Cloudflare-Traffic-Manager too many irregular healthchecks

We have a cleint e-commerce website proxied through Cloudflare. Cloudflare is used as a load balancer for 2 origin servers. The origin servers are working with IIS. When we analyze the IIS logs, we see traffic from Cloudflare-Traffic-Manager (user agent) which is making a request to the home page like 2-3 requests/second. However, we also see some irregularity like 100 requests/second. For a specific case, we observed 8.000/requests/second. How could that be possible, any ideas?

Depending on the plan and configuration options in the load balancer health checks can be initiated from a190+ datacenters. The standard health check is every 60 seconds and if the response fails after 5 seconds it immediately retries up to 2 more times. Assuming the defaults and a worst case scenario of both nodes failing the health checks that’s 193 * 2 origins * 3 health checks per minute = 1158 total or 579 per origin.

When things are running as expected and health checks are coming from all datacenters it’s still ~=193/minute which works out to around 3.2 requests per second on average.

Ideally your health checks, if just checking for a 200 response, are hitting a very simple html page. If you’re checking for content on the response body you may have to hit a page which requires CPU to generate (unless you’re using a caching layer on the origin).


In my case I checked the IIS logs and filtered the User Agent Mozilla/5.0+(compatible;+Cloudflare-Traffic-Manager/1.0;++;+pool-id:+284e76c8da84aea8). And just in a single second there are 16540 IIS log entries from that agent and CF-Connecting-IPs are either blank or IP6 addresses such as 2400:cb00:20:1024::a29e:6e8d . How could it be possible, any idea about what I should check?

Looks like you have a lot of 301 response codes there. Not sure why/what is causing that in your health checks, but it’s probably not right.

thanks for the reply, I will check what is causing this

This topic was automatically closed after 30 days. New replies are no longer allowed.