How do I change my IP address for my Proxmox tunnel?
I am hosting my webserver on Proxmox and watched a video on YouTube how I could remotely access my server using Cloudflare so I setup a tunnel and purchased a domain from Cloudflare to set it up, everything was fine then well my router gave my server a new IP address after a reset and now I cannot go to my domain and reach my server, how can I fix this? Im a networking idiot so please explain this to me simply..... 🥺
37 Replies
By default, a tunnel using cloudflared does not depend on any set IP address; it initiates an connection going out, TO cloudflare, then Cloudflare establishes the tunnel. If you haven't done anything unusual with the tunnel , there's a good chance your problem may lie elsewhere.
When you go to the Zero Trust Platform -> Network -> Tunnels -> Your Tunnel, does it say Healthy in green at the bottom?
Yes it says Healthy in green
I'm bad at cloud networking, can you please help me, I've had no luck at all with support or people in the forums....
your question and details are just a bit too vague. What's the exact error you get? Can you give the url you can reproduce it on?
foxyproxy.win
Should I just re-install everything in my proxmox server? Will I need to purchase a new domain from Cloudflare? Sorry I'm so bad at this....😔
I'd try deleting the public hostname, making sure the linked cname was deleted, then re-making it.
In some cases (I've only seen this with CF Tunnels, not regular DNS, and it has been very rare), it can take up to a full day for DNS to propagate.
🤔 I'll give that a go... So delete the hostname? The domain right? foxyproxy.win? And the attached cname?
you won't have to reinstall or rebuy anything, should be possible to fix
well what is the record on
foxyproxy.win right now?Ok gonna give that a try once I get home today and let you know how it turns out. I mean I think I know what's happening....the domain/Cname (whatever) is pointing traffic to my old IP address ..
DNS may take a while to propagate due to dns cache/resolver cache, but nothing on CF's side. If it's a proxied hostname too all you'd have to do is wait for the initial proxy records to propogate, and any changes after would be pretty instant since it's all internal. We track dns delay here: https://dnsfree.cloudflare.chaika.me/, and it's pretty constant at ~11s or so, it's all a kafka queue last they blogged so it should be pretty consistent, it either happens pretty quickly or it doesn't
It shows healthy and active rn
the tunnel is probably fine, the dns records aren't
would be most helpful to have a screenshot of your existing dns records (blurring any sensitive info like origin ips)
Ok I have to get back to work...but I'll be home around 7pm CST and if possible and your schedule merits maybe you can guide me (a cloud networking moron)
As I said, it's rare, but it's definitely on Cloudflare's side. The instances I was referring to were new public hostnames with subdomains that had never been used before.
if they didn't exist before that sounds more like dns cache, some DNS Resolvers, specifically default ISP operated ones ignore dns ttl and will force cache for ~12h to a few days to try to lower query volume
not saying it's not possible but that dns update test does 2 dns updates per minute and has for the past ~8 months or so, and I've seen delay caused by incidents, and even a few times where updates were completely lost (although I think that's fixed now), and they never went out regardless of waiting, although I did only wait a few hours, possible they forced a resync a lot of time later. In general though I'd say if you are having dns issues, query authoritative nameserver/check community tool if dns updates are delayed, and if they aren't showing on auth. dns lookup/no update in a few mins, try remaking the record. Otherwise it's dns cache somewhere, can be tricky.
Sorry for the delay, I'm taking 3 days break from beating my head on my desk trying to figure this out. I have a open forum chat with Brandon at Cloudflare and can link it. There I have images of screenshots and perhaps you can see whatever I may be doing wrong...I'll drop the link brb...
https://community.cloudflare.com/t/proxmox-tunnel-issue/649762
I think CFBrandon has given up on helping me lol
I'll look at it a bit later, Brandon is in this discord too
Monday was a holiday in the UK (idk where brandon lives), and the rest was over the weekend, could also just be taking time off lol, CF Employes aren't constantly working
Oh good...Brandon gets around haha.
Oh ahhh...yes the UK with their awesome work schedules...so quickly do I forget living here in the states. Lol
You see the same 502 error on foxyproxy.win that I see right now right?
Thank you so much Chaika, I've got to go get some things done before taking my much needed 3 days but I'll be in and out checking to see if you know how bad I messed things up haha. Take care.
Well a 502 is from the Cloudflare Tunnel itself most likely, I would check the tunnel logs, try connecting to the hostname and running
journalctl -u cloudflared -f --lines=100 and see what its reportingI have proxmox setup like this with a tunnel, no issue
I don't see your posting your tunnel config anywhere, would be a good thing to double check, and grab the error the tunnel is giving, and go from there
so type that in the terminal of my Proxmox server?
Ugh no luck with
journalctl -u cloudflared -f --lines=100 in the PVE console...it does nothing....strangely enough when running that in my 22.04 Ubuntu container it gives the error that the connection refused and unable to reach origin service....I feel like this is going to be impossible to resolve...is there a way to go through the setup again and keep my domain and just try to install a new tunnel?Where is the tunnel/ cloudflared service running? In your container?
no i thought it was in my PVE but when trying to check the version in the PVE console terminal it seems to not even be a tunnel/ cloudflare on it....so strange.
What should I do next? Wave the white flag?
you don't know where you ran the install command for the tunnel?
if you do
systemctl status cloudflared, you should be able to see if it exists on that linux install, can run it in both host and containerOk its in the container and not the PVE. I ran that in the container and got this back.....
May 08 22:15:36 Ubuntu2204LXC cloudflared[108]: 2024-05-08T22:15:36Z ERR Request failed error="Unable to reach the origin service. The service may be down or it may not be responding
IDK, ugh, can I just delete this tunnel and the entire container and create a new tunnel with the same domain name in the Proxmox PVE?can just
cloudflared service uninstall and do the install command again from the tunnel page yeaso now I just delete the tunnel right and go through the setup? or what do I need to do? sorry Im so bad at this truly...
installed the new connector in the pve terminal but still get the 502 error
did you uninstall the old one in the container?
yes
i then ran this again after refreshing the connector
it installed in the pve terminal
you leaked the tunnel secret, I deleted it but you might want to uninstall, refresh token there and reinstlal for safety anyway
regardless of that though, I would check logs on the pve host side of cloudflared and see if its erroring
how do I do that?
and sorry I didn't realize I dropped the entire key in here or I've been tired and probably wasn't even paying attention, just so frustrated with this at this point. If its easier just to start over I'm willing to do that, I'd like to use my existing domain that I paid for through Cloudflare however and I truly don't know the steps involved.
what do you think????
I'm probably just going to have to buy an entirely new domain I suppose .... start completely over .... maybe I should use openvpn? 🙄