While KBP is rerouted "cloudflared" sites won't loads

Website, Application, Performance DNS & Network
1

Hi.
Since Sunday I experience troubles with access to sites what use Cloudflare. They do not give any error or captcha - simply do not load. Browsers (Chrome, Firefox and Opera) give me “connection timeout” error.
Let’s take patreon.com as example.
I can ping it:

ping patreon.com

ping patreon.com
PING patreon.com (104.16.6.49) 56(84) bytes of data.
64 bytes from 104.16.6.49: icmp_seq=1 ttl=58 time=17.2 ms
64 bytes from 104.16.6.49: icmp_seq=2 ttl=58 time=18.8 ms
64 bytes from 104.16.6.49: icmp_seq=3 ttl=58 time=17.3 ms
64 bytes from 104.16.6.49: icmp_seq=4 ttl=58 time=17.3 ms
64 bytes from 104.16.6.49: icmp_seq=5 ttl=58 time=17.2 ms
64 bytes from 104.16.6.49: icmp_seq=6 ttl=58 time=17.2 ms
64 bytes from 104.16.6.49: icmp_seq=7 ttl=58 time=17.7 ms
64 bytes from 104.16.6.49: icmp_seq=8 ttl=58 time=17.2 ms
patreon.com ping statistics —
8 packets transmitted, 8 received, 0% packet loss, time 7010ms
rtt min/avg/max/mdev = 17.254/17.546/18.839/0.516 ms

2

I can traceroute it:

traceroute patreon.com

traceroute patreon.com
traceroute to patreon.com (104.16.7.49), 30 hops max, 60 byte packets
1 109-108-XX-X.kievnet.com.ua (109.108.XX.X) 0.862 ms 1.072 ms 1.325 ms
2 CORE-MX204-80G.kievnet.com.ua (92.244.96.21) 0.568 ms 0.537 ms 0.508 ms
3 MX204-40G-WR.kievnet.com.ua (92.244.96.77) 0.449 ms 0.429 ms 0.399 ms
4 te0-7-0-5.ccr22.kbp01.atlas.cogentco.com (149.6.190.41) 1.040 ms 1.044 ms 0.975 ms
5 be2047.ccr22.bts01.atlas.cogentco.com (154.54.60.205) 17.087 ms 17.078 ms 17.077 ms
6 be3463.ccr52.vie01.atlas.cogentco.com (154.54.59.185) 18.283 ms 18.459 ms 18.431 ms
7 cloudflare.demarc.cogentco.com (149.6.174.66) 29.520 ms 28.333 ms 28.325 ms
8 104.16.7.49 (104.16.7.49) 17.416 ms 17.392 ms 17.396 ms

3

I can dig it:

dig patreon.com @1.1.1.1

dig patreon.com @1.1.1.1

; <<>> DiG 9.10.3-P4-Ubuntu <<>> patreon.com @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31258
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;patreon.com. IN A

;; ANSWER SECTION:
patreon.com. 182 IN A 104.16.6.49
patreon.com. 182 IN A 104.16.7.49

;; Query time: 23 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Mon Jan 31 23:26:36 EET 2022
;; MSG SIZE rcvd: 72

And, as I see, Ukrainian traffic was routed to server in Russia.

dig +tcp @1.1.1.1 id.server CH TXT

bondd@bondd-mint ~ $ dig +short CHAOS TXT id.server @1.1.1.1
“LED”
bondd@bondd-mint ~ $ dig +short CHAOS TXT id.server @1.0.0.1
“LED”
bondd@bondd-mint ~ $ dig +tcp @1.1.1.1 id.server CH TXT

; <<>> DiG 9.10.3-P4-Ubuntu <<>> +tcp @1.1.1.1 id.server CH TXT
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39065
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;id.server. CH TXT

;; ANSWER SECTION:
id.server. 0 CH TXT “LED”

;; Query time: 23 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Mon Jan 31 22:48:14 EET 2022
;; MSG SIZE rcvd: 54

bondd@bondd-mint ~ $ dig +tcp @1.0.0.1 id.server CH TXT

; <<>> DiG 9.10.3-P4-Ubuntu <<>> +tcp @1.0.0.1 id.server CH TXT
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57160
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;id.server. CH TXT

;; ANSWER SECTION:
id.server. 0 CH TXT “LED”

;; Query time: 24 msec
;; SERVER: 1.0.0.1#53(1.0.0.1)
;; WHEN: Mon Jan 31 22:49:02 EET 2022
;; MSG SIZE rcvd: 54

And possible what roots of problem are in routing to LED. Because there are active war between out countries and sites blocking from both sides. So I can access patreon.com only with Opera’s VPN, or from work (where Cloudflare rerouted to OTP or PRG).

4

KBP is back online. Some sites finally return to working state. But patreon.com still unaccessible.
https://1.1.1.1/help shows “Cloudflare Data Center - DME”. Serving sites from Moskow, when KBP is online - really?

5

One day patreon was work and than again timeout without notices or captcha.
I hate using VPN for daily routine site.

firefox_2022-02-07_09-40-06
firefox_2022-02-07_09-40-061258×681 17.5 KB

6

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.