Configure per VM Tier_1 networking performance
Compute Engine lets you select a high-bandwidth per VM Tier_1 networking performanceconfiguration for certain Compute Engine virtual machine (VM) and bare metalinstances. Compute instances with Tier_1 networking configurations areespecially useful for large, distributed compute workloads with lots of heavyinternode communications, such as high performance computing (HPC), machinelearning (ML), and deep learning (DL).
Combining these high network throughput instances with high-performance LocalSSD storage is beneficial for I/O-intensive, flash-optimized databases.
Before you begin
- Review the pricing for per VM Tier_1 networking performance atTier_1 higher bandwidth network pricing.
- If you haven't already, set upauthentication. Authentication verifies your identity for access to Google Cloud services and APIs. To run code or samples from a local development environment, you can authenticate to Compute Engine by selecting one of the following options:
Select the tab for how you plan to use the samples on this page:
Console
When you use the Google Cloud console to access Google Cloud services and APIs, you don't need to set up authentication.
gcloud
Install the Google Cloud CLI. After installation,initialize the Google Cloud CLI by running the following command:
gcloudinit
If you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity.
Note: If you installed the gcloud CLI previously, make sure you have the latest version by runninggcloud components update.- Set a default region and zone.
REST
To use the REST API samples on this page in a local development environment, you use the credentials you provide to the gcloud CLI.
Install the Google Cloud CLI. After installation,initialize the Google Cloud CLI by running the following command:
gcloudinit
If you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity.
Note: If you installed the gcloud CLI previously, make sure you have the latest version by runninggcloud components update.For more information, seeAuthenticate for using REST in the Google Cloud authentication documentation.
Required roles
To get the permissions that you need to configure an instance to use per VM Tier_1 networking performance, ask your administrator to grant you the following IAM roles on your project:
- Compute Instance Admin (v1) (
roles/compute.instanceAdmin.v1) - Create Service Accounts (
roles/iam.serviceAccountCreator)
For more information about granting roles, seeManage access to projects, folders, and organizations.
These predefined roles contain the permissions required to configure an instance to use per VM Tier_1 networking performance. To see the exact permissions that are required, expand theRequired permissions section:
Required permissions
The following permissions are required to configure an instance to use per VM Tier_1 networking performance:
- To create instances:
compute.instances.createon the project- To use a custom image to create the VM:
compute.images.useReadOnlyon the image - To use a snapshot to create the VM:
compute.snapshots.useReadOnlyon the snapshot - To use an instance template to create the VM:
compute.instanceTemplates.useReadOnlyon the instance template - To assign alegacy network to the VM:
compute.networks.useon the project - To specify a static IP address for the VM:
compute.addresses.useon the project - To assign an external IP address to the VM when using a legacy network:
compute.networks.useExternalIpon the project - To specify a subnet for the VM:
compute.subnetworks.useon the project or on the chosen subnet - To assign an external IP address to the VM when using a VPC network:
compute.subnetworks.useExternalIpon the project or on the chosen subnet - To set VM instance metadata for the VM:
compute.instances.setMetadataon the project - To set tags for the VM:
compute.instances.setTagson the VM - To set labels for the VM:
compute.instances.setLabelson the VM - To set a service account for the VM to use:
compute.instances.setServiceAccounton the VM - To create a new disk for the VM:
compute.disks.createon the project - To attach an existing disk in read-only or read-write mode:
compute.disks.useon the disk - To attach an existing disk in read-only mode:
compute.disks.useReadOnlyon the disk
- To update an instance to include Tier_1 networking:
compute.instances.update- Permission to use the resources that you want to modify on the instance, forexample
compute.networks.use
- To create an instance template with Tier_1 networking:
compute.instanceTemplates.create
You might also be able to get these permissions withcustom roles or otherpredefined roles.
Limitations
- Compute Engine is the only product area supporting Tier_1 networking.
- Tier_1 networking is supported with N2, N2D, C2, C2D, C3, C3D, C4, C4A,C4D, M3, and Z3 machine types that have the minimum required vCPUs.
- For VMs, Tier_1 networking requires thegVNIC virtual network driverand agVNIC-compatible OS or custom image.
- Third generation and laterVMs require gVNIC driver version 1.4.2 or later to deliver the highestnetwork bandwidth. Make sure the operatingsystem (OS) image that you use fully supports Tier_1 networking.Fully supported OS imagesinclude the updated gVNIC driver. You canupdate the gVNIC driveron images that don't have the latest version.
- Purchasable stock keeping units (SKUs) for Tier_1 networking areexcluded fromcommitted use discounts.
- Large C4, C4D, C3, C3D, and Z3 VMsmight encounter NUMA-related bottlenecks when bandwidth is pushed beyond100 Gbps. Depending on your application architecture, you might need tocontrol for thread and interrupt placement. On Linux, guest OSfeatures such asReceive Flow Steering (RFS)can help address this issue. Verify that your applications are NUMA-tuned tomaximize your performance.
Bandwidth tiers
The egress bandwidth limit represents the maximum possible amount of data perunit of time (for example, gigabits per second, or Gbps) that Google Cloudallows a Compute Engine instance to emit from its network interfaces(NICs). The egress bandwidth includes data transferred to all Persistent Disk andGoogle Cloud Hyperdisk volumes attached to the instance.
Note the following about bandwidth limits:
- The default bandwidth limit ranges from 10 Gbps to 200 Gbps,depending on themachine type and instancesize.
- Tier_1 networking increases the maximum egress bandwidth limit forcompute instances. The maximum egress bandwidth limit ranges from 50 Gbpsto 200 Gbps, depending on the size and machine type of your instance.
- The actual egress bandwidth is always less than or equal to the egressbandwidth limit.
To achieve the highest possible egress bandwidth,all of the followingmust be true:
- The sending and receiving compute instances must be in the same zone.
- The instances must have NICs in the same VPC network or inVPC networks connected by VPC Network Peering.
- Packets sent between the instances must useinternal IP address destinations.
- The VPC network that is used by the instances uses the highestmaximum transmission unit (MTU) setting. A higher MTUreduces the packet-header overhead and thus increases payload data throughput.
For a complete discussion about egress and ingress bandwidth limits, seeNetwork bandwidth.
General-purpose C4 VMs and bare metal instances
The following table describes the egress bandwidth limits for C4 VMs andbare metal instances. For C4 VMs with Local SSD, only machine types with288 vCPUs support Tier_1 networking.
| vCPUs | Internal IP | Tier_1 Internal IP | External IP | Tier_1 External IP |
|---|---|---|---|---|
| 2 | 10 Gbps | N/A | 7 Gbps | N/A |
| 4 | 23 Gbps | N/A | 7 Gbps | N/A |
| 8 | 23 Gbps | N/A | 7 Gbps | N/A |
| 16 | 23 Gbps | N/A | 7 Gbps | N/A |
| 24 | 23 Gbps | N/A | 7 Gbps | N/A |
| 32 | 23 Gbps | N/A | 7 Gbps | N/A |
| 48 | 34 Gbps | 50 Gbps | 7 Gbps | 25 Gbps |
| 96 | 67 Gbps | 100 Gbps | 7 Gbps | 25 Gbps |
| 144 | 100 Gbps | 150 Gbps | 7 Gbps | 25 Gbps |
| 192 | 100 Gbps | 200 Gbps | 7 Gbps | 25 Gbps |
| 288 | 100 Gbps | 200 Gbps | 7 Gbps | 25 Gbps |
General-purpose C4A VMs
The following table describes the egress bandwidth limits for C4A VMs.
| vCPUs | Internal IP | Tier_1 Internal IP | External IP | Tier_1 External IP |
|---|---|---|---|---|
| 1 | 10 Gbps | N/A | 7 Gbps | N/A |
| 2 | 10 Gbps | N/A | 7 Gbps | N/A |
| 4 | 23 Gbps | N/A | 7 Gbps | N/A |
| 8 | 23 Gbps | N/A | 7 Gbps | N/A |
| 16 | 23 Gbps | N/A | 7 Gbps | N/A |
| 32 | 23 Gbps | 50 Gbps | 7 Gbps | 25 Gbps |
| 48 | 34 Gbps | 50 Gbps | 7 Gbps | 25 Gbps |
| 64 | 45 Gbps | 75 Gbps | 7 Gbps | 25 Gbps |
| 72 | 50 Gbps | 100 Gbps | 7 Gbps | 25 Gbps |
General-purpose C4D instances
The following table describes the egress bandwidth limits for C4D instances.
| vCPUs | Internal IP | Tier_1 Internal IP | External IP | Tier_1 External IP |
|---|---|---|---|---|
| 2 | 10 Gbps | N/A | 7 Gbps | N/A |
| 4 | 20 Gbps | N/A | 7 Gbps | N/A |
| 8 | 20 Gbps | N/A | 7 Gbps | N/A |
| 16 | 20 Gbps | N/A | 7 Gbps | N/A |
| 32 | 23 Gbps | N/A | 7 Gbps | N/A |
| 48 | 34 Gbps | 50 Gbps | 7 Gbps | 25 Gbps |
| 64 | 45 Gbps | 75 Gbps | 7 Gbps | 25 Gbps |
| 96 | 67 Gbps | 100 Gbps | 7 Gbps | 25 Gbps |
| 192 | 100 Gbps | 150 Gbps | 7 Gbps | 25 Gbps |
| 384 | 100 Gbps | 200 Gbps | 7 Gbps | 25 Gbps |
General-purpose C3 VMs and bare metal instances
The following table describes the egress bandwidth limits for C3 VMs and baremetal instances.
Note: If you are using a C3 bare metal instance, you can maximize networkbandwidth performance by disabling sleep states. For more information, see thetroubleshooting documentation.| vCPUs | Internal IP | Tier_1 Internal IP | External IP | Tier_1 External IP |
|---|---|---|---|---|
| 4 | 23 Gbps | N/A | 7 Gbps | N/A |
| 8 | 23 Gbps | N/A | 7 Gbps | N/A |
| 22 | 23 Gbps | N/A | 7 Gbps | N/A |
| 44 | 32 Gbps | 50 Gbps | 7 Gbps | 25 Gbps |
| 88 | 62 Gbps | 100 Gbps | 7 Gbps | 25 Gbps |
| 176 | 100 Gbps | 200 Gbps | 7 Gbps | 25 Gbps |
| 192 | 100 Gbps | 200 Gbps | 7 Gbps | 25 Gbps |
General-purpose C3D VMs
| vCPUs | Internal IP | Tier_1 Internal IP | External IP | Tier_1 External IP |
|---|---|---|---|---|
| 4 | 20 Gbps | N/A | 7 Gbps | N/A |
| 8 | 20 Gbps | N/A | 7 Gbps | N/A |
| 16 | 20 Gbps | N/A | 7 Gbps | N/A |
| 30 | 20 Gbps | 50 Gbps | 7 Gbps | 25 Gbps |
| 60 | 40 Gbps | 75 Gbps | 7 Gbps | 25 Gbps |
| 90 | 60 Gbps | 100 Gbps | 7 Gbps | 25 Gbps |
| 180 | 100 Gbps | 150 Gbps | 7 Gbps | 25 Gbps |
| 360 | 100 Gbps | 200 Gbps | 7 Gbps | 25 Gbps |
Compute-optimized H4D instances
The following table describes the egress bandwidth limits for H4D instances.
| vCPUs | Internal IP | External IP |
|---|---|---|
| 192 | 200 Gbps | 1 Gbps |
Compute-optimized H3 VMs
The following table describes the egress bandwidth limits for H3 VMs.
| vCPUs | Internal IP | External IP |
|---|---|---|
| 88 | 200 Gbps | 1 Gbps |
Compute-optimized C2 VMs
The following table describes the egress bandwidth limits for C2 VMs.
| vCPUs | Internal IP | Tier_1 Internal IP | External IP | Tier_1 External IP |
|---|---|---|---|---|
| 4 | 10 Gbps | Not applicable (N/A) | 7 Gbps | N/A |
| 8 | 16 Gbps | N/A | 7 Gbps | N/A |
| 16 | 32 Gbps | N/A | 7 Gbps | N/A |
| 30 | 32 Gbps | 50 Gbps | 7 Gbps | 7 Gbps |
| 60 | 32 Gbps | 100 Gbps | 7 Gbps | 7 Gbps |
Compute-optimized C2D VMs
The following table describes the egress bandwidth limits for C2D VMs.
| vCPUs | Internal IP | Tier_1 Internal IP | External IP | Tier_1 External IP |
|---|---|---|---|---|
| 2 | 10 Gbps | Not applicable (N/A) | 7 Gbps | N/A |
| 4 | 10 Gbps | N/A | 7 Gbps | N/A |
| 8 | 16 Gbps | N/A | 7 Gbps | N/A |
| 16 | 32 Gbps | N/A | 7 Gbps | N/A |
| 32 | 32 Gbps | 50 Gbps | 7 Gbps | 25 Gbps |
| 56 | 32 Gbps | 50 Gbps | 7 Gbps | 25 Gbps |
| 112 | 32 Gbps | 100 Gbps | 7 Gbps | 25 Gbps |
Memory-optimized M4 VMs
The following table describes the egress bandwidth limits for M4 VMs.
| vCPUs | Internal IP | External IP |
|---|---|---|
| 16 | 16 Gbps | 7 Gbps |
| 32 | 32 Gbps | 7 Gbps |
| 56 | 32 Gbps | 7 Gbps |
| 64 | 32 Gbps | 7 Gbps |
| 112 | 50 Gbps | 7 Gbps |
| 224 | 100 Gbps | 7 Gbps |
Memory-optimized M3 VMs
The following table describes the egress bandwidth limits for M3 VMs.
| vCPUs | Internal IP | Tier_1 Internal IP | External IP | Tier_1 External IP |
|---|---|---|---|---|
| 32 | 32 Gbps | N/A | 7 Gbps | N/A |
| 64 | 32 Gbps | 50 Gbps | 7 Gbps | 25 Gbps |
| 128 | 32 Gbps | 100 Gbps | 7 Gbps | 25 Gbps |
General-purpose N2 VMs
The following table describes the egress bandwidth limits for N2 VMs.
| vCPUs | Internal IP | Tier_1 Internal IP | External IP | Tier_1 External IP |
|---|---|---|---|---|
| 2 | 10 Gbps | Not applicable (N/A) | 7 Gbps | N/A |
| 4 | 10 Gbps | N/A | 7 Gbps | N/A |
| 8 | 16 Gbps | N/A | 7 Gbps | N/A |
| 16 | 32 Gbps | N/A | 7 Gbps | N/A |
| 32 | 32 Gbps | 50 Gbps | 7 Gbps | 25 Gbps |
| 48 | 32 Gbps | 50 Gbps | 7 Gbps | 25 Gbps |
| 64 | 32 Gbps | 75 Gbps | 7 Gbps | 25 Gbps |
| 80 | 32 Gbps | 100 Gbps | 7 Gbps | 25 Gbps |
| 96 | 32 Gbps | 100 Gbps | 7 Gbps | 25 Gbps |
| 128 | 32 Gbps | 100 Gbps | 7 Gbps | 25 Gbps |
General-purpose N2 (custom size shapes) VMs
The following table describes the egress bandwidth limits for custom-sized N2VMs.
| vCPUs | Internal IP | Tier_1 Internal IP | External IP | Tier_1 External IP |
|---|---|---|---|---|
| 2, 4, or 6 | 10 Gbps | Not applicable (N/A) | 7 Gbps | N/A |
| 8, 10, 12, or 14 | 16 Gbps | N/A | 7 Gbps | N/A |
| 16, 18, 20, 22, 24, 26, 28, or 30 | 32 Gbps | N/A | 7 Gbps | N/A |
| 32, 36, 40, 44, 48, 52, 56, or 60 | 32 Gbps | 50 Gbps | 7 Gbps | 25 Gbps |
| 64, 68, 72, or 76 | 32 Gbps | 75 Gbps | 7 Gbps | 25 Gbps |
| 80 or more | 32 Gbps | 100 Gbps | 7 Gbps | 25 Gbps |
General-purpose N2D VMs
The following table describes the egress bandwidth limits for N2D VMs.
| vCPUs | Internal IP | Tier_1 Internal IP | External IP | Tier_1 External IP |
|---|---|---|---|---|
| 2 | 10 Gbps | Not applicable (N/A) | 7 Gbps | N/A |
| 4 | 10 Gbps | N/A | 7 Gbps | N/A |
| 8 | 16 Gbps | N/A | 7 Gbps | N/A |
| 16 | 32 Gbps | N/A | 7 Gbps | N/A |
| 32 | 32 Gbps | N/A | 7 Gbps | N/A |
| 48 | 32 Gbps | 50 Gbps | 7 Gbps | 25 Gbps |
| 64 | 32 Gbps | 50 Gbps | 7 Gbps | 25 Gbps |
| 80 | 32 Gbps | 50 Gbps | 7 Gbps | 25 Gbps |
| 96 | 32 Gbps | 100 Gbps | 7 Gbps | 25 Gbps |
| 128 | 32 Gbps | 100 Gbps | 7 Gbps | 25 Gbps |
| 224 | 32 Gbps | 100 Gbps | 7 Gbps | 25 Gbps |
General-purpose N2D (custom size shapes) VMs
The following table describes the egress bandwidth limits forcustom-sized N2D VMs.
| vCPUs | Internal IP | Tier_1 Internal IP | External IP | Tier_1 External IP |
|---|---|---|---|---|
| 2 or 4 | 10 Gbps | Not applicable (N/A) | 7 Gbps | N/A |
| 8 | 16 Gbps | N/A | 7 Gbps | N/A |
| 16 or 32 | 32 Gbps | N/A | 7 Gbps | N/A |
| 48, 64, or 80 | 32 Gbps | 50 Gbps | 7 Gbps | 25 Gbps |
| 96 | 32 Gbps | 100 Gbps | 7 Gbps | 25 Gbps |
Memory-optimized X4 instance
The following table describes the egress bandwidth limits for X4 bare metalinstances.
Note: If using a X4 bare metal instance, to maximize network bandwidthperformance, see theTroubleshooting documentationfor information about disabling sleep states.| vCPUs | Internal IP | External IP |
|---|---|---|
| 960 | 100 Gbps | 7 Gbps |
| 1440 | 100 Gbps | 7 Gbps |
| 1920 | 100 Gbps | 7 Gbps |
Storage-optimized Z3 VMs
The following table describes the egress bandwidth limits for Z3 VMs.
Note: If you are using a Z3 bare metal instance, you can maximize networkbandwidth performance by disabling sleep states. For more information, see thetroubleshooting documentation.| vCPUs | Internal IP | Tier_1 Internal IP | External IP | Tier_1 External IP |
|---|---|---|---|---|
| 8, 14, 16, or 22 | 23 Gbps | N/A | 7 Gbps | N/A |
| 32 | 32 Gbps | N/A | 7 Gbps | N/A |
| 44 | 32 Gbps | 50 Gbps | 7 Gbps | 25 Gbps |
| 88 | 62 Gbps | 100 Gbps | 7 Gbps | 25 Gbps |
| 176 | 100 Gbps | 200 Gbps | 7 Gbps | 25 Gbps |
| 192 | 100 Gbps | 200 Gbps | 7 Gbps | 25 Gbps |
Configure an instance with Tier_1 networking
You can enable Tier_1 networking when creating a compute instance if theinstance doesn't use the VirtioNet interface. You can also edit an instanceto add or remove Tier_1 networking, provided the instance was created withthe gVNIC or IDPF network interface .
Optionally, you can alsoenable faster network packet processing with DPDKto run performance-intensive applications on an instance that usesTier_1 networking.
Create instances and containers that use Tier_1 networking
Use the Google Cloud console, the Google Cloud CLI or REST to addTier_1 networking to a new compute instance orcontainer.
Console
In the Google Cloud console, go to theVM instances page.
Select your project.
ClickCreate instance.
Specify aName for your compute instance. For more information, seeResource naming convention.
Select aregion and zone that supportsthe machine type you plan to use.
Select aMachine configuration for your instance. To create aninstance with Tier_1 networking, you must select a supported machine series and type.
- Click theGeneral purpose tab before selecting N2, N2D, C4, C4A, C4D,C3, or C3D from theSeries drop-down menu.
- Click theCompute optimized tab before selecting C2 or C2D fromtheSeries menu.
- Click theMemory optimized tab before selecting M3from theSeries menu.
- Click theStorage optimized tab before selecting Z3 fromtheSeries menu.
If you get an error that the machine type is not available in theselected region, change the region to one that supports your chosenmachine type.
In theMachine type menu, choose a machine type that alignswith thebandwidth tier size requirements.
To select a compatible operating system, in theBoot disksection, clickChange, and then select a supported operating systemor use theCustom Images tab to select acustom image.
Optional. In theFirewall section, choose your firewall rules.
Expand theAdvanced options section.
Expand theNetworking section, and then do the following:
In theNetwork interface card menu, selectgVNIC.
Note: The option- in theNetwork interface card menuindicates that the NIC type can be either gVNIC or VirtioNet (VirtIO)depending on themachine type.For some machine types, only gVNIC is available for the networkinterface card. If both gVNIC and VirtIO are available for a VMinstance, then choose gVNIC instead of using the default NIC type,which is VirtIO.In theNetwork bandwidth section, select theEnable per VM Tier_1 networking performance checkbox.
If the machine type supports multiple NICs or your instance uses IPv6addresses, then configure yourNetwork interfaces.
ClickCreate.
gcloud
Use thegcloud compute instances create commandto create an instance with agVNIC virtual network driver.Use the--network-performance-configs flag and the--network-interface flag to configure a network performance settingfor an instance. If you don't specify these flags the instance is createdwith the default network performance configuration.
To create an instance running container images, use thegcloud compute instances create-with-container command.
gcloud compute instances createINSTANCE_NAME \ --image=OS_IMAGE \ --machine-type=MACHINE_TYPE \ --network-performance-configs=total-egress-bandwidth-tier=TIER_1 \ --network-interface=nic-type=GVNIC
Replace the following:
- INSTANCE_NAME: the name of the instance
- OS_IMAGE: an image that supportsgVNIC image
- MACHINE_TYPE: a machine type that supports ahigh-bandwidth configuration
For example:
gcloud compute instances create instance-1 \ --network-performance-configs=total-egress-bandwidth-tier=TIER_1 \ --network-interface=nic-type=GVNIC \ --image-family=rocky-linux-8-optimized-gcp \ --image-project=rocky-linux-cloud \ --machine-type=n2-standard-32
REST
Call the Compute Engine APIinstances.insert methodto create a compute instance with a high-bandwidth network configuration.In the request body, do the following:
- Set the
networkPerformanceConfigparameters tototalEgressBandwidthTierandTIER_1. - Set the
networkInterfaceparameters tonicTypeandGVNIC.
POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/zones/ZONE/instances{ "name":INSTANCE_NAME, "description": string, ... "networkPerformanceConfig": { "totalEgressBandwidthTier": TIER_1 }, "networkInterfaces": [ { "nicType": "GVNIC" }, ... ] }Replace the following:
- PROJECT_ID: your project ID
- ZONE: the zonewhere you want to create the instance
- INSTANCE_NAME: the name of the instance
Update a compute instance to include Tier_1 networking
Refer to theUpdating instance propertiesdocumentation to verify that you are meeting all the requirements tosuccessfully update your compute instance. Use the Google Cloud console, theGoogle Cloud CLI or REST to update an instance.
You can modify an existing instance to change the network configuration toinclude or exclude per VM Tier_1 networking performance. Your instance must already have agVNIC interface associated with it; you can't edit your instance to add anetwork interface. To update the network configuration, you must stop andrestart the instance.
Console
In the Google Cloud console, go to theVM instances page.
Select your project.
Click the name of the instance that you want to modify.
ClickStopto stop the instance. If there is noStop option, clickMore actions >Stop.
ClickEdit.
If your instance was originally configured with a gVNIC card, select theEnable per VM Tier_1 networking performance checkbox to add per VM Tier_1 networking performance,or deselect the checkbox to remove this feature from your instance.
Save your changes.
Restart your instance.
gcloud
Export your instance's information to a YAML file using the
gcloud compute instances exportcommand.gcloud compute instances exportINSTANCE_NAME \ --zone=ZONE --destination=PATH_TO_FILE
Replace the following:
- INSTANCE_NAME: the name of the instance
- ZONE: the name of the zone where the instance is located
PATH_TO_FILE: the relative path to the YAML file
For example:
gcloud compute instances export instance-1 \ --zone=europe-west1-c --destination=test-file.yaml
Use theCloud Shell Editor,or the editor of your choice to open the YAML file you created.
In the file, locate the configuration section for
networkPerformanceConfig. Change the setting fortotalEgressBandwidthTieras shown in the following example:networkPerformanceConfig: totalEgressBandwidthTier: TIER_1
Setting
Tip: To avoid getting an error such astotalEgressBandwidthTiertoTIER_1addsTier_1 networking. Setting it toDEFAULTremoves theconfiguration."ERROR: (gcloud.compute.instances.update-from-file) Cannot parse YAML: [Expected type, add quotes (for field value, found True (type )]" ' ') around any label values ofyesornoin the exported instance configuration file. This indicates the values are strings, not Boolean values.Use the
gcloud compute instance update-from-filecommandto update the instance with the changes in the file.gcloud compute instances update-from-fileINSTANCE_NAME \ --zone=ZONE \ --source=PATH_TO_FILE \ --most-disruptive-allowed-action=RESTART
Replace the following:
INSTANCE_NAME: the name of the instanceZONE: the name of the zone where the instanceis locatedPATH_TO_FILE: your YAML filename
The
--most-disruptive-allowed-action=RESTARTflag setting automaticallyrestarts your instance with the updated configuration.
REST
Call theinstances.update methodto modify the network configuration.
PUT https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/zones/ZONE/instances/RESOURCE_ID?most_disruptive_allowed_action=RESTART{ "networkPerformanceConfig":{ "totalEgressBandwidthTier": "TIER_1" },...}SettingtotalEgressBandwidthTier toTIER_1 addsTier_1 networking. Setting it toDEFAULT removes the configuration.
Replace the following:
- PROJECT_ID: your project ID
- ZONE: the zone where your instance resides
- RESOURCE_ID: the name of your instance
Themost_disruptive_allowed_action=RESTART query parameterautomatically restarts your instance with the updated configuration.
Verify high-bandwidth configuration in a compute instance
Use the Google Cloud console, the Google Cloud CLI orREST to generate a description of an existing compute instance, or anexisting instance that runs container images, to verify the instances'sbandwidth tier.
Console
In the Google Cloud console, go to theVM instances page.
Select your project and clickContinue.
Click the instance name to see its configuration details and see ifthe instance uses per VM Tier_1 networking performance.
gcloud
Use thegcloud compute instances describe commandto check if your instance uses per VM Tier_1 networking performance.
For example:
gcloud compute instances describeINSTANCE_NAME \ --format="text(name, networkPerformanceConfig)"
The output is similar to the following:
name: instance-1networkPerformanceConfig.totalEgressBandwidthTier:TIER_1
If the output shows the valueDEFAULT, then Tier_1 networkingisn't enabled.
REST
Call theinstances.get methodto view the network configuration.
GET https://compute.googleapis.com/v1/projects/PROJECT_ID/zones/ZONE/instances/RESOURCE_ID/
Replace the following:
- PROJECT_ID: your project name
- ZONE: the zone where your instance resides
- RESOURCE_ID: the name of your instance
The output should contain the following lines:
{ "name":RESOURCE_ID, "description": string, ... "networkPerformanceConfig": { "totalEgressBandwidthTier": "TIER_1" }, ... }If the output shows the valueDEFAULT, then Tier_1 networking is notenabled.
Create an instance template with Tier_1 networking
Use the Google Cloud console, the Google Cloud CLI orREST to create an instance template with per VM Tier_1 networking performance.Refer to theCreating an instance templatedocumentation to verify that you are meeting all the requirements to createyour instance template.
Console
In the Google Cloud console, go to theInstance templates page.
ClickCreate instance template.
Enter values for the following fields, or accept the default values.
Specify aName for your instance template. For more information, seeResource naming convention.
Select aregion and zone that supportsTier_1 networking.
Select aMachine configuration for your compute instance. To createan instance that uses Tier_1 networking, you must select a supportedmachine series and machine type.
- Click theGeneral purpose tab before selecting N2, N2D, C4, C4A,C4D, C3, or C3D from theSeries drop-down menu.
- Click theCompute optimized tab before selecting C2 or C2D fromtheSeries menu.
- Click theStorage optimized tab before selecting Z3 fromtheSeries menu.
In theMachine type menu, choose a machine type that aligns with thebandwidth tier size requirements.
In theBoot disk section, clickChange, and then select agVNIC-compatible orcustom image.
Optional. In theFirewall section, choose your firewall rules.
Expand theAdvanced options section.
Expand theNetworking section, and then do the following:
In theNetwork interface card menu, selectgVNIC.
Note: The option- in theNetwork interface card menuindicates that the NIC type can be either gVNIC or VirtioNet (VirtIO)depending on themachine family type.For some machine family types, only gVNIC is available for the networkinterface card. If both gVNIC and VirtIO are available for the machinetype, then choose gVNIC instead of using the default NIC type, whichis VirtIO.In theNetwork bandwidth section, select theEnable per VM Tier_1 networking performance checkbox.
If the machine type supports multiple NICs or the instance uses IPv6addresses, then configure theNetwork interfaces accordingly.
ClickCreate.
gcloud
Use thegcloud compute instance-templates create commandwith both the--network-performance-configs and the--network-interfaceflags.
gcloud compute instance-templates createINSTANCE_TEMPLATE_NAME \ --image=OS_IMAGE \ --machine-type=MACHINE_TYPE \ --network-performance-configs=total-egress-bandwidth-tier=TIER_1 \ --network-interface=nic-type=GVNIC
Replace the following:
- INSTANCE_TEMPLATE_NAME: the name of your instance template
- OS_IMAGE: an operating system image that supportsgVNIC
- MACHINE_TYPE: a machine type that supports Tier_1 networking, as described inBandwidth tiers.
For example:
gcloud compute instance-templates create instance-template-1 \ --image-family=rocky-linux-8-optimized-gcp \ --image-project=rocky-linux-cloud \ --network-performance-configs=total-egress-bandwidth-tier=TIER_1 \ --machine-type=n2-standard-32 \ --network-interface=nic-type=GVNIC
REST
Call theinstanceTemplates.insert method.Within the request body, set thenetworkPerformanceConfig parametertototalEgressBandwidthTier andTIER_1. Set thenetworkInterfacesparameter tonicType andGVNIC.
POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/instancesTemplates{ "name": "INSTANCE_TEMPLATE_NAME", "properties": { "machineType": "zones/ZONE/machineTypes/MACHINE_TYPE", ... "networkPerformanceConfig": { "totalEgressBandwidthTier": "TIER_1" }, "networkInterfaces": [ { "nicType": "GVNIC" }, ... ] }}Replace the following:
- PROJECT_ID: your project name
- INSTANCE_TEMPLATE_NAME: a name for the instancetemplate
- ZONE: the zone where your instance is located
- MACHINE_TYPE: the machine type of the instance
- RESOURCE_ID: the name of your instance
Benchmark a higher bandwidth configuration
You canrun a benchmark testto check your compute instances's performance with per VM Tier_1 networking performance. Besure toremove the benchmarking resourcesthat you create during testing when you are finished to avoid unexpectedresource charges.
What's next
- Reviewper VM Tier_1 networking performance pricing
- Learn about thegVNIC network interface driver
Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-12-15 UTC.