DNS proxy fails with 521 error - while working for other domain

user51521 · December 28, 2024, 4:15pm

What is the name of the domain?

redacted

What is the error number?

521

What is the issue you’re encountering

Unable to connect to web server

What feature, service or problem is this related to?

DNS records

What are the steps to reproduce the issue?

I have two domains:
image.example1[.]com
image.example2[.]com

Both point to the same reverse proxy (caddy on firewall).

image.example1[.]com - works totally fine.
image.example2[.]com - results in 521 connect error. Disabling CF proxy results also in server connect error.

In Security Analytics I can see some incoming requests (see screenshots) but no successful connect.

If I test it from my internal network, setting up a local DNS resolver pointing image.example2[.]com to the internal interface of my FW, it works totally fine.

So the firewall accepts the requests for this hostname / domain. Internally it works. Resolving externally via CF fails.

Does anyone has any idea why this is? Why does the same setup work for example1 domain but not for example2 domain?

Any input is highly appreciated!

Tom

Screenshot of the error

user51521 · December 28, 2024, 6:33pm

I did some further testing. Manually accessing the firewall with the hostname works:
curl -k --resolve image.example[.]my:443:123.123.123.123 image.example[.]my

Hostname and DNS in CF are also correct.

But when I access the URL with this hostname via browser and CF, there is also a 521 error

fritex · December 29, 2024, 4:18am

I am afraid you’d have to cross-check this with your service/hosting provider if the error persists even when Cloudflare is paused.

My best guess, misconfiguration with web server vhost files

Troubleshooting steps:

Ensure DNS records for image.example2.com are correct at DNS tab of Cloudflare dashboard.
Compare the setup of image.example1.com and image.example2.com on the web server.

Might be one domain is allowed, other filtered?

system · January 13, 2025, 4:19am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
CF giving out one valid and one invalid DNS resolution DNS & Network	4	2661	June 12, 2021
Error 522 when I connect to CF Website, Application, Performance	2	26	December 11, 2024
Server working but having error 521 General	6	217	May 12, 2024
Error 521 when web server is fully responsive DNS & Network	11	4055	May 26, 2021
Trying to point 2 domains at the same ip DNS & Network	2	2770	February 6, 2022