$tunnel-id.cfargotunnel.com -> Only AAAA result

Zero Trust Cloudflare Tunnel
1

What is the name of the domain?

any

What is the issue you’re encountering

$tunnel-id.cfargotunnel.com → Only AAAA result

What steps have you taken to resolve the issue?

It cannot be fixed with settings.

What are the steps to reproduce the issue?

Cloudflared is completely useless for IPv4 because when hosting a website or service behind a tunnel, the website or service becomes inaccessible. The issue lies in the fact that the CNAME record created for the tunnel only returns an AAAA record (IPv6).

This leads to the following situation:

In countries or regions where IPv6 is not supported, or with an internet provider that does not offer IPv6 services, your website or service becomes completely unavailable.

As a result, tunnels break the accessibility of your resource since users on IPv4 networks cannot connect. This is a critical issue that makes cloudflared potentially problematic for global services, where IPv4 support is still mandatory.

2

Change the record to proxied and you will get both IPv4 and IPv6.

I don’t believe unproxied CNAME records to tunnels work anyway.

1 Like
4

I am using a CNAME with the “proxied” option enabled, but $tunnel-id.cfargotunnel.com only returns an AAAA record, with no A record provided. This makes the service inaccessible for users on IPv4-only networks. This behavior appears to be a bug in Cloudflare.

5

What do you mean by that? You aren’t supposed to use that name directly.

1 Like
6

I mean what I wrote in the first message. When creating a tunnel and hosting a website behind it, the site becomes inaccessible from IPv4-only networks because the DNS server 1.1.1.1 returns only an AAAA record for CNAME entries like $tunnel-id.cfargotunnel.com.

For example, a visitor on an IPv4-only network tries to open example.com → (CNAME) $tunnel-id.cfargotunnel.com → AAAA record = fail.

7

No, that’s not how it works. The proxied CNAME record will be flattened to have both A and AAAA records.

This is only used internally by Cloudflare to determine where the traffic will be sent.

1 Like
8

Unfortunately, it doesn’t work. The A record is not provided, no matter what you claim. The website becomes inaccessible over IPv4.

9

What CNAME are you pointing to the Cloudflare Tunnel ?

1 Like
10

The CNAME record is automatically created (with the proxied option enabled) through the Cloudflared dashboard when creating a tunnel, and it is correct.

11

If you don’t want to share your domain with us, we’ll have to agree to disagree I guess.

I can keep repeating “There is an IPv4 address” and you will repeat the opposite, without either of us being able to convince the other.

12

test.ospanel.io
CNAME 15367fc0-1629-4c37-8bcb-7da33fa46afe.cfargotunnel.com

I have created a test website for you. This test website is not accessible on IPv4-only networks. It is only available on IPv6 networks or within the Cloudflare WARP network.

13

2025-01-26 035354

14

A (no answer)

2025-01-26 035508
2025-01-26 035508833×130 5.96 KB

15 
ospanel.io.             3600    IN      NS      thea.ns.cloudflare.com.
ospanel.io.             3600    IN      NS      lennon.ns.cloudflare.com.
;; Received 101 bytes from 65.22.161.17#53(b0.nic.io) in 28 ms

test.ospanel.io.        300     IN      A       172.66.42.229
test.ospanel.io.        300     IN      A       172.66.41.27
;; Received 76 bytes from 2a06:98c1:50::ac40:22f7#53(thea.ns.cloudflare.com) in 3 ms

And here a curl:

curl -s https://test.ospanel.io --ipv4


<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Simple Page</title>
    <style>
    body {
        font-family: Arial, sans-serif;
        text-align: center;
        margin: 0;
        padding: 0;
        background-color: #f4f4f9;
        color: #333;
    }
    h1 {
        margin-top: 20%;
        font-size: 2.5rem;
    }
    p {
        font-size: 1.2rem;
        color: #555;
    }
    </style>
</head>

<body>
    <h1>Welcome to My Simple Page</h1>
    <p>This is a basic HTML file.</p>
</body>

</html>
1 Like
16

Works fine on my IPv4-only ISP.

cloudflare_community_762228_simple_page_via_ipv4_only_network
cloudflare_community_762228_simple_page_via_ipv4_only_network924×412 11.4 KB

3 Likes
17

Thank you all, the issue has been resolved.

My solution:

  1. Run the following command in the Command Prompt (with administrator privileges) to flush the DNS cache:

    ipconfig /flushdns

  2. Restart your browser to ensure the changes take effect.

  3. If you are using Google Chrome, follow these additional steps:

    3.1. Open the DNS cache management page
    In the Chrome address bar, enter and navigate to the following URL:

    chrome://net-internals/#dns

    3.2. Clear the DNS cache
    On the opened page, click the “Clear host cache” button.

18

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.