Cloud connected zone.
On Distributed Cloud connected servers, you can only configure subnetworks
with VLAN IDs. CIDR-based subnetworks are not supported on
Distributed Cloud connected servers.
You can create up to 138 subnetworks per Distributed Cloud zone.
The subnetwork is a VLAN within the parent network. As such, each subnetwork
must have a globally unique VLAN ID. Distributed Cloud connected
does not allow the reuse of VLAN IDs.
To have Distributed Cloud connected assign an unused VLAN ID at
random, specify 0 as the VLAN ID when you create the subnetwork.
The subnetwork is accessible to all nodes in your
Distributed Cloud connected zone.
Create a subnetwork
To create a Distributed Cloud subnetwork, complete the steps
in this section.
To complete this task, you must have the
Edge Network Admin role
(roles/edgenetwork.admin) in your Google Cloud project.
gcloud
Use the gcloud edge-cloud networking subnets create command:
PROJECT_ID: the ID of the target Google Cloud project.
REGION: the Google Cloud region to which the target
Distributed Cloud connected zone belongs.
ZONE_NAME: the name of the target
Distributed Cloud connected zone.
SUBNETWORK_ID: an ID that uniquely identifies this
subnetwork.
LABELS: a list of labels to apply to this subnetwork
resource.
NETWORK_NAME: the network that encapsulates this
subnetwork.
IPV4_RANGE: the IPv4 address range that this
subnetwork covers in the IP address/prefix format.
IPV6_RANGE: the IPv6 address range that this
subnetwork covers in the IP address/prefix format.
VLAN_ID: the target VLAN ID for this subnetwork.
List subnetworks
To list subnetworks provisioned within a Distributed Cloud
connected zone, complete the steps in this section.
To complete this task, you must have the
Edge Network Viewer role
(roles/edgenetwork.viewer) in your Google Cloud project.
gcloud
Use the gcloud edge-cloud networking subnets list command:
gcloud edge-cloud networking subnets list \
--location=REGION \
--zone=ZONE_NAME
Replace the following:
REGION: the Google Cloud region to which the target
Distributed Cloud connected zone belongs.
ZONE_NAME: the name of the target
Distributed Cloud connected zone.
API
Make a GET request to the projects.locations.zones.subnets.list
method:
GET /v1/projects/PROJECT_ID/locations/REGION/zones/ZONE_NAME/subnets?filter=FILTER&pageSize=PAGE_SIZE&orderBy=SORT_BY&pageToken=PAGE_TOKEN
Replace the following:
PROJECT_ID: the ID of the target Google Cloud project.
REGION: the Google Cloud region to which the target
Distributed Cloud connected zone belongs.
ZONE_NAME: the name of the target
Distributed Cloud connected zone.
FILTER: an expression that constrains the returned
results to specific values.
PAGE_SIZE: the number of results to return per page.
SORT_BY: a comma-delimited list of field names by which
the returned results are sorted. The default sort order is ascending; for
descending sort order, prefix the desired field with ~.
PAGE_TOKEN: a token received in the response to the
last list request in the nextPageToken field in the response. Send this
token to receive a page of results.
Get information about a subnetwork
To get information about a Distributed Cloud subnetwork,
complete the steps in this section.
To complete this task, you must have the
Edge Network Viewer role
(roles/edgenetwork.viewer) in your Google Cloud project.
gcloud
Use the gcloud edge-cloud networking subnets describe command:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThis page outlines how to create and manage Google Distributed Cloud subnetwork resources within a Distributed Cloud connected zone, where only VLAN ID-based subnetworks are supported, not CIDR-based.\u003c/p\u003e\n"],["\u003cp\u003eYou can create up to 138 subnetworks per Distributed Cloud zone, and each subnetwork must have a globally unique VLAN ID or it can be assigned one at random if '0' is specified.\u003c/p\u003e\n"],["\u003cp\u003eThe \u003ccode\u003egcloud\u003c/code\u003e CLI and API commands are detailed for creating, listing, getting information about, and deleting subnetworks, which requires either the Edge Network Admin role or the Edge Network Viewer role depending on the action.\u003c/p\u003e\n"],["\u003cp\u003eThe subnetwork is a VLAN within the parent network and is accessible to all nodes in the Distributed Cloud connected zone, with different provisioning states such as PENDING, PROVISIONING, RUNNING, and FAILED.\u003c/p\u003e\n"],["\u003cp\u003eEach command is provided with the necessary parameters and placeholders to replace with real values such as the subnetwork name, region, and zone name, and they are separated into gcloud and API usage.\u003c/p\u003e\n"]]],[],null,["# Create and manage subnetworks\n\nThis page describes how to create and manage Google Distributed Cloud\nsubnetwork resources in a Distributed Cloud connected zone.\n\nOn Distributed Cloud connected servers, you can only configure subnetworks\nwith VLAN IDs. CIDR-based subnetworks are not supported on\nDistributed Cloud connected servers.\n\nFor more information about Distributed Cloud subnetworks,\nsee [How Distributed Cloud connected works](/distributed-cloud/edge/latest/docs/how-it-works).\n| **Note:** The Google Cloud CLI instructions on this page assume that you are using [Cloud Shell](/shell/docs) or another environment with `bash` installed.\n\nKeep the following in mind:\n\n- You can create up to 138 subnetworks per Distributed Cloud zone.\n- The subnetwork is a VLAN within the parent network. As such, each subnetwork must have a globally unique VLAN ID. Distributed Cloud connected does not allow the reuse of VLAN IDs.\n- To have Distributed Cloud connected assign an unused VLAN ID at random, specify `0` as the VLAN ID when you create the subnetwork.\n- The subnetwork is accessible to all nodes in your Distributed Cloud connected zone.\n\nCreate a subnetwork\n-------------------\n\nTo create a Distributed Cloud subnetwork, complete the steps\nin this section.\n\nTo complete this task, you must have the\n[Edge Network Admin role](/distributed-cloud/edge/latest/docs/permissions#edge-network-admin)\n(`roles/edgenetwork.admin`) in your Google Cloud project. \n\n### gcloud\n\nUse the `gcloud edge-cloud networking subnets create` command: \n\n```\ngcloud edge-cloud networking subnets create SUBNETWORK_NAME \\\n --network=NETWORK_NAME \\\n --ipv4-range=IPV4_RANGE \\\n --ipv6-range=IPV6_RANGE \\\n --vlan-id=VLAN_ID \\\n --location=REGION \\\n --zone=ZONE_NAME\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_NAME\u003c/var\u003e: a descriptive name that uniquely identifies this subnetwork.\n- \u003cvar translate=\"no\"\u003eNETWORK_NAME\u003c/var\u003e: the network that encapsulates this subnetwork.\n- \u003cvar translate=\"no\"\u003eIPV4_RANGE\u003c/var\u003e: the IPv4 address range that this subnetwork covers in the IP address/prefix format.\n- \u003cvar translate=\"no\"\u003eIPV6_RANGE\u003c/var\u003e: the IPv6 address range that this subnetwork covers in the IP address/prefix format.\n- \u003cvar translate=\"no\"\u003eVLAN_ID\u003c/var\u003e: the target VLAN ID for this subnetwork.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n\n### API\n\nMake a `POST` request to the `projects.locations.zones.subnets.create`\nmethod: \n\n```\n POST /v1/projects/PROJECT_ID/locations/REGION/zones/ZONE_NAME/subnets?subnetId=SUBNETWORK_ID\n {\n \"labels\": { LABELS,\n },\n \"network\": { NETWORK_NAME,\n },\n \"ipv4Cidr\": { IPV4_RANGE,\n },\n \"ipv6Cidr\": { IPV6_RANGE,\n }, \n \"vlanId\": { VLAN_ID,\n },\n } \n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: the ID of the target Google Cloud project.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_ID\u003c/var\u003e: an ID that uniquely identifies this subnetwork.\n- \u003cvar translate=\"no\"\u003eLABELS\u003c/var\u003e: a list of labels to apply to this subnetwork resource.\n- \u003cvar translate=\"no\"\u003eNETWORK_NAME\u003c/var\u003e: the network that encapsulates this subnetwork.\n- \u003cvar translate=\"no\"\u003eIPV4_RANGE\u003c/var\u003e: the IPv4 address range that this subnetwork covers in the IP address/prefix format.\n- \u003cvar translate=\"no\"\u003eIPV6_RANGE\u003c/var\u003e: the IPv6 address range that this subnetwork covers in the IP address/prefix format.\n- \u003cvar translate=\"no\"\u003eVLAN_ID\u003c/var\u003e: the target VLAN ID for this subnetwork.\n\nList subnetworks\n----------------\n\nTo list subnetworks provisioned within a Distributed Cloud\nconnected zone, complete the steps in this section.\n\nTo complete this task, you must have the\n[Edge Network Viewer role](/distributed-cloud/edge/latest/docs/permissions#edge-network-viewer)\n(`roles/edgenetwork.viewer`) in your Google Cloud project. \n\n### gcloud\n\nUse the `gcloud edge-cloud networking subnets list` command: \n\n```\ngcloud edge-cloud networking subnets list \\\n --location=REGION \\\n --zone=ZONE_NAME\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n\n### API\n\nMake a `GET` request to the `projects.locations.zones.subnets.list`\nmethod: \n\n```\n GET /v1/projects/PROJECT_ID/locations/REGION/zones/ZONE_NAME/subnets?filter=FILTER&pageSize=PAGE_SIZE&orderBy=SORT_BY&pageToken=PAGE_TOKEN\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: the ID of the target Google Cloud project.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n- \u003cvar translate=\"no\"\u003eFILTER\u003c/var\u003e: an expression that constrains the returned results to specific values.\n- \u003cvar translate=\"no\"\u003ePAGE_SIZE\u003c/var\u003e: the number of results to return per page.\n- \u003cvar translate=\"no\"\u003eSORT_BY\u003c/var\u003e: a comma-delimited list of field names by which the returned results are sorted. The default sort order is ascending; for descending sort order, prefix the desired field with `~`.\n- \u003cvar translate=\"no\"\u003ePAGE_TOKEN\u003c/var\u003e: a token received in the response to the last list request in the `nextPageToken` field in the response. Send this token to receive a page of results.\n\nGet information about a subnetwork\n----------------------------------\n\nTo get information about a Distributed Cloud subnetwork,\ncomplete the steps in this section.\n\nTo complete this task, you must have the\n[Edge Network Viewer role](/distributed-cloud/edge/latest/docs/permissions#edge-network-viewer)\n(`roles/edgenetwork.viewer`) in your Google Cloud project. \n\n### gcloud\n\nUse the `gcloud edge-cloud networking subnets describe` command: \n\n```\ngcloud edge-cloud networking subnets describe SUBNETWORK_NAME \\\n --location=REGION \\\n --zone=ZONE_NAME\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_NAME\u003c/var\u003e: the name of the target subnetwork.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n\n### API\n\nMake a `GET` request to the `projects.locations.zones.subnets.get`\nmethod: \n\n```\n GET /v1/projects/PROJECT_ID/locations/REGION/zones/ZONE_NAME/subnets/SUBNETWORK_ID\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: the ID of the target Google Cloud project.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_NAME\u003c/var\u003e: the name of the target subnetwork.\n\nThis operation returns detailed information about the resource, including its\nprovisioning state:\n\n- `PENDING`: the resource has not yet begun provisioning and has not yet been propagated throughout the zone.\n- `PROVISIONING`: the resource is being provisioned; you must wait until it has been propagated throughout the zone.\n- `RUNNING`: the resource has been successfully provisioned and propagated throughout the zone; it is ready to use.\n- `FAILED`: the provisioning of the resource was not successful; the resource has not been propagated throughout the zone.\n\nDelete a subnetwork\n-------------------\n\nTo delete a Distributed Cloud subnetwork, complete the steps\nin this section.\n\nTo complete this task, you must have the\n[Edge Network Admin role](/distributed-cloud/edge/latest/docs/permissions#edge-network-admin)\n(`roles/edgenetwork.admin`) in your Google Cloud project. \n\n### gcloud\n\nUse the `gcloud edge-cloud networking subnets delete` command: \n\n```\ngcloud edge-cloud networking subnets delete SUBNETWORK_NAME \\\n --location=REGION \\\n --zone=ZONE_NAME\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_NAME\u003c/var\u003e: the name of the target subnetwork.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n\n### API\n\nMake a `DELETE` request to the `projects.locations.zones.subnets.delete`\nmethod: \n\n```\n DELETE /v1/projects/PROJECT_ID/locations/REGION/zones/ZONE_NAME/subnets/SUBNETWORK_ID\n```\n\nReplace the following:\n\n- \u003cvar translate=\"no\"\u003ePROJECT_ID\u003c/var\u003e: the ID of the target Google Cloud project.\n- \u003cvar translate=\"no\"\u003eREGION\u003c/var\u003e: the Google Cloud region to which the target Distributed Cloud connected zone belongs.\n- \u003cvar translate=\"no\"\u003eZONE_NAME\u003c/var\u003e: the name of the target Distributed Cloud connected zone.\n- \u003cvar translate=\"no\"\u003eSUBNETWORK_NAME\u003c/var\u003e: the name of the target subnetwork.\n\nWhat's next\n-----------\n\n- [Deploy workloads on Google Distributed Cloud connected](/distributed-cloud/edge/latest/docs/deploy)\n- [Manage interconnects](/distributed-cloud/edge/latest/docs/interconnects)\n- [Create and manage interconnect attachments](/distributed-cloud/edge/latest/docs/attachments)\n- [Create and manage networks](/distributed-cloud/edge/latest/docs/networks)\n- [Create and manage routers](/distributed-cloud/edge/latest/docs/routers)\n- [Create and manage VPN connections](/distributed-cloud/edge/latest/docs/vpn-connections)\n- [Manage zones](/distributed-cloud/edge/latest/docs/zones)"]]
