I've followed this guide to create a Blue/Green deployment, but when I add a 2nd origin I get a 404 error on the 1st origin that was initially working. https://learn.microsoft.com/en-us/azure/frontdoor/blue-green-deployment This is what I'm trying to do: Front Door URL: https://app-gua2fjgvb6djc4gc.z03.azurefd.net Blue Origin: https://blue.rhod3rz.com Green Origin: https://green.rhod3rz.com Both Blue and Green origins have a /health endpoint that correctly responds to HEAD and GET requests with HTTP 200 OK . This is the origin config. They both work if the other is disabled, but not at the same time. If they are both enabled, the one that was working gives a 404 error, whilst the one that has just been enabled works 😢 Any help to get to the bottom of this would be much appreciated!

Front Door Standard | Blue/Green | 404 Error

rhod3rz 0

I've followed this guide to create a Blue/Green deployment, but when I add a 2nd origin I get a 404 error on the 1st origin that was initially working.

https://learn.microsoft.com/en-us/azure/frontdoor/blue-green-deployment

This is what I'm trying to do:

frontdoor error

Front Door URL: https://app-gua2fjgvb6djc4gc.z03.azurefd.net
Blue Origin: https://blue.rhod3rz.com
Green Origin: https://green.rhod3rz.com
Both Blue and Green origins have a /health endpoint that correctly responds to HEAD and GET requests with HTTP 200 OK.

This is the origin config. They both work if the other is disabled, but not at the same time.

If they are both enabled, the one that was working gives a 404 error, whilst the one that has just been enabled works 😢

Any help to get to the bottom of this would be much appreciated!

origin config

origin green

Ganesh Patapati 4,150 Reputation points Microsoft External Staff

2025-02-26T14:00:29.3433333+00:00
Hi rhod3rz

Greetings!

Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

I understand that you are experiencing a 404 error.

For further troubleshooting, could you please share the following information:

Check the AFD access logs to verify which backend it routed to?

While you are getting a 404 error, what backend server status is appearing?

Check the application gateway logs, filter with the user agent as Edge, and let me know how the application gateway is responding.

If you need any further assistance, please do not hesitate to reach out. We are happy to assist you.
Ganesh Patapati 4,150 Reputation points Microsoft External Staff

2025-02-27T09:25:57.84+00:00

Hi rhod3rz

I would like to follow up on the thread.

Could you please review the last comment and provide the necessary information to continue the discussion?

If you need any further assistance, please don't hesitate to reach out. We are happy to help.
rhod3rz 0 Reputation points

2025-02-27T09:37:47.4933333+00:00
Hi. Thanks for your reply.

The key items to note here are:

Both https://blue.rhod3rz.com & https://green.rhod3rz.com are fully working and responding on /health.

They both work via Front Door if one of the origins is disabled.

Backend server status is always healthy.

Accessing directly via AGFC urls (https://blue.rhod3rz.com & https://green.rhod3rz.com) is also fully working and responding on /health.

There are lots of logs that can be pulled out of Azure Diagnostics. So I can provide the correct data can you be specific with the exact kusto query you'd like me to run against Front Door?

All websites are online 9-5 UK time if you want to test. I turn them off overnight to keep costs down.
rhod3rz 0 Reputation points

2025-02-27T09:38:34.0233333+00:00
Hi. Thanks for your reply.

The key items to note here are:

Both https://blue.rhod3rz.com & https://green.rhod3rz.com are fully working and responding on /health.

They both work via Front Door if one of the origins is disabled.

Backend server status is always healthy.

Accessing directly via AGFC urls (https://blue.rhod3rz.com & https://green.rhod3rz.com) is also fully working and responding on /health.

There are lots of logs that can be pulled out of Azure Diagnostics. So I can provide the correct data can you be specific with the exact kusto query you'd like me to run against Front Door?

All websites are online 9-5 UK time if you want to test. I turn them off overnight to keep costs down.
Deleted

This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Ganesh Patapati 4,150 Reputation points Microsoft External Staff

2025-02-27T11:48:57.1133333+00:00
@rhod3rz

Thanks for the Information!

Could you please run this query and share the information with me via private messages?

AzureDiagnostics | where ResourceProvider == "MICROSOFT.CDN" and Category == "FrontDooraccessLog"

In the logs, you will get a transaction ID with that collect only failed requests 404-error using with the transaction ID you can check the logs as per the below documents.

Check the application gateway logs, filter with the user agent as Edge, and let me know how the application gateway is responding.

While you are getting a 404 error, what backend server status is appearing?

Refer: https://learn.microsoft.com/en-us/azure/frontdoor/refstring?source=recommendations&tabs=edge
Ganesh Patapati 4,150 Reputation points Microsoft External Staff

2025-02-27T19:30:18.69+00:00
@rhod3rz

I have tested by reproducing the same issue just like your setup and it's working for us.

Deployed Server and hosted two applications (http://blue.azureonline.xyz & http://green.azureoneline.xyz) 2. Created Azure Front door standard profile (https://afdsvntest-hrbhg2gvg8ghaxc6.a02.azurefd.net/) and configured below origins on the same origin group.

Based on this, I can conclude that the issue may be caused by the Azure Application Gateway routing configuration, which might be resulting in intermittent 404 errors due to incorrect routing between AFD and AppGW.

So, I would you to please share the Application Gateway configuration screenshot to figure out the issue.

Additionally, please enable and collect the logs on AFD and AppGW at the time of the 404 error occurrence. Share these logs with us so that we can analyze how AFD sends the request to AppGW and the backend server, and how it receives the response.

Check the application gateway logs, filter with the user agent as Edge, and let me know how the application gateway is responding share this via private message.

Should there be any follow-up questions or concerns, please let us know and we shall try to address them.
Venkat V 775 Reputation points Microsoft External Staff

2025-02-28T15:33:23.32+00:00

Hi @rhod3rz

According to the error logs, the Blue app (https://blue.rhod3rz.com:443/) is throwing a 404 error, while the Green app (https://green.rhod3rz.com) is working.

You can enable both endpoints and check which one is returning the 404 error. Additionally, verify the status from the Application Gateway instead of accessing the application directly.

If the Application Gateway also throws an error, check its configurations. Since the other application is working, compare the configuration of the working Application Gateway and apply the same settings to the non-working Application Gateway.

I hope this is helpful! Do not hesitate to let me know if you have any other questions.
rhod3rz 0 Reputation points

2025-03-03T09:20:27.22+00:00

There is only 1 AGFC; it hosts both blue & green.

Please be more specific about the exact logs you want and how to get them.
rhod3rz 0 Reputation points

2025-03-03T09:26:00.6733333+00:00
ChaitanyaNaykodi-MSFT 27,121 Reputation points Microsoft Employee

2025-03-03T21:24:44.4033333+00:00

@rhod3rz

Thank you for reaching out. I understand you are facing issues to read the private messages on this Q&A post. I have reached out to you over email. Please let me know if you have any questions. Thank you!

Share via

Front Door Standard | Blue/Green | 404 Error

Your answer