diff --git a/pkg/api/service/util.go b/pkg/api/service/util.go
index 0432379cd3f..f8561718172 100644
--- a/pkg/api/service/util.go
+++ b/pkg/api/service/util.go
@@ -70,19 +70,24 @@ func GetLoadBalancerSourceRanges(service *api.Service) (netsets.IPNet, error) {
 	return ipnets, nil
 }
 
-// NeedsHealthCheck Check service for health check annotations
-func NeedsHealthCheck(service *api.Service) bool {
+// RequestsOnlyLocalTraffic checks if service requests OnlyLocal traffic.
+func RequestsOnlyLocalTraffic(service *api.Service) bool {
+	if service.Spec.Type != api.ServiceTypeLoadBalancer &&
+		service.Spec.Type != api.ServiceTypeNodePort {
+		return false
+	}
 	// First check the alpha annotation and then the beta. This is so existing
 	// Services continue to work till the user decides to transition to beta.
 	// If they transition to beta, there's no way to go back to alpha without
 	// rolling back the cluster.
 	for _, annotation := range []string{AlphaAnnotationExternalTraffic, BetaAnnotationExternalTraffic} {
 		if l, ok := service.Annotations[annotation]; ok {
-			if l == AnnotationValueExternalTrafficLocal {
+			switch l {
+			case AnnotationValueExternalTrafficLocal:
 				return true
-			} else if l == AnnotationValueExternalTrafficGlobal {
+			case AnnotationValueExternalTrafficGlobal:
 				return false
-			} else {
+			default:
 				glog.Errorf("Invalid value for annotation %v: %v", annotation, l)
 			}
 		}
@@ -90,6 +95,14 @@ func NeedsHealthCheck(service *api.Service) bool {
 	return false
 }
 
+// NeedsHealthCheck Check if service needs health check.
+func NeedsHealthCheck(service *api.Service) bool {
+	if service.Spec.Type != api.ServiceTypeLoadBalancer {
+		return false
+	}
+	return RequestsOnlyLocalTraffic(service)
+}
+
 // GetServiceHealthCheckNodePort Return health check node port annotation for service, if one exists
 func GetServiceHealthCheckNodePort(service *api.Service) int32 {
 	if !NeedsHealthCheck(service) {
diff --git a/pkg/api/v1/service/util.go b/pkg/api/v1/service/util.go
index a8c2dbe09a2..338e8f8e0fa 100644
--- a/pkg/api/v1/service/util.go
+++ b/pkg/api/v1/service/util.go
@@ -70,19 +70,24 @@ func GetLoadBalancerSourceRanges(service *v1.Service) (netsets.IPNet, error) {
 	return ipnets, nil
 }
 
-// NeedsHealthCheck Check service for health check annotations
-func NeedsHealthCheck(service *v1.Service) bool {
+// RequestsOnlyLocalTraffic checks if service requests OnlyLocal traffic.
+func RequestsOnlyLocalTraffic(service *v1.Service) bool {
+	if service.Spec.Type != v1.ServiceTypeLoadBalancer &&
+		service.Spec.Type != v1.ServiceTypeNodePort {
+		return false
+	}
 	// First check the alpha annotation and then the beta. This is so existing
 	// Services continue to work till the user decides to transition to beta.
 	// If they transition to beta, there's no way to go back to alpha without
 	// rolling back the cluster.
 	for _, annotation := range []string{AlphaAnnotationExternalTraffic, BetaAnnotationExternalTraffic} {
 		if l, ok := service.Annotations[annotation]; ok {
-			if l == AnnotationValueExternalTrafficLocal {
+			switch l {
+			case AnnotationValueExternalTrafficLocal:
 				return true
-			} else if l == AnnotationValueExternalTrafficGlobal {
+			case AnnotationValueExternalTrafficGlobal:
 				return false
-			} else {
+			default:
 				glog.Errorf("Invalid value for annotation %v: %v", annotation, l)
 			}
 		}
@@ -90,6 +95,14 @@ func NeedsHealthCheck(service *v1.Service) bool {
 	return false
 }
 
+// NeedsHealthCheck Check if service needs health check.
+func NeedsHealthCheck(service *v1.Service) bool {
+	if service.Spec.Type != v1.ServiceTypeLoadBalancer {
+		return false
+	}
+	return RequestsOnlyLocalTraffic(service)
+}
+
 // GetServiceHealthCheckNodePort Return health check node port annotation for service, if one exists
 func GetServiceHealthCheckNodePort(service *v1.Service) int32 {
 	if !NeedsHealthCheck(service) {
diff --git a/pkg/proxy/iptables/proxier.go b/pkg/proxy/iptables/proxier.go
index 62d8af048fa..9c6cf16acb1 100644
--- a/pkg/proxy/iptables/proxier.go
+++ b/pkg/proxy/iptables/proxier.go
@@ -163,8 +163,7 @@ func (e *endpointsInfo) String() string {
 func newServiceInfo(serviceName proxy.ServicePortName, port *api.ServicePort, service *api.Service) *serviceInfo {
 	onlyNodeLocalEndpoints := false
 	if utilfeature.DefaultFeatureGate.Enabled(features.ExternalTrafficLocalOnly) &&
-		(service.Spec.Type == api.ServiceTypeLoadBalancer || service.Spec.Type == api.ServiceTypeNodePort) &&
-		apiservice.NeedsHealthCheck(service) {
+		apiservice.RequestsOnlyLocalTraffic(service) {
 		onlyNodeLocalEndpoints = true
 	}
 	info := &serviceInfo{
diff --git a/pkg/registry/core/service/rest.go b/pkg/registry/core/service/rest.go
index e4bc92afc74..c8cdba60b83 100644
--- a/pkg/registry/core/service/rest.go
+++ b/pkg/registry/core/service/rest.go
@@ -567,12 +567,7 @@ func shouldAssignNodePorts(service *api.Service) bool {
 }
 
 func shouldCheckOrAssignHealthCheckNodePort(service *api.Service) bool {
-	if service.Spec.Type == api.ServiceTypeLoadBalancer {
-		// True if Service-type == LoadBalancer AND annotation AnnotationExternalTraffic present
-		return (utilfeature.DefaultFeatureGate.Enabled(features.ExternalTrafficLocalOnly) && apiservice.NeedsHealthCheck(service))
-	}
-	glog.V(4).Infof("Service type: %v does not need health check node port", service.Spec.Type)
-	return false
+	return (utilfeature.DefaultFeatureGate.Enabled(features.ExternalTrafficLocalOnly) && apiservice.NeedsHealthCheck(service))
 }
 
 // Loop through the service ports list, find one with the same port number and