Load Balacing- Not Getting redirected

I have two sites:

  1. Primary Site - running on a web hosting service
  2. Secondary Site- running on our machine (not on internal network tho)

I have two monitors on each site, earlier i shared the same monitor but both sites are Not SSl so monitor 1 is on https and monitor 2 is on http,

Now when primary site is detected as critical, ideally the response should come from secondary, which is not happening.

Am is doing something wrong???

Please help, LB is killing me !

How you are going to tell Cloudflare your server is in critical state? What are the the health check rules?

From your description you need to do the following:

  1. Create two separate Origin Pools in the load balancer.
  2. Put the Primary site IP(s) in the first pool, and the Secondary site IP(s) in the second pool.
  3. Attach a health check to all servers in both pools.
  4. Set traffic steering for the load balancer to ‘off’. This makes CF choose the correct pool in failover order, top to bottom.

With only one pool, the best you can do is set the weightings to prefer one, but the secondary site will still get some traffic even if the primary is healthy. With two pools you can set different steering methods to balance the traffic (or failover in this case.)

The Monitor is set to check http service, incase http is not reachable, the server goes in critical stage,

However when i am trying the monitor on https, monitor is not working somehow, as server remains in critical stage.

@michael

I did not understand this, steering means? Proxied through the CF?

Traffic Steering is one of the settings on a Cloudflare load balancer.

You can set it to direct users to the closest origin, or to direct by geographic region. In your case, the setting should be “off”, which makes the load balancer failover between the pools in the order you define (primary, then secondary)

Yeah, okay got that,
Yes Traffic Steering is off.

However when i create a montor on HTTPS setting, the montor shows the websites in critical state, i have SSL certs on the target machine.

Can you do the request through a client (browser, postman…) manually? If yes, are CF IPs whitelisted for such a request?

As i see logs, there is some issue with the certificate on the origin server.

However i will have to test that on another server, and will get back with an update.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.