doc-exports/docs/elb/umn/elb_faq_0040.html
zhoumeng d7316db527 ELB_UMN_20240412
Reviewed-by: Hajba, László Antal <laszlo-antal.hajba@t-systems.com>
Co-authored-by: zhoumeng <zhoumeng35@huawei.com>
Co-committed-by: zhoumeng <zhoumeng35@huawei.com>
2024-07-08 14:48:28 +00:00

17 lines
3.2 KiB
HTML

<a name="elb_faq_0040"></a><a name="elb_faq_0040"></a>
<h1 class="topictitle1">How Can I Check the Network Configuration of a Backend Server?</h1>
<div id="body8662426"><ol id="elb_faq_0040__en-us_topic_0100578555_ol51835414175346"><li id="elb_faq_0040__en-us_topic_0100578555_li26028006175346">Check whether the security group of the server is correctly configured.<ol type="a" id="elb_faq_0040__en-us_topic_0100578555_ol15120255104222"><li id="elb_faq_0040__en-us_topic_0100578555_li8965360104233">On the server details page, view the security group.</li><li id="elb_faq_0040__li1256125092715">Check whether the security group rules allow access from the corresponding IP address range.<ul id="elb_faq_0040__ul18999115652214"><li id="elb_faq_0040__li2330162013231">Dedicated load balancers: Check whether the security group of the backend server has inbound rules to allow traffic from the VPC where the load balancer works. If traffic is not allowed, add an inbound rule to allow traffic from the VPC to the backend server.</li><li id="elb_faq_0040__li613813371268"><span id="elb_faq_0040__ph192714001583048">Shared</span> load balancers: Check whether the security group containing the backend server has inbound rules to allow traffic from 100.125.0.0/16. If traffic is not allowed, add an inbound rule to allow traffic from 100.125.0.0/16 to the backend server.</li></ul>
<div class="caution" id="elb_faq_0040__note5214162212421"><span class="cautiontitle"><img src="public_sys-resources/caution_3.0-en-us.png"> </span><div class="cautionbody"><ul id="elb_faq_0040__ul6236111617482"><li id="elb_faq_0040__li9236141624819"><span id="elb_faq_0040__ph76583894882354">Shared</span> load balancers: If <strong id="elb_faq_0040__b187079305082354">Transfer Client IP Address</strong> is enabled for a TCP or UDP listener, there is no need to configure security group rules and <span id="elb_faq_0040__ph182186090482354">Firewall</span> rules to allow traffic from 100.125.0.0/16 and client IP addresses to backend servers.</li><li id="elb_faq_0040__li523691644811"><span id="elb_faq_0040__ph56225189182355">Dedicated load balancers</span>: If <strong id="elb_faq_0040__b141641617482355">IP as a Backend</strong> is not enabled for a load balancer that has a TCP or UDP listener, there is no need to configure security group rules and <span id="elb_faq_0040__ph186383193682355">Firewall</span> rules to allow traffic from the backend subnet where the load balancer is deployed to the backend servers.</li></ul>
</div></div>
</li></ol>
</li><li id="elb_faq_0040__en-us_topic_0100578555_li2154564893111">Ensure that the firewalls of the subnet where the server resides does not intercept the traffic.<p id="elb_faq_0040__en-us_topic_0100578555_p2017488793128"><a name="elb_faq_0040__en-us_topic_0100578555_li2154564893111"></a><a name="en-us_topic_0100578555_li2154564893111"></a>In the navigation pane of the VPC console, choose <strong id="elb_faq_0040__b2666192744111">Access Control</strong> &gt; <strong id="elb_faq_0040__b0667227124111">Firewalls</strong> and check whether the subnet allows traffic.</p>
</li></ol>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="elb_faq_0203.html">Backend Servers</a></div>
</div>
</div>