cloudflare / cloudflared

Cloudflare Tunnel client (formerly Argo Tunnel)

Home Page:https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Specify DNS resolver host:port when running tunnel

ikhwanperwira opened this issue · comments

Describe the feature you'd like
I expect there is --dns-resolver flag.

cloudflared --dns-resolver=127.0.0.1:10053 tunnel --hello-world

Describe alternatives you've considered
There is, but it's too overhead which I need to run the cloudflared binary in an emulator such as QEMU where I forward port traffic from port 53 in guest to the port 10053 in host.

Additional context
I noticed that, the binary program especially linux based was trying to read local DNS resolver which is [::1]:53. But, there is no local DNS resolver in Android (arm64). I have no root access in my phone to create local DNS server in port 53 as we know port range (0-1024) is reserved and only root access can listen it while I don't have root access. I expect the cloudflared is more user-space friendly instead of kernel-space access permision.

Here is as you see that I have error in this log which it tried to read port 53.

~/cf $ ./cloudflared-linux-arm64 --edge-bind-address=198.41.200.63 tunnel --hello-world
2024-04-08T06:25:57Z INF Thank you for trying Cloudflare Tunnel. Doing so, without a Cloudflare account, is a quick way to experiment and try it out. However, be aware that these account-less Tunnels have no uptime guarantee. If you intend to use Tunnels in production you should use a pre-created named tunnel by following: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps
2024-04-08T06:25:57Z INF Requesting new quick Tunnel on trycloudflare.com...
failed to request quick Tunnel: Post "https://api.trycloudflare.com/tunnel": dial tcp: lookup api.trycloudflare.com on [::1]:53: read udp [::1]:43308->[::1]:53: read: connection refused

I also thought bound specific edge address would resolve this issue, but yet it still need DNS resolver on port 53.

Therefore I expect I can just do this (add --dns-resolver flag)

 ./cloudflared-linux-arm64 --dns-resolver=127.0.0.1:10053 tunnel --hello-world

Therefore I can setup my DNS server in user-space port which is 10053 instead of kernel-space port that requires root previlege (port 53).