Routing Policies – Failover (Active-Passive) | Overview & Hands-On.

Routing Policies – Failover (Active-Passive) | Overview & Hands-On.

Failover routing in Route 53 is used to configure high availability by directing traffic to a primary (active) resource and failing over to a secondary (passive) resource only if the primary becomes unhealthy.

 How It Works

• Active (Primary) Record: Handles all traffic under normal conditions.
• Passive (Secondary) Record: Takes over only if the active one fails a health check.
• Route 53 checks the health status of the primary via a configured health check.
• If the primary fails → traffic automatically routes to the secondary.

 Steps to Set Up Failover Routing Policy

1. Create Health Check
• Route 53 must monitor your primary endpoint (via HTTP, HTTPS, or TCP).
• Health check must be associated with the primary record.
2. Create Primary Record (Active)
• Set Routing Policy: Failover
• Set Failover Type: Primary
• Associate the health check.
• Example:

# yaml

 

Name: www.springapp.twtech.com 

Type: A or CNAME 

Value: 192.0.2.10 (Active server) 

Failover: Primary 

Health Check: Enabled

3. Create Secondary Record (Passive)
• Set Routing Policy: Failover
• Set Failover Type: Secondary
• No health check needed (optional).
• Example:

# makefile

 

Name: www.twtech.click 

Type: A or CNAME 

Value: 192.0.2.20 (Backup server) 

Failover: Secondary 

twtech idea 

Condition	Route 53 Behavior
If Primary  is Healthy	Routes all traffic to Primary
If Primary  is Unhealthy	Instantly switches to Secondary (Passive)

 twtech Best Practices

• Keep the health check interval short (e.g., 30 seconds) for faster failover.
• Use multiple health checkers (3+ regions) to avoid false negatives.
• Monitor CloudWatch metrics tied to health checks.
• Combine with CloudFront or ELB for regional resilience if needed.

Project: Hands-on

• How twtech configures failover for resources.

Step-1: 

• Go to Route 53
• twtech Creates a failover record from: Hosted zone / DNS 

• Hosted zone selected for the record: twtech.click

Step-2: 

• twtech Assigns and name for the record: failoverpolicy.twtech.click

twtech idea is:

• If the primary Node (instance) in us-east-2 (Ohio) fails, traffic would be routed to the secondary Node (instance) in us-east-1(N. Virginia)
• twtech has its appllication installed in the above regions.
• twtech uses the browser to see if the record url is reachable: failoverpolicy.twtech.click
• Yes:  
• Traffic failover  is routed to the secondary instance in us-east-1 (N. Virginian), instead of the primary instance set for us-east-2 (Ohio).

NB:

•  Once the failover is fixed and the primary instance becomes healthy again, traffic will be routed back to the primary instance.
• Traffic is only routed to the secondary Node (instance) if the health check is determined to be unhealthy in the primary Node (instance). 
• As long as the primary Node (instance) stays healthy, traffic will continue to route to the primary Node (instance).