Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


ERR_CONNECTION_RESET error with cloudflare proected sites
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

ERR_CONNECTION_RESET error with cloudflare proected sites

ReeRee Member

Having a problem I can't seem to figure out. When I load certain sites, such as lowendtalk.com, jquery.org, many others with a common connection of cloudflare.torontointernetexchange.net showing up in the tracert, I get an ERR_CONNECTION_RESET error in Chrome.

Hitting F5 enough times causes the site to eventually load, but that's a little annoying. After testing various things, I've found:

  • Only 1 of 3 PCs at home have the problem
  • The PC having problems can fire up a VM, and the VM doesn't have the problem
  • Eliminating the router and only using the cable modem has no effect
  • Resetting the cable modem and router has no effect
  • Chrome, Firefox and IE all have the problem
  • Connecting to the sites via a proxy solves the problem (but is not a perm solution)
  • Malware bytes found nothing

Any thoughts on what I should try, short of reinstalling Windows?

Comments

  • Have you cleared your caches/flushed dns etc?

    I had an old machine do that once every few weeks, it eventually went away.

  • ReeRee Member

    Yes. Tried private/incognito modes, which I saw people suggest elsewhere, and no help with that either.

  • The only thing I can think of is that this particular computer maybe has a custom DNS server set that is causing this problem..

  • ReeRee Member

    @4n0nx said:
    The only thing I can think of is that this particular computer maybe has a custom DNS server set that is causing this problem..

    All are using 8.8.8.8

  • Hey, Found a bunch of people with the same issue over at (the ISP) Shaw's support form: https://community.shaw.ca/thread/18440

    We've narrowed it down to not being DNS related already.

  • ReeRee Member

    @thejoshuawest said:
    Hey, Found a bunch of people with the same issue over at (the ISP) Shaw's support form: https://community.shaw.ca/thread/18440

    We've narrowed it down to not being DNS related already.

    Thanks for that, disabling ECN did the trick here!

  • CloudFlare is going nuts here... CF-Protected websites are barely loading and CF itself isn't loading either.. Trying login to disable "protection" for now.

  • ReeRee Member

    @DalekOfSkaro said:
    CloudFlare is going nuts here... CF-Protected websites are barely loading and CF itself isn't loading either.. Trying login to disable "protection" for now.

    Based on the fact that this just started happening to people on the 25th, and everything worked fine before then, I'm guessing that means they've made some hardware changes and maybe it wasn't a smooth roll-out!

  • @Ree: Actually, I've had issues with CF for a lot longer than that... Today's incident was the last straw.

  • First thank you for your post that's help me fix the thing with cloudflare. Im a WISP in Quebec and i experienced the same problem than you... I found the problem and send my info to cloudflare that fix it today... the problem came from ECN (Explicit Congestion Notification) and a bug in their router firmware that drop the connection when he see ECN packet. here my conversation with cloudflare...

    Luke Overend (CloudFlare)

    Feb 6, 7:48 AM

    Hi,

    We have found a bug in the version of firmware running on our router. We have put in a fix and the issue now looks to be resolved.

    Please check and advise if you see any further issues.

    Luke

    Best Regards,

    Luke Overend

    CloudFlare Support | https://support.cloudflare.com

    Luke Overend (CloudFlare)

    Feb 5, 3:29 AM

    Hi,

    I am now able to replicate via TORIX so will continue to investigate myself and update you as soon as we have a fix.

    Luke

    Best Regards,

    Luke Overend

    CloudFlare Support | https://support.cloudflare.com

    Luke Overend (CloudFlare)

    Feb 5, 2:36 AM

    Hi Patrick,

    Thanks for the info. I have been investigating ECN and how we deal with it and I cannot replicate the issue. I have tested against our servers in YYZ and also elsewhere but do not see any reset packets back.

    I have tested using DSCP 0x01 and also several other options including 0xff, I always see a SYN ACK back with DSCP set to 0x00. Do you know what bits were set in the DSCP header when you were seeing the RST packets? Also do you know what bits were set on the return packets?

    I have checked http://www.cloudflarestatus.com/ and I do not see any changes for the 23rd. I have checked the routers and there have been minor changes around these dates but nothing that should affect ECN.

    Is it possible for you to provide a tcpdump of the traffic? Are you able to replicate this using a test connection?

    Luke

    Best Regards,

    Luke Overend

    CloudFlare Support | https://support.cloudflare.com

    ssfwime

    Feb 4, 11:25 AM

    Hi,
    i found what causing prolem since a week. It's seem your router
    drop connection when he see any packet with Explicit Congestion
    Notification
    (ECN). I Have to remove any dscp mark on my traffic to
    get rid of been send a rst by your side...The problem seems appear a
    week ago... I start receive call about it around 25 january... I call my
    upstream provider Peer1 and he doesn't find anything on their side. The
    problem appear only when i access a website or any link that came from
    cloudflare... And im not the only one like message from forum my
    upstream provider send to me

  • @PCaddict said:
    First thank you for your post that's help me fix the thing with cloudflare. Im a WISP in Quebec and i experienced the same problem than you... I found the problem and send my info to cloudflare that fix it today... the problem came from ECN (Explicit Congestion Notification) and a bug in their router firmware that drop the connection when he see ECN packet. here my conversation with cloudflare...

    Yeah I opened a ticket on the 1st, so it took them about 5 days to finally fix it. They probably thought it was something on my end at first, so it's good you reported it as well.

    Around the time you opened your ticket I was transferred from Martijn to Luke, so I wonder if that was him escalating it when your ticket came in (since it proved it wasn't just me)

  • @DalekOfSkaro said:
    CloudFlare is going nuts here... CF-Protected websites are barely loading and CF itself isn't loading either.. Trying login to disable "protection" for now.

    I have been experiencing issue here and there for last 2/3 months now. Many times site will crawl when using CF and as soon as bypass it, everything will work fine. Have 5 tickets open with them but no "solution" :(

    I am just not able to find a good alternative (for a similar or comparable price) or I will ditch CF in a heart beat.

Sign In or Register to comment.