Bobcares

WeSupport

Call Us! 1-800-383-5193
Call Us! 1-800-383-5193
Call Us! 1-800-383-5193

Need Help?

Emergency Response Time custom

Our experts have had an average response time of 11.98 minutes in June 2021 to fix urgent issues.

We will keep your servers stable, secure and fast at all times for one fixed price.

Traffic routed to the wrong CloudFront edge location

by | Jul 9, 2021

Stuck with traffic routed to the wrong CloudFront edge location? We can help you.

CloudFront routes traffic based on the distribution’s price class, associated geolocation databases, and EDNS0-Client-Subnet support.

At Bobcares we assist our customers with several AWS queries as part of our AWS Support Services for AWS users, and online service providers.

Today, let us see how our Support Techs resolve this CloudFront issue.

 

How to fix traffic routed to the wrong CloudFront edge location?

Depending on the combination of distribution’s price class, associated geolocation databases, and EDNS0-Client-Subnet support, your website’s viewers might be routed to an unexpected edge location.

This can increase the overall latency for retrieving an object from a CloudFront edge location.

In order to resolve the error, check the below three factors:

  • Firstly, the price class supports the edge location that you expect.
  • Next, the DNS resolver supports Anycast routing.
  • Finally, the DNS resolver supports EDNS0-Client-Subnet.

 

The price class supports the edge location that you expect

Check the edge locations that are included in the price class of your CloudFront distribution.

You can update the price class of your distribution if you want to include other edge locations.

 

The DNS resolver supports Anycast routing

If the DNS resolver supports Anycast routing, then there are multiple edge locations that the DNS resolver uses.

This means that a requester’s edge location is based on optimal latency, which might result in an unexpected location for the resolver’s IP address.

To check if the DNS resolver supports Anycast, run one of these commands multiple times:

Please remeber to replace example.com with the DNS resolver domain name that you’re using.

On Linux or macOS, run a dig command, similar to the following:

dig +nocl TXT o-o.myaddr.l.example.com

On Windows, run an nslookup command, similar to the following:

nslookup -type=txt o-o.myaddr.l.example.com

If the output includes the same IP address each time you run the command, then the DNS resolver doesn’t support Anycast.

If the output includes a different IP address each time you run the command, then the DNS resolver supports Anycast, which might explain an unexpected edge location.

The DNS resolver supports EDNS0-Client-Subnet

To determine how you can avoid incorrect routing, first check if the DNS resolver supports EDNS0-Client-Subnet by running one of these commands:

Remember to replace example.com with the DNS resolver domain name that you’re using.

On Linux or macOS, run a dig command, similar to the following:

dig +nocl TXT o-o.myaddr.l.example.com

On Windows, run an nslookup command, similar to the following:

nslookup -type=txt o-o.myaddr.l.example.com

Check the TTL value, and be sure to run the command when the TTL expires. Otherwise, you might get a cached response from the recursive resolver.

If the DNS resolver doesn’t support EDNS0-Client-Subnet, then the output is similar to the following:

$ dig +nocl TXT o-o.myaddr.l.example.com +short
"192.0.2.1"

In the previous example, 192.0.2.1 is the IP address of the closest DNS server that’s using Anycast. This DNS resolver doesn’t support EDNS0-Client-Subnet.

To avoid incorrect routing, you can do one of the following:

Change to a DNS resolver to a recursive DNS resolve that’s located geographically closer to your website’s clients.
Change to a DNS resolver that does support EDNS0-Client-Subnet.

If the DNS resolver supports EDNS0-Client-Subnet, then the output contains a truncated client subnet (/24 or /32) to the CloudFront authoritative name server, similar to the following:

$ dig +nocl TXT o-o.myaddr.l.example.com @8.8.8.8 +short
"192.0.2.1"
"edns0-client-subnet 198.51.100.0/24"

In the previous example, 192.0.2.1 is the closest DNS resolver IP address.

To avoid incorrect routing when the DNS resolver does support EDNS0-Client-Subnet, confirm that a public geolocation database associate with the client-subnet range that’s sending the query to the DNS resolver.

If the DNS resolver is forwarding the truncate version of the client IP addresses to CloudFront name servers, then CloudFront checks a database that’s based on several public geolocation databases.

The IP addresses must correctly map in the geolocation database so that requests are routed correctly.

If the DNS resolver supports EDNS0-Client-Subnet, you can verify the edge location that traffic is routed to by first resolving your CloudFront CNAME by running a DNS lookup command like dig:

$ dig dftex7example.cloudfront.net. +short
13.224.77.109
13.224.77.62
13.224.77.65
13.224.77.75

Then, run a reverse DNS lookup on the IP addresses that return from the previous command:

$ dig -x 13.224.77.62 +short
server-13-224-77-62.man50.r.cloudfront.net.

In the previous example, the traffic route to the Manchester edge location.

 

[Need assistance with CloudFront? We are available 24*7]

 

Conclusion

Today, we saw how our Support Techs resolved Traffic routed to the wrong CloudFront edge location.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

AWS Support

Use your time to build great apps. Leave your servers to us.

Managing a server is time consuming. Whether you are an expert or a newbie, that is time you could use to focus on your product or service. Leave your server management to us, and use that time to focus on the growth and success of your business.

TALK TO USOr click here to learn more.
AWS Support

Use your time to build great apps. Leave your servers to us.

Managing a server is time consuming. Whether you are an expert or a newbie, that is time you could use to focus on your product or service. Leave your server management to us, and use that time to focus on the growth and success of your business.

TALK TO USOr click here to learn more.

Categories:

Tags:

Privacy Preference Center

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]
PHPSESSID
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

_ga, _gat, _gid
_ga, _gat, _gid
smartlookCookie

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

IDE, test_cookie, 1P_JAR, NID, DV, NID
IDE, test_cookie
1P_JAR, NID, DV
NID
hblid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

SID, APISID, HSID, NID, PREF
SID, APISID, HSID, NID, PREF