Google Cloud Compute Engine IP Range to CIDR
Convert Google Cloud Platform Compute Engine IP ranges to CIDR notation for firewall and VPC configuration. Work with GCP published IP ranges.
Detailed Explanation
GCP Compute Engine IP Ranges
Google Cloud publishes its IP ranges that can be queried via DNS TXT records or downloaded from their documentation. When integrating on-premises systems with GCP, you may receive IP ranges in start-end format that need conversion to CIDR.
Example Range
Range: 34.64.0.0 - 34.127.255.255
CIDR: 34.64.0.0/10
This large /10 block contains 4,194,304 addresses allocated to GCP.
Multiple Block Scenarios
Not all GCP ranges align to single CIDR blocks:
Range: 35.192.0.0 - 35.207.255.255
CIDR: 35.192.0.0/12
Range: 104.196.0.0 - 104.199.255.255
CIDR: 104.196.0.0/14
GCP VPC Configuration
GCP VPCs use custom subnet mode by default, where you define subnets per region. Typical subnet sizes:
| Use Case | Recommended Size | Addresses |
|---|---|---|
| Small workload | /24 | 256 |
| Medium workload | /20 | 4,096 |
| GKE pod range | /14 | 262,144 |
| Services range | /20 | 4,096 |
GCP Firewall Rules
GCP firewall rules accept source and destination ranges in CIDR notation. When migrating from a different cloud provider, you'll often need to convert their IP range format to CIDR for GCP firewall rule configuration.
Querying GCP IP Ranges
# Get GCP IP ranges via DNS
dig TXT _cloud-netblocks.googleusercontent.com +short
The result contains SPF-style references to additional TXT records that list all GCP CIDR blocks.
Use Case
A multi-cloud engineer is setting up a hybrid connection between an on-premises data center and GCP. They receive a spreadsheet of GCP IP ranges in start-end format from the network team and need to convert them to CIDR for the on-premises firewall ACLs.