Not able to connect to API

Hey,
i’ve been using Cloudflare for a few months now without a problem, but suddenly my ddns updater wont connect to the Cloudflare api.

I have an Unraid server, and i use this docker container for Cloudflare. For about 3-4 hours its closing with this error:

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 30-cloudflare-setup: executing...
curl: (6) Could not resolve host: api.cloudflare.com
----------------------------------------------------------------
ERROR: Invalid CloudFlare Credentials - 000

----------------------------------------------------------------
Make sure the API_KEY is correct. You can
get your scoped CloudFlare API Token here:
https://dash.cloudflare.com/profile/api-tokens

----------------------------------------------------------------
[cont-init.d] 30-cloudflare-setup: exited 1.
[cont-finish.d] executing container finish scripts...
[cont-finish.d] 50-remove-record: executing...
[cont-finish.d] 50-remove-record: exited 0.
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.
[s6-finish] sending all processes the KILL signal and exiting.

I checked everything i could think of that would block the connection to the Cloudflare servers, but i couldnt find anything. I’ve created a new API Key, but that didnt help. Lastly, i did a traceroute on some of the servers on the list, and found that i.e. 173.245.48.0 doesnt finish

root@XXX:~# traceroute  173.245.48.0
traceroute to 173.245.48.0 (173.245.48.0), 30 hops max, 60 byte packets
 1  fritz.box (192.168.178.1)  0.751 ms  1.120 ms  1.508 ms
 2  p3e9bf491.dip0.t-ipconnect.de (62.155.244.145)  10.186 ms  12.897 ms  13.290 ms
 3  217.5.110.146 (217.5.110.146)  13.835 ms  14.230 ms  14.225 ms
 4  * * *
 5  4.69.215.129 (4.69.215.129)  162.974 ms  163.410 ms  163.806 ms
 6  * * *
 7  * * *
 8  * * *
 9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *

but others like 190.93.240.0

root@XXX:~# traceroute 190.93.240.0
traceroute to 190.93.240.0 (190.93.240.0), 30 hops max, 60 byte packets
 1  fritz.box (192.168.178.1)  1.006 ms  1.400 ms  1.408 ms
 2  p3e9bf491.dip0.t-ipconnect.de (62.155.244.145)  11.088 ms  11.091 ms  11.088 ms
 3  d-ed5-i.D.DE.NET.DTAG.DE (62.154.0.81)  10.228 ms  10.633 ms  10.635 ms
 4  195.122.183.210 (195.122.183.210)  20.762 ms !N  13.862 ms !N  14.268 ms !N

do. It would greatly help to know if this a problem on my site, or from my ISP/Cloudflare.

Thanks for your help!

It’s interesting that it says it could not resolve the host, then an invalid credentials error.

But if it really is a DNS error, that would be a local issue. Is there a way to pick a different DNS resolver for that system?

I believe the invaild credentials error comes from the code in the docker container, but i cant realy investigate since the container crashes once the error appears.

I tried several diffrent DNS Servers, including 217.237.148.70 (which is from my isp) and 8.8.8.8. Even 1.1.1.1 did not work, both standard and DoT (which is my default).

edit: I figured it could be a problem with port setting in my router, but even with exposed host ipv4/6 it wont connect.

Hey, just got it to work again. It turns out, that somehow the network was set to “bridge” for this docker container, but it needs to be set to “host”.
After i changed that, i got a real invalid credentials error, but that was my fault, i confused the api-token with the global api key. I created a new api token, and now its working again.
Why the network setting was changed, i dont know, but im happy now that its working again.

2 Likes