Error 522 Unable to see one website only when connecting through specific ISP

nickstav · 2019-01-02 12:59:46 UTC

Hi, we have been using Cloudflare for two websites for more than a month and it is working well to stop a DDOS attack.

However, sometime in the past week, when trying to view one of the websites from a specific Australian ISP, we are getting a 522 Error. We have troubleshooted, web hosting added Cloudflre IP addresses to whitelist, but still the 522 error shows up. Strangely, another website hosted at the same hosting company and within CloudFlare can be seen without issues. It is a multihost Magento site.

From all other computers and ISPs at different location, both the websites can be viewed successfully.
I try to enter the two traceroutes hre, but there is a restriction in this forum on first time users.

sandro · 2019-01-02 13:01:09 UTC

nickstav · 2019-01-02 13:43:39 UTC

Here are two Traceroute and other data from the computer getting the 522 error at the office.firsttracert is to the website that is working (bhfitness), second is to the website with 522 error.
Tracing route to www.bhfitness.com.au [104.28.22.152]
over a maximum of 30 hops:
1 4 ms 2 ms 2 ms mygateway.home [192.168.2.1]
2 11 ms 13 ms 12 ms sbr2-l101.bng.optusnet.com.au [114.74.0.1]
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 * * * Request timed out.
7 15 ms 20 ms 13 ms 198.142.250.237
8 17 ms 15 ms 12 ms 198.142.139.118
9 * * * Request timed out.
10 * * * Request timed out.
11 137 ms 128 ms 126 ms 203.208.131.225
12 129 ms 124 ms 125 ms 203.208.178.17
13 237 ms 226 ms 227 ms xe-0-0-12-1.a01.tkokhk01.hk.bb.gin.ntt.net [129.
250.8.197]
14 227 ms 227 ms 225 ms ae-13.r03.tkokhk01.hk.bb.gin.ntt.net [129.250.5.
37]
15 224 ms 224 ms 224 ms ae-11.r24.tkokhk01.hk.bb.gin.ntt.net [129.250.6.
99]
16 232 ms 227 ms 226 ms ae-12.r30.tokyjp05.jp.bb.gin.ntt.net [129.250.2.
50]
17 224 ms 223 ms 224 ms ae-2.r01.tokyjp08.jp.bb.gin.ntt.net [129.250.6.1
31]
18 229 ms 230 ms 227 ms ae-2.a00.tokyjp03.jp.bb.gin.ntt.net [129.250.5.5
5]
19 229 ms 228 ms 231 ms ae-0.cloudflare.tokyjp03.jp.bb.gin.ntt.net [117.
103.177.182]
20 230 ms 248 ms 247 ms 104.28.22.152

Trace complete.

sandro · 2019-01-02 13:48:12 UTC

Particularly #3 in the linked article seems to be applicable. Which steps did you take to ensure this is not the case?

nickstav · 2019-01-02 14:52:33 UTC

Whte whitelisting of cloudflare servers (point 3 in the community tip) was done. It had no impact on the results. What I dont understand is if all requests are routed through CloudFlares servers, should it matter if they come from ISP1 or ISP2?

Here is the second traceroute. this is the website which cannot be seen.

Tracing route to www.beurer.com.au [104.27.178.64]
over a maximum of 30 hops:

1 3 ms 1 ms 4 ms mygateway.home [192.168.2.1]
2 11 ms 11 ms 12 ms sbr2-l101.bng.optusnet.com.au [114.74.0.1]
3 * * * Request timed out.
4 * * * Request timed out.
5 * * * Request timed out.
6 12 ms 12 ms 12 ms 198.142.250.217
7 11 ms 12 ms 11 ms 198.142.139.118
8 * * * Request timed out.
9 * * * Request timed out.
10 124 ms 124 ms 127 ms 203.208.131.225
11 125 ms 124 ms 124 ms 203.208.158.197
12 227 ms 227 ms 227 ms cloudflare1-100g.hkix.net [123.255.90.246]
13 229 ms 281 ms 227 ms 104.27.178.64

Trace complete.

nickstav · 2019-01-02 14:56:29 UTC

Other steps in the community tips have been followed. The hosting provider has not been able to provide any further assistance yet.

Since moving to Cloudflare, the DDOS attacks are no longer impacting the site, and there is very low CPU utilisation. They are both small sites with low traffic.

nickstav · 2019-01-02 14:57:21 UTC

From the computer that cannot see the Buerer site.

fl=26f28
h=cloudflare.com
ip=114.74.216.12
ts=1546432792.129
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
colo=SYD
http=h2
loc=AU

nickstav · 2019-01-02 14:58:28 UTC

Cloudflare Firewall was completely disabled for a short test to see if it resolved issue, but did not.

sandro · 2019-01-02 15:09:47 UTC

The traceroutes are relatively irrelevant in this case as you can reach Cloudflare without problems. The problem is Cloudflare cant reach your server.

You might want to take the connection ID from one of those failed connection attempts and open a support ticket with it. They might be able to tell why it failed.

system · 2019-01-16 12:59:49 UTC

This topic was automatically closed after 14 days. New replies are no longer allowed.