{"id":1804,"date":"2026-03-02T11:19:43","date_gmt":"2026-03-02T16:19:43","guid":{"rendered":"https:\/\/cloudlearning365.com\/?p=1804"},"modified":"2026-03-02T11:20:33","modified_gmt":"2026-03-02T16:20:33","slug":"gcp-vpc-peering-route-export-and-import-clarified","status":"publish","type":"post","link":"https:\/\/cloudlearning365.com\/?p=1804","title":{"rendered":"GCP VPC peering route export and import clarified"},"content":{"rendered":"\n<p>In Azure\/AWS when you are peering two vNets\/VPCs, each end will automatically learn the opposite side CIDR ranges assigned to vNets\/VPCs subnets. It will not bring over User Defined Route (UDR) in Azure , neither will it bring over the static\/propagated routes in AWS.<\/p>\n\n\n\n<p>In GCP VPC peering, it has this very interesting export\/import feature that enriches what routes can be exposed across VPC peering, and it can be confusing for people come from Azure\/AWS background, and hope this blog will help to clarify this export\/import feature, as well as potential gochas.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Lab setup<\/h2>\n\n\n\n<p>In this example, I&#8217;m creating two VPCs<\/p>\n\n\n\n<p><strong>producer-vpc<\/strong> (services will be running in this producer-vpc, such as Cloud SQL or Filestore)<\/p>\n\n\n\n<p><strong>consumer-vpc1<\/strong> (this VPC hosts VM or GKE cluster that consumes services provided by producer-vpc)<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">producer-vpc configuration<\/h3>\n\n\n\n<p><strong>producer-vpc<\/strong> only have a single subnet with CIDR 10.240.1.0\/24 assigned<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"190\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-1024x190.png\" alt=\"\" class=\"wp-image-1807\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-1024x190.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-300x56.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-768x143.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-1536x286.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-2048x381.png 2048w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-500x93.png 500w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><strong>producer-vpc<\/strong> now only have two active routes:<br>0\/0 -> Internet Gateway, type static, untagged (Scope limits column empty), priority 1000 (For internet egress)<br>10.240.1.0\/24 -> Network producer-vpc, type subnet, untagged (Scope limits column empty), priority 0. (Local routes for it&#8217;s own subnets)<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"256\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-2-1024x256.png\" alt=\"\" class=\"wp-image-1809\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-2-1024x256.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-2-300x75.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-2-768x192.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-2-1536x384.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-2-2048x511.png 2048w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-2-500x125.png 500w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h3 class=\"wp-block-heading\">consumer-vpc1 configuration<\/h3>\n\n\n\n<p>In <strong>consumer-vpc1<\/strong>, I have created two subnets, each subnet also assigned secondary IP range (for services that might use secondary IPs, such as GKE pods), also I&#8217;ve used IP address that either fall within RFC1918 (10.0.0.0\/8, 172.16.0.0\/12, 192.168.0.0\/16), or Non-RFC1918 address range 6.0.0.0\/8 <\/p>\n\n\n\n<p>pupi-subnet1 primary IP range: 6.41.33.0\/24, secondary IP range: 6.41.34.0\/24<br>rfc1918-subnet1 primary IP range: 10.80.1.0\/24, secondary IP range: 10.80.2.0\/24<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"200\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-3-1024x200.png\" alt=\"\" class=\"wp-image-1810\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-3-1024x200.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-3-300x59.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-3-768x150.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-3-1536x300.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-3-2048x399.png 2048w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-3-500x98.png 500w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>You might have noticed this name: PUPI, it refer to: <strong>P<\/strong>rivately <strong>U<\/strong>sed <strong>P<\/strong>ublic <strong>I<\/strong>P. Meaning you are using a public IP range for private use. More to come on this.<\/p>\n\n\n\n<p>These are the route tables of consumer-vpc1:<br>The top 4 rows are static routes added by me. It has a mixture of Static tagged RFC1918 route, Static tagged PUPI route, Static untagged RFC1918 route, Static untagged PUPI route.<br>The 5th row is default route for egress<br>The 6th to 10th are subnet routes that are: PUPI subnet primary IP range, RFC1918 subnet primary IP range, PUPI subnet secondary IP range, RFC1918 subnet secondary IP range<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"429\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-5-1024x429.png\" alt=\"\" class=\"wp-image-1812\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-5-1024x429.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-5-300x126.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-5-768x321.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-5-1536x643.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-5-2048x857.png 2048w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-5-500x209.png 500w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">VPC peering<\/h2>\n\n\n\n<p>We will need to create VPC peering from consumer-vpc1 -> producer-vpc<br>Then we will have to create the reverse VPC peering from producer-vpc -> consumer-vpc1<\/p>\n\n\n\n<p>For the VPC peering from consumer-vpc1 -> producer-vpc, I&#8217;ve unchecked <strong>Exchange IPv4 custom routes<\/strong>, also unchecked Exchange subnet routes with privately used Public IPv4 address<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"631\" height=\"1024\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-6-631x1024.png\" alt=\"\" class=\"wp-image-1813\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-6-631x1024.png 631w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-6-185x300.png 185w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-6-768x1246.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-6-947x1536.png 947w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-6.png 977w\" sizes=\"auto, (max-width: 631px) 100vw, 631px\" \/><\/figure>\n\n\n\n<p>Do the same to create the reverse VPC peering from producer-vpc -> consumer-vpc1<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"608\" height=\"1024\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-7-608x1024.png\" alt=\"\" class=\"wp-image-1814\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-7-608x1024.png 608w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-7-178x300.png 178w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-7-768x1294.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-7-911x1536.png 911w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-7.png 976w\" sizes=\"auto, (max-width: 608px) 100vw, 608px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Observe route tables after initial VPC peering<\/h2>\n\n\n\n<p>After the status of both VPC peerings turned to Active<\/p>\n\n\n\n<p>In consumer-vpc1, we can see type: Peering subnet, destination 10.240.1.0\/24, priority 0, untagged, next hop -> Network peering producer-vpc<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"353\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-8-1024x353.png\" alt=\"\" class=\"wp-image-1815\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-8-1024x353.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-8-300x103.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-8-768x265.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-8-1536x529.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-8-2048x705.png 2048w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-8-500x172.png 500w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>In producer-vpc, we can see only RFC1918 subnet routes shows up as Peering subnet. The PUPI subnets routes didn&#8217;t show up.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"268\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-9-1024x268.png\" alt=\"\" class=\"wp-image-1816\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-9-1024x268.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-9-300x79.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-9-768x201.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-9-1536x402.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-9-2048x536.png 2048w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-9-500x131.png 500w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>As a reminder, this is the subnets CIDR assignment for consumer-vpc1, the 6.41.x.x routes <span style=\"text-decoration: underline;\"><strong>didn&#8217;t get added<\/strong><\/span> to producer-vpc route table via VPC peering.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"200\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-10-1024x200.png\" alt=\"\" class=\"wp-image-1817\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-10-1024x200.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-10-300x59.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-10-768x150.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-10-1536x300.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-10-2048x399.png 2048w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-10-500x98.png 500w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Export \/ Import &#8220;<span style=\"text-decoration: underline;\">Subnet routes<\/span>&#8221; with PUPI<\/h2>\n\n\n\n<p>To allow &#8220;<strong><span style=\"text-decoration: underline;\">Subnet routes<\/span><\/strong>&#8221; that are using PUPI, eg, the <strong>pupi-subnet1<\/strong> that are using 6.41.33.0\/24 and 6.41.34.0\/24 addresses to be exported to producer-vpc:<\/p>\n\n\n\n<p>First, update VPC peering from consumer-vpc1 -> producer-vpc, check &#8220;<strong>Export subnet routes with public IP<\/strong>&#8220;, or I&#8217;m referring it to <strong>Export &#8220;Subnet routes&#8221; with PUPI<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"643\" height=\"1024\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-11-643x1024.png\" alt=\"\" class=\"wp-image-1818\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-11-643x1024.png 643w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-11-188x300.png 188w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-11-768x1223.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-11-964x1536.png 964w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-11.png 978w\" sizes=\"auto, (max-width: 643px) 100vw, 643px\" \/><\/figure>\n\n\n\n<p>2nd, update  VPC peering from producer-vpc -> consumer-vpc1, check &#8220;<strong>Import subnet routes with public IP<\/strong>&#8220;, or I&#8217;m referring it to <strong>Import &#8220;Subnet routes&#8221; with PUPI<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"645\" height=\"1024\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-12-645x1024.png\" alt=\"\" class=\"wp-image-1819\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-12-645x1024.png 645w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-12-189x300.png 189w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-12-768x1219.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-12.png 961w\" sizes=\"auto, (max-width: 645px) 100vw, 645px\" \/><\/figure>\n\n\n\n<p>Check producer-vpc route table, now we can see PUPI subnets 6.41.x.x show up as peering subnet routes.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"449\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-13-1024x449.png\" alt=\"\" class=\"wp-image-1820\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-13-1024x449.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-13-300x132.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-13-768x337.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-13-1536x674.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-13-2048x899.png 2048w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-13-500x219.png 500w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Why this is important?<\/h2>\n\n\n\n<p>Coming from Azure\/AWS, the assumption is that peering VPCs will automatically learn all subnet routes across the peering connection. In GCP, this isn&#8217;t the case. You will have to enable &#8220;<strong>Export\/Import subnet routes with public IP<\/strong>&#8220;, or I&#8217;m referring it to <strong>Export\/Import &#8220;Subnet routes&#8221; with PUPI<\/strong>, to have the same effect.<\/p>\n\n\n\n<p><span style=\"text-decoration: underline;\">When you are using PUPI in your consumer VPC as you ran out of RFC1918 ranges, when you are connecting to PaaS services such as Cloud SQL, Filestore, you need to make sure <strong>Export\/Import &#8220;Subnet routes&#8221; with PUPI<\/strong> is enabled on the VPC peering connection.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">What is &#8220;Custom routes&#8221;<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">1. Static Routes <\/h3>\n\n\n\n<p id=\"p-rc_95790740d8a635bb-20\">These are manually created by you. You define a destination CIDR range and a &#8220;next hop&#8221; (where the traffic should go).<sup><\/sup><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Common Use Case:<\/strong> Sending traffic through a third-party firewall appliance or a VPN gateway.<\/li>\n\n\n\n<li><strong>Next Hops:<\/strong> Can be an IP address, a specific VPN tunnel, or a VM instance.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">2. Dynamic Routes<\/h3>\n\n\n\n<p id=\"p-rc_95790740d8a635bb-21\">These are managed by <strong>Cloud Router<\/strong> using the <strong>BGP (Border Gateway Protocol)<\/strong>.<sup><\/sup> You don&#8217;t type in the paths manually; instead, your VPC &#8220;learns&#8221; them from another network.<sup><\/sup><\/p>\n\n\n\n<p><strong>Advantage:<\/strong> If a link goes down, the route updates automatically without you needing to click anything.<\/p>\n\n\n\n<p><strong>Common Use Case:<\/strong> Connecting your on-premises data center to GCP via Cloud Interconnect or Cloud VPN.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Export \/ import custom routes<\/h2>\n\n\n\n<p>First, update VPC peering from consumer-vpc1 -> producer-vpc, uncheck &#8220;<strong>Export subnet routes with public IP<\/strong>&#8220;, or I&#8217;m referring it to <strong>Export &#8220;Subnet routes&#8221; with PUPI<\/strong>, check &#8220;Export custom routes<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"651\" height=\"1024\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-14-651x1024.png\" alt=\"\" class=\"wp-image-1821\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-14-651x1024.png 651w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-14-191x300.png 191w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-14-768x1208.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-14-976x1536.png 976w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-14.png 982w\" sizes=\"auto, (max-width: 651px) 100vw, 651px\" \/><\/figure>\n\n\n\n<p>2nd, update  VPC peering from producer-vpc -> consumer-vpc1, uncheck &#8220;<strong>Import subnet routes with public IP<\/strong>&#8220;, or I&#8217;m referring it to <strong>Import &#8220;Subnet routes&#8221; with PUPI<\/strong>, check &#8220;<strong>Import custom routes<\/strong>&#8220;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"646\" height=\"1024\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-15-646x1024.png\" alt=\"\" class=\"wp-image-1822\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-15-646x1024.png 646w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-15-189x300.png 189w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-15-768x1217.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-15.png 966w\" sizes=\"auto, (max-width: 646px) 100vw, 646px\" \/><\/figure>\n\n\n\n<p>After setting is applied, consumer-vpc1 export custom routes, and producer-vpc import custom routes.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"145\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-16-1024x145.png\" alt=\"\" class=\"wp-image-1823\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-16-1024x145.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-16-300x42.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-16-768x109.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-16-1536x217.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-16-2048x290.png 2048w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-16-500x71.png 500w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Now check producer-vpc route table<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"328\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-17-1024x328.png\" alt=\"\" class=\"wp-image-1824\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-17-1024x328.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-17-300x96.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-17-768x246.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-17-1536x492.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-17-2048x657.png 2048w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-17-500x160.png 500w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Comparing with consumer-vpc1 route table. You will notice:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>All *<strong>untagged<\/strong>* custom routes (static in the example, dynamic route not shown) are imported<\/li>\n\n\n\n<li>Untagged Custom route with PUPI 6.0.0.0\/8 also got imported<\/li>\n\n\n\n<li><span style=\"text-decoration: underline;\">Tagged<\/span> custom routes are *<span style=\"text-decoration: underline;\">not<\/span>* exported \/ imported<\/li>\n\n\n\n<li>Default internet gateway routes are *not* exported\/imported<\/li>\n\n\n\n<li>Note: Policy-based routes (PBR) will *not* exported \/imported (not shown in the example)<\/li>\n<\/ol>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"419\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-18-1024x419.png\" alt=\"\" class=\"wp-image-1825\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-18-1024x419.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-18-300x123.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-18-768x314.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-18-1536x628.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-18-2048x838.png 2048w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2026\/03\/image-18-500x204.png 500w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Why this is important?<\/h2>\n\n\n\n<p>Allowing untagged custom routes to be exported can allow traffic to be directed to a routing device across VPC peering, this routing device can be Cloud Router, Firewall etc.<\/p>\n\n\n\n<p>Be careful when you are using 0\/1 or 128\/1 untagged custom routes in your consumer VPC, as when you are peering with producer VPC and exchanging custom routes, the 0\/1 or 128\/1 untagged custom routes may get imported into producer VPC, which may break PaaS services internet egress<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Wrapping up<\/h2>\n\n\n\n<p>Export \/ Import custom routes are used for <strong><span style=\"text-decoration: underline;\">Custom routes<\/span><\/strong> such as static\/dynamic routes, regardless if it&#8217;s using PUPI or not. <\/p>\n\n\n\n<p>&#8220;<strong>Export\/Import subnet routes with public IP<\/strong>&#8221; are targeting <strong><span style=\"text-decoration: underline;\">Subnet routes<\/span><\/strong> that are using PUPI, it has nothing to do with <s>Custom routes<\/s>.<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In Azure\/AWS when you are peering two vNets\/VPCs, each end will automatically learn the opposite side CIDR ranges assigned to vNets\/VPCs subnets. It will not bring over User Defined Route (UDR) in Azure , neither will it bring over the &hellip; <a href=\"https:\/\/cloudlearning365.com\/?p=1804\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[5],"tags":[],"class_list":["post-1804","post","type-post","status-publish","format-standard","hentry","category-gcp"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/posts\/1804","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1804"}],"version-history":[{"count":3,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/posts\/1804\/revisions"}],"predecessor-version":[{"id":1826,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/posts\/1804\/revisions\/1826"}],"wp:attachment":[{"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1804"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1804"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1804"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}