How can I help fix CF to not misidentify one of my V6 blocks as being in China rather than near DC?

Bottom line: Can anyone suggest what I need to do to help CloudFlare not mis-identify my system as being in China?

[Some URLs edited to allow me, as a new user, to post with the 2-url limit]

I have several (tunneled via Hurricane Electric) IPv6 blocks, but it appears that CloudFlare thinks the GeoLoc for my primary proxy (physically on the US East coast) is in China and is returning a verification page that I cannot even read (and sometimes doesn’t even include the Captcha that I can enter to bypass the bad GeoLoc).

From a quick test I can see that both connect to the same V6 CF IP, but get different results for an otherwise identical request:

The site used is just an example from a recent search result, I have been seeing this consistently on many sites that use CF (the URL used is HTTPS to the HOST www.curtainandbathoutlet.com in the variable substitutions below):

% curl -vsi ${URL}

  • Trying 2606:4700:20::6819:196e:443…
  • TCP_NODELAY set
  • Connected to ${HOST} (2606:4700:20::6819:196e) port 443 (#0)
    […]

GET / HTTP/2
Host: ${HOST}
user-agent: curl/7.67.0
accept: /

  • Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
    < HTTP/2 403
    HTTP/2 403
    […]

Whereas an identical request from a different system in a different IPv6 block gives a correct-looking response with the same server IP:

% curl -iv -6 ${URL}

  • Trying 2606:4700:20::6819:196e…
  • TCP_NODELAY set
  • Connected to ${HOST} (2606:4700:20::6819:196e) port 443 (#0)
    […]

GET / HTTP/2
Host: ${HOST}
User-Agent: curl/7.64.1
Accept: /

  • Connection state changed (MAX_CONCURRENT_STREAMS == 256)!
    < HTTP/2 200
    HTTP/2 200
    […]

Can anyone suggest what I need to do to help CloudFlare not mis-identify my system as being in China?

Thanks,
Philip

And my attempt at marking some of the HTML in a block-quote let to it still not being displayed properly.

In the response to the request that is mis-identified as being from the wrong GeoLoc it includes:

<link rel=“stylesheet” href="[url-pointing-to-//idm-su.baidu.com]/config.css?r=20171010" type=“text/css” />

among other very China-line answers that I have no ability to read and no Captcha to bypass.

You likely need to ask HE to update their geo info with service providers like Maxmind. Cloudflare uses 3rd party services to identify the location of IPs.

1 Like

And from HE I get:

We don’t manage data with MAxMind, they manage their data themselves. We have published location information in our rwhois server that they are welcome to use, but we can’t make them. Seems like Cloudflare is paying for invalid data and using it.

Using a generic lookup tools for the rwhois data I see only US-based answers such as plugging in the IP at:

or:

https://www.ultratools.com/tools/ipv6InfoResult?ipAddress=2001%3A470%3Ac%3A1130%3A%3A2

Does that mean I’m going to have to contact Maxmind myself to get them to double-check their caches or do you have any other suggestions?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.