Requirements for vSRX on Google Cloud Platform
Google Compute Engine Instance Types
To create a vSRX instance, you need to choose a machine type. The machine type specifies a particular collection of virtualized hardware resources available to a VM instance, including the memory size, vCPU count, and maximum disk capacity.
Google Compute Engine allows you to use predefined machine or instances types or customized machine or instance types based on your needs. Table 1 below shows the predefined machine types available in Google Compute Engine.
Machine Name |
Description |
vCPUs |
Memory (GB) |
vSRX 3.0 Instance |
Maximum number of Persistent Disks |
Maximum total Persistent Disk Size (TB) |
RSS Type |
---|---|---|---|---|---|---|---|
n1-standard-4 |
Standard machine type with 4 vCPUs and 15 GB of memory |
4 |
15 |
VSRX-4CPU-15G memory |
16 |
64 |
SWRSS |
n1-standard-8 |
Standard machine type with 8 vCPUs and 30 GB of memory |
8 |
30 |
VSRX-8CPU-30G memory |
16 |
64 |
SWRSS |
n1-standard-16 |
Standard machine type with 16 vCPUs and 60 GB of memory |
16 |
60 |
VSRX-16CPU-60G memory |
16 |
64 |
SWRSS |
A single Google Compute Engine instance supports up to eight network interfaces. If you want to configure eight interfaces, choose n1-standard-8 or a larger machine type. After choosing the machine type, define the networking attributes and SSH Keys for the VM. For more information on network interfaces, see Creating instances with multiple network interfaces.
vSRX Support for Google Cloud
Starting in Junos OS Release 19.2R1, vSRX with 1 Junos Control Plane (JCP) vCPU, 1 data plane vCPU, and 4 GB of vRAM is supported.
vSRX Specifications for GCP
This topic provides details about hardware and software requirements for deploying vSRX with Google.
- Minimum System Requirements for Google Cloud Platform
- Interface Mapping for vSRX on Google Cloud
- vSRX Default Settings on GCP
Minimum System Requirements for Google Cloud Platform
Table 2 lists the minimum system requirements and the Junos OS release in which a particular software specification was introduced for vSRX instances to be deployed on GCP.
Component |
Specification |
Release Introduced |
---|---|---|
Memory |
4 GB |
Junos OS Release 19.2R1 |
Disk space |
19-GB IDE drive |
Junos OS Release 19.2R1 |
vCPUs |
1 Junos Control Plane (JCP) vCPU and 1 data plane vCPU |
Junos OS Release 19.2R1 |
vNICs |
2-8 vNICs
|
Junos OS Release 19.2R1 |
Software feature license |
For more information, see Flex Software Subscription Model and Juniper Flex Program Support for Juniper Products. |
NA |
Software packaging |
Google Compute Engine has specific requirements for the bootable image that is imported to Google cloud space. For more information, see https://cloud.google.com/compute/docs/ images/import-existing-image#create_ image_file. For initial deployment, the .img file is used and for software upgrade, the .tgz image is used. |
NA |
Interface Mapping for vSRX on Google Cloud
Each network adapter defined for a vSRX is mapped to a specific interface, depending on whether the vSRX instance is a standalone VM or one of a cluster pair for high availability. The interface names and mappings in vSRX are shown in Table 3.
Note the following:
In standalone mode:
fxp0 is the out-of-band management interface.
ge-0/0/0 is the first traffic (revenue) interface.
Table 3 shows the interface names and mappings for a standalone vSRX on Google cloud.
Network Adapter |
Interface Name in Junos OS for vSRX |
---|---|
1 |
fxp0 |
2 |
ge-0/0/0 |
3 |
ge-0/0/1 |
4 |
ge-0/0/2 |
5 |
ge-0/0/3 |
6 |
ge-0/0/4 |
7 |
ge-0/0/5 |
8 |
ge-0/0/6 |
vSRX Default Settings on GCP
vSRX requires the following basic configuration settings:
Interfaces must be assigned IP addresses.
Interfaces must be bound to zones.
Policies must be configured between zones to permit or deny traffic.
Table 4 lists the factory-default settings for security policies on the vSRX instance.
Source Zone |
Destination Zone |
Policy Action |
---|---|---|
trust |
untrust |
permit |
trust |
trust |
permit |
untrust |
trust |
deny |