Advertised routes

Advertised routes are Cloud Router BGP prefixes advertised to its BGP peers. For example, when a BGP peer is a router in an on-premises network, advertised routes allow the systems in the on-premises network to send packets to resources in your VPC network.

Cloud Routers advertise routes to BGP peers with a multi-exit discriminator (MED) value for each prefix in the route advertisement.

Advertisement modes

Cloud Router can advertise transit routes (as part of Network Connectivity Center) and custom advertised routes as managed by the advertisement mode. The advertisement mode is configurable on both the whole Cloud Router or on individual BGP sessions of the Cloud Router. You can specify the prefixes that Cloud Router advertises, either on all BGP sessions or on a per-session basis, by using the advertisement mode.

Cloud Router offers the following advertisement modes defined at the router level or at the BGP session level:

Cloud Router default advertisement mode
Advertises local subnet ranges as described in Subnet range advertisement.
Cloud Router custom advertisement mode
Gives you complete control over IP address advertisements as described in Custom advertisement.

Similarly, Cloud Router offers the following advertisement modes defined at the BGP session level:

BGP session default advertisement mode
Advertises prefixes according to the advertisement mode defined for the Cloud Router that contains the BGP session.
BGP session custom advertisement mode
Gives you complete control over IP address advertisements as described in Custom advertisement.

Effective advertisements

The following table describes which prefixes are advertised on a BGP session, based on the combination of the Cloud Router advertisement mode and the BGP session advertisement mode:

Cloud Router advertisement mode BGP session advertisement mode Effective advertised prefixes on the BGP session
default default The BGP session inherits the advertisement configuration of the Cloud Router, and the Cloud Router advertises local subnet ranges as described in Subnet range advertisement.
custom default The BGP session inherits the advertisement configuration of the Cloud Router, and the Cloud Router advertises prefixes as described in Custom advertisement.
default or custom custom The BGP session doesn't inherit the advertisement configuration of the Cloud Router. The BGP session advertises prefixes as described in Custom advertisement.

Subnet range advertisement

A BGP session can advertise the subnet IPv4 and IPv6 address ranges that are local to the VPC network. Advertising subnet IPv6 address ranges has additional requirements described in Advertising subnet IPv6 address ranges.

Cloud Router automatically updates subnet route advertisements whenever a subnet lifecycle activity occurs.

The following describes how the VPC network's dynamic routing mode that contains a Cloud Router defines how its BGP sessions advertise local subnet routes:

Regional dynamic routing mode
Each BGP session that advertises subnet ranges only sends the subnet ranges that are in the same region as the Cloud Router that contains the BGP session. The advertised MED matches the configured base priority of the BGP session.
Global dynamic routing mode
Each BGP session that advertises subnet ranges sends both the subnet ranges that are in the same region as the Cloud Router that contains the BGP session and subnet ranges in other regions. The advertised MED of subnet ranges in the same region as the Cloud Router matches the configured base priority of the BGP session. The advertised MED of subnet ranges in different regions is the sum of the configured base priority of the BGP session and an inter-regional cost.

Advertising privately used public IPv4 address ranges

Subnet IPv4 address ranges can include privately used public IPv4 address ranges. If you advertise privately used public IPv4 addresses to another network, that other network might not be able to access internet resources at those public IPv4 addresses.

Advertising subnet IPv6 address ranges

Subnet route advertisement automatically includes internal subnet IPv6 ranges when both of the following conditions are met:

  • The product used with Cloud Router, such as the HA VPN gateway, is configured to use the IPv4 and IPv6 (dual-stack) or the IPv6-only (single stack) stack types.

  • The IPv6 BGP session is configured and enabled or the IPv4 BGP session is specifically configured to enable IPv6 route exchange.

Subnet route advertisement never includes advertisement of external subnet IPv6 address ranges. However, you can include external IPv6 address ranges as custom IP address ranges when using custom advertisement.

For more information about configuring BGP sessions, see Establish BGP sessions.

Custom advertisement

Custom advertisement mode gives you control over the prefixes that a BGP session advertises. You can use Cloud Router custom advertisement mode or per-BGP-session custom advertisement mode to advertise routes that include default route prefixes, such as 0.0.0.0/0 for IPv4 routes or ::/0 for IPv6 routes, for all BGP sessions on a Cloud Router.

When you configure custom advertisement mode, you select one of the following options:

  • Advertise only custom IPv4 and IPv6 prefixes: this option advertises only the IP address ranges you specify, omitting local subnet ranges. The advertised MED always matches the configured base priority of the BGP session, even if the VPC network that contains the Cloud Router uses global dynamic routing mode.

  • Advertise custom IPv4 and IPv6 prefixes in addition to subnet ranges: this option advertises local subnet ranges in addition to the custom IP address ranges you specify.

    The advertised MED of local subnet ranges depends on the dynamic routing mode of the VPC network that contains the Cloud Router as described in Subnet range advertisement.

    The advertised MED of custom IP address ranges always matches the configured base priority of the BGP session.

Network Connectivity Center transit route advertisement

Network Connectivity Center transit route advertisement lets you use Google's network as part of a wide area network (WAN) that includes your external sites. BGP sessions for Network Connectivity Center hybrid spokes that have site-to-site transit route advertisement enabled automatically advertise the IP address ranges received by BGP sessions in Cloud Routers of all hybrid spokes that have site-to-site transit route advertisement enabled. For more information, see Site-to-site data transfer overview.

Advertised priority

On a per-BGP session basis, you define a base advertised priority that is used as a value for the BGP MED attribute.

Cloud Router advertises the following prefixes using only the configured base advertised priority:

Cloud Router uses the configured base advertised priority plus an inter-regional cost to advertise subnet ranges that come from regions that don't match the region of the Cloud Router when both of the following conditions are met:

  • The dynamic routing mode of VPC network that contains the Cloud Router is global dynamic routing mode.

  • The effective advertisements for the BGP session includes subnet range advertisement.

BGP attributes for advertised prefixes

When a Cloud Router advertises prefixes to a BGP peer, it advertises the MED value and fills the MED attribute with a value based on the Cloud Router's internal priority for each prefix in the advertisement, or the BGP message. The advertised priority is implemented as a multi-exit discriminator.

You can control what prefixes Cloud Router advertises to all or some of its BGP sessions. To adjust the advertised priority, you can update the base route priority for the prefixes that is added to MED. This doesn't work for site-to-site re-advertisement. If you need finer-grained control, you can apply BGP route policies. Support for BGP route policies is in Preview.

When your on-premises routers receive the advertised prefixes and their MED attributes, they create routes that are used to send packets to your VPC network.

Region-to-region costs can periodically change based on factors such as network performance. These changes can affect how packets are routed. If you notice routing changes, it might be due to updated region-to-region costs.

Route metric examples

This section provides examples that show how region-to-region costs influence advertised MEDs when you use global dynamic routing.

HA VPNs with active-active tunnels

In this example, suppose that you have a VPC network with the following configuration:

  • A subnet in each of the following regions: us-central1, europe-west1, and us-west-1
  • One Cloud Router that manages two BGP sessions for two HA VPN tunnels in us-central1
  • One Cloud Router that manages two BGP sessions for two HA VPN tunnels in us-west1

The following diagram shows this example, including sample values for region-to-region costs:

HA VPNs with active-active tunnels.
HA VPNs with active-active tunnels (click to enlarge).

Assume that each BGP session has the default base priority of 100.

The following tables show how base priority and region-to-region costs are used to calculate the advertised MED values for traffic from your on-premises network to each subnet.

10.0.1.0/24

The following table shows the BGP sessions that advertise subnet IPv4 address range 10.0.1.0/24, which is located in us-central1.

Traffic from your on-premises network uses the HA VPN tunnel in us-central1 because its BGP sessions have the lowest advertised MED.

VPN tunnel Base priority Region-to-region cost Advertised MED Path ranking
central-tunnel-0,
central-tunnel-1
100 0 100 1st choice
west-tunnel-0,
west-tunnel-1
100 250 350 2nd choice

10.0.2.0/24

The following table shows the BGP sessions that advertise subnet IPv4 address range 10.0.2.0/24, which is located in europe-west1.

Traffic from your on-premises network uses the HA VPN tunnel in us-central1 because its BGP sessions have the lowest advertised MED.

VPN tunnel Base priority Region-to-region cost Advertised MED Path ranking
central-tunnel-0,
central-tunnel-1
100 300 400 1st choice
west-tunnel-0,
west-tunnel-1
100 350 450 2nd choice

10.0.3.0/24

The following table shows the BGP sessions that advertise subnet IPv4 address range 10.0.3.0/24, which is located in us-west1.

Traffic from your on-premises network uses the HA VPN tunnel in us-west1 because its BGP sessions have the lowest advertised MED.

VPN tunnel Base priority Region-to-region cost Advertised MED Path ranking
central-tunnel-0,
central-tunnel-1
100 250 350 2nd choice
west-tunnel-0,
west-tunnel-1
100 0 100 1st choice

HA VPNs with active-passive tunnels

This example uses the same topology as in the previous example, but with the following modified base priorities to achieve an active-passive HA VPN tunnel pair in each region:

  • A primary tunnel whose BGP session has the default base priority of 100
  • A secondary tunnel whose BGP session has a lower priority of 351

The following tables show how base priority and region-to-region cost are used to calculate the advertised MED values for traffic from your on-premises network to each subnet.

10.0.1.0/24

The following table shows the BGP sessions that advertise subnet IPv4 address range 10.0.1.0/24, which is located in us-central1.

Traffic from your on-premises network uses the primary VPN tunnel in us-central1 because its BGP session has the lowest advertised MED. If that tunnel is not available, traffic uses the primary tunnel in us-west1.

VPN tunnel Base priority Region-to-region cost Advertised MED Path ranking
central-tunnel-0 100 0 100 1st choice
central-tunnel-1 351 0 351 3rd choice
west-tunnel-0 100 250 350 2nd choice
west-tunnel-1 351 250 601 4th choice

10.0.2.0/24

The following table shows the BGP sessions that advertise subnet IPv4 address range 10.0.2.0/24, which is located in europe-west1.

Traffic from your on-premises network uses the primary VPN tunnel in us-central1 because its BGP session has the lowest advertised MED. If that tunnel is not available, traffic uses the primary tunnel in us-west1.

VPN tunnel Base priority Region-to-region cost Advertised MED Path ranking
central-tunnel-0 100 300 400 1st choice
central-tunnel-1 351 300 651 3rd choice
west-tunnel-0 100 350 450 2nd choice
west-tunnel-1 351 350 701 4th choice

10.0.3.0/24

The following table shows the BGP sessions that advertise subnet IPv4 address range 10.0.3.0/24, which is located in us-west1.

Traffic from your on-premises network uses the primary VPN tunnel in us-west1 because its BGP session has the lowest advertised MED. If that tunnel is not available, traffic uses the primary tunnel in us-central1.

VPN tunnel Base priority Region-to-region cost Advertised MED Path ranking
central-tunnel-0 100 250 350 2nd choice
central-tunnel-1 351 250 601 4th choice
west-tunnel-0 100 0 100 1st choice
west-tunnel-1 351 0 351 3rd choice

Globally preferred Dedicated Interconnect

This example is similar to the previous examples, except that the two Cloud VPN tunnels in the us-west1 region are replaced with two VLAN attachments.

The following diagram shows this example:

This image depicts a VPC network called 'my-network' and
    an on-premises network.
Globally preferred Dedicated Interconnect (click to enlarge).

Suppose that you want to prioritize the VLAN attachments. You specify larger base priorities for the HA VPN tunnels in the us-central1 region to deprioritize them.

The following tables show how base priority and region-to-region cost are used to calculate the advertised MED values for traffic from your on-premises network to each subnet.

10.0.1.0/24

The following table shows the BGP sessions that advertise subnet IPv4 address range 10.0.1.0/24, which is located in us-central1.

Traffic from your on-premises network uses the VLAN attachment in us-west1 because its BGP sessions have the lowest advertised MED.

VPN tunnel or VLAN attachment Base priority Region-to-region cost Advertised MED Path ranking
central-tunnel-0,
central-tunnel-1
351 0 351 2nd choice
west-attachment-0,
west-attachment-1
100 250 350 1st choice

10.0.2.0/24

The following table shows the BGP sessions that advertise subnet IPv4 address range 10.0.2.0/24, which is located in europe-west1.

Traffic from your on-premises network uses the VLAN attachment in us-west1 because its BGP sessions have the lowest advertised MED.

VPN tunnel or VLAN attachment Base priority Region-to-region cost Advertised MED Path ranking
central-tunnel-0,
central-tunnel-1
351 300 651 2nd choice
west-attachment-0,
west-attachment-1
100 350 450 1st choice

10.0.3.0/24

The following table shows the BGP sessions that advertise subnet IPv4 address range 10.0.3.0/24, which is located in us-west1.

Traffic from your on-premises network uses the VLAN attachment in us-west1 because its BGP sessions have the lowest advertised MED.

VPN tunnel or VLAN attachment Base priority Region-to-region cost Advertised MED Path ranking
central-tunnel-0,
central-tunnel-1
351 250 601 2nd choice
west-attachment-0,
west-attachment-1
100 0 100 1st choice