cloudflare / cloudflared

Cloudflare Tunnel client (formerly Argo Tunnel)
https://developers.cloudflare.com/cloudflare-one/connections/connect-apps/install-and-setup/tunnel-guide
Apache License 2.0
9.3k stars 827 forks source link

UDP payload exceeds transport MTU 1280 #1280

Open fredtj opened 4 months ago

fredtj commented 4 months ago

Hello,

When running cloudflared on bare metal (or docker), attempts to pass certain UDP traffic via the WARP client results in the log being spammed (multiple times per second) with the following:

ERR Failed to send session payload from destination to transport error="origin UDP payload has 1440 bytes, which exceeds transport MTU 1280"

Further to this, performance of the application is badly affected.

Modifying the MTU (to 1280, 1340, etc) directly on the network interface serving cloudflared (and ensuring ICMP messages are not blocked between the origin and cloudflared) results in a change of error message:

ERR Failed to send session payload from destination to transport error="Failed to send datagram back to edge: DATAGRAM frame too large"

This issue is mitigated when using http2 instead of quic, however that also breaks DNS (via WARP: Local DNS Fallback / Resolver Policies) and ICMP, as quic is a requirement for those to work.

Can you offer any advice, please?

Regards

CDSFounder commented 2 months ago

I am also having a similar problem.

When attempting to use QUIC and RDP UDP on Windows, I get the error " error="origin UDP payload has 1232 bytes, which exceeds transport MTU 1200" connIndex=2 event=3". The problem is that if you reduce the MTU size to 1200, then QUIC connection to Cloudflare tunnel won't work because it requires a minimum MTU size of 1300....

isnyv commented 1 month ago

Having similar issue, our use case is RDP over warp.

Error "ERR Failed to send session payload from destination to transport error="origin UDP payload has 1232 bytes, which exceeds transport MTU 1200" connIndex=1 event=3 ip=198.**.*.37 sessionID=0**02e-99d7-4b6f-a69f-96****dd34b7"

jeankhawand commented 2 weeks ago

https://github.com/cloudflare/cloudflared/issues/828