Networking 101


Di lab praktis ini, Anda akan mempelajari cara melakukan tugas jaringan dasar di Google Cloud (termasuk instance Compute Engine) dan perbedaan Google Cloud dengan penyiapan lokal

Konsep Jaringan Google Cloud

Di Google Cloud Platform, jaringan menyediakan koneksi data masuk dan keluar dari resource cloud Anda (kebanyakan instance Compute Engine). Mengamankan Jaringan Anda sangat penting untuk mengamankan data Anda dan mengontrol akses ke sumber daya Anda.


Task 1. Review the default network

Task 2. Creating a custom network

Saat menetapkan rentang subjaringan secara manual, Anda terlebih dahulu membuat jaringan subjaringan khusus, lalu membuat subjaringan yang Anda inginkan dalam suatu wilayah. Anda tidak harus langsung menentukan subnetwork untuk semua region, atau bahkan sama sekali, tetapi Anda tidak dapat membuat instance di region yang tidak memiliki subnetwork yang ditentukan.

Task 3. Create custom network with the console

name : taw-custom-network
Subnet name: subnet-us-central
Region: us-central1
IP address range:
subnet-europe-west, europe-west1,
subnet-asia-east, asia-east1,

Task 4. Create custom network with Cloud Shell

gcloud compute networks create taw-custom-network --subnet-mode custom
gcloud compute networks subnets create subnet-us-central \
   --network taw-custom-network \
   --region us-central1 \
gcloud compute networks subnets create subnet-europe-west \
   --network taw-custom-network \
   --region europe-west1 \
gcloud compute networks subnets create subnet-asia-east \
   --network taw-custom-network \
   --region asia-east1 \
gcloud compute networks subnets list \
   --network taw-custom-network

Task 5. Adding firewall rules

Add firewall rules through the Console

Add firewall rules using Cloud Shell

gcloud compute firewall-rules create nw101-allow-http \
--allow tcp:80 --network taw-custom-network --source-ranges \
--target-tags http

Create additional firewall rules


gcloud compute firewall-rules create "nw101-allow-icmp" --allow icmp --network "taw-custom-network" --target-tags rules
gcloud compute firewall-rules create "nw101-allow-internal" --allow tcp:0-65535,udp:0-65535,icmp --network "taw-custom-network" --source-ranges "","",""
gcloud compute firewall-rules create "nw101-allow-ssh" --allow tcp:22 --network "taw-custom-network" --target-tags "ssh"

gcloud compute firewall-rules create “nw101-allow-rdp” –allow tcp:3389 –network “taw-custom-network”

Task 6. Connecting to your lab VMs and checking latency

Creating a VM in each zone

gcloud compute instances create us-test-01 \
--subnet subnet-us-central \
--zone us-central1-a \
--tags ssh,http,rules
gcloud compute instances create europe-test-01 \
--subnet subnet-europe-west \
--zone europe-west1-b \
--tags ssh,http,rules

gcloud compute instances create asia-test-01 \
--subnet subnet-asia-east \
--zone asia-east1-a \
--tags ssh,http,rules

Test dari VM

ping -c 3 <europe-test-01-external-ip-address>

Task 7. Traceroute and Performance testing

us-test-01 VM and europe-test-01

Task 8. Use iperf to test performance

sudo apt-get update
sudo apt-get -y install traceroute mtr tcpdump iperf whois host dnsutils siege
iperf -s

# test dari yg uerope
iperf -c #run in client mode, connection to eu1-vm


