How is Failover used in practice?

See real-world examples and code snippets on the Failover glossary page at CDN Certified.

What concepts are related to Failover?

Related terms include: Origin Health Check, Origin Shield, Request Coalescing, stale-if-error.

Failover

Architecture

Automatically switching to a backup server, origin, or CDN when the primary one fails. Good failover is invisible to users—they never see an error page.

Updated Mar 9, 2026

Full Explanation

Failover is your safety net. Origin goes down? CDN serves stale content or routes to a backup origin. CDN PoP goes down? Anycast reroutes to the next closest PoP. Entire CDN goes down? Multi-CDN setup switches to the secondary provider.

There are different levels. Origin failover: CDN health-checks your origin and switches to a backup if it fails. PoP failover: handled automatically by Anycast routing. CDN failover: requires DNS-based or client-side switching between CDN providers.

The key metric is failover time—how long until traffic shifts. Anycast failover happens in seconds. DNS-based failover depends on TTL (could be minutes). The stale-if-error Cache-Control directive is your friend here—it lets caches serve stale content while failover happens, so users see something instead of an error.

See the interactive Multi-CDN Load Balancing animation in the course to visualize failover scenarios.

Examples

# Nginx: upstream failover
upstream origin {
    server primary.example.com:443;
    server backup.example.com:443 backup;
}

# CloudFront: origin failover group
resource "aws_cloudfront_distribution" "cdn" {
  origin_group {
    failover_criteria {
      status_codes = [500, 502, 503, 504]
    }
    member { origin_id = "primary" }
    member { origin_id = "backup" }
  }
}

# Resilient Cache-Control for graceful degradation
Cache-Control: public, max-age=300, stale-if-error=86400

Video Explanation

Frequently Asked Questions

Automatically switching to a backup server, origin, or CDN when the primary one fails. Good failover is invisible to users—they never see an error page.

# Nginx: upstream failover
upstream origin {
    server primary.example.com:443;
    server backup.example.com:443 backup;
}

# CloudFront: origin failover group
resource "aws_cloudfront_distribution" "cdn" {
  origin_group {
    failover_criteria {
      status_codes = [500, 502, 503, 504]
    }
    member { origin_id = "primary" }
    member { origin_id = "backup" }
  }
}

# Resilient Cache-Control for graceful degradation
Cache-Control: public, max-age=300, stale-if-error=86400

Related CDN concepts include:

Origin Health Check — Periodic requests to a specific endpoint (usually /health or /ping) to verify the origin is …
Origin Shield — A mid-tier cache layer that sits between edge servers and the origin. Aggregates cache misses …
Request Coalescing — A CDN feature that batches multiple simultaneous requests for the same uncached content into a …
stale-if-error — Allows caches to serve stale content when the origin returns an error (5xx) or is …

Previous Term ETag

Next Term Forward Proxy

Back to Glossary