UI Drafter Blog

Health Check DNS Load Balanced Web Servers

November 1, 2020
Eric Fortis

UI Drafter is load balanced with DNS using an "A" record per server.

dig A uidrafter.com

uidrafter.com. 300 IN  A
uidrafter.com. 300 IN  A

How to check a specific server?

Resolve the domain to a specific IP. Here are two ways of doing it, both timeout in two seconds.


curl -so /dev/null --max-time 2 --head \
  --write-out "%{http_code}" \
  --resolve uidrafter.com:443: \


import https from 'https';

checkStatus('https://uidrafter.com', '')

function checkStatus(url, ip) {
  return new Promise((resolve, reject) => {
    const IPv4 = 4;
    const req = https.request(url,
        method: 'HEAD',
        timeout: 2000,
        lookup: (_, __, resolveDNS) =>
          resolveDNS(null, ip, IPv4)
      response => { resolve(response.statusCode) }
    req.on('error', reject);
    req.on('timeout', () => req.destroy());

Avoided alternatives

/etc/hosts or DNS zone file

Avoid changing the /etc/hosts file because it's system-wide, requires elevated privileges, and limits health checks to be sequential. Also, it depends on nsswitch.conf.

The same goes for changing a zone file of a caching DNS resolver like unbound.

Private Tunnels

Connecting via VPN or SSH wouldn't be end-to-end health checks.

IP Address in the certificate's SAN

Issuing certificates with an IP address in addition to the domain name it's a needless expense if it's only for health checking.

Skipping the hostname and certificate verification

For example, curl --insecure -L

Other use

Bypassing a reverse proxy

For example, if Cloudflare® is proxying a server, you can see the original response sent by the origin with these code snippets.