I got a situation where I hold two projects under a GCP account and want to connect my on premises infrastructure using VPN & BGP. One thing I can't get working and sure if supported are transitive routes.
so as the diagram below, I want project B routes to got to project A and then being advertised to my on premises router.
+---------------+
| |
| Cloud Router +------------------------------------+
| | |
| Project A | |
| 10.0.0.0/24 | |
| | ^
+---------------+ +----------------------------------+
^ | |
| | |
| | On premises router / firewall |
| | |
| | |
| +----------------------------------+
| Desired state:
+--------------+ 10.0.0.0/24 & 10.0.1.0/24
| Project B | via project A cloud router
| 10.0.1.0/24 |
+--------------+ Actual state:
Only 10.0.0.0/24 is being
advertised via BGP
Can this be done in GCP or should I have a full manual mesh setup (or use some 3rd party software router ( vyatta / pfsense / whatever ) to accomplish this?
Thanks. Tal.
You first need to ask yourself how the two GCP network will be connected to each other?
If you divide your network to 2 different network for security reasons, you can use sub-networks . In this settings, Cloud router will announce all these regional subnetworks to the peer gateway via BGP.
If you use 2 different project (e.g. for billing purpose), you should set a VPN and Cloud Router between the 2 GCP networks. This settings doesn't allow Hub-Spoke model, that says that the routes of network B won't be announce to the on-premises router.