My hostname is https://doncandidosrl.com/
For some of the routes in that URL, it is obtained a 522 error. Not for the entire site, just some routes (things like javascript files required to make the system work).
Reading the access logs in the server, I can see that a request from my PC to https://doncandidosrl.com/ is done by Cloudflare IPs in the range 198.41.231.0/24
Different routes uses different IPs in that range. For example, if I ask for https://doncandidosrl.com/
, Cloudflare requests that route with IP 198.41.231.127; and if I ask for https://doncandidosrl.com/webmail/
, Cloudflare uses IP 198.41.231.57.
These are for my ISP. If I use a VPN, or the mobile network (others ISP), the same requests arrive at the server from differents Cloudflare IP addresses.
Based on this information, I suppose that there is one or more IP address in the 198.41.231.0/24 range that is filtered somehow, and those requests didn’t make it to the http service. I have all Cloudflare IPs whitelisted. I even did tests removing all firewall filters (accept all input and outputs) and the problem persists.
Doing some tests, I found that I cannot ping the IP address 198.41.231.109 from my server. However, from my PC I can ping 198.41.231.109 without packet loss. So, if Cloudflare is making a request using that IP address, the response will be a 522 error. Putting the firewall down (allow everything in and out) didn’t change the situation. Using other server in the same host provider shows the same behavior (cannot ping to 198.41.231.109).
The host provider tells me that they have Cloudflare whitelisted. They don’t want to give me more information. Their argument is that if such a problem exists, many users will report it, and no one does. It is a weak argument because it doesn’t happen to everybody, not even all the time, and if you have luck and the problem is with cached content or with content that is not very important (like a favicon), it is very likely that will go unnoticed.
I did everything in the troubleshooting 522 errors list. So please, don’t send me that link XD
What can I do next? Thanks for reading this far!