522 what to do

I think that I’m having a similar issue. Please let me know if I should start a new topic since this one has been closed.

I run Unraid at home with SWAG reverse proxy running in Docker, pointing to various other Docker containers I have. I registered my domain with GoDaddy, and set up DNS through Cloudflare (basically following spaceinvaderone’s tutorials, if anybody is familiar). I have my router set up with dynamic DNS services through no-ip to update my origin IP address. I have my various Dockers that I want access to addressed through subdomains , each with their own CNAME DNS record that points to my no-ip dynamic host

All was working well until this morning (5/5/22) when each and every service results with a 522 error. I’ve confirmed that my home internet is up and running, and I can still get access to my local network remotely via my router’s VPN service. I’ve checked and double checked that all the settings for my reverse proxy were unchanged and all seems well. The only thing that I’ve changed recently was enabling uPNP on my router, but I doubt that’s the culprit (and I’ve since disabled it, with no change in results). I’ve ensured that my dynamic DNS service is still working and updating correctly, which it is.

I’ve tried turning the Proxy setting to DNS only, but that doesn’t resolve the issue. I’ve also followed a lot of the other suggestions on this page (at least the ones that I can understand) to no avail. From what I can tell, everything should be working (CNAME record points to the dynamic DNS host properly with the DNS proxy through Cloudflare, the dDNS has the correct IP address for my home server, and the services running on the home server are all up and running correctly), but I’m still getting the 522 error.

I was wondering if it had to do with the DNS Update Delay that was experienced today, but that’s since been marked as resolved, and I’m still having the issue.

Any support or advice is graciously welcomed. I’ll try to provide any additional information if needed.

@ismaelyws This has been branched to a new topic. Do you have a similar setup as well? Have you been able to make any progress or sense of what’s changed?

No progress and no idea what’s changed.

@stevenkreis I can confirm, same as you, everything was working well until this morning 5/5/22. I didn’t make any changes to my DNS or server settings.

@ismaelyws
Not sure at all what, but I did get my problem sorted. I went down a lot of rabbit holes, messing with .conf files for SWAG, cycling back and forth with enabling/disabling proxy at the Cloudflare DNS level, setting up a new dynamic DNS provider to update Cloudflare directly (I was previously pointing my CNAME entries to a no-ip URL), etc. Of course, none of it worked.
So then I went sub-nuclear, and bought a new domain to start from scratch. I was constantly learning about how the proxy servers work, how Cloudflare handles IP addresses, running host, dig, ping, and whois commands on my different domains and subdomains through bash.ws; you know, really beating my head against the wall. I even stopped my SWAG container and tried to get things going with NPM.
It wasn’t until I had a moment of clarity this morning during my long run that whenever I did manage to set things up just right to actually get a response from one of my domains, it would only present me with my gateways main page, usually with a certificate error. I was confused that A. I was getting a certificate error (with a generic hostname, nonetheless) when I knew that my certs were valid from the SWAG logs and B. that I was only ever able to get redirected to the gateway IP, no matter what I did on the SWAG side; and that this only worked on a local connection.
Basically, it dawned on me that somewhere along the way, something must have happened with my port forwarding. I did a sanity check, forwarding the ports directly for one of my services, and I was able to gain access with both my raw IP, as well as the domains that I had set up an A record to that IP. PROGRESS. I then deleted the port 80 and port 443 rules that I had already established, and made new ones from scratch, and I was back in business.
Of course, since I went through the hassle of buying a new domain through Cloudflare (which is a better sounding domain than the prior), I wanted to use that instead. It’s taken some tinkering to get things back on the new domain, but all is right with the world.

Again, I’m not sure if any of this will help (I’m fairly sure that it, unfortunately, won’t). My only advise would be to go back to the basics and start there.

Just in case there was some weird bug or firmware push, I’m on a Netgear Orbi router, Wifi6 (not 6e).

Best of luck!

1 Like