- Updates and Announcements
- Product Introduction
- New/Legacy Anti-DDoS Advanced Version Differences
- Comparison of Anti-DDoS Protection Schemes
- Purchase Guide
- Getting Started
- Operation Guide
- Best Practice
- API Documentation
- FAQs
- Troubleshooting
- Anti-DDoS Advanced (Global Enterprise Edition)
- Legacy Anti-DDoS Advanced (Legacy)
- Service Level Agreement
- Contact Us
- Glossary
- Updates and Announcements
- Product Introduction
- New/Legacy Anti-DDoS Advanced Version Differences
- Comparison of Anti-DDoS Protection Schemes
- Purchase Guide
- Getting Started
- Operation Guide
- Best Practice
- API Documentation
- FAQs
- Troubleshooting
- Anti-DDoS Advanced (Global Enterprise Edition)
- Legacy Anti-DDoS Advanced (Legacy)
- Service Level Agreement
- Contact Us
- Glossary
Configuring Health Check
Last updated: 2022-06-10 14:12:06
Use Cases
Anti-DDoS Advanced health checks identify the running status of backend servers, where abnormal servers will be isolated to reduce the impact on overall business availability.
- Layer-4 health check
The Anti-DDoS Advanced layer-4 health check mechanism is as follows: The Anti-DDoS cluster nodes initiate an access request to the server port specified and determine whether the port access is normal. If it is considered normal, the backend server is running properly, otherwise, the backend server is not functioning correctly.
Under TCP protocol, the mechanism determines if the port is connected, while under UDP protocol, it determines whether the port is reachable with thepingcommand. - Layer-7 health check
The Anti-DDoS Advanced layer-7 health check mechanism is as follows: The Anti-DDoS cluster nodes initiate an HTTP request to the backend server specified and determine whether the backend server works properly according to HTTP response status codes.
HTTP response status codes can be user-defined. Assume thathttp_1xx,http_2xx,http_3xx,http_4xxandhttp_5xxare returned. You can selecthttp_1xxandhttp_2xxto indicate that the service is normal, while the unselected codes represent that the service is not working properly.
Note:If only one real server IP is configured in a single forwarding rule, health checks will not be enabled. This feature is used when multiple real server IPs are configured.
Directions
Layer-4 health check configuration
- Log in to the Anti-DDoS Advanced Console, select Anti-DDoS Advanced (New) > Application Accessing on the left sidebar, and then open the Access via ports tab.
- Select an Anti-DDoS Advanced instance and rules before you click Edit.
- On the page that pops up, click Show advanced options, set configuration items, and then click OK.
Note:
- By default, layer-4 health check is enabled. We recommend you use the default values when you configure this feature.
- Under TCP protocol, the layer-4 health check determines if the port is connected, while under UDP protocol, it determines whether the port is reachable with the
pingcommand.
Layer-7 health check configuration
- Log in to the Anti-DDoS Advanced Console, select Anti-DDoS Advanced (New) > Application Accessing on the left sidebar, and then open the Access via ports tab.
- Select an Anti-DDoS Advanced instance and rules before you click Configuration.
- On the page that pops up, click Show advanced options, set configuration items, and then click OK.
Note:
By default, layer-7 health check is disabled.
Configuration Items
Layer-4 health check
| Item | Description |
|---|---|
| Response timeout | Maximum timeout for each health check response. If the backend server does not respond correctly within the specified period, then the health check fails. |
| Check interval | The interval at which a health check is performed. |
| Unhealthy threshold | If the health check fails n times (n is the entered number) in a row, the healthy backend server will become unhealthy, and the status displayed in the console will be Abnormal. |
| Healthy threshold | If the health check succeeds n times (n is the entered number) in a row, the unhealthy backend server will become healthy, but the status will not be displayed in the console. |
Layer-7 health check
| Item | Description |
|---|---|
| Check interval | The interval at which a health check is performed. Default: 15 seconds. |
| Unhealthy threshold | If the health check fails n times (n is the entered number) in a row, the healthy backend server will become unhealthy, and the status displayed in the console will be Abnormal. |
| Healthy threshold | If the health check succeeds n times (n is the entered number) in a row, the unhealthy backend server will become healthy, but the status will not be displayed in the console. |
| HTTP request method and URL | By default, the HEAD method is used and the backend server returns the message header only in the response. If the GET method is used, the complete message will be returned. The backend server must support both HEAD and GET methods. |
| HTTP status code detection | It determines whether the HTTP status code is healthy. When the default configuration is used or no selection is made, http_1xx, http_2xx, http_3xx and http_4xx are returned. If non-default ones are returned, the HTTP status code is considered unhealthy, and you can modify the configuration. |
Yes
No
Was this page helpful?