hello
[root@host ~]# ping acme-v02.api.letsencrypt.org ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com (172.65.32.248) 56(84) bytes of data.ca80a1adb12a4fbdac5ffcbc944e9a61.pacloudflare.com ping statistics ---
[root@host ~]#
and trace
[root@host ~]# traceroute acme-v02.api.letsencrypt.org acme-v02.api.letsencrypt.org (172.65.32.248), 30 hops max, 60 byte packetscore23.fsn1.hetzner.com (213.239.229.9) 0.391 ms core24.fsn1.hetzner.com (213.239.229.13) 8.704 ms core23.fsn1.hetzner.com (213.239.229.9) 0.378 mscore1.fra.hetzner.com (213.239.224.86) 4.794 ms core0.fra.hetzner.com (213.239.224.66) 4.830 ms core4.fra.hetzner.com (213.239.224.90) 4.826 mscore9.fra.hetzner.com (213.239.224.178) 5.165 ms core8.fra.hetzner.com (213.239.224.217) 5.129 ms core9.fra.hetzner.com (213.239.224.221) 5.088 ms
Can you ping anything like?
ping cloudflare.com
And, what does this do
sudo traceroute -T -p 443 acme-v02.api.letsencrypt.org
2 Likes
honestly i cant ping cloudflare.com too, but i can ping all other sites like google and yahoo etc.
below is result:
[root@host ~]# sudo traceroute -T -p 443 acme-v02.api.letsencrypt.org acme-v02.api.letsencrypt.org (172.65.32.248), 30 hops max, 60 byte packetscore24.fsn1.hetzner.com (213.239.229.13) 0.602 ms core23.fsn1.hetzner.com ( 213.239.229.9) 3.199 ms core24.fsn1.hetzner.com (213.239.229.13) 0.593 mscore0.fra.hetzner.com (213.239.224.82) 4.813 ms core1.fra.hetzner.com (213. 239.224.86) 4.818 ms core5.fra.hetzner.com (213.239.224.78) 4.867 mscore9.fra.hetzner.com (213.239.224.174) 5.049 ms core9.fra.hetzner.com (213 .239.224.221) 5.092 ms 5.039 ms
rg305
August 18, 2023, 7:32am
5
Coincidently, "acme-v02.api.letsencrypt.org" is also on a Cloudflare network.
3 Likes
rg305
August 18, 2023, 7:34am
6
Do you have a real IPv4 IP?
EDIT:RFC 6598: IANA-Reserved IPv4 Prefix for Shared Address Space (rfc-editor.org) The Shared Address Space address range is 100.64.0.0/10."
Which equals the IP range:100.64.0.0 to 10.127.255.255
4 Likes
my server ip address is: 148.251.88.26
[root@host ~]# curl http://www.cloudflare.com/ www.cloudflare.com:80 ; Operation now in progress
You should contact Hetzner and ask them why you cannot ping Cloudflare or the Lets Encrypt API
From the trace route it looks like they are your hosting service. Right?
4 Likes
If you can't communicate with Cloudflare then roughly 20% of the internet won't work for you, so it's a big deal.
3 Likes
hetzner says there is no issue from our side and cloudflare says its not issue at our side too
i guess maybe cloudflare banned our server ip at their side
1 Like
A high quality global CDN (like Cloudflare, Amazon's CloudFront, and others) provide many benefits. Let's Encrypt supports a high-volume of transactions world-wide and using one avoids having to re-create a vast world-wide infrastructure.
It looks clear to me there is a comms routing problem and most likely in Hetzner or the comms infrastructure that they use.
You can't even connect to Cloudflare's website. You should press this issue with Hetzner.
3 Likes
linkp
August 18, 2023, 4:43pm
13
That is highly unlikely and the inability to ping cloudflare.com would not be a relevant indicator of that, even if it were the case.
5 Likes
Apparently your IP is blacklisted by one spam list, could be relevant
https://whatismyipaddress.com/blacklist-check
Easiest to get a new IP or use a different CA (ZeroSSL etc).
1 Like
system
September 18, 2023, 12:43am
15
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.