TUN-6043: Allow UI-managed Tunnels to fallback from QUIC but warn about that
This commit is contained in:
Nuno Diegues
parent
def8f57dbc
commit
7a6ab54fcb
|
|
@ -216,6 +216,7 @@ func prepareTunnelConfig(
|
||||||
)
|
)
|
||||||
|
|
||||||
transportProtocol := c.String("protocol")
|
transportProtocol := c.String("protocol")
|
||||||
|
protocolFetcher := edgediscovery.ProtocolPercentage
|
||||||
|
|
||||||
cfg := config.GetConfiguration()
|
cfg := config.GetConfiguration()
|
||||||
if isNamedTunnel {
|
if isNamedTunnel {
|
||||||
|
|
@ -227,7 +228,20 @@ func prepareTunnelConfig(
|
||||||
features := append(c.StringSlice("features"), supervisor.FeatureSerializedHeaders)
|
features := append(c.StringSlice("features"), supervisor.FeatureSerializedHeaders)
|
||||||
if c.IsSet(TunnelTokenFlag) {
|
if c.IsSet(TunnelTokenFlag) {
|
||||||
if transportProtocol == connection.AutoSelectFlag {
|
if transportProtocol == connection.AutoSelectFlag {
|
||||||
transportProtocol = connection.QUIC.String()
|
protocolFetcher = func() (edgediscovery.ProtocolPercents, error) {
|
||||||
|
// If the Tunnel is remotely managed and no protocol is set, we prefer QUIC, but still allow fall-back.
|
||||||
|
preferQuic := []edgediscovery.ProtocolPercent{
|
||||||
|
{
|
||||||
|
Protocol: connection.QUIC.String(),
|
||||||
|
Percentage: 100,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
Protocol: connection.HTTP2.String(),
|
||||||
|
Percentage: 100,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
return preferQuic, nil
|
||||||
|
}
|
||||||
}
|
}
|
||||||
features = append(features, supervisor.FeatureAllowRemoteConfig)
|
features = append(features, supervisor.FeatureAllowRemoteConfig)
|
||||||
log.Info().Msg("Will be fetching remotely managed configuration from Cloudflare API. Defaulting to protocol: quic")
|
log.Info().Msg("Will be fetching remotely managed configuration from Cloudflare API. Defaulting to protocol: quic")
|
||||||
|
|
@ -274,7 +288,7 @@ func prepareTunnelConfig(
|
||||||
}
|
}
|
||||||
|
|
||||||
warpRoutingEnabled := isWarpRoutingEnabled(cfg.WarpRouting, isNamedTunnel)
|
warpRoutingEnabled := isWarpRoutingEnabled(cfg.WarpRouting, isNamedTunnel)
|
||||||
protocolSelector, err := connection.NewProtocolSelector(transportProtocol, warpRoutingEnabled, namedTunnel, edgediscovery.ProtocolPercentage, supervisor.ResolveTTL, log)
|
protocolSelector, err := connection.NewProtocolSelector(transportProtocol, warpRoutingEnabled, namedTunnel, protocolFetcher, supervisor.ResolveTTL, log)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, nil, err
|
return nil, nil, err
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -235,6 +235,15 @@ func selectNextProtocol(
|
||||||
_, hasFallback := selector.Fallback()
|
_, hasFallback := selector.Fallback()
|
||||||
|
|
||||||
if protocolBackoff.ReachedMaxRetries() || (hasFallback && isNetworkActivityTimeout) {
|
if protocolBackoff.ReachedMaxRetries() || (hasFallback && isNetworkActivityTimeout) {
|
||||||
|
if isNetworkActivityTimeout {
|
||||||
|
connLog.Warn().Msg("If this log occurs persistently, and cloudflared is unable to connect to " +
|
||||||
|
"Cloudflare Network with `quic` protocol, then most likely your machine/network is getting its egress " +
|
||||||
|
"UDP to port 7844 (or others) blocked or dropped. Make sure to allow egress connectivity as per " +
|
||||||
|
"https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/configuration/ports-and-ips/\n" +
|
||||||
|
"If you are using private routing to this Tunnel, then UDP (and Private DNS Resolution) will not work" +
|
||||||
|
"unless your cloudflared can connect with Cloudflare Network with `quic`.")
|
||||||
|
}
|
||||||
|
|
||||||
fallback, hasFallback := selector.Fallback()
|
fallback, hasFallback := selector.Fallback()
|
||||||
if !hasFallback {
|
if !hasFallback {
|
||||||
return false
|
return false
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue