cloudflared
cloudflared copied to clipboard
Published
20 hours ago ā¢
cloudflare
cloudflare
šunable to contact origin when origin_request is set at top level of config
Describe the bug Unable to contact origin when origin_request is set at top level of config
To Reproduce Steps to reproduce the behavior:
- Configure the tunnel with origin_request parameters to the top level
tunnel: ....
credentials-file: .....
originRequest: # Top-level configuration
connectTimeout: 30s
noTLSVerify: true
warp-routing:
enables: true
ingress:
...
Expected behavior Ingress working....
Environment and versions
- Cloudflare Tunnel client 2023.2.1
Logs and errors
2023-02-12T11:21:30Z INF Warp-routing is enabled
2023-02-12T11:21:30Z INF Updated to new configuration config="{\"ingress\":[{\"service\":\"https://srv-infra.myorg.intra:8443\",\"hostname\":\"my-srv.my.org\"},{\"service\":\"http_status:404\"}],\"warp-routing\":{\"enabled\":true},\"originRequest\":{\"noTLSVerify\":true,\"originServerName\":\"\",\"caPool\":\"\",\"keepAliveConnections\":100,\"httpHostHeader\":\"\",\"disableChunkedEncoding\":false,\"proxyPort\":0,\"proxyType\":\"\",\"tlsTimeout\":10000000000,\"proxyAddress\":\"127.0.0.1\",\"connectTimeout\":30000000000,\"bastionMode\":false,\"tcpKeepAlive\":30000000000,\"noHappyEyeballs\":false,\"keepAliveTimeout\":90000000000}}" version=4
2023-02-12T11:21:59Z ERR error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp: lookup srv-infra.myorg.intra: i/o timeout" cfRay=7984f1a23cba153f-CDG ingressRule=0 originService=https://srv-infra.myorg.intra:8443
2023-02-12T11:21:59Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding to traffic from cloudflared: dial tcp: lookup srv-infra.myorg.intra: i/o timeout" connIndex=0 dest=https://my-srv.my.org/ ip=198.41.200.53 type=http
Additional context
The problem can be circumvented by configuring the origin_request parameters at the ingress level.
12/02/2023 12:47:382023-02-12T11:47:38Z INF Warp-routing is enabled
12/02/2023 12:47:382023-02-12T11:47:38Z INF Updated to new configuration config="{\"ingress\":[{\"service\":\"https://srv-infra.myorg.intra:8443\",\"hostname\":\"my-srv.my.org\",\"originRequest\":{\"noTLSVerify\":true}},{\"service\":\"http_status:404\"}],\"warp-routing\":{\"enabled\":true}}" version=5
However this type of configuration is not possible with the terraform provider, see https://github.com/cloudflare/terraform-provider-cloudflare/issues/2234.
