0
0
GCPcloud~5 mins

Why advanced networking matters in GCP - Why It Works

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Introduction
Advanced networking helps connect different parts of your cloud setup securely and quickly. It solves problems like slow connections, security risks, and managing many devices or services talking to each other.
When you want to connect multiple cloud services securely without exposing them to the public internet
When your app needs to handle lots of users and data without slowing down
When you want to control who can access your cloud resources and how
When you need to connect your cloud setup to your office network safely
When you want to monitor and manage traffic between your cloud services
Commands
This command creates a new custom network in Google Cloud where you can define your own subnets for better control.
Terminal
gcloud compute networks create example-network --subnet-mode=custom
Expected OutputExpected
Created [https://www.googleapis.com/compute/v1/projects/example-project/global/networks/example-network].
--subnet-mode=custom - Allows you to create and manage your own subnets instead of using automatic ones.
This command creates a subnet within your custom network to organize your resources in a specific region with a defined IP range.
Terminal
gcloud compute networks subnets create example-subnet --network=example-network --region=us-central1 --range=10.0.0.0/24
Expected OutputExpected
Created [https://www.googleapis.com/compute/v1/projects/example-project/regions/us-central1/subnetworks/example-subnet].
--region=us-central1 - Specifies the region where the subnet will be created.
--range=10.0.0.0/24 - Defines the IP address range for the subnet.
This command creates a firewall rule to allow internal communication between resources in the subnet using common protocols.
Terminal
gcloud compute firewall-rules create allow-internal --network=example-network --allow tcp,udp,icmp --source-ranges=10.0.0.0/24
Expected OutputExpected
Created [https://www.googleapis.com/compute/v1/projects/example-project/global/firewalls/allow-internal].
--allow tcp,udp,icmp - Allows traffic for TCP, UDP, and ICMP protocols.
--source-ranges=10.0.0.0/24 - Limits the rule to traffic coming from the subnet's IP range.
This command lists all firewall rules applied to your custom network so you can verify your security settings.
Terminal
gcloud compute firewall-rules list --filter='network=example-network'
Expected OutputExpected
NAME NETWORK DIRECTION PRIORITY ALLOW DENY DISABLED allow-internal example-network INGRESS 1000 tcp,udp,icmp False
--filter='network=example-network' - Filters the list to show only rules for the specified network.
Key Concept

If you remember nothing else from this pattern, remember: advanced networking lets you control how your cloud resources connect and stay safe.

Common Mistakes
Using automatic subnet mode instead of custom when you need precise control
Automatic mode creates subnets you cannot customize, limiting your network design.
Always use --subnet-mode=custom when you want to define your own subnets.
Not setting firewall rules to allow internal traffic
Resources in the network cannot communicate, causing app failures.
Create firewall rules that allow necessary protocols within your subnet IP range.
Forgetting to specify the region when creating subnets
The command fails or creates resources in unintended locations.
Always include the --region flag with the correct region.
Summary
Create a custom network to control your cloud connections.
Add subnets with specific IP ranges in chosen regions.
Set firewall rules to allow safe communication inside your network.
Verify your firewall rules to ensure proper security.