NLB stops responding on one IP

Hi everyone,

We've seen this happen a couple of times now. I was wondering if anyone has insights on why this happens, and/or what we can do to prevent or fix it.

Basically, One of the IPs in the network loadbalancer stops responding. We check to make sure the IPs didn't change in DNS or there was another DNS caching issue. I can see no errors or warnings in the target group settings or NLB settings....

$ dig NV-SFTP-LB-489fe716f98a2088.elb.us-east-1.amazonaws.com @ns-1286.awsdns-32.org.

; <<>> DiG 9.11.3-1ubuntu1.13-Ubuntu <<>> NV-SFTP-LB-489fe716f98a2088.elb.us-east-1.amazonaws.com @ns-1286.awsdns-32.org.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50240
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;NV-SFTP-LB-489fe716f98a2088.elb.us-east-1.amazonaws.com. IN A

;; ANSWER SECTION:
NV-SFTP-LB-489fe716f98a2088.elb.us-east-1.amazonaws.com. 60 IN A 172.16.1.85
NV-SFTP-LB-489fe716f98a2088.elb.us-east-1.amazonaws.com. 60 IN A 172.16.0.212

But, 172.16.1.85 is not responding while 172.16.0.212 does:

$ telnet 172.16.1.85 22
Trying 172.16.1.85...
telnet: Unable to connect to remote host: Connection timed out

$ telnet 172.16.0.212 22
Trying 172.16.0.212...
Connected to 172.16.0.212.
Escape character is '^]'.
SSH-2.0-srtSSHServer_11.00

Edited by: dh42 on Feb 15, 2021 9:36 AM

Edited by: dh42 on Feb 15, 2021 12:08 PM