The objective of the VPC networks lab exercise is to learn custom networks and auto networks creation and configuration.
Like we discussed in the previous article GCP Virtual Private Networks Fundamentals each project starts with default network (a auto mode network). When auto mode network is created, one subnet in each region is automatically created within the network.
When a custom mode network is created, no subnets are created automatically and you can have a complete control over custom network’s subnets and IP ranges.
VPC Networks Lab Exercise:
Create Custom VPC Network
Specify name, description and subnet creation mode
Specify subnet, region, IP address range, private Google access
Create another subnet ‘subnet-2’ in a similar way in different region within the same network ‘learn-custom’. You should see the following under VPC networks once you are done.
Create Auto Network
Specify name, description, subnet creation mode
Go to VPC networks tab and verify whether subnets are automatically created in each region within the network
Create Firewall Rules
Create firewall rules for learn-custom and learn-auto networks.
Firewall rule to allow ingress tcp:22
Specify target tag, source IP ranges, protocols and ports.
Firewall rule to allow ingress icmp
Specify targets, source IP ranges, protocols and ports.
Verify whether firewall rules are successfully created.
similarly create firewall rules for ‘learn-auto’ network also and verify yourself.
Create Compute Engine Virtual Machine Instances
Create two VM instances within custom network (learn-custom) in different zones and one VM instance in different network (learn-auto) as shown below.
Try the following
- SSH and ping between VM in Zone A and VM in Zone B.
- SSH and ping between VM in Zone A and VM in Zone C.
- You would be able to ping between VMs in Zone A and Zone B through their internal IP addresses.
- You won’t be able to ping between VMs in Zone A and Zone C through their internal IP addresses.
Reserve Static IP address
So what you need to do is reserve an external IP address (public IP) and attach to ‘vm-instance-3’ so that you could ping between VMs in Zone A and Zone C through internet.
Now you should be able to ping between VM’s in Zone A and Zone C through external ip address or internet