After SSL Termination decrypts the data at the Cloud Load Balancer it passes the unencrypted data to any nodes that are configured for that device.  If you have nodes that are not in the same datacenter as the SSL-enabled load balancer, that unencrypted data will be sent over the public internet to those nodes.  Therefore we recommend you use an SSL-enabled load balancer only with nodes that reside in the same datacenter as the load balancer.  Their proximity allows the load balancer to use the nodes’ private IP addresses (the servicenet) to limit unencrypted traffic to within the datacenter’s network, as illustrated below.