Networking Flashcards
What is the main differentiator of Google Cloud Platform (GCP) in traffic routing?
Google routes traffic so that traffic enters from the Internet at the edge closest to the source.
What is an anycast IP address used for in GCP?
To load balance worldwide and to sidestep many DNS issues.
How is traffic charged in Google Cloud?
Traffic is free on the way in (ingress) and charged per gigabyte on the way out (egress).
What are Points of Presence (PoPs)?
Network edges and CDN locations.
What is the purpose of a private global network (B4) in GCP?
It connects all of the regions and zones.
How are public IP addresses managed in GCP?
They are decoupled from VMs and mapped to internal IP addresses via the Software Defined Network (SDN).
What does it mean for subnets to cross zones in GCP?
VMs in different zones on the same subnet can communicate and share firewall rules.
What IP addresses does Google reserve in every subnet?
The first two and the last two IP addresses.
What is the first address in a CIDR range used for?
Network address (x.x.x.0).
What is the second address in a CIDR range used for?
Gateway (x.x.x.1).
What is the purpose of VPC Firewall rules?
To control traffic based on action, direction, protocol/port, and source/destination.
True or False: Implied rules in VPC firewalls can be removed.
False.
What do higher priority rules in VPC firewalls override?
Implied (default) rules.
What is the function of VPC Routing?
Determines where data should go next (next hop).
How do routes in VPC networks apply?
By instance-level tags, not by subnet.
What type of IP addresses must packets sent to the Internet have?
Public IP address or use Cloud NAT.
What is Cloud DNS in GCP?
A scalable, reliable, and managed authoritative Domain Name Service (DNS).
What does Static IP in GCP allow you to do?
Reserve static IP addresses and assign them to resources.
What is the difference between Dedicated Interconnect and Cloud VPN?
Dedicated Interconnect provides a direct physical link, while Cloud VPN connects via public internet.
What does Cloud Router do in GCP?
Peers with a firewall/router on premises and exchanges routes using BGP.
What is the purpose of Identity-Aware Proxy?
An app authorization layer for applications accessed by HTTPS.
What do VPC Service Controls help mitigate?
Data exfiltration risks.
What do VPC Flow Logs provide?
Network monitoring, forensics, security analysis, and cost optimization.
What type of load balancers operate at Layer 3 and Layer 4?
Network Load Balancers.
What is the function of Google Global Load Balancer?
Uses a single global anycast virtual IP with a single DNS record.
What type of health checks do Google load balancers perform?
HTTP health checks on the back ends.
Fill in the blank: Cloud NAT allows instances outbound access to the internet without having a dedicated external _______.
IP.
What is the key function of Cloud Armor in GCP?
Works in tandem with load balancers to allow/deny specific IP blocks.
What does Internal Load Balancers manipulate in GCP?
The SDN control plane.
What is the maximum bandwidth supported by each VLAN attachment in Dedicated Interconnect?
50 Gbps.
What does Private Google Access allow?
Connect to Google services without going out through the internet.
