Problem accessing Digital Ocean Spaces Edge/CDN server via Cloudflare

I have a Digital Ocean Spaces (Object Storage Server) hosting located in Singapore. I have configured to access the Edge server of DO Spaces via a CNAME record of my Cloudflare account. So basically cdn.mysite.com points to the https://ebg-cloud-storage.sgp1.cdn.digitaloceanspaces.com

Right now I cant access any static files using the CNAME URL of Cloudflare. But the edge server’s contents are accessible from it’s own url.

When I try to access any random file using the Cloudflare’s url ), It gives a Connection timed out (ERROR 522) and says my browser and Cloudflare at Dhaka (I live in Dhaka, Bangladesh) is working fine but the problem lies in the Cloudflare url.

Thing is i tried to access the link from other ISPs network, it works fine. Just this problem is taking place when I access from my ISPs network. So assuming this problem is in my ISP’s network how do I ask them to fix this problem?

Can you do a
“dig cdn.mysite.com”
and a “dig mysite.com”
to check if on your side there is no problem with dns resolving problem and caching problems ?

please post what it is outputed here when you type the above command on your computer.

https://www.digitalocean.com/docs/networking/dns/resources/use-dig/

When it works with other isp but not with yours
something with the resolving is not right.

Hi thanks for your reply.
Here’s the dig output of cdn[.]mysite[.]com:

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 46114

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 65494

;; QUESTION SECTION:

;cdn[.]mysite[.]com/. IN A

;; Query time: 104 msec

;; SERVER: 127.0.0.53#53(127.0.0.53)

;; WHEN: Fri Dec 11 19:42:29 +06 2020

;; MSG SIZE rcvd: 54

And here’s the dig output of mysit[.]com

;; global options: +cmd

;; Got answer:

;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 49731

;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:

; EDNS: version: 0, flags:; udp: 65494

;; QUESTION SECTION:

;mysite[.]com. IN A

;; Query time: 66 msec

;; SERVER: 127.0.0.53#53(127.0.0.53)

;; WHEN: Fri Dec 11 19:43:00 +06 2020

;; MSG SIZE rcvd: 50

Can you try this:
Visit this URL from your ISP: cdn.example.com/cdn-cgi/trace (but put in your actual domain name).
Then try the same URL from that other ISP. They should each return a ‘colo’ line that shows which datacenter they’re using. I’d expect they’re different, but let us know which ones they are.

Are you using a custom domain in spaces?

That was my first thought, except OP says they can get to it through another ISP.

You’re right. When I am trying to access your trace url from my ISP the colo line says (colo=DAC), but when i’m trying to access it from another ISP the colo line says (colo=SIN). I believe DAC refers to Dhaka and this is the city i live in.

I think you will find another observation i made relevant. From My ISP’s network when I run a ping test to 1.1.1.1 the latency is around 4-5ms (This is accessing cloudflare’s server here in Dhaka). But from that other ISP the ping to 1.1.1.1 shows latency of around 60ms (which is usual latency from dhaka-singapore.

No I am not using any custom domain. The domain belongs to Digital Ocean spaces and I have mentioned it in my original post ( https://ebg-cloud-storage.sgp1.cdn.digitaloceanspaces.com)

4-5ms is impressive pingtime, but 60ms isn’t a disaster.

Best to open a Support Ticket and explain the situation now that you know which colo works and which doesn’t.

To contact Cloudflare Customer Support, login & go to https://dash.cloudflare.com/?account=support and select get more help. If you receive an automatic response that does not help you, please reply and indicate you need more help.

Actually i wasn’t complianing about the ping time. I was trying to corroborate the finding of different colo through the ping time.

Thanks, I will create a ticket explaining this situation to them.

You must use a custom domain according to the docs