Bird
Raised Fist0
GCPcloud~15 mins

Subnet modes (auto, custom) in GCP - Deep Dive

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Overview - Subnet modes (auto, custom)
What is it?
Subnet modes in Google Cloud Platform (GCP) define how IP address ranges are assigned to subnets within a Virtual Private Cloud (VPC) network. There are two main modes: auto and custom. Auto mode automatically creates subnets in each region with predefined IP ranges, while custom mode lets you create subnets manually with IP ranges you choose. This helps organize and control network traffic inside your cloud environment.
Why it matters
Subnet modes solve the problem of managing IP addresses and network segmentation in cloud environments. Without subnet modes, users would struggle to organize their networks, leading to IP conflicts, inefficient use of addresses, and security risks. Proper subnet mode selection ensures scalable, secure, and manageable cloud networks that fit different project needs.
Where it fits
Before learning subnet modes, you should understand basic networking concepts like IP addresses, subnets, and VPCs. After mastering subnet modes, you can learn about firewall rules, routing, and hybrid connectivity to build secure and efficient cloud networks.
Mental Model
Core Idea
Subnet modes control whether your cloud network’s subnets and IP ranges are created automatically or manually to fit your project’s needs.
Think of it like...
Choosing subnet modes is like deciding whether to buy a pre-furnished apartment (auto mode) or build your own house room by room (custom mode). The pre-furnished apartment is quick and ready, but less flexible. Building your own house takes more effort but lets you design every room exactly how you want.
VPC Network
├── Auto Mode
│   ├── Subnet in Region A (auto IP range)
│   ├── Subnet in Region B (auto IP range)
│   └── Subnet in Region C (auto IP range)
└── Custom Mode
    ├── Subnet in Region A (user-defined IP range)
    ├── Subnet in Region B (user-defined IP range)
    └── Subnet in Region C (user-defined IP range)
Build-Up - 7 Steps
1
FoundationUnderstanding VPC and Subnets Basics
🤔
Concept: Learn what a Virtual Private Cloud (VPC) and subnets are in cloud networking.
A VPC is like your private network inside the cloud where you can place resources like virtual machines. Subnets divide this network into smaller parts, each with its own range of IP addresses. This helps organize and control traffic between resources.
Result
You understand that a VPC is a container for subnets, and subnets are segments with IP ranges inside the VPC.
Knowing that subnets segment a network helps you see why controlling their IP ranges is important for organization and security.
2
FoundationWhat Are IP Address Ranges in Subnets
🤔
Concept: Learn how IP address ranges define the size and scope of a subnet.
Each subnet has a block of IP addresses, like 10.0.0.0/24, which means it can hold 256 addresses. These addresses are assigned to resources inside that subnet. Choosing the right size avoids running out of addresses or wasting them.
Result
You can identify subnet IP ranges and understand their capacity for resources.
Understanding IP ranges is key to managing network size and avoiding conflicts.
3
IntermediateAuto Mode Subnets Explained
🤔Before reading on: do you think auto mode lets you pick IP ranges or assigns them automatically? Commit to your answer.
Concept: Auto mode automatically creates subnets in all regions with predefined IP ranges.
When you create a VPC in auto mode, GCP makes one subnet per region for you. Each subnet has a fixed IP range chosen by Google. This is fast and simple but less flexible if you want custom IP ranges or fewer subnets.
Result
A VPC with subnets ready in every region, each with Google-assigned IP ranges.
Knowing auto mode is quick and automatic helps you decide when speed and simplicity matter more than customization.
4
IntermediateCustom Mode Subnets Explained
🤔Before reading on: do you think custom mode requires you to create subnets manually or does it create them automatically? Commit to your answer.
Concept: Custom mode requires you to create subnets manually with IP ranges you choose.
In custom mode, the VPC starts empty with no subnets. You add subnets one by one, picking the region and IP range. This gives full control over network layout and IP addressing but needs more planning and effort.
Result
A VPC with no subnets initially, ready for you to add custom subnets.
Understanding custom mode’s flexibility helps you design networks that fit complex or specific needs.
5
AdvancedSwitching Between Auto and Custom Modes
🤔Before reading on: do you think you can switch a VPC from auto to custom mode after creation? Commit to your answer.
Concept: Learn the limitations and options for changing subnet modes after VPC creation.
Once a VPC is created in auto mode, you cannot switch it to custom mode. To use custom mode, you must create a new VPC. However, you can add custom subnets to a custom mode VPC anytime. This design prevents conflicts and complexity.
Result
You know that subnet mode choice is permanent for a VPC and plan accordingly.
Knowing this limitation prevents costly mistakes and network redesign later.
6
AdvancedImpact of Subnet Modes on Network Management
🤔Before reading on: do you think auto mode networks are easier or harder to secure than custom mode? Commit to your answer.
Concept: Explore how subnet modes affect security, IP management, and scaling.
Auto mode is easier to start but can lead to unused subnets and IP waste. Custom mode allows precise IP planning and better security by limiting subnets to needed regions. Large organizations prefer custom mode for control, while small projects may choose auto mode for simplicity.
Result
You can weigh subnet mode choices based on project size and security needs.
Understanding trade-offs helps you pick subnet modes that balance ease and control.
7
ExpertAdvanced IP Planning and Hybrid Connectivity
🤔Before reading on: do you think auto mode subnets can be used in complex hybrid cloud setups without IP conflicts? Commit to your answer.
Concept: Learn how subnet modes influence hybrid cloud setups and IP overlap avoidance.
In hybrid clouds connecting on-premises networks to GCP, IP address conflicts cause failures. Custom mode lets you design IP ranges that avoid overlaps with your existing networks. Auto mode’s fixed ranges may conflict, requiring complex workarounds. Experts use custom mode for hybrid and multi-cloud architectures.
Result
You understand why custom mode is essential for advanced network designs involving multiple environments.
Knowing subnet mode’s role in hybrid connectivity prevents costly network conflicts and downtime.
Under the Hood
GCP’s subnet modes determine how the VPC network’s control plane manages subnet creation and IP allocation. In auto mode, the system automatically provisions subnets in all regions with predefined IP blocks from a reserved range, ensuring no overlap. In custom mode, the control plane waits for user input to create subnets, validating IP ranges to prevent conflicts. This separation allows GCP to optimize network setup speed or flexibility based on mode.
Why designed this way?
Auto mode was designed for simplicity and quick setup, ideal for users new to cloud networking or small projects. Custom mode was introduced to give advanced users full control over IP addressing and network segmentation, especially for complex or enterprise environments. The two modes balance ease of use and flexibility, avoiding one-size-fits-all limitations.
VPC Network Control Plane
├─ Auto Mode
│  ├─ Automatically creates subnets in all regions
│  ├─ Assigns predefined IP ranges
│  └─ Ensures no IP overlap internally
└─ Custom Mode
   ├─ Waits for user to create subnets
   ├─ Validates user-defined IP ranges
   └─ Prevents IP conflicts across subnets
Myth Busters - 4 Common Misconceptions
Quick: Can you change a VPC from auto mode to custom mode after creation? Commit to yes or no.
Common Belief:You can switch a VPC’s subnet mode anytime to fit changing needs.
Tap to reveal reality
Reality:Once created, a VPC’s subnet mode is fixed; you cannot switch from auto to custom or vice versa.
Why it matters:Trying to switch modes leads to wasted time and potential network redesign, causing delays and errors.
Quick: Does auto mode create subnets only in regions you specify? Commit to yes or no.
Common Belief:Auto mode creates subnets only in regions you choose.
Tap to reveal reality
Reality:Auto mode creates subnets automatically in all GCP regions by default.
Why it matters:This can cause unused subnets and IP address waste if you only need some regions.
Quick: Are auto mode subnets suitable for hybrid cloud setups without IP conflicts? Commit to yes or no.
Common Belief:Auto mode subnets work well for hybrid cloud connections without IP conflicts.
Tap to reveal reality
Reality:Auto mode’s fixed IP ranges often conflict with on-premises networks, making hybrid setups difficult.
Why it matters:Ignoring this causes network failures and complex troubleshooting in hybrid environments.
Quick: Does custom mode mean you must manually create every subnet? Commit to yes or no.
Common Belief:Custom mode requires manual subnet creation for every region, which is tedious.
Tap to reveal reality
Reality:You only create subnets where needed; you don’t have to create subnets in all regions.
Why it matters:Misunderstanding this leads to unnecessary work and overcomplicated network designs.
Expert Zone
1
Auto mode subnets use fixed IP ranges that are carefully chosen to avoid overlap within GCP but may overlap with external networks.
2
Custom mode allows precise IP range planning, which is critical for multi-region, multi-cloud, or hybrid cloud architectures.
3
GCP reserves certain IP ranges internally for system use, so custom subnet IP ranges must avoid these reserved blocks to prevent conflicts.
When NOT to use
Auto mode is not suitable for enterprises needing strict IP control or hybrid cloud setups. In such cases, use custom mode or consider advanced network segmentation tools like Shared VPC or Private Service Connect.
Production Patterns
Large organizations use custom mode to design networks that align with corporate IP policies and connect securely to on-premises data centers. Small teams or test projects often use auto mode for quick setup. Hybrid cloud architectures almost always require custom mode to avoid IP conflicts.
Connections
IP Address Management (IPAM)
Subnet modes build on IPAM principles by automating or customizing IP allocation.
Understanding subnet modes deepens knowledge of how IP addresses are planned and managed at scale.
Hybrid Cloud Networking
Custom subnet mode enables safe IP design for hybrid cloud connections.
Knowing subnet modes helps prevent IP conflicts that can break hybrid cloud links.
Urban Planning
Subnet modes relate to how city planners allocate land plots automatically or by custom design.
Seeing subnet modes like urban planning reveals the importance of organized space allocation for growth and safety.
Common Pitfalls
#1Creating a VPC in auto mode when you need custom IP ranges for hybrid cloud.
Wrong approach:gcloud compute networks create my-vpc --subnet-mode=auto
Correct approach:gcloud compute networks create my-vpc --subnet-mode=custom gcloud compute networks subnets create my-subnet --network=my-vpc --region=us-central1 --range=10.10.0.0/16
Root cause:Misunderstanding that auto mode assigns fixed IP ranges unsuitable for hybrid cloud IP planning.
#2Trying to add subnets to an auto mode VPC manually.
Wrong approach:gcloud compute networks subnets create extra-subnet --network=auto-vpc --region=us-east1 --range=10.20.0.0/24
Correct approach:Create a new VPC in custom mode to add manual subnets: gcloud compute networks create custom-vpc --subnet-mode=custom Then add subnets as needed.
Root cause:Not knowing that auto mode VPCs have fixed subnets and do not allow manual subnet additions.
#3Assuming subnet mode can be changed after VPC creation.
Wrong approach:gcloud compute networks update my-vpc --subnet-mode=custom
Correct approach:Delete the existing VPC and create a new one with the desired subnet mode: gcloud compute networks delete my-vpc gcloud compute networks create my-vpc --subnet-mode=custom
Root cause:Believing subnet mode is mutable when it is a fixed property of the VPC.
Key Takeaways
Subnet modes in GCP control how subnets and their IP ranges are created: automatically in auto mode or manually in custom mode.
Auto mode is quick and simple but less flexible, creating subnets in all regions with fixed IP ranges.
Custom mode offers full control over subnet creation and IP addressing, essential for complex or hybrid cloud networks.
Once a VPC is created, its subnet mode cannot be changed, so choose carefully based on your project needs.
Understanding subnet modes helps prevent IP conflicts, optimize network design, and ensure secure, scalable cloud infrastructure.

Practice

(1/5)
1. What happens when you create a VPC network in auto subnet mode in GCP?
easy
A. Subnets are automatically created in all regions with predefined IP ranges.
B. No subnets are created; you must create them manually.
C. Only one subnet is created in the default region.
D. Subnets are created but without any IP ranges assigned.

Solution

  1. Step 1: Understand auto subnet mode behavior

    In auto mode, GCP automatically creates subnets in every region with default IP ranges.

  2. Step 2: Compare with other modes

    Unlike custom mode, auto mode does not require manual subnet creation or IP range assignment.

  3. Final Answer:

    Subnets are automatically created in all regions with predefined IP ranges. -> Option A

  4. Quick Check:

    Auto mode = automatic subnet creation [OK]
Hint: Auto mode means automatic subnets in all regions [OK]
Common Mistakes:
  • Thinking auto mode requires manual subnet creation
  • Assuming only one subnet is created
  • Believing subnets have no IP ranges assigned
2. Which of the following is the correct way to create a custom subnet in GCP using gcloud CLI?
easy
A. gcloud compute networks subnets create my-network --subnet-mode=custom
B. gcloud compute networks create my-network --subnet-mode=auto
C. gcloud compute networks create my-subnet --range=10.0.0.0/24
D. gcloud compute networks subnets create my-subnet --network=my-network --range=10.0.0.0/24

Solution

  1. Step 1: Identify command to create a subnet

    The command to create a subnet is gcloud compute networks subnets create with network and IP range specified.

  2. Step 2: Check option correctness

    gcloud compute networks subnets create my-subnet --network=my-network --range=10.0.0.0/24 correctly uses the subnet creation command with network and IP range parameters.

  3. Final Answer:

    gcloud compute networks subnets create my-subnet --network=my-network --range=10.0.0.0/24 -> Option D

  4. Quick Check:

    Subnet creation uses 'networks subnets create' with range [OK]
Hint: Use 'networks subnets create' with --range for custom subnets [OK]
Common Mistakes:
  • Using 'networks create' to create subnets
  • Missing the --range parameter for IP range
  • Confusing network and subnet names
3. Given a VPC network in custom subnet mode with two subnets:
subnet-a: 10.1.0.0/16
subnet-b: 10.2.0.0/16
What happens if you try to create a third subnet with IP range 10.1.128.0/17?
medium
A. The subnet is created successfully without issues.
B. The subnet is created but traffic is blocked between subnets.
C. Creation fails due to overlapping IP ranges with subnet-a.
D. The subnet is created but assigned a different IP range automatically.

Solution

  1. Step 1: Check IP range overlap

    Subnet-a uses 10.1.0.0/16 which covers 10.1.0.0 to 10.1.255.255. The new subnet 10.1.128.0/17 overlaps this range.

  2. Step 2: Understand subnet creation rules

    GCP does not allow overlapping IP ranges in subnets within the same VPC network.

  3. Final Answer:

    Creation fails due to overlapping IP ranges with subnet-a. -> Option C

  4. Quick Check:

    Overlapping IP ranges cause subnet creation failure [OK]
Hint: Check IP ranges for overlap before subnet creation [OK]
Common Mistakes:
  • Assuming subnets can overlap IP ranges
  • Thinking GCP auto-adjusts overlapping ranges
  • Believing traffic is blocked but subnet created
4. You created a VPC network in custom subnet mode but forgot to create any subnets. What is the result when you try to deploy a VM instance in this network?
medium
A. The VM instance deploys successfully with an automatic subnet created.
B. The VM deployment fails because no subnet exists in the network.
C. The VM deploys but without an internal IP address.
D. The VM deploys but is not reachable from other resources.

Solution

  1. Step 1: Understand custom subnet mode requirements

    In custom mode, subnets must be created manually before deploying resources.

  2. Step 2: Check VM deployment dependency

    VMs require a subnet to get an IP address; without subnets, deployment fails.

  3. Final Answer:

    The VM deployment fails because no subnet exists in the network. -> Option B

  4. Quick Check:

    Custom mode needs subnets before VM deployment [OK]
Hint: No subnet means VM deployment fails in custom mode [OK]
Common Mistakes:
  • Assuming auto subnet creation in custom mode
  • Thinking VM can deploy without internal IP
  • Believing VM deploys but is unreachable
5. You want to create a VPC network that spans multiple regions with subnets having specific IP ranges you control. Which subnet mode should you choose and why?
hard
A. Custom mode, because it lets you manually create subnets with specific IP ranges in each region.
B. Custom mode, because it automatically creates subnets in all regions with default IP ranges.
C. Auto mode, because it allows you to edit IP ranges after subnet creation.
D. Auto mode, because it creates subnets automatically with your chosen IP ranges.

Solution

  1. Step 1: Identify requirement for specific IP ranges

    You want control over IP ranges, so automatic default ranges won't work.

  2. Step 2: Choose subnet mode matching control needs

    Custom mode allows manual subnet creation with chosen IP ranges per region.

  3. Step 3: Eliminate incorrect options

    Auto mode does not allow choosing IP ranges; it creates default subnets automatically.

  4. Final Answer:

    Custom mode, because it lets you manually create subnets with specific IP ranges in each region. -> Option A

  5. Quick Check:

    Custom mode = manual subnet creation with chosen IP ranges [OK]
Hint: Custom mode for manual subnets with specific IP ranges [OK]
Common Mistakes:
  • Confusing auto mode as allowing custom IP ranges
  • Thinking auto mode subnets can be edited after creation
  • Believing custom mode auto-creates subnets