502 proxy error only using Cloudflare. Direct, altered host file work

Getting 502s since yesterday night. If I turn off Cloudflare or alter my hosts file, it works.

VM’s IP is 104.236.40.109 DigitalOcean. Cloudflare’s IP: 104.24.107.178

Weird part: DO and CF IPs are in the same 104 network… all working others are in other IP ranges.

fl=97f117
h=www.simplie.com.br
ip=177.148.228.247
ts=1536246304.163
visit_scheme=http
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
colo=GRU
spdy=off
http=http/1.1
loc=BR
tls=off
sni=off

The site generally loads fine, however I noticed some locations at http://sitemeer.com/#www.simplie.com.br throw an error too.

My guess would be it could be a load issue on your server when there are too many concurrent requests. Try monitoring your load and check the log files for any errors.

Hi Sandro, thanks for your reply.

2018-09-06_144418

There are no heavy loads, this site is a regular company site with very few requests. And the server is almost sleeping…

Fair enough, it was my assumption because it took 2+ seconds for some locations to get the first byte and there was recently a similar case where a single request got a response within a reasonable time, but concurrent ones were 3+ seconds.

Did you check your logfiles for any errors?

No erros found in WP, UFW is ok…
Server is up and running, WP is working, It must be something between CF and DO. I suspect is some routing in this 104 network.

I tried a MTR from DO to CF but no lost packets.

Thanks once again

What about the Apache logs?

Sandro.

I cloned the VM. New VM is 159.89.37.17. I Changed the A record in Cloudflare DNS… its now working.

Any ideas? Thanks again, best regards

It was working before as well, wasnt it?

My best bet would have been to have a look at the Apache logs if there was anything.

Of course I cant rule out a routing issue, but I’d rather doubt it is related to the fact you share the same first octet.

Well, it wasn’t working because CF wasn’t reaching my server. Now it is. All I did was clone the VM and get a new IP. This is clearly a routing issue. I’m no network expert but it was clearly something between them.

I manage other sites under proxies. When they’re 5000 miles apart, anything can happen. A hurricane in mexican gulf disrupt packets. But in this case it seemed like a firewall ban or route misconfiguration.

Thank you very much, sandro. Best regards.

TL;DR
If you’re using Cloudflare and DigitalOcean and suddenly all you can see are 502s. Clone your VM and get a new IP. :grinning:

How can you be sure? Have you checked the Apache logs? This is still not clear.

Yes, its likely to be a routing issue, but that does not mean it has anything to do with the first octet.

What is this case? Sorry, but you seem to have some fixation on that first octet :slight_smile: They can still be 5000 or more miles apart. Cloudflare uses anycast.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.