I recently changed my nameservers on my Google Hosted Domains to try out Cloudflare and their proxying ability. I removed DNSSEC that was applied to my google hosted domains and then updated the nameservers to Cloudflare ones (did not switch registrar). It’s been a day since that change and I’m unable to get Cloudflare to resolve to my local webserver. I’m aware that hosts are proxied so when I do run a host on my domain, I get Cloudflare IPs. I’m wondering if DNSSEC is causing issues, google mentioned it would take 2 days for the changes to take effect.
I have an A record pointing to my external home IP, I have CNAMES in place for www and wildcard (aka *), I have port forwarding enabled on my router without IPS/DPS active, I have my host-based firewalls removed temporarily for troubleshooting, I’ve checked the border firewall for blocks related to Cloudflare.
I can traceroute from my webserver to the Cloudflare nameservers successfully. I’m able to visit my external IP and view the webpage successfully. However, I’m unable to access via my domain name. When I do resolve my domain name, it points to the Cloudflare servers which makes sense. I get an error 522 (from Cloudflare) when attempting to access my domain via web browser. Watching my access logs for nginx, I can see attempts via access my ip address directly but it doesn’t appear requests are making it to my home webserver when attempting to access through the domain.
Any help in troubleshooting would be great. Thank you!