GCP VPC Peering (auto-mode)

0
votes

I have two GCP projects which have their own VPC (created in auto-mode) and I would like to create a VPC peering connection between them in order for the compute instances in both VPCs to communicate with each other.

But since the VPCs were created in auto-mode, the subnets of both networks are using the same predefined range of IP addresses meaning that I cannot connect the VPCs together because the IP ranges are overlapping.

In the two VPCs, my compute instances are in the "same" subnet and converting the subnet mode (from auto to custom) could allow me to change the IP range of those subnets. But the new IP CIDR range needs to be a superset of the current IP CIDR range and the IP ranges will still be overlapping.

What could be a solution here ?

Note that I do not need to have a subnet created in each region since I am only using 1 or 2 subnets as of now.

1
google-cloud-platformgoogle-vpc
Create a new VPC with non-overlapping CIDR ranges! For example: 10.0.0.0/16 and 172.31.0.0/16.Nebulastic
Hi @Nebulastic, I could do that but the compute instances in the existing VPCs still won't be able to communicate with each other, right ?cyberhippo
After you changed the VPCs to non-overlapping ranges, you can create a VPC peering connection with the correct route tables. If everything is configured correctly, they should be able to communicate! The peering steps are outlined here: cloud.google.com/vpc/docs/using-vpc-peeringNebulastic
Thanks for pointing to the docs @Nebulastic. I think I was not accurate enough in my original question. The goal I am trying to achieve is not just to peer the VPCs but also make sure that the already existing compute instances running in both VPCs can communicate with each other. I feel that creating a new VPC won't help me unless I "migrate" my instances to the newly created VPC.cyberhippo
cloud.google.com/compute/docs/instances/…Nebulastic

1 Answers

1
votes

You can't connect (using VPC peering) networks with overlapping IP ranges. Routing wouldn't work.

But - there are several solutions to this issue.

  1. Migrate VM's. Depending on number of VM's and your use case it's the most tedious way (you have to migrate every VM by hand and - it has to be stopped). So - it may or may not be possible for you. But - if you have a few VM's a can migrate them then that might be good idea. You can alway expand VPC IP range if it will get too small at some point in time.

  2. Have both subnets converted to custom mode and make them smaller (such as 192.168.0.0/25 and 192.168.0.128/25. Combining the two you will get 192.168.0.0/24 address range. But if this is a viable solution for you depends if you have desired IP range available or can move the addresses without too much hassle.

  3. You can set up third "intermediate" network and set up two NAT's between:

net1 > NAT > intermediate_net NAT > net2

But this solution seems like an overkiil for what you're trying to do.

You can have a look at one of my answers - it's about connecting networks with VPN but it's a very similar concept.