Exam FCP_WCS_AD-7.4 topic 1 question 25 discussion

B. Inbound traffic is directed to the GWLB through a GWLB endpoint. The ingress route table shows that traffic is directed to the GWLB endpoint (GWLBe), which handles traffic processing before forwarding it to the next hop. D. GWLB encapsulates traffic with the GENEVE protocol and sends it to FortiGate. The diagram shows that the Gateway Load Balancer (GWLB) uses the GENEVE protocol to encapsulate traffic before forwarding it to FortiGate for inspection. The other options are incorrect: A: GWLB encapsulates traffic before forwarding it to FortiGate, so it is not forwarded without encapsulation. C: Traffic is not directly sent to the application subnet via the GWLB endpoint. It first goes through the GWLB and FortiGate for inspection before reaching the application subnet.

B,D are correct Traffic Direction through GWLB Endpoint: The ingress route table directs inbound traffic to the GWLB through a GWLB endpoint (GWLBe). This endpoint is responsible for directing traffic to the Gateway Load Balancer for further processing (Option B). GENEVE Encapsulation: The GWLB encapsulates the inbound traffic using the GENEVE protocol. This encapsulated traffic is then sent to FortiGate instances for security inspection. The use of GENEVE ensures that the original traffic context is preserved and can be analyzed by FortiGate (Option D). Other Options Analysis: Option A is incorrect because GWLB does not forward traffic without encapsulation in its dedicated subnet. Option C is incorrect as the inbound traffic is directed to the GWLB endpoint first, not directly to the application subnet.