Correct way to do a failover setup

I want to simply have DNS update if a ping check fails on a primary host, the DNS updates to a secondary one.

What’s the easiest way to accomplish this? The pools seem to be geared to web servers and I can’t find how you set it up for ping.

Correct, the pools are for website load balancing. To do what you want, you’d have to write a script that pings, and if there’s a failure, you’d have to make an API call to update DNS.

Is that needed since Cloudflare introduced Zero Downtime Failover ?

How does it work? If a request to your origin fails, and Cloudflare has another record for your origin server, we’ll just try another origin within the same HTTP request . The alternate record could be either an A/AAAA record configured via Cloudflare DNS, or another origin server in the same Load Balancing pool.

Consider an website,, that has web servers at two different IP addresses: and . Before Zero-Downtime Failover, if becomes unavailable, Cloudflare would attempt to connect, fail, and ultimately serve an error page to the user. With Zero-Downtime Failover, if cannot be reached, then Cloudflare’s proxy will seamlessly attempt to connect to . If the second server can respond, then Cloudflare can avert serving an error to’s user.

Since we rolled Zero-Downtime Failover a few weeks ago, we’ve prevented tens of millions of requests per day from failing!

Zero-Downtime Failover works in conjunction with Load Balancing, Standalone Health Checks, and Passive Origin Monitoring to keep your website running without a hitch. Health Checks and Load Balancing can avert failure, but take time to kick in. Zero-Downtime failover works instantly, but adds latency on each connection attempt.

1 Like

Zero Downtime Failover doesn’t do Primary/Secondary. Those are semi-roundrobin’d and both need to be “Primary.” The OP wants DNS to update to a backup server if primary goes down.


:wave: @therealatsak,

You can do a tcp port check with a load balancer health check. Ping is not generally a good way to do health checks on the internet.

— OG

:wave: @sdayman,

You can use :grey: load balancers for just about anything. Obviously you don’t get the :orange: benefits… well except maybe if you use the LB as a target in Spectrum.

— OG

1 Like

Ooh! Good to know! I just just saw this nugget on the Cloudflare Load Balancing page:

Support for HTTPS and TCP traffic

The OP mentioned Ping, which is UDP, but there are ways to “Ping” over TCP.

1 Like

Yes, I’m really needing a straight failover solution; these are VOIP (SIP) servers so typical load balancing can’t be done; the check doesn’t need to be ping, but SIP runs over UDP (usually). I could I suppose setup a trivial port opened for TCP checks, but . . . there are other DNS providers that do failover like this but I just really like cloudflare and what it does so would rather not change.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.