On Mon, Aug 5, 2024 at 9:34 PM Mark Sapiro <mark@msapiro.net> wrote:
On 8/5/24 10:30, Odhiambo Washington via Mailman-users wrote:
Actually, what I mean is that CF is proxying requests to the host named m3-lists.kictanet.or.ke. I do not have any configuration other than DNS proxying at CF.
dig a mm3-lists.kictanet.or.ke ... mm3-lists.kictanet.or.ke. 300 IN A 172.67.167.73 mm3-lists.kictanet.or.ke. 300 IN A 104.21.11.217Both of those are cloudflare IPs, and why 2?
Yes, those are Cloudflare IPs and I don't know why 2! All I know is that in DNS, I created an A record for the hostname and chose the "proxy" option in the cloudflare DNS management interface.
So when you talk to m3-lists.kictanet.or.ke via a browser, it's CF IP who you talk to and it in turn talks to the host directly.
And how is that configured?
You add the domain - kictanet.or.ke to CF's control panel. They give you TWO name servers. You substitute the NSes your registrar gave to your domain for those two. Subsequently you create A|CNAME|MX\TXT records on the CF's control panel. You decide whether an A or CNAME record you create is proxy-ed or not. If you proxy the record, no one will ever get to know its real IP, but if you don't proxy, then the dig tool above will tell you the real IP address.
So the IP address you see in the logs is CF's IP address, not yours, not
mine and CF are doing some caching. That's why they are requesting for expired files.
Why is cloudfare trying to access /opt/mailman/mm/static/CACHE/css/output.6dab123e4897.css locally if all it is doing is proxying the request to the actual mailman server?
I don't know. However, those IPs you see in the Nginx logs, none belong to me! I have two possible IPs - one domiciled in KE and another domiciled in the US (when I use VPN).
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]