Google Cloud networking controls how resources connect to each other, to the internet, and to on-premises networks. This section covers the core building blocks: VPC networks, subnets, IP addresses, routes, firewalls, private connectivity, and Google’s global network edge.
Core Topics
| Topic | What It Covers |
|---|---|
| VPC networks | Global network container for subnets, routes, firewall rules, and private connectivity |
| Subnets | Regional IP ranges used by VMs, GKE nodes, internal load balancers, and Private Service Connect endpoints |
| IP addressing | Internal vs external addresses, IPv4 vs IPv6, static reservations, alias ranges, and NAT |
| Firewall rules | Ingress and egress controls applied to VM traffic |
| Routes | System-generated subnet routes, default routes, static routes, policy-based routes, and dynamic routes |
| Private access | Private Google Access, Private Service Connect, and private services access |
| Hybrid connectivity | Cloud VPN, Cloud Interconnect, Cloud Router, and Network Connectivity Center |
| Load balancing | Global and regional load balancers for public and private services |
Notes
| Note | Description |
|---|---|
| IP Addressing | Internal and external IP addresses, IPv4/IPv6 behavior, static IPs, and Cloud NAT basics |
| Load Balancing | Global and regional load balancers for TCP, UDP, and HTTP/S workloads |
TL;DR
- VPC networks are global, but subnets are regional.
- Internal IP addressing is the foundation for private VM, GKE, load balancer, and service connectivity.
- External IPs provide public reachability, but firewall rules and service listeners still control access.
- Private Google Access, Private Service Connect, Cloud NAT, VPN, and Interconnect solve different private connectivity problems.
Resources
Virtual Private Cloud Documentation Official documentation for VPC networks, subnets, routes, firewalls, NAT, private access, and hybrid networking.
Google Cloud Network Architecture Center Architecture guidance for designing Google Cloud networking environments.