CurvePreferences Issue - Can you default to http2 with a command?

[kmtchl]

Hello

I've been getting the following error for 1-2 minutes running a tunnel

ERR Failed to create new quic connection error="failed to dial to edge with quic: INTERNAL_ERROR (local): tls: CurvePreferences includes unsupported curve" connIndex=0 event=0 ip=...

It will eventually fallback to http2 and use that which runs successfully. Is there a way to make the tunnel run command use http2 by default? Additionally, do you know why the CurvePreferences error is occurring? I saw a similar issue listed back in January 2024 on the cloudflare version here: https://github.com/cloudflare/cloudflared/issues/1148.

Any help appreciated! Thanks.

[milgradesec]

Hi! I think that issue was fixed in a previous release, upgrading should solve the problem.

[milgradesec]

https://github.com/cloudflare/cloudflared/blob/7deb4340b4cce5b2555c8c7299ffa6ba2ee1b5f3/cmd/cloudflared/tunnel/subcommands.go#L126

The --protocol flag can be used to force http2.

See https://github.com/cloudflare/cloudflared/blob/7deb4340b4cce5b2555c8c7299ffa6ba2ee1b5f3/connection/protocol.go#L15