Question about Cloudflare Tunnel (Argo Tunnel)

I am trying out Cloudflare Tunnel recently, and I get the following error every time when I start the tunnel (with the command: cloudflared tunnel --url localhost:8000 --name tunnel):

ERR Unable to establish connection. error="already connected to this server, trying another address" connIndex=3

Despite having such error, the tunnel works completely fine. I would like to know if this is normal? Or have I done something wrong?

Debug Info:
cloudflared version: 2021.4.0 (built 2021-04-07-2111 UTC)
OS: MacOS 11.2.3

Log from cloudflared (some are redacted):

2021-04-17T02:45:48Z INF Reusing existing tunnel with this name tunnelID=<UUID>
2021-04-17T02:45:48Z INF Version 2021.4.0
2021-04-17T02:45:48Z INF GOOS: darwin, GOVersion: go1.16.2, GoArch: amd64
2021-04-17T02:45:48Z INF Settings: map[n:tunnel name:tunnel url:localhost:8000]
2021-04-17T02:45:48Z INF Generated Connector ID: <UUID>
2021-04-17T02:45:48Z INF cloudflared will not automatically update when run from the shell. To enable auto-updates, run cloudflared as a service: https://developers.cloudflare.com/argo-tunnel/reference/service/
2021-04-17T02:45:48Z INF Initial protocol h2mux
2021-04-17T02:45:48Z INF Starting metrics server on 127.0.0.1:49432/metrics
2021-04-17T02:45:49Z INF Connection <UUID> registered connIndex=0 location=SEA
2021-04-17T02:45:50Z INF Connection <UUID> registered connIndex=1 location=HKG
2021-04-17T02:45:51Z INF Connection <UUID> registered connIndex=2 location=SEA
2021-04-17T02:45:51Z ERR Unable to establish connection. error="already connected to this server, trying another address" connIndex=3
2021-04-17T02:45:52Z ERR Connection terminated error="already connected to this server, trying another address" connIndex=3
(The last two message keep repeating)

If you do cloudflared tunnel list, do you see any extra listings?

Not really, It just lists the only tunnel I created.

Output (Obtained while the tunnel is running):

ID                             NAME     CREATED               CONNECTIONS  
<UUID>                         tunnel   2021-04-16T06:58:27Z  1xHKG, 2xSEA

Normally there’s up to 4x connections to CF datacenters but looks like you’re just having problems establishing a connection with one of the CF datacenters. Your Tunnel should still work as there are 3 other connections to CF datacenters from your cloudflared instance.

Double check using netstat for port 7844 outbound connections, should be 4 connections though in your case could only be 3 which is still fine. That’s what the extra connections are for, redundancy :slight_smile:

netstat -plant | awk '/7844/ {print $1, $5, $6, $7}'

tcp 198.41.200.113:7844 ESTABLISHED 32324/cloudflared
tcp 198.41.200.13:7844 ESTABLISHED 32324/cloudflared
tcp 198.41.192.7:7844 ESTABLISHED 32324/cloudflared
tcp 198.41.192.167:7844 ESTABLISHED 32324/cloudflared
2 Likes

I see, thanks.

Interestingly, I just found that if I disable Cloudflare WARP (which was previously enabled when I was trying to use the tunnel), the 4th connection to CF datacenter established with no error at all. Maybe Cloudflare WARP causes this issue (just guessing)?

Yes @kynsonszetau , that is the reason.

Using both Cloudflare WARP and Tunnel in the same machine is not impossible (as you’ve seen, it works) but is really not meant to be the way.

Tunnel is meant to protect origins (e.g. your website serving users) so that it is only reachable via Cloudflare.
WARP is meant to protect users (e.g. you, browsing websites) so that all requests are done by Cloudflare on your behalf.

It’s of course not impossible that a user wants to have the protection of WARP and still serve Tunnels from his personal device; it just won’t be common.

3 Likes

Thanks for the clarification!

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.