vpc network

VPC subnet modes and what should you pick

Discuss various ways in which you can create your VPC subnets and which one should you chose for your next VPC network in GCP.

GCP Nuggets

2 min read

The concept of global VPCs in GCP is very unique among cloud service providers in the sense that it offers you the ability to have flat networks without the need for any VPN tunnels or other such constructs for connectivity between subnets in different regions.

With that in mind, one of the key aspects of designing your network on GCP is creation of these subnets. Remember, subnets are regional. Think of them like your prefixes at each physical location in a traditional data center setup, except that these subnets are already plumbed for connectivity with each other.

You cannot use a VPC network with no subnets. When you create your VPC in GCP, the platform gives you two options to help you creating these subnets - Auto mode and Custom mode.

Auto-mode VPCs

When you pick this as your mode of creating a VPC, subnets in each region of GCP will automatically be created for you. The supernet from which these subnets are carved out is 10.128.0.0/9. There are a set of well documented CIDRs that are carved out from this supernet for each GCP region.

Custom-mode VPCs

VPC network creation in this mode leaves you with no subnets automatically created. This means, you will have to create your own subnets in whichever GCP regions you are interested in deploying your workloads. It's a clean slate for you to begin planning for your specific workloads on GCP.

So, what should you pick?

The answer depends on what plans do you have for this GCP environment.

Let's say you want a quick and scrappy place to test a workload, probably auto-mode VPC is good enough to do that. It gets you up and running very quickly. You don't have to plan for IP space and create a subnet in each and every single region you are testing this workload in.

On the other hand, if you are migrating to or starting afresh on GCP and want full control your your IP space, custom-mode VPCs are your friend. This also lets you distribute your available IP space across regions you care about instead of blindly reserving IP CIDRs for all GCP regions. This mode also lets you use the non-10.128.0.0/9 space for your subnets. Valid CIDR ranges include address space from -

  • RFC1918 (10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16), RFC6598 (100.64.0.0/10)
  • RFC6890 (192.0.0.0/24)
  • RFC5737 (192.0.2.0/24, 198.51.100.0/24, 203.0.113.0/24)
  • RFC7526 (192.88.99.0/24)
  • RFC2544 (198.18.0.0/15)
  • RFC5735 and RFC1113 (240.0.0.0/4)
  • Privately used public IPs (PUPI ranges)

Custom mode VPCs give you all the flexibility that you need in running production grade workloads on GCP.