Exam Professional Cloud Network Engineer topic 1 question 79 discussion

Im pretty sure if this was an exam question then the expected answer would be B (NW load balancer) 1) the question says external TCP which is either TCP proxy or Network LB. 2) The question does NOT state anything about LB being regional or global, so there is no harm in choosing Network Load balancer instead of TCP proxy 3) TCP proxy is not a pass through LB, but network LB is. So, Network LB preserves the client IP by default. NOTE: It is still possible to preserve the client IP via TCP proxy if you use a Proxy Protocol. So, if the question statement was ''External GLOBAL Tcp LB" then i would say the answer is TCP Proxy. But with all we have in the statement, Network LB is a safe answer! Peace :)

You can understand which LB we should use in this situation. The correct answer is "D". External -> no SSL offload -> Global LB -> TCP Proxy https://cloud.google.com/load-balancing/docs/choosing-load-balancer#flow_chart There is one important point to note. By default, the original(source) client IP address and port information is not preserved. We can preserve this information by using the PROXY protocol. https://cloud.google.com/load-balancing/docs/tcp#target-proxies

cant be D. TCP/SSL proxy load balancer: While TCP/SSL proxy load balancers can handle TCP and SSL traffic, they do not preserve the original source IP address as they terminate the client connections at the proxy and create new connections to the backend instances.

it's B. it's talking about keeping the ORIGINAL LAYER 3 payload source IP. In the case of TCP/SSL Proxy, when using the PROXY protocol, the payload is NOT preserved. A new connection is established with a new source IP, since the PROXY protocol operates at layer 4, by adding a header with the client IP at the start of TCP connection.

Public facing (external) passthrough network load balancer is required, so B.

When the IP address of the remote endpoint needs to be preserved, in tandem with TLS connections, there's only solution: B) passthrough load balancers. https://cloud.google.com/load-balancing/docs/choosing-load-balancer#proxy-pass-through https://cloud.google.com/load-balancing/docs/passthrough-network-load-balancer A) and D) are not correct because the original source address is be lost at TCP connection level (even though it may be somewhere in PROXY information or in some HTTP header), C) is not external.

ans is B as D does proxy for tcp connection

D. TCP/SSL proxy load balancer When you use a TCP/SSL proxy load balancer, it preserves the source IP address of the original layer 3 payload. This is because TCP/SSL proxy load balancer terminates the incoming TCP connection and establishes a new one to the backend instance, while retaining the original source IP address in the payload. In contrast, other types of load balancers may modify the source IP address of the payload, making it difficult to track the origin of the request.

• D. TCP/SSL ***** proxy load balancer Network load balancers are regional in nature and only support backends in the same region as their configured frontends. However, packets to network load balancers can still be sent from anywhere on the internet regardless of whether the IP address of the load balancer is in the Premium Tier or the Standard Tier. If the IP address of the load balancer is in the Premium Tier, the traffic traverses Google's high quality global backbone with the intent that packets enter and exit a Google edge peering point as close as possible to the client. If the IP address of the load balancer is in the Standard Tier, the traffic enters and exits the Google network at a peering point closest to the Google Cloud region where the load balancer is configured.

The correct answer is "D". External -> no SSL offload -> Global LB -> TCP Proxy https://cloud.google.com/load-balancing/docs/choosing-load-balancer#flow_chart By default, the original(source) client IP address and port information is not preserved. We can preserve this information by using the PROXY protocol. https://cloud.google.com/load-balancing/docs/tcp#target-proxies

https://cloud.google.com/load-balancing/docs/tcp/setting-up-tcp#proxy-protocol D is right Set PROXY protocol for retaining client connection information External TCP Proxy Load Balancing terminates TCP connections from the client and creates new connections to the instances. By default, the original client IP and port information is not preserved. To preserve and send the original connection information to your instances, enable PROXY protocol (version 1). This protocol sends an additional header that contains the source IP address, destination IP address, and port numbers to the instance as a part of the request.

D is right

DDDDDDDDDDD

Answer is B! https://cloud.google.com/load-balancing/docs/choosing-load-balancer If google says so, who are we to argue ;)

I think the picture is much better to make a decision about which one be good. https://cloud.google.com/load-balancing/images/choose-lb.svg

Are these questions updates as of 01/01/2022? Can someone confirm please?

Answer is : D