Cloudflare connects me so far away
There is a server right near me, I get 1-2ms when pinging 1.1.1.1 but warp and https://speed.cloudflare.com/ connects me so far away. Zero trust is working with this too so it gives so much ping. Since there is no choose server button or anything, how can I fix this?
Internet Speed Test - Measure Network Performance | Cloudflare
Test your Internet connection. Check your network performance with our Internet speed test. Powered by Cloudflare's global edge network.
34 Replies
I check https://www.cloudflarestatus.com/ and it's Operational, I check by pinging 1.1.1.1 to confirm. And it still uses so far away servers when it comes to warp and zero trust.
Cloudflare Status
Welcome to Cloudflare's home for real-time and historical data on system performance.
Routing is not "closest location is fastest" but depends on more complex things such as your ISP's routing decisions/capacity.
WARP is also only available in specific locations. Not available in most smaller locations. What do you mean by "Zero Trust" works with that too? If you turn off warp/any vpn, do you get routed to the closest location on speed.cloudflare.com or on https://cloudflare.com/cdn-cgi/trace ?
WARP is also only available in specific locations. Not available in most smaller locations. What do you mean by "Zero Trust" works with that too? If you turn off warp/any vpn, do you get routed to the closest location on speed.cloudflare.com or on https://cloudflare.com/cdn-cgi/trace ?
I want to get the closest servers since all my clients are connecting from the same location as I am, to my servers. This makes them get a lot of ping which is not good. And the second thing that I said is warp and zero trust are connecting me to the far servers instead of closest, and low ping ones for me. But if warp is not possible on this location, then zero trust should be possible right? Or why else there is a server here if it's not used for anything.
Would need more information to say more, like the extra routing info I asked for above, but some locations are super small essentially enterprise only locations due to low capacity/high costs
Is it possible to choose the server like in other vpns? in warp or in zero trust. I'm just curious about those two at the same time so I'm asking at the same time.
Is it possible to choose the server like in other vpns? iNo. WARP doesn't really consider itself to be a vpn either, hence the lack of that option. It's more meant for security and speed. It's also quite possible ARN is the closest warp enabled location to you "Zero Trust" is vague and there's a lot of products within it. If you mean with CF Access or something, that's just behind the normal anycast cdn, so no but worth noting it inherits your website's plan for routing preference
So there is no way to host something with low ping without port forwarding?
For the clients that are in the same city/country as me
it's def possible, with Cloudflare or other, but for Cloudflare it just depends on their routing
If you go to: https://debug.chaika.me/?findColo=true, do any of them route locally to gyd?
I tried with some other isp here
and it shows this:
LLK is one of the cloudflare servers here, in other city but it doesn't connect me to there either in zero trust.
When GYD gets operational, it doesn't connect me to there too :d
AMS is better/more reasonable then ARN but yea looks like your isp's/their partners routing just don't take you locally.
tracert cloudflare.com may show some interesting information but probably not something that you could fixToday it shows it like this, but how can I know which one of theese shows cloudflare zero trust tunnels?
If you're using free plan, should have around the same routing as
local-free option. It looks unstable though considering higher plans don't get routed to it
You can go to https://<your-access-domain>/cdn-cgi/trace and look for the colo= line to see which you connect to for it
Tunnels themselves connect to a few closer locations without caring about your zone plan's routing, so you end up with something like:
User -> CF Colo (ex: LLK) -> CF Tunnel -> CF Tunnel Colo (ex: AMS) -> Cloudflared running locally.
You can check in your tunnel logs (journalctl -u cloudflared -f --lines=100 where its connecting
LLK's closer, yea? The magic of waiting for ISPs to fix their routing
:d
the closest is GYD, and second closest is LLK
I wonder if I call them about this, will they know what I'm talking about
depends on how big/nice your isp is
Hmm it gives internet to whole country, but it's a small country so I think I would only know that by trying calling
What does colo do?
CF colo
airport code of the Cloudflare datacenter you are connecting to
If you mean their actual use: It's what is processing your requests (decrypting ssl, handling locally if it can, proxying request to your origin otherwise, etc)
So it actls like a DNS server right?
For 1.1.1.1 it acts as a dns server, yes. For http request it's acting as the reverse proxy, like nginx
It's just the location Cloudflare has physical machines and is processing at (including http/dns/spectrum apps, etc)
Since there is literally no server for anything in my country, my wish is to get low ping from anything possible. Like when I host a minecraft server, everyone gets 500 ping from it :d
And that's because, relay servers are so far away
Can I ask how did you make that? I want to have something similar to that, that shows cloudflare servers
Just the same thing
But it doesn't give much information as chaika's
some ublock lists block /cdn-cgi/trace lol
but yea all I'm doing is using all of my own domains on the various plan levels that I know they're on
lol I wanted to be 100% sure what plan they were on
that was the issue with past community tools and why Matteo took his down
as far as I know and can see. Unrelated to this I have a ton of monitoring for https://delay.cloudflare.chaika.me/v2/locations, and my ent zones can reach every edge location, even ones like JNB, LIS, Jakarta, bom, etc
It's not like there's a special rate plan or anything for "champ ent zones", as far as I know and can see my zones are just the normal enterprise any paying customer would get as it's all negotiated outside of it anyway
yup
you have actual paid ent zone plans right? You could check your rate plan/subs vs the one on my ent acct
GET /zones/<zone-id>/subscription
I have Argo Smart Routing on the ent zone as well but it doesn't change the inbound IPs if already ent
If I did that for my biz/pro ones it'd destroy the routing comparsion lol
yea it is slightly different, that's interesting, the components/features for both look exactly the same though. I wonder if it's because the way they were assigned to me was in bulk (just 3 ent plans I could assign to any zone) vs manually assigned, or new vs old? It's curious you have a handler directly on there too
11 is a very specific number
well all this has done is make me more confused
cf's billing stuff is super confusing to begin with though, lots of weird rate plans like how the api calls free 0feeeeeeeeeee
still same component values/settings as normal ent plans though, 125 page rules, have all the same features. I think there's some special routing stuff like with the jurisdictional stuff but same base normal ent routing
just your global api key
nah I don't think so lol, thanks for sharing tho
interesting to look at the sites in the same subnet as one of my ent zone's ip https://bgp.tools/prefix/104.18.16.0/20#dns
ie.gamma.starbucks.com, napster.com.sg, r2.example.walshy.dev,
looks like quite are of those aren't ent sites but just using cf for saas and such
lol, they look like all like ent sites though
no lol was just joking
looking through the crt.sh certs for those domains is fun
there's really lazy public ways
You can just LB health check enterprise all data centers
congrats, all colos
tbh I don't know either and I've never asked any details or cared to learn, I'd rather do it my way
which is I just have VPS's with less then 1ms to LIS/SLC, PDX, etc
will always work and no external deps
the magic word obviously - please - fetch from colo url /s
I played around with making a fun idea with global lb health check -> worker -> worker websocket to durable object -> congrats live fetch from all colos
doubt that's what that does but was a fun idea to play with
not health checks but load balancer health checks with the
All Data center option
idk if it's all colos constantly but it's a lot of themHttp logpush shows I'm constantly seeing about 573 unique colo ids from a global lb health check
Yesterday I opened cdn-cgi/trace, and it showed LLK. But it was still connected to AMS. Is this normal? :d