 Hey everybody, it's Sarah here and today I want to take you through how to troubleshoot Azure Traffic Manager endpoints. Now, I've been using Azure Traffic Manager for a presentation that I delivered a few weeks ago, and I have a demo environment set up, and the other day when I went into it, I found that it was actually in a degraded state that it wasn't necessarily fully healthy and online. So I started to do some digging and started to understand a bit more about how Azure Traffic Manager actually interrogates its endpoints and determines whether they are healthy or they're degraded. So I want to talk about the health probes that Azure Traffic Manager has. Azure Traffic Manager uses health probes to understand whether your endpoints are healthy or degraded, and whether they should have traffic sent to them or not. Now, a health probe just checks for a response, checks that something is up online and available. Your endpoints can be anything that are something like an Azure web app or it could be a server in an on-prem environment because Azure Traffic Manager doesn't just need to be an Azure resource that it points to, it can be non-Azure resources as well. Those health probes react in certain ways, and when I was troubleshooting trying to understand how these health probes work and why my Azure Traffic Manager was displaying a degraded status, I started to learn a bit more about these health probes, and there's some key things that you have to learn about health probes to understand why this degraded state is the way that it is. Now, a health probe will look for a 200 response code, and if it gets a 200 response code, then it will think that the endpoint is up and it will start to send traffic to it. So it would display as an online status for your endpoint. If your probe is looking at HTTPS traffic, then it will actually ignore any certificate errors. So if your certificate isn't quite right or there's some kind of error, the health probe will actually ignore that and still just put back an online or a healthy status for you. Obviously, if there's a certificate error, your end users will see that and you might have to deal with it, but the Azure Traffic Manager health probes do not differentiate and don't look for certificate errors. Now, if your health probe gets a 3.0 and with one of the 300 codes and it's a redirecting error, what the health probe will actually say is that that's a failure unless you've specifically said to the health probe that getting a 300 code is okay. So that's something to bear in mind if you have some kind of redirection or a 300 status code that potentially will happen during this health probe status, you need to build that into your rules. Now, the last one that actually caught me out and is actually a good feature to be honest, is if Azure Traffic Manager sees all your end points as degraded, what it will do is actually mark everything is healthy and still send traffic to them. So in my case, this was exactly the status that I had. Azure Traffic Manager was seeing all of my end points as degraded. So it was actually defaulting back to saying everything was online and actually sending traffic. That was the case. All my end points were healthy. It was my traffic manager health probe that was actually configured wrong. So I want to show you what I actually did to show you how I can fix this. Now, obviously, my fix for a degraded status might be completely different from yours and it may be something that you have to look at, but I want to show you how I fix mine so that you just have some kind of idea how to look at the health probes within Azure Traffic Manager. Now, this is my Azure Traffic Manager and if you look at the monitor status, it's saying degraded and it's saying that all my end points are degraded as well. And this was puzzling because I was actually hitting my traffic manager and getting the right end points when I viewed it. I then took a step back and realized that I turned all my end points into accepting HTTPS traffic only. They were not receiving HTTP traffic. And when I looked into my health probe, I discovered that I was testing on HTTP, although my configuration was completely wrong on my health probe. I was checking for the HTTP protocol and the 433 port, which wasn't a great combination. So what I had to do to get this back into a healthy state is change my protocol to HTTP. Yes, leave the port at 443 because that's the HTTPS port that I'm using. I'm not checking, I'm checking the default path and I don't need anything else here. I don't need any status codes because I'm not doing anything fancy in terms of redirection or anything like that. So if I save this configuration, we'll take a few minutes for the health probe to reconfigure, check it and understand that these are back healthy again. But that was ultimately my fix. So as you can see, once my health probe has picked up these new configuration states, my end points are all coming back online and my traffic manager is back online. Now as I said, this might not be the resolution to your issue if you have an Azure traffic manager in a degraded state, but if you have a degraded state within your Azure traffic manager, make sure you understand the rules or the way that the health probes work because it can actually help you understand how to fix it and the behavior of your Azure traffic manager.