I have the following VPC connectivity in google cloud:
VPC A <===== VPC Peering connection =====> VPC B (google managed VPC for cloudsql vi a private service connect)
VPC A route table:
| Destination | Next hop |
|---|---|
| 10.2.4.0/24 | VPN connection 1 |
| 10.2.5.0/24 | VPN connection 2 |
I want to export specific custom routes(for eg 10.2.4.0/24) from VPC A to VPC B, but on the VPC peering options, it shows only export custom routes option. Is there a way to export specific routes? Google cloud's auth-cloudsql-proxy seems to be the way to go, but I wanted to know about this from other folks.
Currently, the best solution is to set up a SOCKS5 proxy in the intermediary VPC between the client and your Cloud SQL instance. The Cloud SQL Auth proxy supports chaining through a SOCKS5 proxy, a protocol that forwards TCP packets to a destination IP address. This method allows the intermediate node to forward encrypted traffic from the Cloud SQL Auth proxy to the destination Cloud SQL instance.
The SOCKS5 support can be configured by specifying a SOCKS url in an ALL_PROXY environment variable when invoking the Cloud SQL Auth proxy. Users can direct the Cloud SQL Auth proxy to use a SOCKS5 proxy with the following command:
ALL_PROXY=socks5://localhost:8000 cloud_sql_proxy -instances=$INSTANCE_CONNECTION_NAME=tcp:5432