Plan the GCP-NCC CloudBlade Integration
Focus
Focus

Plan the GCP-NCC CloudBlade Integration

Table of Contents

Plan the GCP-NCC CloudBlade Integration

The GCP-NCC CloudBlade provides the automatic creation, management, and maintenance of an HA pair of Prisma SD-WAN Data Center virtual ION devices across multiple locations/regions in GCP. It establishes BGP peering to a GCP Cloud Router from the Prisma SD-WAN Data Center vIONs and the GPC Transit VPC to advertise branch prefixes and provide connectivity to compute resources within the GCP regions.
The CloudBlade automates the following configuration steps required to establish end-to-end connectivity from the Prisma SD-WAN sites to the VPCs in GCP.
  1. Creates an NCC Hub.
    An NCC Hub is a global resource; however, once a virtual ION is attached to an NCC hub as a spoke, the NCC will be part of that particular virtual ION device’s VPC. All the virtual ION devices are connected to the same NCC hub as spokes.
  2. Creates three VPCs in GCP (Controller, Internet, and Transit) using Deployment Manager.
    1. Controller and Internet VPC Subnets is configured in 255.255.x.0/24 format.
    2. Transit VPC (Greenfield) Subnet is configured in 10.255.x.0/24 format.
  3. Deploys two Prisma SD-WAN virtual ION 7K data center devices and the subnet CIDR range for the specific region in the VPC created.
  4. Creates cloud routers with interfaces for specific regions.
    A cloud router is part of a region and is attached to the hub (Virtual ION) through BGP peering. In multi-region deployments, multiple virtual ION and cloud routers are deployed across the same VPC in multiple regions (Controller VPC, Internet VPC, and Transit VPC).
  5. Configures and establishes BGP peering session between the cloud router and the virtual ION 7K.
  6. Attaches the virtual ION 7k as a spoke to the NCC hub along with the cloud router.
  7. Configures routing on each VPC.
  8. Creates a data center site in the Prisma SD-WAN controller and configures the devices (Dual Virtual ION 7Ks) with the site.
  9. Updates the Interfaces configuration for port 1 and port 2 for each device on the cloud controller.
  10. Creates BGP core peer routing for each device.