Exam Professional Cloud Network Engineer topic 1 question 166 discussion

While Option B does simplify the setup by using a single packet mirroring policy and a single group of collector instances for the region, it might result in inter-zonal network egress costs. This is because traffic from zones like us-west2-a and us-west2-c would need to travel to the collector instances if those instances are primarily located in another zone (e.g., us-west2-b). Google-recommended practices aim to minimize these egress costs by keeping mirrored traffic within the same zone. This is why Option C is generally favored: it creates separate packet mirroring policies and collector instances for each zone. This ensures that mirrored traffic does not cross zones, effectively eliminating inter-zonal egress costs. By matching traffic to web server instances using instance-tags and filtering only for TCP traffic, it provides a focused and efficient solution without unnecessary data transfer.

B you can not create single packet mirroring policy for three zones. C is correct - D is wrong subnets are not zone, they are regional

C is the correct answer

Policy created based on region , not based Zone

Wouldn't it be C if we want to minimize data egress costs between zones? C and D are the only options that create packet mirroring policies and collector instances in each zone, and instance tags sound like a better (more specific) option than subnets. Both A and B would result in additional egress costs as with only one group of collector instances for the whole region, all the mirrored data has to be travel between zones. From the documentation (https://cloud.google.com/vpc/docs/packet-mirroring#key_properties): "The cost of Packet Mirroring varies depending on the amount of egress traffic traveling from a mirrored instance to an instance group and whether the traffic travels between zones." Seems to me like C is the only one that minimizes this cost.

Answer is C. You need to use tags. D is incorrect

Should not be inter-zonal egress cost. So I'd go now for B

To me, D makes sense to minimize the egress traffic across zones, which is one requirement.

To deploy packet mirroring policies and collector instances following Google-recommended practices while minimizing inter-zonal network egress costs, we need to consider the requirements and best practices outlined in the scenario. Given that the infrastructure is deployed across multiple zones within the us-west2 region and that the goal is to monitor web application traffic while minimizing egress costs, the most appropriate approach would be to consolidate collector instances and policies to cover the entire region. Option B seems to align with this approach