https://cloud.google.com/load-balancing/docs/tcp/internal-proxy
Traffic flow: client -> Load-balancer Forwarding rule TCP IP:port -> Target proxy -> backend (instance group or network endpoint group NEG)
proxy-only(per region) subnet provides a set of IP addresses that Google uses to run Envoy proxies. The purpose of the proxy-only subnet must be set to “REGIONAL_MANAGED_PROXY” purpose.
By default, the original client IP address and port information is not preserved. You can preserve this information by using the PROXY protocol.
Balance Mode: CONNECTION (instance group or NEG backends) or UTILIZATION (instance group backends only).
LB is regional resources. Global access can be enabled when allowGlobalAccess flag is set to true.
Health checks
35.191.0.0/16
130.211.0.0/22
Internet Protocols 