How is GCP GKE VPC native cluster IP alias implemented?

How does the GCP/GKE VPC native network implement the alias IP assignment to each pod?

As in Google Kubernetes Engine – Networking, each Pod will have an IP from secondary IP CIDR range of the subnet (e..g 10.4.1.1).

Each pod in a Linux instance has its veth I/F. How does each veth(i) for pod(i) is linked to the network interface of the Linux box in which the pods run? Each pod (veth) has its own network interface attached to the Linux box, or all pods and veth interfaces share the single eth0?

According to Kubernetes networking on Google Cloud indicates the single eth0 of the Linux box is shared among pods. Then the single eth0 has multiple secondary alias IP addresses associated to it. Then how the Linux box can separate the packets to each alias IP and route them to the corresponding pod/veth? Is it using iptable to map an alias IP to a veth?

The GKE document Alias IP ranges defined in a VM network interface does not have the detail.

How does each veth for pod is linked to the network interface of the linux box in which the pods run?

GKE creates a network namespace to connect pod's veth with node's eth0.

Each pod (veth) has its own network interface attached to the linux box, or all pods and veth interfaces share the single eth0?

All veths are connected to a single eth0 interface via bridge (cbr0). schematic

How does the linux box can separate the packets to each alis IP and route them to the corresponding pod/veth? Is it using iptable to map an alias IP to a veth?

kube-proxy edits the iptable on the node in order to route traffic to appropriate pods.

You can find more information in this article and this stackoverflow answer.