When a user from Australia is access our url https://digitalfundservice.feprecisionplus.com, Cloudflare is passing the Europe’s LDNS IP to the orgin, which is an azure traffic manager.
This creates a performance problem as traffic manager routes the traffic to the Europe for the users who are accessing from the Australia. Traffic Manager is configured to route the Australian requests to Australian Region, but because of this issue of Cloudflare passing Europe’s LDNS IP traffice manager is not able to route any traffic to Australian region.
This is not site access but name resolution, right?
In that case it is an issue with 188.8.131.52 and not your site itself. Cloudflare’s DNS service does not forward the client subnet to the authoritative nameserver. This is intentional that way.
Thank you Sandro for your response.
Do we have any solution for this ? How do I get around this problem ? This is really defeating the purpose of having our web application Geo located.
Can you find out which DNS resolver that user is using? As @sandro said, if it’s 184.108.40.206, it may be hiding the user’s general location, thus confusing the geo routing.
For me, even in California using a regular resolver, I get this in the header:
Cloudflare has an option “True-Client-IP Header” under network, do you think turning it on will help by any means,
This only applies to sites which are served by Cloudflare.
I don’t think what you had mentioned applies to this case.
I took the Cloudflare trace from the Australia location from the below Url, I could see that it’s reaching AUS location, i don’t think DNS resolver is playing any role till here.
Trace Output, Location=AU, Colo=SYD
uag=Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36
An IT person from our organization suggests, if Cloudflare could be caching the DNS globally and that could be a potential reason for traffic being routed to EUW from all location.
So your site is proxied through Cloudflare and not just resolved via their DNS resolver? That is a different scenario from what you initially suggested.
Sorry, if that got misinterpreted, do we have any solution to this problem. Though, Australian Cloudflare center receives this request why would it route the traffic to Europe Region?
Generally that is addressed in Peering - Why don't I reach the closest datacenter to me?
There are two (and more) factors involved. The routing of your ISP and which datacentres Cloudflare assigns for certain plans. The former can only be influenced by your ISP, the latter comes down to your plan level.
Sandro, my colleague will have gone home; but, can I clarify that when you say data centre that you mean Cloudflare’s data centre. As the trace that that Rufus posted shows the query going to the closest Cloudflare data centre.
The mystery, for us, then is why does the Australian Cloudflare data centre end up connecting to the an European webapp (Azure).
Our setup has the webapps, for Australia and Europe, under a Traffic Manager, we’d expect the Traffic Manager to have told Cloudflare to use the Australian webapp.
Out IT colleague’s conjecture is that, from another call, cloud flare had globally cached the initial response from the Traffic Manager and so now was going straight to cached address and because we don’t have our Australian site fully up in anger that cached response will have been European.
Okay, this is now the confusing part. Are you saying you set up your Cloudflare account with IP address of Azure? What kind of IP addresses are these? Unicast or anycast?
Not sure what you mean - we have a CNAME to an Azure Traffic Manager that is in geographical mode; does that answer your question.
digitalfundservice is an alias of fundservice-plusdigitaleuwprod.trafficmanager.net Automatic
Well, that address does not seem to be different from region to region as it always returns the same IP address. So that IP is either Anycast, in which case the routing from Cloudflare’s datacentre to Azure would depend once more on the networks inbetween or it is Unicast in which case it will always be routed to the same datacentre, regardless of where Cloudflare is located.
Thats something you would need to clarify with Microsoft however. From the log excerpt above it would seem as if your Cloudflare request is actually routed to Cloudflare’s Australian datacentre. Wherever that request is subsequently forwarded to really comes down to what you configure and how that IP address is eventually routed.
Thanks, just checking an idea out at this end - it won’t be until Monday that we’ll be able to confirm something.
But we re-did some testing and we were hitting our Australian site, but I need to check with Rufus what his testing was.
This topic was automatically closed after 30 days. New replies are no longer allowed.