Interconnecting Networks - Cloud Interconnect and peering

Question 1

Beside VPN what are other GSP services for connecting your infrastructure to Google’s network.

Answer 1

Cloud Interconnect and peering services

Question 2

what types of these services are there

Answer 2

These services can be split into dedicated versus shared connections and Layer 2 versus Layer 3 connections.
layer 3 are: direct peering, carrier peering,
layer 2 are: dedicated Interconnect and Partner Interconnect.

Question 3

What are dedicated services

Answer 3

Dedicated connections provide a direct connection to Google’s network, but shared connections provide a connection to Google’s network through a partner.

Question 4

how is Dedicated Interconnect established

Answer 4

In order to use Dedicated Interconnect, you need to provision a cross connect
between the Google network and your own router in a common colocation facility, as. To exchange routes between the networks, you configure a
BGP session over the interconnect between the Cloud Router and the on-premisesrouter. This will allow user traffic from the on-premises network to reach GCP resources on the VPC network, and vice versa.
Dedicated Interconnect can be configured to offer a 99.9% or a 99.99% uptime SLA.
In order to use Dedicated Interconnect, your network must physically meet Google’s
network in a supported colocation facility.

Question 5

if your data center is in a physical location that cannot reach a Dedicated Interconnect colocation facility ..

Answer 5

Than you use partner interconnect service providers have existing physical connections to Google’s network that
they make available for their customers to use. After you establish connectivity with aservice provider, you can request a Partner Interconnect connection from your service provider. Then, you establish a BGP session between your Cloud Router and on-premises router to start passing traffic between your networks via the service
provider’s network.
Partner Interconnect can be configured to offer a 99.9% or a 99.99% uptime SLA

Question 6

Layer 2 connections

Answer 6

Layer 2 connections use a VLAN that pipes directly into your GCP environment providing connectivity to internal IP addresses in the RFC 1918 address base

Question 7

Layer 3

Answer 7

Layer 3 connections provide access to G Suite services, YouTube, and Google Cloud API’s using public IP addresses.

Question 8

How VPN helps with direct peering and carrier peering

Answer 8

VPN uses the public internet, but traffic is encrypted and provides access to internal IP addresses.
That’s why Cloud VPN is a useful addition to direct peering and carrier peering.

Question 9

What type of connection all interconnecting networks provide

Answer 9

they provide internal IP access between resources in on premisses network and VPC google network

Question 10

Capacity comparison

Answer 10

• ipsec VPN 1.5-3 gbps per tunel
• dedicated interconnect 10 gbps or 100 gbps per link
• partner interconnect 50 mbps - 10 gbps per connection

Question 11

How is direct peering established

Answer 11

Direct peering with Google is done by exchanging BGP routes between Google and the peering entity.
After a direct peering connection is in place, you can use it to reach all the Google services, including the full suite of Google Cloud platform products.
Unlike dedicated interconnect, direct peering does not have an SLA.
For Direct peering you need to meat GCP’s Edge Points of Presence, or PoPs, are where Google’s network connects to the rest of the Internet via peering.

Question 12

If you are not near googles Pops…

Answer 12

you can connect via a carrier peering partner.

Question 13

Direct peering has a capacity

Answer 13

of 10 Gbps per link and requires you to have a connection in a GCP Edge Point of Presence.

Question 14

which type of access peering connection provide

Answer 14

All of these options provide public IP address access to all of Google’s services.

Question 15

How to chose connection to googles network

Answer 15

Ask yourself whether you need to extend your network for G Suite services, YouTube or Google Cloud APIs.
If you do, choose one of the peering services.
If you can meet Google’s direct peering requirements, choose direct peering.
Otherwise, choose carrier peering.
If you don’t need to extend your network for G Suite services or Google Cloud APIs but wantto extend the reach of your network to GCP, you want to pick one of the interconnect services.
If you cannot meet Google at one of its core location facilities, choose Cloud VPN or partner interconnect.

Question 16

two configurations for sharing VPC networks across GCP projects.

Answer 16

Shared VPC, which allows you to share a network across several projects in your GCP organization.
VPC Network Peering, which allows you to configure private communication across projects in the same or different organizations.

Question 17

what are types of connection

Answer 17

Shared VPC allows the resources to communicate with each other securely and efficiently using internal IPs from that network.
VPC Network Peering in contrast, allows private RFC 1918 connectivity across two VPC networks, regardless of whether they belong to the same project or the same organization.

Question 18

the biggest difference between the two configurations is the network administration models

Answer 18

Shared VPC is a centralized approach to multi-project networking, because security and network policy occurs in the single designated VPC network.
In contrast, VPC Network Peering is a decentralized approach, because each VPC network can remain