Over 200ms RTT to Cloudflare IP's from some Australian Carriers (Telstra and Optus)

Hi All,

We have recently moved our DNS hosting across to cloudflare. We are looking at enabling some of the other services such as enabling proxy for the traffic.

The issue i am having is that when this is enabled all traffic is coming from the US and not from an Australian Data Center.

Any Ideas?

You see US IP addresses because

are assigned to a US company. The Analytics tab on your dashboard should show the Top 5 countries.

The issue i am finding is that carriers within Australia such as Superloop and Vocus can route to Cloudflare addresses within 20ms. Some of Australia’s largest carriers (Telstra and Optus) who don’t peer with IX can take over 200ms.

All our customers are going to be using residential carriers like Telstra and Optus

Any Thoughts on the way to move forward.

Well, that’s up to those providers then and you can’t so anything from your end. If they chose a cheaper path to save a cent per GB traffic and make customers upset with bad performace, it’s their decision.

It may be their decision to choose a carrier that doesn’t peer with IX but they most likely wouldn’t understand what peering is. Telstra and Optus are not cheaper by any means its just that is who everyone knows within Australia.

I am trying to improve my customers experience and that is why i would be enabling Proxy and utilising a service such as Cloudflare.

Wouldn’t it make sense for Cloudflare to purchase IP Transit and advertise their routes through the two biggest carriers within Australia to reduce hops to their services. Obviously peering with IX is cheap and i can understand why Cloudflare would peer with IX but a lot of carriers within Australia don’t.

I am a customer of Cloudflare and i can choose my carrier based on peering but 99% of our customers wont see the performance gain and potentially notice an impact to services with proxy enabled.

Are there any Cloudflare customers in Australia that are currently working through this issue, or have resolved this issue somehow.


Make sure you configure your web server to detect real visitor IP addresses and not CF reverse proxy’s IP addresses see https://support.cloudflare.com/hc/en-us/articles/200170786-Restoring-original-visitor-IPs-Logging-visitor-IP-addresses-with-mod-cloudflare-

Some of my Aussie visitors hit Australia Cloudflare datacenters on both free and business plans.

But my traffic make up is usually 50% US, 30% Asian/Oceania and 20% European so Cloudflare is ideal.

Are you getting this Informations form your Server-Log or from your CloudFlare Dashboard?

Some of Australia’s telco providers are exorbitantly expensive. As a result we may choose to only provide / advertise particular ranges in certain peering scenarios and this may mean that for certain plan types peering may be to a datacenter elsewhere in APAC. The broadest coverage/peering would be available to Business and Enterprise plans.

Even then, ultimately peering decisions are often the choice of the telco provider and some OZ telco providers make interesting choices on how to best serve their investors… i mean customers.

1 Like

I am getting the information from our Firewall. Which does Geo-location

If your firewall is trying to geo-locate Cloudflare IPs it will fail. When you proxy an IP address through Cloudflare the IP address we advertise is an anycast IP address. See @MarkMeyer’s initial response from 2 days ago.


This topic was automatically closed after 30 days. New replies are no longer allowed.