Network Overview
Real-time health of your GCP network infrastructure
Total VPC Networks
12
β² 2 this month
π
Active Subnets
87
β² 5 this month
π
Firewall Rules
234
β No change
π
Active Alerts
3
β² 1 new today
β
Interconnect Links
6
99.99% SLA
β‘
HA VPN Tunnels
18
All healthy
π
Load Balancers
24
β² 3 this month
β
NAT Gateways
9
β Stable
π
Network Throughput (Gbps) Live
Traffic by Region
Resource Health
Healthy 89%
Warning 8%
Critical 3%
Active Alerts
Interconnect Link Down
us-east1-b VLAN attachment offline
2 min ago
High NAT Port Utilization
nat-gw-prod-us exceeds 85%
18 min ago
BGP Route Flap
Cloud Router cr-prod-eu flapping
1h 4m ago
DDoS Attack Mitigated
Cloud Armor blocked 2.4M rps
3h ago
Recent Changes
Firewall rule updated
allow-internal-443 modified
10 min ago Β· user@company.com
New subnet created
10.20.5.0/24 in us-central1
2h ago Β· terraform-sa
Load balancer health check fail
backend-prod-us instance group
4h ago Β· system
HA VPN tunnel created
vpn-to-on-prem-chicago-2
1d ago Β· devops-pipeline
VPC peering established
prod-vpc β analytics-vpc
2d ago Β· user@company.com
Quota Utilization
VPC Networks / Project12/20
Firewall Rules234/500
Static External IPs36/50
Forwarding Rules38/100
Routes per Network145/500
Interconnect Attach.4/10
VPN Tunnels18/50
Subnets / Network174/200
VPC Networks
Virtual Private Cloud topology and configuration
Total VPCs
12
4 Shared VPC
π
Total Subnets
87
β² 5 this month
π
VPC Peerings
14
All active
π
PSC Endpoints
31
β² 3 new
π―
VPC Network Topology
Subnet IP Space Utilization
VPC Networks
| Network Name | Type | Mode | Subnets | MTU | Peerings | Firewall Rules | Status | Created |
|---|---|---|---|---|---|---|---|---|
| prod-vpc | Shared VPC Host | Custom | 24 | 1460 | 6 | 87 | β Active | Jan 12, 2024 |
| staging-vpc | Standalone | Custom | 12 | 1460 | 3 | 42 | β Active | Feb 3, 2024 |
| dev-vpc | Standalone | Auto | 8 | 1460 | 1 | 28 | β Active | Mar 5, 2024 |
| analytics-vpc | Shared VPC Svc | Custom | 6 | 8896 | 2 | 19 | β Active | Apr 1, 2024 |
| dmz-vpc | Standalone | Custom | 3 | 1460 | 0 | 31 | β Active | Apr 15, 2024 |
| gke-cluster-vpc | Shared VPC Svc | Custom | 18 | 1460 | 1 | 14 | β Warning | May 2, 2024 |
| mgmt-vpc | Shared VPC Host | Custom | 4 | 1460 | 2 | 22 | β Active | May 20, 2024 |
Traffic by VPC (Gbps)
VPC Peering Connections
| From | To | State | Exported Routes |
|---|---|---|---|
| prod-vpc | analytics-vpc | Active | 14 |
| prod-vpc | gke-cluster-vpc | Active | 8 |
| prod-vpc | mgmt-vpc | Active | 5 |
| staging-vpc | dev-vpc | Active | 3 |
| dmz-vpc | prod-vpc | Inactive | 0 |
Load Balancers
Traffic distribution, health checks, and backend performance
Total LBs
24
β² 3 this month
β
Total RPS
142K
β² 12% vs yesterday
β‘
Avg Latency (p99)
48ms
β² +6ms vs baseline
β±
Backend Health
97.2%
βΌ 2 unhealthy
π
Request Rate Over Time (req/s)
Latency Distribution (ms)
Load Balancer Inventory
| Name | Type | Scope | Protocol | Frontend IP | Backends | RPS | p99 Latency | Health |
|---|---|---|---|---|---|---|---|---|
| lb-prod-global | External App LB | Global | HTTPS | 34.110.x.x | 3 MIGs | 48,200 | 38ms | 100% |
| lb-api-global | External App LB | Global | HTTPS/2 | 34.111.x.x | 2 NEGs | 31,400 | 42ms | 100% |
| lb-internal-us | Internal App LB | Regional | HTTP | 10.0.1.5 | 4 MIGs | 22,100 | 18ms | 94% |
| lb-grpc-internal | Internal App LB | Regional | gRPC | 10.0.2.10 | 2 NEGs | 18,300 | 12ms | 100% |
| lb-network-nlb | Ext. Network LB | Regional | TCP/UDP | 35.201.x.x | 6 VMs | 15,700 | 8ms | 100% |
| lb-passthrough-int | Int. Passthrough | Regional | TCP | 10.0.3.20 | 3 MIGs | 6,300 | 5ms | 80% |
Traffic by LB Type
External App 56%
Internal App 29%
Network 15%
Backend Health Check Status
lb-prod-global100%
lb-api-global100%
lb-internal-us94%
lb-grpc-internal100%
lb-network-nlb100%
lb-passthrough-int80%
Cloud Interconnect
Dedicated and Partner Interconnect link health and bandwidth
Total Links
6
4 Dedicated, 2 Partner
π
Provisioned BW
40Gbps
Across all links
πΆ
Current Utilization
62%
β² +5% vs last week
π
SLA Status
99.99%
All topology healthy
β
Interconnect Bandwidth Utilization
Link Utilization by Circuit
interconnect-us-178%
interconnect-us-272%
interconnect-eu-155%
interconnect-eu-248%
partner-ic-us (L3)35%
partner-ic-asia (L2)22%
Interconnect Circuits & VLAN Attachments
| Circuit Name | Type | Location | Capacity | VLAN Attachments | Encryption | BGP Sessions | Status |
|---|---|---|---|---|---|---|---|
| interconnect-us-1 | Dedicated | Washington D.C. | 10 Gbps | 4 | MACsec | 4 Active | β Up |
| interconnect-us-2 | Dedicated | Washington D.C. | 10 Gbps | 4 | MACsec | 4 Active | β Up |
| interconnect-eu-1 | Dedicated | Frankfurt, DE | 10 Gbps | 3 | None | 3 Active | β Up |
| interconnect-eu-2 | Dedicated | Frankfurt, DE | 10 Gbps | 3 | None | 3 Active | β Down |
| partner-ic-us | Partner L3 | New York, NY | 2 Gbps | 2 | HA VPN | 2 Active | β Up |
| partner-ic-asia | Partner L2 | Tokyo, JP | 1 Gbps | 1 | None | 1 Active | β Up |
Cloud VPN
HA VPN and Classic VPN tunnel health and traffic
VPN Gateways
8
6 HA, 2 Classic
π
Active Tunnels
18
All established
π
Avg Throughput
3.2Gbps
β² +0.4G
π‘
BGP Sessions
16
All up
πΊ
VPN Throughput Over Time
Tunnel Status Distribution
Established 16
Negotiating 1
Down 1
VPN Tunnel Inventory
| Gateway | Tunnel Name | Type | Peer IP | IKE Version | Routing | Throughput | BGP ASN | Status |
|---|---|---|---|---|---|---|---|---|
| vpngw-prod-us | tunnel-to-onprem-chi-1 | HA VPN | 203.x.x.1 | IKEv2 | BGP | 1.8Gbps | 65001 | Established |
| vpngw-prod-us | tunnel-to-onprem-chi-2 | HA VPN | 203.x.x.2 | IKEv2 | BGP | 1.7Gbps | 65001 | Established |
| vpngw-prod-eu | tunnel-to-onprem-ber-1 | HA VPN | 91.x.x.1 | IKEv2 | BGP | 0.9Gbps | 65002 | Established |
| vpngw-prod-eu | tunnel-to-onprem-ber-2 | HA VPN | 91.x.x.2 | IKEv2 | BGP | 0.0Gbps | 65002 | Down |
| vpngw-vpc-peer | tunnel-vpc-staging-1 | HA VPN | VPC peer | IKEv2 | BGP | 3.1Gbps | 64512 | Established |
| classic-gw-dev | classic-dev-office | Classic | 72.x.x.1 | IKEv1 | Static | 0.2Gbps | β | Negotiating |
Cloud DNS
Zone management, query analytics, and DNSSEC status
Total Zones
38
24 Private, 14 Public
π
DNS Queries/s
28.4K
β² 8% vs yesterday
β
DNSSEC Enabled
11
of 14 public zones
π
Forwarding Zones
6
On-prem integration
β
DNS Query Volume Over Time
Top Queried Domains
DNS Zones
| Zone Name | DNS Name | Type | Records | DNSSEC | Visibility | Peered Zones | Status |
|---|---|---|---|---|---|---|---|
| prod-internal | internal.prod.company.com. | Private | 248 | N/A | prod-vpc | 3 | Active |
| public-primary | company.com. | Public | 142 | Enabled | Public | 0 | Active |
| forwarding-onprem | corp.internal. | Forwarding | 0 | N/A | prod-vpc | 0 | Active |
| gke-internal | cluster.local. | Private | 1840 | N/A | gke-vpc | 1 | Active |
| api-public | api.company.com. | Public | 28 | Disabled | Public | 0 | Warning |
NGFW & Firewall Rules
Cloud NGFW, VPC firewall rules, and hierarchical policies
Total Rules
234
Across all networks
π
Hits (24h)
4.2M
β² 12% vs yesterday
β
Denied (24h)
18.4K
β² +2.1K spikes
β
Unused Rules
31
Optimization needed
β
Allow vs Deny Traffic (24h)
Top Blocked Sources
Firewall Rules (Insights)
| Rule Name | Network | Direction | Priority | Protocol/Port | Action | Hits (24h) | Last Hit | Status |
|---|---|---|---|---|---|---|---|---|
| allow-internal-all | prod-vpc | INGRESS | 1000 | All | ALLOW | 1,842,000 | 2 sec ago | Active |
| allow-http-https | prod-vpc | INGRESS | 1000 | TCP:80,443 | ALLOW | 928,400 | 1 sec ago | Active |
| deny-ssh-external | prod-vpc | INGRESS | 500 | TCP:22 | DENY | 14,200 | 18 sec ago | Active |
| allow-gke-node-comm | gke-cluster-vpc | INGRESS | 1000 | TCP/UDP:all | ALLOW | 412,000 | 1 sec ago | Active |
| deny-all-egress | dmz-vpc | EGRESS | 65534 | All | DENY | 2,100 | 5 min ago | Active |
| allow-legacy-rdp | dev-vpc | INGRESS | 2000 | TCP:3389 | ALLOW | 0 | Never | Unused |
Cloud Armor
DDoS protection, WAF policies, and threat intelligence
Security Policies
7
Across all LBs
π‘
Blocked Requests (24h)
2.4M
β² DDoS mitigated
π«
WAF Rule Hits
84.2K
SQLi: 42K, XSS: 31K
β
Adaptive Protection
Active
0 new attacks
π€
Blocked Traffic Over Time
WAF Rule Category Hits
Security Policy Summary
| Policy Name | Type | Attached To | Rules | Adaptive Protection | Rate Limit | Blocked (24h) | Status |
|---|---|---|---|---|---|---|---|
| prod-waf-policy | Backend | lb-prod-global | 24 | Enabled | 10K rps | 1,840,000 | Active |
| api-waf-policy | Backend | lb-api-global | 18 | Enabled | 5K rps | 412,000 | Active |
| edge-ddos-policy | Edge | lb-prod-global | 4 | Enabled | 100K rps | 147,000 | Active |
| staging-basic | Backend | lb-staging | 8 | Alert Only | 1K rps | 1,200 | Active |
Cloud NAT
NAT gateway utilization, port allocation, and translation stats
NAT Gateways
9
Across 4 regions
π
Active Connections
48.2K
β² 4.1K this hour
β‘
Port Utilization
71%
β prod-us near limit
π
NAT IPs Allocated
18
Manual + Auto
π
NAT Connection Count Over Time
Port Allocation per Gateway
nat-gw-prod-us87%
nat-gw-prod-eu64%
nat-gw-staging-us42%
nat-gw-dev-us18%
nat-gw-asia29%
Network Monitoring
VPC Flow Logs, packet loss, latency, and Network Intelligence Center
Avg Packet Loss
0.02%
Within SLO
π¦
Inter-region Latency
24ms
us β eu avg
β±
Flow Log Ingestion
142GB
Per day
π
NIC Analyzer Warns
4
2 new this week
β‘
Packet Loss by Region (%)
Inter-Region Latency (ms)
Network Analyzer Insights
Suboptimal route configuration
prod-vpc: static route shadows dynamic BGP route
High severity Β· Detected 2h ago
Unused firewall rules detected
31 rules with 0 hits in last 30 days
Medium severity Β· Detected 1d ago
NAT port exhaustion risk
nat-gw-prod-us approaching 90% port usage
Medium severity Β· Detected 6h ago
Subnet IP space running low
10.0.5.0/24: 87% IPs allocated
Low severity Β· Detected 3d ago
Top Talkers (Flow Logs)
GKE Networking
Cluster network config, Pod IPs, and Dataplane status
GKE Clusters
5
3 Prod, 2 Dev
βΈ
Pod IP Range Used
68%
4,352 / 6,400
π±
Services (ClusterIP)
384
β² 24 this week
β
Network Policies
128
Dataplane V2
π
Pod IP Allocation per Cluster
Network Policy Enforcement
GKE Cluster Network Configuration
| Cluster | Mode | VPC | Node Subnet | Pod Range | Service Range | Dataplane | Nodes | Control Plane |
|---|---|---|---|---|---|---|---|---|
| gke-prod-us-1 | Private | gke-cluster-vpc | 10.10.0.0/22 | 10.100.0.0/16 | 10.200.0.0/20 | V2 | 42 | Private EP |
| gke-prod-eu-1 | Private | gke-cluster-vpc | 10.11.0.0/22 | 10.110.0.0/16 | 10.210.0.0/20 | V2 | 36 | Private EP |
| gke-prod-api | Private | prod-vpc | 10.12.0.0/22 | 10.120.0.0/16 | 10.220.0.0/20 | V2 | 18 | Public Auth |
| gke-dev-us | Public | dev-vpc | 10.50.0.0/20 | 10.150.0.0/17 | 10.250.0.0/20 | V1 | 6 | Public Auth |
| gke-dev-shared | Shared VPC | prod-vpc | 10.13.0.0/23 | 10.130.0.0/18 | 10.230.0.0/20 | V2 | 12 | Private EP |
Routing & Cloud Router
Static routes, BGP sessions, and dynamic routing configuration
Total Routes
486
Static + Dynamic
πΊ
Cloud Routers
12
All regions
π
BGP Sessions
28
1 flapping
π‘
Advertised Prefixes
142
Custom + auto
π’
Routes by Type
Dynamic BGP 54%
Static 28%
Subnet 18%
BGP Session Health
| Router | Region | Peer ASN | Status | Routes Rx |
|---|---|---|---|---|
| cr-prod-us-1 | us-central1 | 65001 | Established | 24 |
| cr-prod-us-2 | us-central1 | 65001 | Established | 24 |
| cr-prod-eu-1 | europe-west1 | 65002 | Flapping | 18 |
| cr-prod-eu-2 | europe-west1 | 65002 | Established | 18 |
| cr-prod-asia | asia-east1 | 65003 | Established | 12 |
Alerts & Incidents
Active and resolved network incidents
Active Incidents
3
1 critical
π΄
Resolved (7d)
18
Avg 42min MTTR
β
MTTR
42min
βΌ improved 18%
β±
Alert Rules
64
Network monitoring
π
Incident Volume (Last 30 days)
Incidents by Category
Active Incidents
| ID | Title | Severity | Component | Region | Started | Duration | Assignee | Status |
|---|---|---|---|---|---|---|---|---|
| INC-0482 | Interconnect VLAN Attachment Down | Critical | Cloud Interconnect | us-east1 | 14:02 UTC | 12 min | alice@ | Active |
| INC-0481 | High NAT Port Utilization | High | Cloud NAT | us-central1 | 13:46 UTC | 28 min | bob@ | Investigating |
| INC-0480 | BGP Route Flapping | High | Cloud Router | europe-west1 | 13:10 UTC | 1h 4m | charlie@ | Monitoring |
| INC-0479 | Load Balancer Health Check Failure | Medium | Load Balancer | us-central1 | 10:15 UTC | 3h 49m | diana@ | Resolved |
| INC-0478 | DDoS Attack β Cloud Armor Mitigated | Critical | Cloud Armor | Global | 09:00 UTC | 4h 55m | alice@ | Resolved |
Subnets & IP Management
IP address space, utilization, and allocation
Total Subnets
87
Across 12 VPCs
π
Total IP Space
/8
RFC1918 + Non-RFC
π
IPs Allocated
62%
3 subnets near full
π
IPv6 Subnets
12
External IPv6
6οΈβ£
Subnet Inventory
| Subnet Name | VPC | Region | CIDR | IP Version | Private Google Access | IPs Used | Utilization |
|---|---|---|---|---|---|---|---|
| prod-us-central1-web | prod-vpc | us-central1 | 10.0.1.0/24 | IPv4 | Enabled | 218/254 | 86% |
| prod-us-central1-app | prod-vpc | us-central1 | 10.0.2.0/23 | IPv4 | Enabled | 312/510 | 61% |
| prod-us-central1-db | prod-vpc | us-central1 | 10.0.4.0/24 | IPv4 | Enabled | 48/254 | 19% |
| gke-pods-us | gke-cluster-vpc | us-central1 | 10.100.0.0/16 | IPv4/v6 | Enabled | 4,352/65,534 | 7% |
| prod-eu-west1-web | prod-vpc | europe-west1 | 10.1.0.0/24 | IPv4 | Enabled | 164/254 | 65% |
| staging-us-central1 | staging-vpc | us-central1 | 10.20.0.0/20 | IPv4 | Disabled | 428/4094 | 10% |
Cloud CDN
Cache performance, hit ratios, and origin bandwidth
Cache Hit Ratio
84.3%
β² 2.1% vs last week
πΎ
Served from Cache
48.2TB
Last 24h
π€
Origin Fetches
8.4TB
Saved bandwidth
π
Invalidations (24h)
42
Manual + auto
π
Cache Hit Rate Over Time
Bandwidth: Cached vs Origin
Network Connectivity Center
Hub-and-spoke topology, site-to-site data transfer, and Router Appliances
NCC Hubs
2
hub-prod, hub-dev
π
Total Spokes
18
VPC + Hybrid + Producer
π
Site-to-Site BW
8.4Gbps
β² +1.2G this week
β‘
Router Appliances
4
2 HA pairs
π§
NCC Topology β hub-prod
hub-prod
vpc-spoke-prod
VPC Spoke
VPC Spoke
vpn-spoke-us
Hybrid (VPN)
Hybrid (VPN)
ic-spoke-us
Hybrid (IC)
Hybrid (IC)
ic-spoke-eu
Hybrid (IC)
Hybrid (IC)
ra-spoke-us
Router Appliance
Router Appliance
psc-producer
Producer Spoke
Producer Spoke
VPC Spoke
Hybrid Spoke
Router Appliance
Producer Spoke
Site-to-Site Transfer Bandwidth
Spoke Inventory
| Spoke Name | Hub | Type | Linked Resource | State | Data Transfer | CIDR Filters | Private NAT |
|---|---|---|---|---|---|---|---|
| vpc-spoke-prod | hub-prod | VPC | prod-vpc | Active | Enabled | β | Disabled |
| vpn-spoke-us | hub-prod | Hybrid (VPN) | vpngw-prod-us | Active | Enabled | 10.0.0.0/8 | Disabled |
| ic-spoke-us | hub-prod | Hybrid (IC) | interconnect-us-1/2 | Active | Enabled | 10.0.0.0/8 | Enabled |
| ic-spoke-eu | hub-prod | Hybrid (IC) | interconnect-eu-1/2 | Degraded | Enabled | 172.16.0.0/12 | Disabled |
| ra-spoke-us | hub-prod | Router Appliance | ra-vm-us-1, ra-vm-us-2 | Active | Enabled | β | Disabled |
| psc-producer | hub-prod | Producer | psc-svc-attachment | Active | N/A | β | Disabled |