Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IRTT and Cloudflare tunneling support/setup? #39

Open
Kodalem opened this issue Apr 20, 2023 · 1 comment
Open

IRTT and Cloudflare tunneling support/setup? #39

Kodalem opened this issue Apr 20, 2023 · 1 comment

Comments

@Kodalem
Copy link

Kodalem commented Apr 20, 2023

I am trying to getting IRTT Server to work with Cloudflare(d) Tunneling Access service. Explanation and documentation here https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/

I have done the following:
Using the WARP client which allows UDP packets, which this documentation has said it uses - it cannot connect to the host server from the client terminal over the domain using my own domain and tunneling settings with the port of 2112.
Using the basic tunneling option over HTTP, HTTPS, SMD, SSH and TCP service with localhost as the address, also the server in the terminal irtt server -b irtt.XXXXX.com:2112 -d 0 -i 0 --hmac=XXXXX --fill=rand and irtt server -b localhost:2112 -d 0 -i 0 --hmac=XXXXX --fill=rand - same story, it cannot connect to the host server from the client terminal over the domain using my own domain and tunneling settings with the port of 2112 or any other one.

It works only in the local internet environment and perfectly without any hiccups.

I do not have any option to open up the ports through my own home ISP nor the university laboratories due to security concerns, which is why I use and force to use tunneling. Tunneling has been successful before and the reason why I am trying to get it to work with hosting a smokeping service and website to do my research in internet load latency measurement and networking. Currently relegating to use fping and DNS's dig probes instead as a replacement to get data from my satellite connected smokeping's child's packet to the parent.
@heistp
Copy link
Owner

heistp commented Apr 21, 2023

Hi, I have not read all the documentation for the Cloudflare tunneling access service, but you would need to make sure that incoming packets into their network aren't blocked for any reason, and that they get to you. I would use tcpdump/wireshark to find out if any UDP/2112 packets are arriving to your server, or not. If not, that suggests there's something in the tunnel config to look at.

That said, instead of binding to an IP, you could also test it with irtt server --set-src-ip -d 0 -i 0 --hmac=XXXXX --fill=rand. That way, regardless of what address the UDP/2112 packets are coming in on, the irtt server will receive them, and at the same time, outgoing packets will use the same address they came in on, to avoid any potential routing problems.

To confirm, irtt only uses UDP packets on the specified port (2112 in your case). So, we just have to get those passed properly between client and server!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@heistp @Kodalem