Site not working with DNS Proxy

I have two domains registered with cloudflare, let’s call them domain1.com and domain2.com respecitvely.

I have an A record for home.domain1.com set to the IP address of my server, and recently added a cname record for photos.domain2.com to point home.domain1.com.

When the cname record for photos.domain2.com is not proxied, things seem to work fine. However enabling DNS proxying for this results in a 522 error.

I disabled the firewall on my server, so all incoming connections are allowed (and confirmed this by seeing the DROP rule stop appearing in the output of iptables -L.

Am I doing something wrong here? Is there a way to debug this further to see what exactly is prevent cloudflare’s servers from being able to access my server?

Taking a tcpdump of traffic to the ports 443 and 80, I can see some traffic from IP addresses that below to Cloudflare, but I only see TCP Retransmits.

9	19.641687	172.71.223.92	192.168.1.22	TCP	74	54198 → 80 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 SACK_PERM TSval=107289057 TSecr=0 WS=8192
10	20.662407	172.71.223.92	192.168.1.22	TCP	74	[TCP Retransmission] 54198  80 [SYN] Seq=0 Win=65535 Len=0 MSS=1460 SACK_PERM TSval=107290078 TSecr=0 WS=8192

Wireguard output of part of the capture above.
Any ideas why this is happening?

I tried changing the setup to avoid having photos.domain2.com be a CNAME.
I replaced it with an A record that points directly to the IP of my home server, and the site still doesn’t work with the DNS proxy enabled. When the DNS proxy is turned of I’m able to access the site without issue.

The server is hosted on a home Verizon FIOS connection if that’s relevant. Ports 80 and 443 are forwarded from the router to the server, and it is externally accessible. I’m able to reach the server from an Oracle Cloud VPS.

Any tips/links on how to solve this would be appreciated.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.