How do GCP VPC subnets differ from AWS?

GCP VPCs are global resources and subnets are regional (not zonal). Subnets define their own primary and optional secondary IP ranges independently, rather than carving from a VPC-level CIDR. This gives more flexibility in address allocation but requires careful planning to avoid overlaps during VPC peering.

What are secondary IP ranges for?

Secondary ranges are used for GKE VPC-native clusters to provide separate IP spaces for pods and services. A GKE cluster needs one secondary range for pod IPs and another for service IPs. These ranges are not used for VM primary IPs and enable alias IP networking.

How should I size subnets for GKE?

For GKE, the pod secondary range should accommodate maximum-pods-per-node times maximum-nodes. The default is 110 pods/node, so a 100-node cluster needs at least 11,000 pod IPs (a /18). The service range needs one IP per Kubernetes Service, typically a /20 is sufficient. Over-provision rather than under-provision since ranges cannot be expanded.

GCP VPC CIDR Planner

NetworkingGCP

Plan GCP VPC subnet allocation across regions with GKE-aware sizing.

GCP VPC Configuration

VPC CIDR

Add Subnet

Subnet Name

Region

Prefix Length

Purpose

Quick Add

Raw Output

Output will appear here...

About This Tool

The GCP VPC CIDR Planner helps you design subnet allocation across regions for Google Cloud VPC networks with GKE-aware sizing. Unlike AWS where VPCs have CIDR blocks, GCP VPCs are global and subnets are regional with their own IP ranges. This tool accounts for GKE secondary ranges (pods and services), alias IP ranges, and Private Google Access requirements.

When to Use This Tool

•Planning subnet allocation across multiple regions for a global GCP VPC network.
•Sizing subnets with secondary ranges for GKE clusters using VPC-native pod networking.
•Ensuring subnet IP ranges do not overlap when establishing VPC peering connections.
•Designing an IP addressing scheme that accommodates future regional expansion.

Frequently Asked Questions

How do GCP VPC subnets differ from AWS?: GCP VPCs are global resources and subnets are regional (not zonal). Subnets define their own primary and optional secondary IP ranges independently, rather than carving from a VPC-level CIDR. This gives more flexibility in address allocation but requires careful planning to avoid overlaps during VPC peering.
What are secondary IP ranges for?: Secondary ranges are used for GKE VPC-native clusters to provide separate IP spaces for pods and services. A GKE cluster needs one secondary range for pod IPs and another for service IPs. These ranges are not used for VM primary IPs and enable alias IP networking.
How should I size subnets for GKE?: For GKE, the pod secondary range should accommodate maximum-pods-per-node times maximum-nodes. The default is 110 pods/node, so a 100-node cluster needs at least 11,000 pod IPs (a /18). The service range needs one IP per Kubernetes Service, typically a /20 is sufficient. Over-provision rather than under-provision since ranges cannot be expanded.

Related Learning Guides

VPC Network Design Patterns28 min read
GCP Networking Deep Dive30 min read

Disclaimer: This tool runs entirely in your browser. No data is sent to our servers. Always verify outputs before using them in production. AWS, Azure, and GCP are trademarks of their respective owners.