Pureport supports private connectivity to the Google Cloud Platform via the Google Cloud Partner Interconnect program. Pureport allows you to establish Layer 3 connectivity (via BGP) to your Pureport Network without having to specify Autonomous System Numbers or IP networks for the peering connections -- the Pureport Multicloud Router takes care of the complexities for you.


Using Pureport to connect to GCP via Cloud Interconnect involves the following steps to set up a Partner Interconnect link and then provision the Connection in your Pureport Network.


  1. Generate a Pairing Key in the Google Console (GCP Console)
  2. Add the Google VPC (Virtual Private Cloud) to your Pureport Network (Pureport Console)
  3. Activate your GCP connection 
  4. Verify BGP peering is up (Pureport and GCP Consoles)
  5. If needed, test GCP connectivity for troubleshooting purposes (GCP Console)


What you will need before you start:

  • A Project and VPC already created inside your Google account
  • Access to your project and VPC to create a VLAN attachment and a Pairing Key (the Pairing Key will be used to connect your Pureport Network to you Google VPC)


Creating your VLAN Attachment and Pairing Key

(The following steps are also documented on the Google help site)


  1. Log into the Google Console

  2. In the left navigation pane, scroll down to Networking, Click Hybrid Connectivity and select Interconnect:

     
  3. Next click Add VLAN attachment(NOTE: if this is your first interconnect you may have to click the "Get Started’ link instead):

     
  4. Next select Partner Interconnect and click Continue:

     
  5. Next click I already have a service provider:

     
  6. Next the Add Partner VLAN attachment screen appears. You will establish several settings on this screen:
    1. Redundancy - Pureport supports full redundancy by default and we recommend you set up your Google Partner VLAN to match by selecting Create a redundant pair of VLAN attachments 
    2. VPC Network - select the VPC network you wish to connect to your Pureport Network
    3. Region - choose the region where your VPC is deployed (note: the Region must be on the Pureport supported regions list)
    4. Cloud Routers - You must choose or create a unique router for each VLAN attachment - for full redundancy you will need two.

      If you have not already created your cloud routers, you may choose to create them:

       
      1. Name your cloud routers with a meaningful name for future reference, and leave the rest of the settings (Network, Region, Google ASN, and Advertised Routes) set to the defaults

         
      2. Click Create to create the cloud routers and return to the Add Partner VLAN attachment screen.
    5. VLAN attachment name - name your VLAN attachments something meaningful as this name is displayed in the GCP console and used by the cloud command line tool
    6. Click Create
       
  7. The Google console now presents your two pairing keys, assuming you chose to deploy redundant connectivity (if not then you will only get one pairing key). You will need to copy and paste these keys into the Pureport Console when you create your Google Cloud Interconnect Connections.


  8. Be sure to click the OK button before returning to the Pureport console. 
     
  9. After just a few moments, your new connections should now be listed in the VLAN attachments screen with a status of "Waiting for service provider." You are now ready to build your connection in the Pureport console.
     

Adding your Google VPC to your Pureport Network

You will now add your Google VPC to your Pureport Network via the Google Cloud Interconnect connection you just created. 

  1. Log into the Pureport Console.

  2. In the left navigation bar, select the Networks tab.
     
  3. The Networks page list the existing networks. Select the network to which you wish to add the new GCI connection (or create a new network).
     
  4. On your network page, select Add Connection.


  5. In the New Connection window, for Type, select Google Cloud Interconnect, then select Next.

     
  6. Select the Cloud Region you wish to connect from list of supported Pureport GCP regions and click Next. This should match the Region selected in the GCP console when creating your VLAN attachment. Click Next.See the Google Cloud Regions page for more information.
  7. Select the Pureport Location you want to connect to GCP. Usually this is the Pureport location closest to the chosen Cloud Region. Click Next.
  8.  Select an availability and connection speed. Click Next.
  9. Copy and paste the Google Pairing keys from the GCP console, then click next.
     
  10. Optionally click the Plus to add any CIDR networks you may be connecting. Note, these are only used when subsequently connecting a policy-based VPN to your Pureport network and is completely optional. You may also enable and configure Cloud Grade NAT if desired, as detailed in the Cloud Grade NAT knowledge-base article. Then click Next.
     
  11. Finally, give your connection a descriptive name and, optionally, a longer description and then click the Add Connection button.
  12. Your connection should now begin provisioning in the background. Full provisioning takes just a few minutes.

Activating GCP Connections

If you selected Pre-activate these VLAN attachments during the final stage of creating them in the GCP console, you may skip this step.


If you chose not to Pre-activate you will need to perform the following steps (also outlined here in Google's documentation):

  1. Go to the VLAN attachments tab in the GCP console
  2. Select the VLAN attachment to view its details page
  3. If the status of your attachment is "Waiting for service provider" that means the Pureport platform has not yet completed provisioning
  4. Review the Interconnect information to ensure that Pureport's platform has completed the VLAN attachment
  5. Click Activate to activate it


VLAN Peering Activation

You VLAN attachments will enter a DOWN state, however at this point you should see that IP addresses have been assigned and Pureport should be listed as the Interconnect partner:

Finally, you should see the connections successfully up:

Verifying BGP Peering Status

BGP peering should automatically come up within a few minutes. You can check the status of the peering in the router list inside the Google console and view the BGP sessions column for BGP peering status. You can also check out Googles' documentation on viewing router status and advertised routes.


Testing GCP Connectivity

You can test your GCP connectivity by following the instructions in Testing Connectivity between Pureport and GCP via Cloud Interconnect.