Aviatrix High Performance Encryption for GCP

Because GCP network infrastructure/concept is different than AWS/Azure, Aviatrix GCP High Performance Encryption Mode behavior differs from AWS/Azure support in the following ways:

  • Only Spoke and Transit Gateway types are supported.

  • Only Multicloud Transit functionality is supported with High Performance Encryption Mode gateways; encrypted peering is not supported.

  • The Advertise Transit VPC Network CIDR(s) feature is not supported with a High Performance Encryption Mode Gateway.

  • Aviatrix will support Managed CloudN connecting to Aviatrix Transit Gateway in GCP soon; Standalone/unmanaged CloudN connecting to Aviatrix Transit Gateway is not supported in GCP.

GCP High Performance Encryption Mode supports only Transit Solution ActiveMesh 2.0.

MTU is 1460 and MSS is 1330 bytes

Supported Gateway Sizes for GCP High Performance Encryption Mode

There are 4 supported gateway sizes for GCP:

  • n1-highcpu-4

  • n1-highcpu-8

  • n1-highcpu-16

  • n1-highcpu-32

Subnet Prefix Length for GCP High Performance Encryption Mode

Gateway subnet prefix length cannot be greater than /24.

Aviatrix highly recommends that customers utilize a subnet exclusively for deploying High Performance Encryption enabled gateway without any other instances in the subnet.