Check Your Load Balancer's Connectivity

If you are trying to reach your Droplet via a load balancer, your load balancer may be down or not directing traffic to the target Droplet.

In this step of the Connectivity Troubleshooting Guide, you will:

  1. Check the status of load balancer’s connection between the load balancer and the Droplet.
  2. Verify that the load balancer is reachable from the public internet.
  3. Check your hostname’s DNS configuration if you are trying to reach the Droplet via a hostname that is pointed at the load balancer.

If your Droplet is not connected to a load balancer, skip to the Next Steps section.

Check Load Balancer Status

To check the status of your load balancer from the DigitalOcean Control Panel, click Networking, then click the Load Balancers tab. The page lists the load balancers set up in your account. Click your target Droplet’s load balancer.

List of Droplets connected to a load balancer.

The load balancer’s Droplet tab lists the Droplets connected to the load balancer, and the status column indicates the health of the connection between your Droplets and the load balancer. If your target Droplet is not listed among the Droplets connected to the load balancer, add the Droplet to the load balancer and then reattempt to connect to the target Droplet.

If your Droplet is listed as connected to the load balancer and its status is down, your Droplet’s internal network configuration may be incorrect or the Droplet may be offline. Verify that your Droplets are healthy and active before continuing.

Ping the Load Balancer and the Droplet

You can verify whether the connection is failing at the load balancer level or Droplet level using ping. ping is a diagnostic tool that tests the connection between networked devices and is native on most operating systems.

Note
If your Droplet is behind a cloud firewall, you need to add an inbound traffic rule that allows ICMP traffic to reach the Droplet. The ping diagnostic tool uses the ICMP protocol to verify connections. If your cloud firewall doesn’t have an inbound rule for ICMP, it will block any attempts to the reach the Droplet with ping.

To verify that the load balancer is reachable from your computer, open a terminal on your local machine and then run the following command:

ping <use-your-load-balancer-ip-address>

If your load balancer is accessible from the public internet, ping returns the amount of data it sent to the load balancer and the amount of time it took for the data to reach the load balancer.

    
        
            
PING 203.0.113.154 (203.0.113.154): 56 data bytes
64 bytes from 203.0.113.154: icmp_seq=0 ttl=46 time=239.488 ms
64 bytes from 203.0.113.154: icmp_seq=1 ttl=46 time=352.659 ms

        
    

If your load balancer is not accessible from the public internet, ping returns a timeout error:

    
        
            
PING 203.0.113.154 (203.0.113.154): 56 data bytes
Request timeout for icmp_seq 0

        
    

Run the same command using your Droplet’s IP address.

If your Droplet responds but your load balancer does not, the load balancer is likely causing the connection problem. If you have assessed that the load balancer is the problem, you have two options:

Check Load Balancer’s DNS

If you are trying to reach your load balancer through a hostname, such as www.example.com, you need to set up an A record with your DNS provider to point the hostname at the load balancer’s IP address.

To verify if your hostname has an A record pointing at the load balancer’s IP address, open a terminal and use the dig utility to retrieve the A records set up on your domain:

dig <use-your-hostname> A

The command returns output similar to this:

;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53050
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 5

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 1aad2b567441ddd264d7b5c062058926dea6b1dfd388758f (good)
;; QUESTION SECTION:
;bigassdraculasclub.com.		IN	A

;; ANSWER SECTION:
example.com.	30	IN	A	104.16.243.78
example.com.	30	IN	A	104.16.244.78

;; AUTHORITY SECTION:
example.com.	172800	IN	NS	ns3.digitalocean.com.
example.com.	172800	IN	NS	ns2.digitalocean.com.
example.com.	172800	IN	NS	ns1.digitalocean.com.

If the ANSWER SECTION of the output doesn’t contain an A record pointing at your load balancer’s IP address, you need to add an A record to your hostname’s DNS configuration.

If your DNS provider is DigitalOcean, you can add an A record using the control panel. If DigitalOcean is not your DNS provider, reference your DNS provider’s documentation to see how to create A records for your hostname.

If you’ve recently updated A records for your hostname, it can take up to 24 hours for the update to propagate across the internet.

Next Steps

If your load balancer is correctly configured but your Droplet is still not connecting correctly, proceed to the next step and check your cloud firewall settings.

Diagnose and troubleshoot firewall issues that could be causing network connectivity issues.
Check things like Droplet status and logs before continuing to diagnose network issues.
Diagnose and troubleshoot your Droplet’s network configuration.