Exam Professional Cloud Network Engineer topic 1 question 120 discussion

TCP pass-through = A, B and C is wrong, because they make ssl offloading. In this requirement, only Letter D is possible. External LB with support a TCP pass-through. https://cloud.google.com/load-balancing/docs/choosing-load-balancer https://cloud.google.com/load-balancing/docs/network

global TCP Proxy Load Balancing with backends in both regions, is the correct option because it supports TCP pass-through on port 443 while providing global load balancing and cross-region failover with low latency. Option D can also be correct but it needs extra efforts of creating two LB whereas Global TCP can do same thing for you.

D is the correct answer

Correct Answer: Option B - Use global TCP Proxy Load Balancing with backends in both regions. Reason: Global TCP Proxy Load Balancing is the most suitable option for TCP pass-through on port 443, supporting IPv4 and IPv6, with global load balancing, low latency, autoscaling, and high availability. This solution efficiently routes traffic to the closest backend and supports your requirements without unnecessary complexity.

B allows passthrough too, and I think it will be offer better latency than D, as no DNS query is needed

In Google Cloud, the global TCP pass-through load balancer

B is correct TCP LB do passthrough DNS will add latency even we said its okay the use NLB :>

am going for B. Global HTTP(S) SSL termination takes place at the load balancer and unencrypted traffic sent to the backend web servers.

TCP Proxy Load Balancing (TPLB) is a type of global load balancing that can be used for non-HTTP traffic that doesn't require SSL offloading. TPLB is implemented on Google Front Ends (GFEs) and can distribute TCP traffic to virtual machine (VM) instances in the Google Cloud VPC network. The load balancer automatically routes traffic to the closest backend instance to the user, even if those backends are in multiple regions. TPLB also supports both IPv4 and IPv6 addresses for client traffic

Not clear solution. Could somebody tell what is the correct asnwer? Thanks

It's D, pass-through is a requirement. https://cloud.google.com/load-balancing/docs/choosing-load-balancer

The only answer that supports TCP passthrough is D, which is shown here: https://cloud.google.com/architecture/global-load-balancing-architectures-for-dns-routing-policies

tcp proxy LB has global scope, network has regional scope, So option B

for sure D https://cloud.google.com/architecture/global-load-balancing-architectures-for-dns-routing-policies?hl=fr

"IPv6 traffic is not supported with regional external Application Load Balancers, cross-region internal Application Load Balancers, regional internal Application Load Balancers, regional internal proxy Network Load Balancers, regional external proxy Network Load Balancers, and internal passthrough Network Load Balancers." https://cloud.google.com/load-balancing/docs/ipv6?hl=en#limitations

External TCP/UDP load balancer is the answer. So Answer D is correct. The external LB must support TCP pass-through. Only TCP/UDP external LB does.

Option B, using global TCP Proxy Load Balancing with backends in both regions, is the correct option because it supports TCP pass-through on port 443 while providing global load balancing and cross-region failover with low latency. Option A, global SSL Proxy Load Balancing, does not support TCP pass-through and is limited to IPv4 clients. Option C, global external HTTP(S) Load Balancing, does not support TCP pass-through and is designed for content-based routing based on HTTP(S) headers and URIs. Option D, using Network Load Balancing in both regions, does not provide global load balancing or cross-region failover and relies on DNS resolution to direct traffic to the closest region, which may not be accurate or consistent.