Resources such as VM instances and load balancers have IP addresses inGoogle Cloud. These IP addresses let Google Cloud resourcescommunicate with other resources in Google Cloud, in on-premises networks,or on the public internet. This page describes the IP address categorizationused by Google Cloud.
Google Cloud uses the following labels to describe different IP addresstypes. For example, an internal IP address is not publicly routed. Anexternal IP address is a publicly routed IP address. You can assign anexternal IP address to the network interface of a Google Cloud VM.
- External IP address
External IP addresses are publicly advertised, meaning they are reachable byany host on the internet. External IP addresses must be publicly routable IPaddresses.Resources with external IP addresses can communicate with the public internet.
External IPv4 addresses for resources can be provided by Google, or you canbring your own IP (BYOIP) addresses to Google.While BYOIP addresses are static external IPv4 addresses, and can be used withmost resources that support static external IPv4 addresses, there are someexceptions.
External IPv6 addresses are provided by Google. For more information, seeIPv6 subnet ranges.
- Internal IP address
Internal IP addresses cannot be reached from the internet and are notpublicly routable.
Internal IP addresses are local to a VPC network, aVPC network connected by using VPC Network Peering, or anon-premises network connected to a VPC network by usingCloud VPN, Cloud Interconnect, or a Router appliance.Resources with internal IP addresses communicate with other resources as ifthey're all on the same private network.
See AlsoPublic vs. Private IP Address: What's the Difference | phoenixNAP KBInternal IP Address GuideIT Services - Find the IP address of your DeviceHow to Find Your Router’s IP AddressInternal IPv4 addresses can be private IPv4 addresses, or they can be privatelyused public IPv4 addresses. For a list of valid internal IPv4 addresses, seeValid IPv4 ranges.
Internal IPv6 addresses are unique within Google Cloud. For moreinformation, see IPv6 subnet ranges.
For details about how internal IP addresses are advertised when you connectyour VPC network to another network, see Route advertisem*ntsand internal IP addresses.
- Private IP address
Private IP addresses are addresses that cannot be routed on theinternet.
In Google Cloud, private IP addresses can only be used as internal IPaddresses within a VPC network or an on-premises networkconnected to a VPC network.
For a list of private IPv4 ranges, see the entries for Private IP address ranges in the valid internal IPv4 address ranges table.
Unique local addresses (ULAs) are private IPv6 addresses. ULAs are used for internal IPv6 subnet ranges.
- Public IP address
Public IP addresses are internet routable. In Google Cloud,external IPv4 and IPv6 addresses are always public IP addresses.
You can also use public IPv4 addresses as internal addresses when youconfigure the primary or secondary IPv4 address range of a subnet in yourVPC network. These addresses are referred to as privatelyused public IP addresses.
Regional and global IP addresses
When you list or describe IP addresses in your project, Google Cloudlabels addresses as global or regional, which indicates how a particular addressis being used. When you associate an address with a regional resource, such asa VM, Google Cloud labels the address as regional. Regions areGoogle Cloud regions, such as us-east4 or europe-west2.
For more information about global and regional resources, see Global, regional,and zonalresources in theCompute Engine documentation.
Summary of IP address types
The following tables describes examples of different regional and global IPaddresses.
Internal IP addresses
Internal IP addresses are always Premium Tier.
| Classification | Definition and Tier | Purpose |
|---|---|---|
| Regional internal IPv4 address | A valid IPv4 range used as a subnet primary IPv4 range or subnet secondary IPv4 range | Addresses from a subnet primary IPv4 or secondary IPv4 range can be used as described in IPv4 subnet ranges. |
| Regional internal IPv6 address | An internal IPv6 range automatically allocated for a subnet IPv6 range | Regional internal IPv6 addresses can be used as described in Internal IPv6 specifications. |
| Global internal IPv4 addresses | Private Service Connect endpoints for Google APIs Allocated ranges for private services access | For more information, see Access Google APIs through endpoints or private services access. |
External IP addresses
Some External IP addresses can be Standard Tier as well as Premium Tier.
| Classification | Definition and Tier | Purpose |
|---|---|---|
| Regional external IPv4 address | Each region has its own set of external IP addresses for use by zonal or regional resources. Regional external IPv4 addresses can be provided by Google, or you can bring your own IPv4 address ranges to Google Cloud | Premium Tier regional external IPv4 addresses can be used by:
Standard Tier regional external IPv4 addresses can be used by:
Regional external IPv4 addresses are also used by:
|
| Regional external IPv6 address Exclusive to Premium tier | An external IPv6 range automatically allocated for an IPv6 subnet range | Regional external IPv6 addresses can be used as described in External IPv6 specifications. |
| Global external IPv4 addresses Exclusive to Premium tier | Internet accessible anycast external IPv4 addresses for global load balancing. Global external IPv4 addresses can be provided by Google, or you can bring your own IPv4 address ranges to Google Cloud | Global external IPv4 addresses always use Premium Tier. They can be used by:
|
| Global external IPv6 addresses Exclusive to Premium tier | Internet accessible anycast external IPv6 addresses for global load balancing. | Global external IPv6 addresses always use Premium Tier. They can be used by:
|
Ephemeral and static IP addresses
An ephemeral IP address is an IP address that doesn't persist beyondthe life of the resource. For example, when you create an instance or forwardingrule without specifying an IP address, Google Cloud automaticallyassigns the resource an ephemeral IP address. In general, the ephemeral IPaddress is released if you stop or delete the resource.
Internal and external IP addresses can be ephemeral or static.
Reserving a static IP address assigns the address to your project until youexplicitly release it. This is useful if you are dependent on a specific IPaddress for your service and need to prevent another resource from being able touse the address. Static addresses are useful if you need to move an IP addressfrom one Google Cloud resource to another.
Some services have exceptions to the previous definitions:
For HA VPN, you cannot manually assign a static IPv4 address to theinterface of an HA VPN gateway. Cloud VPN creates tworegional external IPv4 addresses for you when you create the gateway, and thoseaddresses remain assigned to the gateway until you delete it.
For Cloud NAT, when you configure Cloud NAT to automaticallyallocate external IPv4 addresses, those addresses appear as static;however, they are deleted if you delete the Cloud NAT gateway orif you change the Cloud NAT gateway to use manual addresses.
What's next
- For more information about reserving static IP addresses, see Reserve astatic external IPaddress orReserve a static internal IPaddress.
