IPv6 Only site encounter 522 error

I am trying to run a site on a server that only IPv6 is public. I was able to access it without Cloudflare Proxy when using a IPv6 capable network. However, when I turn on Cloudflare on the site, I get 522 error. I thought it was suppose to be able to connect to IPv6 only site. Any idea?
From one of the error: Ray ID: 6d02a915c8ec7bc


Thank you for asking and I am sorry you are experiencing an issue with 522 error while using IPv6 only at your origin host/server.

Regarding Cloudflare 522 error, may I suggest you to look into below article to troubleshoot the issue and find out more useful information about this error:

This sounds familiar to me, recently Hetzner started to provide dedicated servers (and Cloud soon if not already) with IPv6-only “by default”.

And I am running an IPv4 and IPv6 on my server, while have successfully added both IPs which are proxied at Cloudflare.

Nevertheless, may I ask have you tried pinging some IPv6 hostname like ipv6test.google.com or an outside IPv6 address from your origin host/server which is already running and hopefully configured to work with IPv6?

May I ask over which port does your Web app work?
Kindly, check if you are using a supported and compatible one with Cloudflare proxy :orange: as follows at the link from below:

If so and if it’s returning result, you are good.

Furthermore, from what you are saying, I can assume you have successfully added your domain name to your Cloudflare account, correct?

May I ask if you have added the required AAAA type DNS record (hostname’s like yourdomain.com and www) pointed to the IPv6 address of your server under the DNS tab of Cloudflare dashboard for your domain name and set it to proxied :orange: ?

If all above yes and you are still getting 522 errors, may I ask before moving to Cloudflare, was your Website and webserver working over HTTPS connection?
Do you have a valid SSL certificate installed at your origin host/server for your domain name, which covers both non-www and www (possible any other sub-domain if using)?

If yes, may I ask you to check which SSL option have you got selected under the SSL/TLS tab at Cloudflare dashboard for your domain ( Flexible, Full, Full Strict … )?

  • → It should be selected at Full (Strict) SSL

Did you tried accessing your Website using a different Web browser, using a Private Window (Incognito mode), or maybe using a different network connection like mobile phone data (LTE, cellular) or even a VPN connection? Is it the same error showing up to you?

Just in case, here is a way to re-check if you correctly set up the SSL for your domain with Cloudflare:

In case you do not have an SSL certificate, you can use Cloudflare SSL, if so, kindly make sure you follow the instructions as follows on the below article to set up an SSL certificate using Cloudflare Origin CA Certificate:

Last but not least, kindly have a look at the below article for more information regarding correct SSL settings at the SSL/TLS tab on the Cloudflare dashboard:

Furthermore, maybe some firewall is blocking Cloudflare requests. If so, kindly re-check if Cloudflare is allowed to connect to your origin host as follows in the below article:

Nevertheless, Cloudflare IP addresses list can be found here:

Similar topic can be found:

After troubleshooting, if you have been through all these above suggestions and are not seeing corresponding issues on your network/server, kindly reply with any feedback information and we will get it resolved as soon as possible.

Nevertheless, if nothing from the above works I would suggest you write a ticket to Cloudflare support due to your account and/or domain issue and share the ticket number here with us so we could escalate this issue:

  • Login to Cloudflare and then contact Cloudflare Support by clicking on the Get More Help button. If you get automatic reply, reply and indicate to it you need more help and reference to this topic
  • Or send an an e-mail to support[at]cloudflare[dot]com from your e-mail associated with your Cloudflare account
1 Like

Thanks for the detailed report. So far this is what I have tested:

  1. This is a home server running HE Tunnelbroker. The machine gets its own /64 IPv6.
  2. It is using port 80 and 443. There is no firewall blocking specific IP.
  3. It can be pinged from other machines
  4. When just use AAAA record without Cloudflare proxy, I can visit the site from another network. So I know it is reachable from outside.
  5. It has valid SSL certificates and when I visiting the site from another network it shows up normally.
  6. It’s currently just on a free account so I can’t open a ticket.
1 Like

I am sorry to say but there were some issue with it as I remember:

May I suggest you doing it as follows below and kindly to share your ticket number here with us in your next reply so I could escalate this:

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.