Google cloud offers networking and communication that can span various regions and networks within the cloud.


Google VPC Network


Let’s take an example of a project that contains five networks. All of these networks span multiple regions across the world.


The regions that the networks are created in are spread out across US-East, US-Central, US-West, and Europe.


Each network contains separate virtual machines: A, B, C, and D.


networks isolate systems


VMs A and B are in the same network, Network 1, they can communicate using their internal IP address even though they are in different regions. In this example – Machine A is in the US-East region and Machine B is in the Europe region.


Therefore, even though the virtual machines exist in different locations across the world, take advantage of Google’s global fiber network and are part of Network #1.


Therefore, Virtual Machines A & B appear as though they’re sitting in the same rack, when it comes to a network configuration protocol.


VMs C and D however are not in the same network. They are in Network #3 and Network #4 respectively.


By default these VM’s must communicate using their external IP addresses even though they are in the same region.

The Google Cloud Platform allows implicit communication within the same network via internal IP addresses (additional firewall rules can be configured to override/change this functionality as well). However, the traffic between VMs C and D isn't actually touching the public Internet but is going through the Google edge routers.


VM instances within a VPC network can communicate privately on a global scale, a single VPN can securely connect your on-premises network to a GCP network as shown in this diagram.

  Google's Global VPC  

Even though the two VM instances are in separate regions, US-West 1 and US-East 1, they leverage Google's private network to communicate between each other and to an on-premises network through a VPN gateway. This reduces cost and network management complexity.

