Allowing your devices to talk to Google

Recently I wrote about allowing devices to talk to Apple. One of the recommendations in that post was to allow traffic from your network out to Apple’s address range, 17.0.0.0/8

At the moment I’m trialling a Chromebook enrolled into our Google Apps domain. The setup of the Chrombook needed to download some updates from Google so that I could complete the enrolment. The updates failed inside our network in its existing configuration, so I looked around for documentation from Google on where their various services might be hosted.

Unlike Apple, Google’s services seem to be run from a number of different subnets. On the plus side, Google do publish an excellent guide on network configurations for deployment of their services, whether this be just Google Apps accessed from any device, or a full-scale Chromebook deploment

The full document of Google’s Networking Best Practices for Large Deployments is available here.

The relevant piece of information I was looking for was their IPv4 address ranges, which they give as 216.239.32.0/19, 64.233.160.0/19, 66.249.80.0/20, 72.14.192.0/18, 209.85.128.0/17, 66.102.0.0/20, 74.125.0.0/16, 64.18.0.0/20, 207.126.144.0/20 and 173.194.0.0/16.

The Best Practices document is packed with useful information about managing proxy servers, PAC files ports used by various Google services and sizing of your infrastructure to give users the best experience possible.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s