Weird timeout issue

To sum up : i’m the devops of a website which server is domain-level protected by CF, and i cannot HTTP access it anymore through CF firewall, it goes timeout.

So basically, the website DNS point towards 2x CF’s proxies, so when someone tries to reach it, it meets CF’s firewall first. Then the request may reach my server where some more internal protection may occur until the html is eventually sent back.

Since today, i can no more see my website via its domain from home, no matter what device nor browser i used (so it’s not local). I checked my server logs to see other clients are visiting normally via CF (so it’s not server). I even could see the site myself by cheating local host file so that i skip CF proxy to reach server directly, which works fine. Works okay also if i visit website through TOR or any proxy hidding my home IP.

But as soon as i try the protected way, CF seems to ignore me and server log receive no request from CF proxy nor me. I checked all Security settings, i even added my own home IP in whitelist at WAF and so on, nothing changes. I restarted server and computer even if it made no sense as they didn’t seem causing the issue, but did just in case, no change.

Seems CF blacklisted my home IP at a level i cannot see nor edit …
Anybody ever had such problem, and possibly, a fix ?

3 Likes

We seem to be having the same issues with a specific IP range with some random ISPs.

The affected blocks seem to be:

  • 188.114.97.0/24
  • 188.114.96.0/24

We’ve had reports from NL, AT and TR so far.

I can’t reproduce it myself (RO), but random parts of the world seem to fail on those IP ranges.

2 Likes

Okay so that could be something linked to worldwide internet pipelining - in those particular times of eastern europe tension that may or may not be related …

So for the record i can “fix” this artificially by duping my computer with local host file and skipping therefore the CF proxy protection, but i do not like the idea that some other webuser may be blocked also with no way to solve it, i’d rather see it fixed by CF (or by www service providers if that comes from routing …).

Same issue here. I have tested with different countries using a VPN. Italy, France were not working, instead there was no issue using Belgium, Poland IP

Thanks, sort of confirms znuffy’s suggestion upper.

Hello, i have the same issue for my website which is in HTTP can’t accesss it with dns random but some other dns it works also in some other countries its a worldwide problem please Cloudflare your dns have problems fix that for the love of god …

Same here from the Netherlands:

➜ curl --resolve hiber.global:80:188.114.96.0 http://hiber.global --connect-timeout 60
curl: (28) Connection timed out after 60001 milliseconds

The proxy works when I use https/port 443.

It works from Germany, so maybe some (too) broad blocking going on?

1 Like

All these locations report a timeout on port 80.

RU-Moscow(Anders)-1 | 37.252.254.62 / 2a00:11c0:1b:777::4
ES-Madrid(Interxion)-1 | 217.146.1.58 / 2a00:11c0:1e:777::4
AT-Vienna(Interxion)-5 | 37.120.212.158 / 2001:ac8:29:62::2
GB-London(Volta)-13 | 5.180.211.91 / 2a0d:5082:0:5::4
DE-Frankfurt(Interxion)-3 | 66.206.3.90 / 2604:4500:c:e::4
NL-Amsterdam(IronMountain)-2 | 62.212.75.22 / 2001:1af8:4400:a008:12::4

1 Like

There is a problem on the following Cloudflare block, it is impossible to access to websites by port 80 (HTTP) that are in the following CF block from the listed countries while HTTPS (443) works.

188.114.96.0/20

Tested countries: TR, AT, IT, FR,NL I dont know if there are other countries or not, probably there are.

Basically no one can access your website from above countries if your website is in the above CF IP block if they type your url as domain.com or http://domain.com on their browsers. Since no one types https://domain.com to their browser, therefore this issue is taking a serious level now as nobody can reach from above countries.

cf

There is also another problem on the block 188.114.96.0/20 that if you open https://domain.com/foldername it will fail and return timeout, but if you open https://domain.com/foldername/ then it will work. This is wrong.

I hope my message reach to CF network support people.

3 Likes

Hello, i have the same issue for my website which is in HTTP , mavanimes.co we can’t accesss it with dns random but some other dns it works also in some other countries its a worldwide problem please Cloudflare your dns have problems fix that for the love of god …

Hello

There is same problem all CF competible HTTP ports until yesterday. NL and TR Cloudflare domains not working, if remove proxy option working DNS only. but CF proxy not working . we cant access any web site if active CF proxied from NL and TR
how can we connect CF support staff ?

not only ipv4 is affected but also ipv6
2a06:98c1:3121::/64
2a06:98c1:3120::/64

[email protected]:~# wget mydomain.ro
–2022-03-18 07:29:55-- http://mydomain.ro/
Resolving mydomain.ro (mydomain.ro)… 2a06:98c1:3121::, 2a06:98c1:3120::, 188.114.96.0, …
Connecting to mydomain.ro (mydomain.ro)|2a06:98c1:3121::|:80… ^C

What’s the proper way to open a support ticket?

Same problem here on block 188.114.97.7 and 188.114.97.0 IPs.
Started about 19:00 UTC+1 on thursday.

Only port 80 is not working, 443 is fine.

Only working port is 443,

other ports 2053,2083,80 etc. ports aren’t working :confused:

Same problem here, on theese IPs:

188.114.96.15
188.114.97.15

Port 80 not working

Same issue here, IP’s 188.114.97.* and 188.114.96.*, also on IP6 2a06:98c1:3120 / 2a06:98c1:3121
Port 8443 not working

Same isssue here, 443 works fine but other ports like 80 or 2083 get timed out.

1 Like

Same problem here, HTTP website didin’t respond but HTTPS version did.
The problem seems to appear between yesterday and this morning (France)
DNS CF IPs
104.21.85.13
172.67.200.178

1 Like

Well, it seems that the problem affects whole Europe

1 Like

And same here, port 443 works but not port 80. Some providers work, others don’t. Same devices, different ISP in Sweden.

Tried turning on dev-mode and waited an hour, still no difference.
Tried the Cloudflare diagnostic tool and it hangs, nothing happens.

Cloudflare DNS 1.1.1.1 works but not Googles 8.8.8.8 or my home ISP’s DNS (Bahnhof). My mobile phone DNS works (Comviq).

Funny thing is that my old domains work normally but not the ones I created this monday.

1 Like