1. Overview
   1. Zonal resources that represent collections of IP address and port combinations for resources within a single subnet
   2. Each IP address and port combination is called a network endpoint
   3. Can be used as backends in backend services for HTTP(S), Internal HTTP(S) Load Balancing, TCP proxy, and SSL proxy load balancers
   4. Cannot be used as a backend with internal TCP/UDP load balancers
   5. Traffic can be distributed in a granular fashion among applications or containers running within VM instances
2. Backend services
   1. Zonal NEGs can be used as backends for backend services in a load balancer
   2. When used as a backend for a backend service, all other backends in backend service must be zonal NEGs
   3. Instance groups and zonal NEGs cannot be used as backends in the same backend service
   4. The same network endpoint (IP address and port combination) can be added to more than one zonal NEG
   5. The same zonal NEG can be used as a backend for more than one backend service
   6. Backend services using zonal NEGs for backends can only use balancing modes of RATE or CONNECTION
   7. A balancing mode of UTILIZATION cannot be used for backend services that use zonal NEGs as backends
3. Proxy load balancing
   1. Zonal network endpoint groups can be used in load balancers using either Standard or Premium network service tiers
   2. Each Premium or Standard Tier HTTP(S), SSL Proxy, and TCP Proxy load balancer has its own global external forwarding rule to direct traffic to the appropriate target proxy object
   3. Each internal HTTP(S) load balancer has its own regional internal managed forwarding rule to direct traffic to the appropriate target proxy object
   4. For target HTTP(S) proxies, the backend service used is determined by checking the request host name and path in the URL map
   5. External HTTP(S) and internal HTTP(S) load balancers can have multiple backend services referenced from the URL map
   6. For target TCP or target SSL proxies, only one backend service can be defined
   7. The backend service directs traffic to its backend zonal NEGs
   8. For each request, the load balancer picks a network endpoint from one of the zonal NEGs and sends the traffic there
4. Restrictions
   1. Zonal NEGs cannot be used with legacy networks
   2. The IP address for a network endpoint must be a primary or alias IP that belongs to specified instance
5. Limits
   1. Zonal NEGs are only usable as backends for load balancers
   2. Only RATE balancing mode is supported by zonal NEGs for HTTP(s) load balancing, while CONNECTION is supported for TCP/SSL load balancing
   3. Utilization-based load balancing is not supported
   4. A backend service that uses zonal NEGs as backends cannot also use instance groups as backends
   5. Zonal NEGs can be in the same zone or different zones
   6. Only internal (RFC 1918) IP addresses can currently be added to a zonal NEG