🛣️ Cloud Router Custom Routes Configuration

📋 What You'll Learn: This comprehensive guide covers creating and managing custom advertised routes and learned routes in Google Cloud Router, including route policies, traffic engineering, MED configuration, and advanced route manipulation techniques.

🔍 Route Advertisement Overview

Google Cloud Router supports flexible route advertisement and learning mechanisms that allow fine-grained control over how routes are shared with BGP peers. Understanding custom routes is essential for implementing effective traffic engineering and network policies.

graph TD A[Cloud Router] --> B[Route Advertisement] A --> C[Route Learning] B --> D[Default Mode] B --> E[Custom Mode] D --> F[All Subnets] D --> G[Default Routes] E --> H[Custom IP Ranges] E --> I[Selective Subnets] E --> J[Static Routes] C --> K[Accept All Routes] C --> L[Route Filtering] L --> M[Prefix Lists] L --> N[AS Path Filtering] L --> O[Community Filtering] style A fill:#fff2cc style B fill:#e8f5e8 style C fill:#e1f5fe style E fill:#f3e5f5 style L fill:#ffebee

📊 Diagram Explanation: This diagram shows Cloud Router's route handling capabilities. Route Advertisement can operate in Default mode (advertising all subnets and default routes automatically) or Custom mode (selective advertisement of specific IP ranges, subnets, and static routes). Route Learning can accept all routes or apply filtering based on prefix lists, AS path, or BGP communities for granular control.

📤 Custom Advertised Routes

🎯 Advertisement Modes

🔄 Default Advertisement Mode

Automatically advertises all VPC subnets
Includes default routes when applicable
Simple configuration, minimal control
Best for straightforward connectivity

⚙️ Custom Advertisement Mode

Manual control over advertised routes
Selective subnet advertisement
Custom IP ranges with MED values
Advanced traffic engineering capabilities

1Basic Setup and Prerequisites

# Set environment variables
export PROJECT_ID="your-project-id"
export REGION="us-central1"
export VPC_NAME="vpc-custom-routes"
export ROUTER_NAME="custom-routes-router"
export ASN="65000"

# Enable required APIs
gcloud services enable compute.googleapis.com

# Create VPC network
gcloud compute networks create $VPC_NAME \
    --subnet-mode regional \
    --bgp-routing-mode regional

# Create multiple subnets for demonstration
gcloud compute networks subnets create subnet-primary \
    --network=$VPC_NAME \
    --range=10.1.0.0/24 \
    --region=$REGION

gcloud compute networks subnets create subnet-secondary \
    --network=$VPC_NAME \
    --range=10.2.0.0/24 \
    --region=$REGION

gcloud compute networks subnets create subnet-private \
    --network=$VPC_NAME \
    --range=10.3.0.0/24 \
    --region=$REGION

2Create Router with Custom Advertisement

# Create Cloud Router with custom advertisement mode
gcloud compute routers create $ROUTER_NAME \
    --network=$VPC_NAME \
    --region=$REGION \
    --asn=$ASN \
    --advertisement-mode=CUSTOM \
    --set-advertisement-groups=ALL_SUBNETS \
    --set-advertisement-ranges=192.168.100.0/24:100,192.168.200.0/24:200

Advertisement Parameter	Description	Example Value
--advertisement-mode	Route advertisement strategy	DEFAULT, CUSTOM
--set-advertisement-groups	Predefined route groups to advertise	ALL_SUBNETS, ALL_VPC_SUBNETS
--set-advertisement-ranges	Custom IP ranges with optional MED	10.0.0.0/8:100
--add-advertisement-ranges	Add additional custom ranges	172.16.0.0/12:50
--remove-advertisement-ranges	Remove specific ranges	10.5.0.0/24

3Advanced Custom Route Advertisement

# Update router with selective subnet advertisement
gcloud compute routers update $ROUTER_NAME \
    --region=$REGION \
    --advertisement-mode=CUSTOM \
    --clear-advertisement-groups \
    --set-advertisement-ranges=10.1.0.0/24:50,10.2.0.0/24:100

# Add additional custom routes
gcloud compute routers update $ROUTER_NAME \
    --region=$REGION \
    --add-advertisement-ranges=172.16.0.0/16:75,192.168.0.0/16:125

# Remove specific advertised ranges
gcloud compute routers update $ROUTER_NAME \
    --region=$REGION \
    --remove-advertisement-ranges=192.168.200.0/24

# Add back subnet groups while keeping custom ranges
gcloud compute routers update $ROUTER_NAME \
    --region=$REGION \
    --add-advertisement-groups=ALL_SUBNETS

📝 Route Advertisement Example

Scenario: Advertise primary subnet with high priority, secondary subnet with medium priority, and exclude private subnet.

# Configure selective advertisement
gcloud compute routers update $ROUTER_NAME \
    --region=$REGION \
    --advertisement-mode=CUSTOM \
    --clear-advertisement-groups \
    --set-advertisement-ranges=10.1.0.0/24:50,10.2.0.0/24:100
# Note: 10.3.0.0/24 (private subnet) is not advertised

🎨 Advertisement Groups vs Custom Ranges

graph TD A[Router Advertisement Config] --> B[Advertisement Groups] A --> C[Custom Ranges] B --> D[ALL_SUBNETS
All VPC subnets] B --> E[ALL_VPC_SUBNETS
VPC subnets only] C --> F[Specific IP Ranges
192.168.1.0/24] C --> G[With MED Values
10.0.0.0/8:100] C --> H[External Networks
172.16.0.0/12] D --> I[Automatic Updates
New subnets included] F --> J[Static Configuration
Manual management] style A fill:#fff2cc style B fill:#e8f5e8 style C fill:#e1f5fe style I fill:#c8e6c9 style J fill:#ffcdd2

📊 Diagram Explanation: This diagram compares advertisement groups and custom ranges. Advertisement Groups (like ALL_SUBNETS) automatically include current and future VPC subnets, updating dynamically when new subnets are created. Custom Ranges provide static configuration with specific IP ranges and optional MED values, requiring manual management but offering precise control over what gets advertised.

📥 Custom Learned Routes

🔍 Route Learning Mechanisms

🎯 Route Learning Types

Default Learning: Accept all routes from BGP peers
Prefix-based Filtering: Accept only specific prefixes
AS Path Filtering: Filter based on AS path attributes
Community-based Filtering: Use BGP communities for route selection

1Configure BGP Peer with Route Policies

# Add BGP peer with route filtering
gcloud compute routers add-bgp-peer $ROUTER_NAME \
    --peer-name=filtered-peer \
    --interface=if-tunnel-1 \
    --peer-ip-address=169.254.1.2 \
    --peer-asn=65001 \
    --region=$REGION \
    --advertised-route-priority=100

# View current BGP peer configuration
gcloud compute routers describe $ROUTER_NAME \
    --region=$REGION \
    --format="yaml(bgp.peers)"

2Monitor Learned Routes

# View all learned routes
gcloud compute routers get-status $ROUTER_NAME \
    --region=$REGION \
    --format="table(
        result.bgpPeerStatus[].name:label=PEER_NAME,
        result.bgpPeerStatus[].learnedRoutes[].destPrefix:label=LEARNED_PREFIX,
        result.bgpPeerStatus[].learnedRoutes[].priority:label=PRIORITY,
        result.bgpPeerStatus[].learnedRoutes[].med:label=MED
    )"

# View learned routes from specific peer
gcloud compute routers get-status $ROUTER_NAME \
    --region=$REGION \
    --format="yaml(result.bgpPeerStatus[].learnedRoutes)" \
    --filter="result.bgpPeerStatus[].name:filtered-peer"

# Count learned routes per peer
gcloud compute routers get-status $ROUTER_NAME \
    --region=$REGION \
    --format="table(
        result.bgpPeerStatus[].name,
        result.bgpPeerStatus[].numLearnedRoutes
    )"

📊 Route Learning Analysis

sequenceDiagram participant OnPrem as On-Premises BGP participant CR as Cloud Router participant VPC as VPC Routing Table participant VM as VM Instance OnPrem->>CR: BGP UPDATE
(Advertise 192.168.1.0/24) CR->>CR: Apply Route Policies
(Accept/Reject/Modify) CR->>VPC: Install Accepted Routes VPC->>VM: Route Available
(Next-hop: Cloud Router) Note over CR: Route Learning Process Note over VPC: Dynamic Route Updates OnPrem->>CR: BGP UPDATE
(Withdraw 192.168.2.0/24) CR->>VPC: Remove Route VPC->>VM: Route Unavailable

📊 Diagram Explanation: This sequence shows the route learning process. On-premises BGP sends route advertisements to Cloud Router, which applies configured policies to accept, reject, or modify routes. Accepted routes are installed in the VPC routing table and become available to VM instances. When routes are withdrawn, they're removed from the VPC routing table, making them unavailable to instances.

⚙️ Advanced Custom Configuration

🎛️ Per-Peer Advertisement Customization

# Create multiple BGP peers with different advertisement policies
gcloud compute routers add-bgp-peer $ROUTER_NAME \
    --peer-name=primary-peer \
    --interface=if-tunnel-1 \
    --peer-ip-address=169.254.1.2 \
    --peer-asn=65001 \
    --region=$REGION \
    --advertisement-mode=CUSTOM \
    --set-advertisement-groups=ALL_SUBNETS \
    --set-advertisement-ranges=10.100.0.0/24:50 \
    --advertised-route-priority=100

gcloud compute routers add-bgp-peer $ROUTER_NAME \
    --peer-name=backup-peer \
    --interface=if-tunnel-2 \
    --peer-ip-address=169.254.2.2 \
    --peer-asn=65002 \
    --region=$REGION \
    --advertisement-mode=CUSTOM \
    --set-advertisement-ranges=10.1.0.0/24:200,10.2.0.0/24:250 \
    --advertised-route-priority=200

gcloud compute routers add-bgp-peer $ROUTER_NAME \
    --peer-name=restricted-peer \
    --interface=if-tunnel-3 \
    --peer-ip-address=169.254.3.2 \
    --peer-asn=65003 \
    --region=$REGION \
    --advertisement-mode=CUSTOM \
    --set-advertisement-ranges=10.1.0.0/24:100 \
    --advertised-route-priority=150

⚠️ Per-Peer vs Router-Level Advertisement:

Router-Level: Applies to all peers unless overridden
Peer-Level: Overrides router-level settings for specific peers
Priority: Peer-level configuration takes precedence
Inheritance: Peers inherit router settings if not specified

🔀 Dynamic Route Modification

# Update peer advertisement during operations
gcloud compute routers update-bgp-peer $ROUTER_NAME \
    --peer-name=primary-peer \
    --region=$REGION \
    --add-advertisement-ranges=10.200.0.0/24:75 \
    --remove-advertisement-ranges=10.100.0.0/24

# Modify router-level advertisement
gcloud compute routers update $ROUTER_NAME \
    --region=$REGION \
    --add-advertisement-ranges=172.16.0.0/12:125

# Switch peer to inherit router settings
gcloud compute routers update-bgp-peer $ROUTER_NAME \
    --peer-name=backup-peer \
    --region=$REGION \
    --advertisement-mode=DEFAULT

# View current advertisement configuration
gcloud compute routers describe $ROUTER_NAME \
    --region=$REGION \
    --format="yaml(bgp.advertiseMode,bgp.advertisedGroups,bgp.advertisedIpRanges)"

📋 Route Policy Templates

🏢 Enterprise Multi-Site Configuration

# Headquarters - Advertise all networks
gcloud compute routers update-bgp-peer $ROUTER_NAME \
    --peer-name=hq-peer \
    --region=$REGION \
    --advertisement-mode=CUSTOM \
    --set-advertisement-groups=ALL_SUBNETS \
    --set-advertisement-ranges=10.0.0.0/8:50,172.16.0.0/12:50 \
    --advertised-route-priority=50

# Branch Office - Limited advertisement
gcloud compute routers update-bgp-peer $ROUTER_NAME \
    --peer-name=branch-peer \
    --region=$REGION \
    --advertisement-mode=CUSTOM \
    --set-advertisement-ranges=10.1.0.0/24:100 \
    --advertised-route-priority=100

# DMZ Connection - Restricted advertisement
gcloud compute routers update-bgp-peer $ROUTER_NAME \
    --peer-name=dmz-peer \
    --region=$REGION \
    --advertisement-mode=CUSTOM \
    --set-advertisement-ranges=10.10.0.0/24:200 \
    --advertised-route-priority=200

📜 Route Policies and Filtering

🎯 Route Policy Implementation

graph TD A[Incoming BGP Route] --> B{Route Policy Check} B -->|Match Policy 1| C[Accept with MED 100] B -->|Match Policy 2| D[Accept with MED 200] B -->|No Match| E[Apply Default Policy] C --> F[Install in VPC Routing Table] D --> F E --> G{Default Action} G -->|Accept| F G -->|Reject| H[Discard Route] I[Outgoing Route] --> J{Advertisement Policy} J -->|Match Criteria| K[Advertise with MED] J -->|No Match| L[Don't Advertise] style A fill:#e8f5e8 style I fill:#e1f5fe style B fill:#fff3e0 style J fill:#fff3e0 style F fill:#c8e6c9 style H fill:#ffcdd2 style L fill:#ffcdd2

📊 Diagram Explanation: This diagram shows route policy processing for both incoming and outgoing routes. Incoming BGP routes are checked against route policies, which can accept routes with specific MED values or apply default policies. Accepted routes are installed in the VPC routing table. For outgoing routes, advertisement policies determine which routes to advertise and with what MED values.

🔍 Route Filtering Strategies

Filtering Type	Use Case	Implementation	Benefits
Prefix-based	Allow specific networks only	Custom advertisement ranges	Precise control over advertised routes
MED-based	Traffic engineering	Priority values in ranges	Influence inbound traffic paths
Peer-specific	Different policies per connection	Per-peer advertisement settings	Customized connectivity per partner
Subnet groups	Automatic subnet inclusion	ALL_SUBNETS group	Dynamic updates with new subnets

🚦 Traffic Engineering with Custom Routes

⚖️ Load Balancing Configuration

# Primary path configuration (preferred)
gcloud compute routers update-bgp-peer $ROUTER_NAME \
    --peer-name=primary-path \
    --region=$REGION \
    --advertisement-mode=CUSTOM \
    --set-advertisement-ranges=10.0.0.0/8:50 \
    --advertised-route-priority=50

# Secondary path configuration (backup)
gcloud compute routers update-bgp-peer $ROUTER_NAME \
    --peer-name=secondary-path \
    --region=$REGION \
    --advertisement-mode=CUSTOM \
    --set-advertisement-ranges=10.0.0.0/8:150 \
    --advertised-route-priority=150

# Load balancing configuration (equal preference)
gcloud compute routers update-bgp-peer $ROUTER_NAME \
    --peer-name=load-balance-1 \
    --region=$REGION \
    --advertisement-mode=CUSTOM \
    --set-advertisement-ranges=10.1.0.0/24:100,10.2.0.0/24:100 \
    --advertised-route-priority=100

gcloud compute routers update-bgp-peer $ROUTER_NAME \
    --peer-name=load-balance-2 \
    --region=$REGION \
    --advertisement-mode=CUSTOM \
    --set-advertisement-ranges=10.1.0.0/24:100,10.2.0.0/24:100 \
    --advertised-route-priority=100

🎯 Application-Specific Routing

🔀 Multi-Application Traffic Engineering

# Web tier - High priority path
gcloud compute routers update-bgp-peer $ROUTER_NAME \
    --peer-name=web-tier-peer \
    --region=$REGION \
    --advertisement-mode=CUSTOM \
    --set-advertisement-ranges=10.10.0.0/24:25 \
    --advertised-route-priority=25

# Application tier - Medium priority
gcloud compute routers update-bgp-peer $ROUTER_NAME \
    --peer-name=app-tier-peer \
    --region=$REGION \
    --advertisement-mode=CUSTOM \
    --set-advertisement-ranges=10.20.0.0/24:75 \
    --advertised-route-priority=75

# Database tier - Backup path (high MED)
gcloud compute routers update-bgp-peer $ROUTER_NAME \
    --peer-name=db-backup-peer \
    --region=$REGION \
    --advertisement-mode=CUSTOM \
    --set-advertisement-ranges=10.30.0.0/24:200 \
    --advertised-route-priority=200

📊 Traffic Flow Visualization

graph TD A[Internet Traffic] --> B{Load Balancer} B -->|Primary Path
MED: 50| C[Primary Connection] B -->|Secondary Path
MED: 150| D[Secondary Connection] C --> E[Cloud Router 1] D --> F[Cloud Router 2] E --> G[Web Tier
10.10.0.0/24] F --> G E --> H[App Tier
10.20.0.0/24] F --> H E --> I[DB Tier
10.30.0.0/24] F --> I style C fill:#c8e6c9 style D fill:#ffcdd2 style G fill:#e1f5fe style H fill:#fff3e0 style I fill:#f3e5f5

📊 Diagram Explanation: This traffic engineering diagram shows how MED values influence path selection. Internet traffic reaches a load balancer that chooses between primary (MED 50) and secondary (MED 150) paths. Lower MED values indicate preferred paths, so traffic primarily flows through the primary connection to Cloud Router 1, with the secondary connection serving as backup. Both routers can reach all application tiers.

📊 Monitoring Custom Routes

🔍 Route Advertisement Monitoring

# Monitor advertised routes per peer
gcloud compute routers get-status $ROUTER_NAME \
    --region=$REGION \
    --format="table(
        result.bgpPeerStatus[].name:label=PEER_NAME,
        result.bgpPeerStatus[].numAdvertisedRoutes:label=ADVERTISED_COUNT,
        result.bgpPeerStatus[].advertisedRoutes[].destPrefix:label=ADVERTISED_PREFIX,
        result.bgpPeerStatus[].advertisedRoutes[].priority:label=PRIORITY,
        result.bgpPeerStatus[].advertisedRoutes[].med:label=MED
    )"

# Compare router vs peer-level advertisements
gcloud compute routers describe $ROUTER_NAME \
    --region=$REGION \
    --format="yaml(bgp.advertiseMode,bgp.advertisedGroups,bgp.advertisedIpRanges)"

gcloud compute routers describe $ROUTER_NAME \
    --region=$REGION \
    --format="yaml(bgp.peers[].advertiseMode,bgp.peers[].advertisedGroups,bgp.peers[].advertisedIpRanges)"

# Monitor route changes over time
gcloud logging read 'resource.type="gce_router" AND 
                    jsonPayload.route_update_type!=""' \
    --limit=20 \
    --format="table(timestamp,jsonPayload.route_update_type,jsonPayload.destination_prefix)"

📈 Route Learning Analysis

# Analyze learned route distribution
gcloud compute routers get-status $ROUTER_NAME \
    --region=$REGION \
    --format="csv(
        result.bgpPeerStatus[].name,
        result.bgpPeerStatus[].numLearnedRoutes,
        result.bgpPeerStatus[].learnedRoutes[].destPrefix,
        result.bgpPeerStatus[].learnedRoutes[].med
    )" > learned_routes.csv

# Create monitoring script for route tracking
cat << 'EOF' > monitor_routes.sh
#!/bin/bash

ROUTER_NAME="custom-routes-router"
REGION="us-central1"
TIMESTAMP=$(date '+%Y-%m-%d_%H-%M-%S')

echo "=== Route Monitoring Report - $TIMESTAMP ==="

echo -e "\n1. BGP Peer Status:"
gcloud compute routers get-status $ROUTER_NAME \
    --region=$REGION \
    --format="table(
        result.bgpPeerStatus[].name,
        result.bgpPeerStatus[].state,
        result.bgpPeerStatus[].numAdvertisedRoutes,
        result.bgpPeerStatus[].numLearnedRoutes
    )"

echo -e "\n2. Advertisement Configuration:"
gcloud compute routers describe $ROUTER_NAME \
    --region=$REGION \
    --format="value(bgp.advertiseMode)"

echo -e "\n3. Custom Advertised Ranges:"
gcloud compute routers describe $ROUTER_NAME \
    --region=$REGION \
    --format="table(bgp.advertisedIpRanges[].range,bgp.advertisedIpRanges[].description)"

echo -e "\n4. Recent Route Events:"
gcloud logging read 'resource.type="gce_router" AND 
                    resource.labels.router_name="'$ROUTER_NAME'" AND
                    jsonPayload.route_update_type!=""' \
    --limit=5 \
    --format="table(timestamp,jsonPayload.route_update_type,jsonPayload.destination_prefix)"

EOF

chmod +x monitor_routes.sh
./monitor_routes.sh

📊 Route Performance Metrics

graph TD A[Route Monitoring] --> B[Advertisement Metrics] A --> C[Learning Metrics] A --> D[Performance Metrics] B --> E[Routes per Peer] B --> F[Advertisement Changes] B --> G[MED Distribution] C --> H[Learned Route Count] C --> I[Route Convergence Time] C --> J[Failed Route Updates] D --> K[BGP Session Uptime] D --> L[Route Flap Detection] D --> M[Policy Effectiveness] style A fill:#fff2cc style B fill:#e8f5e8 style C fill:#e1f5fe style D fill:#f3e5f5

📊 Diagram Explanation: This monitoring framework covers three key areas: Advertisement Metrics track routes per peer, changes in advertisements, and MED value distribution. Learning Metrics monitor learned route counts, convergence times, and failed updates. Performance Metrics assess BGP session uptime, route flap detection, and policy effectiveness for overall network health.

🔧 Troubleshooting Custom Routes

🚨 Common Route Issues

Issue	Symptoms	Diagnostic Steps	Resolution
Routes Not Advertised	Peer doesn't receive expected routes	Check advertisement mode and ranges	Verify custom advertisement configuration
Unexpected Route Learning	Unwanted routes in routing table	Review learned routes from each peer	Implement route filtering policies
Wrong Path Selection	Traffic using suboptimal path	Analyze MED values and AS paths	Adjust MED values and route priorities
Route Flapping	Routes frequently appearing/disappearing	Monitor BGP session stability	Check network connectivity and timers

🔍 Diagnostic Procedures

# Comprehensive route diagnostics
echo "=== Router Configuration Verification ==="
gcloud compute routers describe $ROUTER_NAME \
    --region=$REGION \
    --format="yaml(bgp)"

echo -e "\n=== Current Route Status ==="
gcloud compute routers get-status $ROUTER_NAME \
    --region=$REGION \
    --format="yaml(result.bgpPeerStatus)"

echo -e "\n=== Route Comparison: Advertised vs Learned ==="
gcloud compute routers get-status $ROUTER_NAME \
    --region=$REGION \
    --format="table(
        result.bgpPeerStatus[].name,
        result.bgpPeerStatus[].numAdvertisedRoutes,
        result.bgpPeerStatus[].numLearnedRoutes
    )"

# Check for route conflicts
echo -e "\n=== Checking for Overlapping Routes ==="
gcloud compute routes list --filter="network:$VPC_NAME" \
    --format="table(name,destRange,nextHopGateway,priority)"

# Analyze route propagation
echo -e "\n=== Route Propagation Analysis ==="
gcloud compute routers get-status $ROUTER_NAME \
    --region=$REGION \
    --format="csv(
        result.bgpPeerStatus[].name,
        result.bgpPeerStatus[].advertisedRoutes[].destPrefix,
        result.bgpPeerStatus[].learnedRoutes[].destPrefix
    )" | sort | uniq -c

🔄 Route Troubleshooting Workflow

flowchart TD A[Route Issue Reported] --> B{Identify Problem Type} B -->|Advertisement| C[Check Advertisement Config] B -->|Learning| D[Check Learned Routes] B -->|Path Selection| E[Analyze Route Attributes] C --> F[Verify Advertisement Mode] C --> G[Check Custom Ranges] C --> H[Validate Peer Config] D --> I[Review Route Filters] D --> J[Check BGP Session Status] E --> K[Compare MED Values] E --> L[Analyze AS Paths] E --> M[Check Route Priorities] F --> N[Correct Configuration] G --> N H --> N I --> O[Adjust Filters] J --> P[Fix BGP Issues] K --> Q[Modify MED Values] L --> R[Adjust AS Path Policy] M --> S[Update Priorities] N --> T[Test and Verify] O --> T P --> T Q --> T R --> T S --> T style A fill:#ffebee style B fill:#fff3e0 style T fill:#e8f5e8

📊 Diagram Explanation: This troubleshooting workflow systematically addresses route issues. First, identify whether the problem is with advertisement, learning, or path selection. For advertisement issues, check the advertisement mode, custom ranges, and peer configuration. For learning issues, review route filters and BGP session status. For path selection, analyze MED values, AS paths, and route priorities, then apply appropriate fixes and verify.

✅ Best Practices for Custom Routes

🎯 Configuration Best Practices

✅ Recommended Practices:

Start Simple: Begin with default mode, then customize as needed
Document Policies: Maintain clear documentation of route policies
Use Consistent MED: Apply consistent MED strategies across all peers
Monitor Changes: Track route advertisement and learning changes
Test Thoroughly: Validate configuration in non-production environments

🔒 Security Considerations

⚠️ Security Best Practices:

Minimize Advertisement: Only advertise necessary routes
Filter Incoming Routes: Implement strict route acceptance policies
Monitor Route Changes: Alert on unexpected route modifications
Validate Route Sources: Ensure routes come from trusted peers
Use Route Dampening: Prevent route flapping from affecting stability

📊 Performance Optimization

# Optimized configuration template
cat << 'EOF' > optimal_route_config.sh
#!/bin/bash

ROUTER_NAME="optimized-router"
REGION="us-central1"

# Create router with optimized settings
gcloud compute routers create $ROUTER_NAME \
    --network=vpc-network \
    --region=$REGION \
    --asn=65000 \
    --advertisement-mode=CUSTOM \
    --set-advertisement-groups=ALL_SUBNETS

# Configure primary peer (low latency path)
gcloud compute routers add-bgp-peer $ROUTER_NAME \
    --peer-name=primary-low-latency \
    --interface=if-tunnel-1 \
    --peer-ip-address=169.254.1.2 \
    --peer-asn=65001 \
    --region=$REGION \
    --advertisement-mode=CUSTOM \
    --set-advertisement-ranges=10.0.0.0/8:50 \
    --advertised-route-priority=50

# Configure backup peer (high bandwidth path)
gcloud compute routers add-bgp-peer $ROUTER_NAME \
    --peer-name=backup-high-bandwidth \
    --interface=if-tunnel-2 \
    --peer-ip-address=169.254.2.2 \
    --peer-asn=65002 \
    --region=$REGION \
    --advertisement-mode=CUSTOM \
    --set-advertisement-ranges=10.0.0.0/8:150 \
    --advertised-route-priority=150

echo "Optimized router configuration complete"
EOF

chmod +x optimal_route_config.sh

📈 Scaling Considerations

🚨 Scaling Guidelines:

Route Limits: Be aware of BGP route table size limits
Peer Count: Consider the maximum number of BGP peers
Advertisement Frequency: Minimize route advertisement changes
Convergence Time: Plan for route convergence in large networks
Resource Usage: Monitor router CPU and memory utilization

🎯 Summary

📋 Key Takeaways:

Flexible Advertisement: Custom routes provide precise control over route sharing
Traffic Engineering: MED values enable sophisticated traffic steering
Per-Peer Policies: Different advertisement policies per BGP peer
Dynamic Management: Routes can be modified during operations
Comprehensive Monitoring: Rich visibility into route advertisement and learning

✅ Implementation Success Factors:

Plan route policies before implementation
Start with simple configurations and evolve
Implement comprehensive monitoring from day one
Document all custom configurations thoroughly
Test changes in non-production environments first

This guide provided comprehensive coverage of custom advertised routes and learned routes in Google Cloud Router, including configuration techniques, traffic engineering strategies, monitoring approaches, and troubleshooting procedures. These capabilities enable sophisticated network policies and optimal traffic flow management in hybrid cloud environments.