Use live migration

Live migration lets you control when Google starts advertising routes for regional public delegated prefixes. Live migration is only available in projects that have been added to an allowlist. To request access, contact your Google Cloud customer engineer.

Before you begin

Using live migration requires careful planning. For more information, see Live migration.
Create a public advertised prefix.

Roles

To get the permissions that you need to complete the tasks in this guide, ask your administrator to grant you the Compute Public IP Admin (roles/compute.publicIpAdmin) IAM role on your project. For more information about granting roles, see Manage access.

You might also be able to get the required permissions through custom roles or other predefined roles.

Create public delegated prefixes with live migration

You can create public delegated prefixes before the public advertised prefix creation is complete. Both the public advertised prefix and public delegated prefix provisioning processes take approximately four weeks.

A public delegated prefix name can't be changed without deleting and recreating the resource. For this reason, we recommend that you create generic names that won't need to change—for example, pdp-203-0-113-0-25, where pdp denotes the resource type and 203-0-113-0-25 denotes the specific prefix and prefix length.

To use live migration, all public delegated prefixes in a given public advertised prefix must be created with live migration enabled to prevent the public advertised prefix from being advertised. For more information, see live migration.

gcloud

To create a public delegated prefix with live migration turned on, use the public-delegated-prefixes create command.

gcloud compute public-delegated-prefixes create PDP_NAME \
    --public-advertised-prefix=PAP_NAME \
    --range=PDP_IP_RANGE \
    --enable-live-migration \
    --region=PDP_REGION

Replace the following:

PDP_NAME: the name to use for the public delegated prefix that you are creating.
PAP_NAME: the name of the public advertised prefix to use to create the public delegated prefix.
PDP_IP_RANGE: the IP range to use to create the public delegated prefix.
PDP_REGION: the region where you want to use the public delegated prefix addresses.

Check the status of a public delegated prefix

It takes approximately four weeks for Google to start announcing the prefixes. When the public delegated prefix is first created, the status is INITIALIZING.

If the public delegated prefix was created with live migration enabled, the status changes to READY_TO_ANNOUNCE when the configuration is completed. With live migration, the prefix isn't announced until you start prefix advertisement.

The status of the public delegated prefix changes to ANNOUNCED when the prefix is announced.

Console

In the Google Cloud console, go to Bring your own IP.

Go to Bring your own IP
The Status column displays the status for all public delegated prefixes.

gcloud

To describe the public delegated prefix and get its status, use the public-delegated-prefixes describe command.

gcloud compute public-delegated-prefixes describe PDP_NAME \
    --region=PDP_REGION \
    --format='value(status)'

Replace the following:

PDP_NAME: the public delegated prefix or sub-prefix that you want to get information for.
PDP_REGION: the region of the public delegated prefix or sub-prefix.
PDP_REGION: the region where you want to use the public delegated prefix addresses. If you want a global public delegated prefix instead, replace --region=PDP_REGION with --global.

Manage BGP announcement

If you've created public delegated prefixes with live migration enabled, you can start and withdraw BGP advertisements for the prefix when you choose.

Start prefix advertisement

If you have created all public delegated prefixes with live migration enabled, you can choose when to start advertising the parent public advertised prefix.

When you are ready for Google to announce the public advertised prefix, make one of these configuration changes. Either change causes the public advertised prefix to be advertised to the internet:

Configure a resource with a BYOIP address from the public delegated prefix. For example, create a compute instance, Cloud NAT, or Cloud Load Balancing forwarding rule.
Create a public delegated prefix within the public advertised prefix without enabling live migration.

If either of these changes are made, the associated public delegated prefix is immediately advertised on Google's network and the entire parent public advertised prefix is advertised to our peers on the internet.

After your live migration is complete, contact your Google Cloud customer engineer so that they can disable live migration for your prefix. By default, live migration is disabled 30 days after you start advertisement of the public advertised prefix. If you need to have the live migration option available for longer than 30 days, contact your customer engineer.

Withdraw prefix advertisement

If you need to withdraw the advertisement, reconfigure resources so that no resources are using IP addresses from the public advertised prefix IP range. After all IP addresses are unassigned from resources, the public delegated prefixes are withdrawn from Google's network, and the public advertised prefix is withdrawn from the internet.

To withdraw the advertisement of a public advertised prefix, you must ensure the following:

All public delegated prefixes within the public advertised prefix are created with live migration enabled.
No IP addresses in the range of the public advertised prefix are assigned to resources.