Score:1

TCP handshake not completing intermittently to specific Cloudflare node

cn flag

I have setup a webpage with Cloudflare that works nearly all of the time, except occasionally the TCP handshake fails with the SYN+ACK not making it to Cloudflare. On a packet capture from another machine on the network with the server, I can see the SYN arrive, the SYN+ACK is sent, but no ACK arrives, instead retried SYN packets come in and are replied to (see Wireshark log below). Users eventually receive a 522 Timeout error page from Cloudflare.

From the data I have gathered this only happens when users get routed through the Chicago Cloudflare node, and is only affecting users in central Canada/US (no reports of any issues from the east or west coasts).

These users ARE able to access the site fine if they attempt to connect directly by IP address (bypassing Cloudflare), even while refreshing the Cloudflare domain continues to timeout.

Happy to provide any more information as needed, but being an intermittent issue, may be hard to reproduce again.

enter image description here

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.