stackoom
  简体   繁体   中英

Why does GCP not allow external public IP within VM

 原文  2020-09-23 17:44:52       google-cloud-platform/ static-ip-address

Question

I've been trying to setup some software on my server over at GCP, and assigned a public static IP. But I don't see it inside the VM through ifconfig or ip addr . I understand there is no way to get the IP show up inside the VM and there's a 1-to-1 mapping from NAT to the public IP, but what I don't understand is, why . While this question askes basically the same, the answers don't really answer the why part clearly.

I occasionally run VM on my windows PC, and sometimes, I bridge the adaptor so that the VM gets an IP on my local network, so I know that it's possible (unless I'm missing something here). IBM cloud seems to have this feature though.

So, my question is, what and why could be the reason this is not allowed, or not implemented yet? What problems does it solve or simplify? Why can't I just look at the IP with ifconfig or ip addr (I know I can't cause the IP isn't assigned to an interface, I mean to say why isn't there one)? As a beginner, I think that feature would be what one 'expects', so I want to know the technical reasoning behind this.

Thanks!

1 answers

solution1
 2  2020-09-23 18:42:41

Google needs to resolve to IP addresses for the compute engine instance that you've created. As @esqew mentioned, it does this using NAT to convert the public IP address to an internal to Google, private address that corresponds to your instance.

Your instance does not sit on the public Internet and it is not directly addressable from the public Internet. Instead, the public IP address gets traffic to Google's front end and then Google services resolve the address. Although IP addresses may be bound to instances for extended periods, these addresses are reused many times.

Other machines, even those within your project, may use the public IP address to resolve to your instance but this traffic would be routed to Google's resolver and be sent back through the network to your instance. Using the instance's internal DNS or internal IP address is probably (!) more efficient.

In none of these situations does your instance need to be configured with this IP address. The instance needs to know how to route traffic and the every other device connected to the Internet needs to be able to reach your instance but that's it.

You can determine instance's public IP addresses using the metadata service. From the instance:

METADATA="http://metadata.google.internal/computeMetadata/v1"

# External IP for interface: 0 access-config: 0
curl --request GET \
--header "Metadata-Flavor: Google" \
${METADATA}/instance/network-interfaces/0/access-configs/0/external-ip

# Internal IP
curl --request GET \
--header "Metadata-Flavor: Google" \
${METADATA}/instance/network-interfaces/0/ip

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question GCP: Is traffic to a VM public IP encrypted within a single region? GCP static public IP on VM NIC GCP: connection only between VM's (do not allow external IP's) Does gcp allow vm to have internal or external IPv6 address to vm instances GCP VM external IP not accecible on macbook pro Sample webserver is not accessible on external ip of GCP VM Why doesn't GCP's "Memorystore for Redis" doesnot allow option to add Public IP? Need to add VM instance public IP to sql db connections in GCP Can't run GCP VM on public IP with SSH GCP VM instance cannot be accessed from external IP
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM