Unusual 521's with firewall whitelists

Hello, i have set up a firewall to block TCP connections for HTTP ports outside Cloudflare and recently i have seen a rather big spike in 521’s even though i have whitelisted all the IPv4/6 ranges listed at https://www.Cloudflare.com/ips/. Is this list still maintained?

(taken via Cloudflare API)

Yes, it is. There are a few other steps you can take in this Tip, https://community.Cloudflare.com/t/community-tip-fixing-error-521-web-server-is-down/42461. Can you share the domain name here?

Yeah sure, it is redxen.eu.

I have checked for any iptables or firewall rules but nothing was found, the only thing is suspect is IPv6 routing on my origin but that should be handled by the kernel with net.ipv6.conf.all.forwarding=1 as docker binds only to IPv6 in swarm mode on supported hosts. Is there a way to see where those 521’s come from? (IPv4/v6)

Edit: Different origins access via IPv4 and IPv6 as seen here by the cf-ray header

Can you share the rayid and time stamp from the 521 error page with support? Give them the steps to reproduce and they can look to see what issues were happening at the time.

To contact Cloudflare Customer Support, login & go to https://dash.Cloudflare.com/?account=support and select get more help. Please give Support the complete details and link to this Community post. Please share the ticket number here and I’ll keep an eye on progress.

The problem here is that i could not reproduce them at all. I will still create a ticket with all the details that i have about the problem.

1 Like

#1707245

1 Like

The number has dropped to almost 0. I will consider this as fixed for now and i will report back if it repeats without a known reason anytime. :smile:

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.