2.2.10. Install as a VM using GCP

This section will guide you to deploy the Virtual Service Router on Google Cloud Platform. Access to VSR image on the Google Cloud Platform must be granted by the 6WIND support team.

You will need to provide an account name, on which the image will be shared. A few steps will be needed to use the image:

Import image

In order to import the VSR image, these are the steps you must follow:

Step 1: Open Cloud Shell terminal

Click on the Cloud Shell icon to open the terminal

../../_images/enable-cloud-shell.png ../../_images/cloudshell-terminal.png

Step 2: Run copy command

In the cloud shell terminal, run the following command:

gcloud compute --project=<PROJECT_NAME> images create IMAGE_NAME --source-image=<IMAGE_NAME> --source-image-project=<SOURCE_PROJECT>
IMAGE_NAME will be shared by the support team, it corresponds to the source image name.
SOURCE_PROJECT will also be shared by the support team.
PROJECT_NAME is the current project name on which the instances will be launched.

Example of output command when creation is OK.

Created
….
NAME: vsr-x86-64-v3-7-b1-0-ea-rc0-0-2023-06-16
PROJECT: training-378919
FAMILY:
DEPRECATED:
STATUS: READY

Once the image is ready, we can proceed on instance creation.

Instance creation

Click on button: Create instance

../../_images/create-instance.png

Choose VSR image

In Boot Disk section, click on the button Change:

../../_images/boot-disk-change.png

then select the VSR image on Custom Images tab:

../../_images/boot-disk-vsr.png

Enable forwarding

By default, Google Cloud performs strict source and destination checking for packets so that:

VM instances can only send packets whose sources are set to match an internal IP address of its interface in the network.

Packets are only delivered to an instance if their destinations match the IP address of the instance’s interface in the network.

By default, a VM cannot forward a packet originated by another VM. To use a VM as a next hop for a route, the VM needs to receive packets having destinations other than itself. Because it forwards those packets, their sources will be different from its own internal IP. To accomplish this, we must enable IP forwarding for the VM. When IP forwarding is enabled, Google Cloud does not enforce packet source and destination checking.

You can enable it in Advanced Options > Networking > IP Forwarding

../../_images/enable-forwarding.png

Once forwarding is enabled, you would need to add custom traffic routes on VPC side.

General observations

  • Layer 2 Handling

    A virtual machine can issue ARP Requests, but responses are issued by VPC. This means that there is tight control over how Mac addresses are handled. In other words, ARP requests toward a VM are intercepted by the default gateway. The Requesting VM will still receive a response. View documentation

  • Broadcast and multicast

    VPC networks support IPv4 and IPv6 unicast addresses. VPC networks do not support broadcast or multicast addresses within the network. View documentation

  • IPv6

    The only supported IPv6 route is the default route (::/0), with the next-hop-gateway set to Default-internet-gateway. View documentation

    A feature request Ticket has been created in order to be able to forward traffic to a VM instance in IPv6. Request

The next step is to perform your first configuration.