Professional Cloud Network Engineer Exam QuestionsBrowse all questions from this exam
Go to Exam

Professional Cloud Network Engineer Exam - Question 155

Your company recently migrated to Google Cloud in a single region. You configured separate Virtual Private Cloud (VPC) networks for two departments: Department A and Department B. Department A has requested access to resources that are part of Department B's VPC. You need to configure the traffic from private IP addresses to flow between the VPCs using multi-NIC virtual machines (VMs) to meet security requirements. Your configuration also must:

• Support both TCP and UDP protocols

• Provide fully automated failover

• Include health-checks

• Require minimal manual intervention in the client VMs

Which approach should you take?

Show Answer
Correct Answer: CD

To enable private IP address traffic to flow between different VPCs while supporting both TCP and UDP protocols, providing fully automated failover, and including health checks, using two separate internal TCP/UDP load balancers is the most appropriate solution. This setup meets the security requirements and ensures minimal manual intervention in the client VMs. Separate load balancers for each protocol simplify configuration, ensure effective health checks, and provide automated failover capabilities, all while using internal IP addresses for communication between VPCs.

Discussion

8 comments
Sign in to comment
daidai75Option: D
Dec 31, 2023

In reality, Google Cloud's internal load balancer requires separate configurations for each protocol. Therefore, a single load balancer cannot manage both TCP and UDP traffic within the same configuration. This option is more appropriate because it involves setting up separate internal load balancers for TCP and UDP, ensuring that each protocol is adequately supported and managed, with proper failover and health check mechanisms. This approach aligns better with the specified requirements of supporting both protocols, automated failover, and minimal manual intervention.

PhuocTOption: C
Jan 8, 2024

Vote for C, I double check in the console, I could create one load balancer to support both TCP and UDP.You can specify the protocols and ports in the frontend configuration of the load balancer. More detail, check Network Load balancer (UDP/Multiple Protocols) configuration.

gonlaferOption: D
Feb 18, 2024

Google Cloud Platform (GCP) Internal TCP/UDP Load Balancers were designed to handle either TCP or UDP traffic, but not both in the same configuration. Each load balancer is typically configured for either TCP or UDP based on your specific requirements.

dev62Option: D
Feb 29, 2024

D. Create an instance template and a managed instance group. Configure two separate internal TCP/UDP load balancers for each protocol (TCP/UDP), and configure the client VMs to use the internal load balancers’ virtual IP addresses. Here’s why this option is suitable: Instance Template and Managed Instance Group: By creating an instance template and a managed instance group, you can easily manage and scale your VMs while ensuring consistency across instances. Internal TCP/UDP Load Balancers: Internal load balancers allow traffic to flow between VPCs using private IP addresses. You can configure separate load balancers for TCP and UDP protocols. Health checks ensure that only healthy VMs receive traffic. Failover is automated, and minimal manual intervention is required.

thewalkerOption: C
Apr 26, 2024

This approach meets all the requirements: • Support both TCP and UDP protocols: Internal load balancers support both TCP and UDP protocols. • Provide fully automated failover: Managed instance groups provide fully automated failover. If one of the VMs in the instance group fails, the traffic will be automatically routed to another VM in the group. • Include health-checks: Internal load balancers include health-checks. The load balancer will automatically check the health of the VMs in the instance group and remove any unhealthy VMs from the pool. • Require minimal manual intervention in the client VMs: Once the custom static route is configured, the client VMs will automatically route traffic to the internal load balancer. No manual intervention is required in the client VMs.

thewalker
Apr 26, 2024

The other options are incorrect because: A. Create the VMs in the same zone and configure static routes with IP addresses as next hops. This approach does not provide fully automated failover. If one of the VMs fails, the traffic will not be automatically routed to another VM. B. Create the VMs in different zones and configure static routes with instance names as next hops. This approach does not provide fully automated failover. If one of the VMs fails, the traffic will not be automatically routed to another VM. D. Create an instance template and a managed instance group. Configure two separate internal TCP/UDP load balancers for each protocol (TCP/UDP) and configure the client VMs to use the internal load balancers’ virtual IP addresses. This approach is more complex than option C and requires more manual intervention in the client VMs.

TomTom1101Option: C
Dec 31, 2023

I'm not confident

desertlotus1211Option: D
Feb 28, 2024

https://support.netfoundry.io/hc/en-us/articles/4415394436493-GCP-Cloud-Ingress-High-Availability This website support answer D

anshad666Option: C
Jun 30, 2024

We can configure TCP and UDP protocol on same Internal TCP LB