Port/IP Listener setup

Should be still supported

You could also try to set TUNNEL_DNS_ADDRESS as environment variable.

Just to check my YAML then

proxy-dns: true
proxy-dns-port: 5053
address: 0.0.0.0
proxy-dns-upstream:
  - https://1.1.1.1/dns-query
  - https://1.0.0.1/dns-query

It doesn’t seem to pick it up when I reload the service

syslog

Jul 30 07:35:09 pihole cloudflared[21142]: INFO[2020-07-30T07:35:09+01:00] Version 2020.7.0
Jul 30 07:35:09 pihole cloudflared[21142]: INFO[2020-07-30T07:35:09+01:00] GOOS: linux, GOVersion: go1.12.9, GoArch: amd64
Jul 30 07:35:09 pihole cloudflared[21142]: INFO[2020-07-30T07:35:09+01:00] Environment variables map[config:/etc/cloudflared/config.yml no-autoupdate:true origincert:/etc/cloudflared/cert.pem proxy-dns:true proxy-dns-port:5053 proxy-dns-upstream:https://1.1.1.1/dns-query, https://1.0.0.1/dns-query]
Jul 30 07:35:09 pihole cloudflared[21142]: INFO[2020-07-30T07:35:09+01:00] Adding DNS upstream - url: https://1.1.1.1/dns-query
Jul 30 07:35:09 pihole cloudflared[21142]: INFO[2020-07-30T07:35:09+01:00] Adding DNS upstream - url: https://1.0.0.1/dns-query
Jul 30 07:35:09 pihole cloudflared[21142]: INFO[2020-07-30T07:35:09+01:00] Starting DNS over HTTPS proxy server on: dns://localhost:5053
Jul 30 07:35:09 pihole cloudflared[21142]: INFO[2020-07-30T07:35:09+01:00] Starting metrics server on 127.0.0.1:33699/metrics

cloudflared service status

~# systemctl status cloudflared
* cloudflared.service - Argo Tunnel
   Loaded: loaded (/etc/systemd/system/cloudflared.service; enabled; vendor preset: enabled)
   Active: active (running) since Thu 2020-07-30 07:35:09 BST; 3h 26min ago
 Main PID: 21142 (cloudflared)
    Tasks: 7 (limit: 4915)
   Memory: 7.2M
   CGroup: /system.slice/cloudflared.service
           `-21142 /usr/local/bin/cloudflared --config /etc/cloudflared/config.yml --origincert /etc/cloudflared/cert.pem --no-autoupdate

Then I’d open an issue at https://github.com/cloudflare/cloudflared/issues

As far as I can tell they still use the value

Ok thanks. Actually I think that option is only for the command line and the yaml option is different. However, although it works, no tcp port is created on 5053 (tcp6, udp & udp6 are created).

Just a little bit more, I tried this yaml - with the proxy-dns-address option

proxy-dns: true
proxy-dns-port: 5053
proxy-dns-address: 0.0.0.0
proxy-dns-upstream:
  - https://1.1.1.1/dns-query
  - https://1.0.0.1/dns-query

which results in

[email protected]:~# netstat -nlput
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN      383/master
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      19814/lighttpd
tcp        0      0 127.0.0.1:4711          0.0.0.0:*               LISTEN      20989/pihole-FTL
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      19814/lighttpd
tcp        0      0 127.0.0.1:35861         0.0.0.0:*               LISTEN      23720/cloudflared
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      20989/pihole-FTL
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      182/sshd
tcp6       0      0 ::1:25                  :::*                    LISTEN      383/master
tcp6       0      0 :::5053                 :::*                    LISTEN      23720/cloudflared
tcp6       0      0 ::1:4711                :::*                    LISTEN      20989/pihole-FTL
tcp6       0      0 :::80                   :::*                    LISTEN      19814/lighttpd
tcp6       0      0 :::53                   :::*                    LISTEN      20989/pihole-FTL
tcp6       0      0 :::22                   :::*                    LISTEN      182/sshd
udp        0      0 0.0.0.0:52305           0.0.0.0:*                           77/avahi-daemon: ru
udp        0      0 0.0.0.0:53              0.0.0.0:*                           20989/pihole-FTL
udp        0      0 0.0.0.0:68              0.0.0.0:*                           283/dhcpcd
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           77/avahi-daemon: ru
udp6       0      0 :::53                   :::*                                20989/pihole-FTL
udp6       0      0 :::5053                 :::*                                23720/cloudflared
udp6       0      0 :::5353                 :::*                                77/avahi-daemon: ru
udp6       0      0 :::34812                :::*                                77/avahi-daemon: ru

note the tcp port is not created on 5053.

I also tried a systemctl override to include the --address command line option with the same result.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.