This document describes how to configure health check for the Non-Web Service in Anti-DDoS Pro.

Follow these steps to configure health check rules for the Non-Web Service in the Anti-DDoS Pro console.

  1. Log on to the Anti-DDoS Pro console, and go to the Access > Non-Web Service page.
  2. Select the target Anti-DDoS instance and IP.
  3. Locate the corresponding Forwarding protocol/port, and click Configure under the Health Check column of the target protocol/port to configure health check. The health check feature is disabled by default.
Note If the forwarding protocol is TCP, you can select either TCP or HTTP as the health check method.

Parameter description

We recommend that you use the default values for health check configuration.
Table 1. Layer-4 health check
Configuration Description
Port Test port used by the health check service to access backend servers. The default port is the backend port specified in the listener configuration.
Response Timeout Maximum timeout value for each health check response. If the backend server fails to respond correctly within the specified time period, the health check fails.
Check Interval Interval between health checks. All nodes within the Anti-DDoS Pro cluster perform health checks on backend servers independently and in parallel based on this attribute. From individual statistics on a backend server, you may find that health-check requests sent from Anti-DDoS Pro do not strictly follow the specified time interval, because health-checks for different Anti-DDoS Pro nodes are not performed synchronously.
Unhealthy Threshold This attribute specifies the number of consecutive health check failures allowed before a health check status is considered unhealthy.
Healthy Threshold This attribute specifies the number of consecutive successful health check requests necessary for a health check status be considered as healthy.
Table 2. Layer-7 health check
Configuration Description
Domain name and health-check path (only supports HTTP protocol) By default, layer-7 health check requests are HTTP HEAD requests sent by Anti-DDoS Pro to the default home page configured for the application server.
  • If the page for health check is not the default home page for the application server, you must specify the domain name and the specific health check path.
  • If the host field parameters are restricted for the HTTP head requests, you can only specify the health check path, that is, the page file URI for the health check. The domain name is not required, and it is the backend server IP address by default.
Normal status code The normal HTTP status code for the health check. The default value is http_2xx, and cannot be changed. If the HTTP returns a non-2xx status code, then the server is considered as unhealthy by default.
Other parameter options Same as the parameters for the layer-4 health check.