Weird periodic timeout with Cloudflare Tunnel

Dear community,

I recently switched to Cloudflare tunnels. Now my traffic is halted every about 45 seconds for an instant:

Any idea what is causing this, how to debug this?

@abe a weird one.

I assume it is the Russians :blue_heart::yellow_heart:

But some Cloudflare logs to support may help.

Thanks @cscharff! I agree that it will be hard to debug with out connector logs. If you could open a support ticket and provide cloudflared logs with the loglevel set to debug we can take a better look at this one.

Will do, thanks.
Is there a way to set the log-level without restarting the cloudflared client? Currentily running on linux as a systemd service.
I’d like to avoid the downtime.

Yes, in this scenario, you can modify the config.yml and start another cloudflared process. This new process will pick up the updated config.yml and the you can gracefully shutdown the initial connector running a previous configuration. Here is a helpful write-up on how this works.

Thank you @abe! That helped.
I created a log file and opened a ticket #2419503.

Besides the Cloudflared Tunnel log file https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/configuration/arguments/#logfile there’s also metric stats too https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/configuration/arguments/#metrics. You can access when configured via curl -s 127.0.0.1:5432/metrics

Are you using CF Tunnel behind any load balancers like Cloudflare Load Balancer? Are you using CF Tunnel in http2 or quic protocol mode https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/configuration/arguments/#protocol ? If you didn’t set protocol in config YAML file, then it would be http2.

I ask as I have any more instability with CF Tunnel with quic protocol mode behind CF Load Balancer which I didn’t have with the Tunnels in http2 protocol mode.

Metrics file

No load balancers. Pattern is the same with both http2 and quic.

@abe Any Idea how long it will take for the support to reply?

Initial response was quite fast, an engineer asked me for a HAR file. I told him that I can’t supply one, it’s an API endpoint only, I don’t control most of the client applications, and my own requests never fail.

That was four days ago. Since then, no reply.

Thanks for the ticket number - I’ll take a look as well.

2 Likes