Solid breakdown of all four types. One thing I would push back on: calling CLB 'on life support' undersells that some legacy apps with TCP passthrough requirements still legitimately need it, especially when you need the client IP preserved without proxy protocol support on the backend. Have you run into cross-region failover scenarios where GWLB inspection adds meaningful latency?