Intermittent 404 Error - Possible Issue with DNS Provider or Cloudflare?

About a year ago we purchased commonwealth.gg on Namecheap, and parked it with a Namecheap redirect page for about two weeks while we worked on a site re-design. Once it was setup, we pointed the name-servers to Cloudflare’s. The site works well and still runs today, however about 10 percent of users are entirely unable to access it, and say they get a blank 404 page. The only way to fix it is for them to totally clear their browser cache.

Fast forward a year. After using a number of devices I have been able to recreate the 404 error! See the BAD screenshot. Notice how it says “x-served-by: Namecheap URL Forward” when it throws the 404 error. Compared to the good screenshot, of when it works.

So I reached out to Namecheap, and they say the DNS is controlled by Cloudflare, so the redirect is a cloudflare issue, so I am posting to see if the community can help. Can anyone help out or have any insight?

Bad Result (10% of the time) :-1:

Good Result (90% of the time) :+1:

I did ❯ dig a commonwealth.gg and see that indeed, the DNS servers are Cloudflare’s, so I do believe that the issue is indeed on the Cloudflare end.

commonwealth.gg.	20	IN	A	172.67.219.28
commonwealth.gg.	20	IN	A	104.27.131.22
commonwealth.gg.	20	IN	A	104.27.130.22

Well, you’ve gotta admit, they didn’t have much data to go on to look for clues.

Oh…never mind.

1 Like

What is this proxied to from Cloudflare? What’s the origin server?

I get a 404 via curl, no browser cache involved…

% curl -s -D - -o /dev/null https://commonwealth.gg
HTTP/2 404
date: Fri, 18 Sep 2020 00:55:22 GMT
content-length: 0
set-cookie: __cfduid=d683feb0e49993daa6225c1be0c55117c1600390522; expires=Sun, 18-Oct-20 00:55:22 GMT; path=/; domain=.commonwealth.gg; HttpOnly; SameSite=Lax; Secure
x-served-by: Namecheap URL Forward
cf-cache-status: DYNAMIC
cf-request-id: 05404e7ec10000186f1024d200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d4719de08e0186f-ATL
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
1 Like

Okay, this is kinda weird.

Everything works fine over IPv4 but fails over IPv6:

% curl -4 -s -D - -o /dev/null https://commonwealth.gg/
HTTP/2 200
date: Fri, 18 Sep 2020 01:07:25 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=da994cba3f88e35040d476dc29dfc86051600391245; expires=Sun, 18-Oct-20 01:07:25 GMT; path=/; domain=.commonwealth.gg; HttpOnly; SameSite=Lax; Secure
last-modified: Fri, 31 Jul 2020 04:06:21 GMT
access-control-allow-origin: *
expires: Fri, 18 Sep 2020 01:15:44 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: F414:067B:FFD5D5:135BACF:5F6407E7
via: 1.1 varnish
age: 0
x-served-by: cache-pdk17826-PDK
x-cache: HIT
x-cache-hits: 1
x-timer: S1600391246.778557,VS0,VE35
vary: Accept-Encoding
x-fastly-request-id: 74a7c74327955944411dc7ae6475b4a9a5f8edfe
cf-cache-status: DYNAMIC
cf-request-id: 05405987c80000f361d501e200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d472b86096cf361-ATL
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

% curl -6 -s -D - -o /dev/null https://commonwealth.gg/
HTTP/2 404
date: Fri, 18 Sep 2020 01:07:28 GMT
content-length: 0
set-cookie: __cfduid=db1304417f5e90fa0f7da16a65d8facc61600391248; expires=Sun, 18-Oct-20 01:07:28 GMT; path=/; domain=.commonwealth.gg; HttpOnly; SameSite=Lax; Secure
x-served-by: Namecheap URL Forward
cf-cache-status: DYNAMIC
cf-request-id: 05405992990000f381ff84a200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5d472b975d66f381-ATL
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

I checked every IP advertised by Cloudflare, and every IPv4 address works and every IPv6 address fails. Weird stuff. Would contact Cloudflare.

I’ve also seen some software that isn’t written for IPv6 that fails when it sees an IPv6 address. I’ve had customers that tried to log client IP, for example, and that broke. Could be something like that. Of course, you can also disable IPv6, I believe… not sure if that’s an Enterprise only function or not.

1 Like

Wow, what amazing investigation. The original page is hosted on Github pages, haven’t had any issues, and it’s worked for a long time in the past.

However, looking at the data that you have sent makes me think Namecheap did the zone transfer to Cloudflare for IPv4 address space, but maybe is still broadcasting their redirect page on the IPv6 address space? That would explain the weird intermittency of the error as well.

If you’re comfortable sharing it, it would be interesting to see what your DNS tab looks like at Cloudflare:

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.