Resolved - Error 523 only from France ip zone, Ok with Canadian IP

Website, Application, Performance DNS & Network
1

Hello,

i am facing of a strange issue.
The website is hosted in canada (ovh) with Canadian ip.
Yesterday, I had 503 random errors only from the European area. The problem has become generalized little by little.
With a vpn connection and a Canadian ip everything works properly, but not from France…

I’ve followed this recommendations : https://support.cloudflare.com/hc/en-us/articles/115003011431#523error

My origin IP address is listed for A : Check
No railgun
SSL certificate good between CF and server because website is ok with Canadian ip.

Traceroute from Canadian IP with my computer:

traceroute MyWebsite.com
Result:
traceroute: Warning: MyWebsite.com has multiple addresses; using 104.26.11.189
traceroute to MyWebsite.com (104.26.11.189), 64 hops max, 52 byte packets
1 10.8.1.1 (10.8.1.1) 101.676 ms 103.771 ms 101.292 ms
2 37.120.205.241 (37.120.205.241) 101.620 ms 107.426 ms 101.836 ms
3 37.120.220.96 (37.120.220.96) 120.707 ms 120.112 ms 132.945 ms
4 te-1-5-2-0.bb1.fra2.de.m247.com (82.102.29.44) 101.063 ms 101.725 ms 101.841 ms
5 Cloudflare.peer.qix.ca (198.179.18.55) 101.604 ms 102.308 ms 102.391 ms
6 104.26.11.189 (104.26.11.189) 101.054 ms 108.652 ms 101.256 ms

Traceroute ip Cloudflare from Canadian IP with SSH on my server:

traceroute 104.26.11.189
traceroute to 104.26.11.189 (104.26.11.189), 30 hops max, 60 byte packets
1 144.217.253.252 (144.217.253.252) 0.455 ms 0.560 ms 0.694 ms
2 10.50.48.60 (10.50.48.60) 0.111 ms 0.121 ms 0.142 ms
3 10.34.82.2 (10.34.82.2) 0.590 ms 10.34.82.0 (10.34.82.0) 0.454 ms 10.34.82.2 (10.34.82.2) 0.718 ms
4 10.74.8.160 (10.74.8.160) 0.533 ms 10.74.8.150 (10.74.8.150) 0.114 ms 0.153 ms
5 10.95.81.8 (10.95.81.8) 0.997 ms 10.95.81.10 (10.95.81.10) 1.444 ms 10.95.81.8 (10.95.81.8) 3.952 ms
6 be100-1324.chi-5-a9.il.us (192.99.146.141) 18.113 ms 18.307 ms 18.295 ms
7 13335.chi.equinix.com (208.115.136.180) 18.212 ms 18.195 ms be100-2.chi-5-a9.il.us (178.32.135.199) 18.236 ms
8 13335.chi.equinix.com (208.115.136.180) 20.269 ms 19.144 ms 18.526 ms
9 104.26.11.189 (104.26.11.189) 17.541 ms 17.522 ms 17.486 ms

Other Traceroute ip Cloudflare from Canadian IP with SSH on my server:

traceroute 198.179.18.55
traceroute to 198.179.18.55 (198.179.18.55), 30 hops max, 60 byte packets
1 144.217.253.252 (144.217.253.252) 0.408 ms 0.531 ms 0.675 ms
2 10.50.48.60 (10.50.48.60) 0.111 ms 0.147 ms 0.139 ms
3 10.34.82.2 (10.34.82.2) 0.562 ms 0.926 ms 1.451 ms
4 10.74.8.166 (10.74.8.166) 0.112 ms 10.74.8.160 (10.74.8.160) 0.691 ms 10.74.8.164 (10.74.8.164) 0.331 ms
5 10.95.81.10 (10.95.81.10) 1.282 ms 10.95.81.8 (10.95.81.8) 1.400 ms 1.653 ms
6 ymq-mtl3-bb1-a9.qc.ca (142.44.208.172) 1.490 ms ymq-mtl3-bb1-a9.qc.ca (142.44.208.174) 1.940 ms ymq-mtl3-bb1-a9.qc.ca (142.44.208.172) 1.971 ms
7 Cloudflare.peer.qix.ca (198.179.18.55) 1.998 ms 1.981 ms 1.978 ms
root@ns541216:~# traceroute 198.179.18.55
traceroute to 198.179.18.55 (198.179.18.55), 30 hops max, 60 byte packets
1 144.217.253.252 (144.217.253.252) 0.930 ms 0.914 ms 0.939 ms
2 10.50.48.60 (10.50.48.60) 0.145 ms 0.153 ms 0.146 ms
3 10.34.82.0 (10.34.82.0) 0.585 ms 10.34.82.2 (10.34.82.2) 0.581 ms 0.681 ms
4 10.74.8.148 (10.74.8.148) 0.588 ms 10.74.8.164 (10.74.8.164) 0.202 ms 0.204 ms
5 10.95.81.10 (10.95.81.10) 1.219 ms 10.95.81.8 (10.95.81.8) 1.240 ms 10.95.81.10 (10.95.81.10) 78.808 ms
6 ymq-mtl3-bb1-a9.qc.ca (142.44.208.174) 1.601 ms ymq-mtl3-bb1-a9.qc.ca (142.44.208.172) 1.999 ms 2.019 ms
7 Cloudflare.peer.qix.ca (198.179.18.55) 6.018 ms 5.970 ms 5.957 ms

Same issue for my ssh connexion: when I have a French ip I have broken pip error message. I can’t connect to my server.

The only thing that I have modified is DNSSEC few days agos. In doubt I have deactivated this option.
So how many time for propagation ? Fews days… I doubt this a cause…

I have opened a ticket to OVH too.

I don’t know where, who have the problem.

Nb: The problem appear progressively yesterday, some page with error 503. Refreshing the page resolved the problem… But it was really strange, it appeared only from France IP, the Canadian IP all is fine…

Please I NEED your Advice !!

2

That’s certainly perplexing. And that it’s getting worse isn’t helping.

The traceroutes they want are in the reverse direction. Because Cloudflare’s Edge Node can’t reach your server, they want a traceroute from your server back to the edge node. It’s going to take some digging to do this.

You’ll have to look through logs to find IP addresses that are affected. Which means connecting a bunch of times through France until it fails, then getting that IP address from your logs. And that’s tough because your logs are probably restoring visitor IP addresses. ‘netstat’ at your server might be the better approach to watch for connections, as that will give you the real IP address.

Hopefully your host can save you all this trouble by figuring it out on their own.

3

Thank you for your response.
Yes I am lost, I haver never saw this before… lol This is for me :wink:

Ray ID: 53d578b69e61cdc3 • 2019-11-29 15:03:59 UTC, Do you know if we can we have more info with the Ray id?

Can the ovh firewall cause this problem?

I look at the logs to find my happiness … I hope, but a the moment nothing

More troubling a few page works …
It’s illogical as a problem!

I am waiting for an answer from ovh, in the meantime I am looking for …

4

Update: For other people which encounter the same issue.
A traceroute from French ip, I was able to find a dns loop in the data center of OVH.
They confirm me this issue and they are working on it.

Issue resolved.

1 Like
5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.