Same instance registered for two different target groups, reports unhealthy for one and healthy for the other one...

Hello: I created a target group for a Network load Balancer with a UDP listener, and I'm registering same instance it's already registered for another target group. I assume this is possible? That is, same instance receiving traffic from two different target groups/load balancers... Assuming the above is Ok, the problem I have is the new target group reports the instance is unhealthy, but at the same time, the instance is reported as healthy to the other target group... I tried both, TCP and HTTP for the health checks, but in both cases, it fails...

Looking to any help Thanks

Tags

Network Load Balancer

Language

English

AWS-User-SOS

asked 2 months ago111 views

1 Answer

Newest
Most votes
Most comments

Are these answers helpful? Upvote the correct answer to help the community benefit from your knowledge.

Hello.

I think the setting itself is possible.
For example, are you blocking access from NLB with your EC2 security group?
To isolate the problem, try allowing all communication using the inbound rules of the EC2 security group and see if the health check succeeds.

EXPERT

Riku_Kobayashi

answered 2 months ago

EXPERT

Giovanni Lauria

reviewed a month ago

AWS-User-SOS
2 months ago
Thanks, Riku. Actually, both target groups are using the same protocol/port for health check, so it should work for both. The EC2 has those ports open, so this is Ok. Other suggestion?
Riku_Kobayashi EXPERT
2 months ago
Is it correct that all IP addresses are allowed in the EC2 security group?
Riku_Kobayashi EXPERT
2 months ago
I tried setting up NLB and EC2 in my environment, and both health checks were successful. In the EC2 security group, the NLB security group is specified in the inbound rule source so that it can be accessed from the security group configured in NLB. Additionally, NLB health checks use TCP.
AWS-User-SOS
2 months ago
Riku, the EC2 instance runs a webserver, so TCP:80 is open for all IPs. Not sure if this answers your question. Anyway, I 'm confused about the health check port when using TCP protocol. I assume for both TCP and HTTP health checks, the port is always 80, right? In my case, the NLB should route traffic for UDP:8001, so this port is open as well for all IP addresses. Now, when TCP is chose for health checks, there is no option for setting up the port....So I assume TCP:80 is being used (as it should be for HTTP). Thanks

Relevant content

Load balancer Target group always shows unhealthy for https 443 port
Amarjit-2044235
asked a year ago
Can NLB support mulitple target groups in one listener?
Accepted Answer
GabrielShiao
asked 4 months ago
What is the protocol of the target group be for an Application Load Balancer and how to register targets
brianR
asked 10 months ago
ECS Fargate + Network Load Balancer for TCP+UDP
aball
asked 6 months ago
How do I troubleshoot unhealthy targets for Network Load Balancers in Amazon EKS?
AWS OFFICIALUpdated 3 months ago
Why can't a target behind my Network Load Balancer connect to its own Network Load Balancer?
AWS OFFICIALUpdated 2 years ago
How do I set up weighted target groups for my Application Load Balancer?
AWS OFFICIALUpdated a year ago
How do I set up UDP load balancing with my Network Load Balancer?
AWS OFFICIALUpdated 2 years ago
[🚀Launch Announcement] - AWS Network Load Balancer (NLB) introduces a new target health status while draining connections
EXPERT
milindku-AWS
published 3 months ago
Launch announcement: Network Load Balancer now supports security groups
EXPERT
zobAWS
published 9 months ago