linsomniac
9 hours ago
I spent some time on Friday trying out Cloudflare tunnel and boy was it a bad experience. The big killer was that the tunnel endpoint they gave me had an IPv6-only endpoint that I'm not sure was even valid. None of my devices could connect to it, including macbook, phone, linux, AWS instance...
On top of that I keep running into unexpected roadblocks with Cloudflare, like when I was trying to set up the tunnel they required me to set up a dedicated domain, you can't set up a subdomain of an existing domain. Probably fine if you are rolling it out as a production service, but for just testing it to make sure it even works (see IPv6 comments above), I just wanted to set it up as a subdomain.
candiddevmike
14 minutes ago
We were also super frustrated with Cloudflare Tunnel, especially from a developer experience and firewall perspective. So we built Tunlr to replace it: https://tunlr.dev. It's Cloudflare Tunnels but you can self-host it and provide your own domains for your internal developers to use, and it proxies over HTTP/SSE which plays nicely with firewalls.
h33t-l4x0r
7 hours ago
Works great for me, 5 subdomains coming to various ports on my dev pc for whatever project I'm testing (8000 for laravel, 3000 for nextjs). Way better than ngrok.
Jnr
8 hours ago
It was a smooth experience for me. Just start the cloudflared container with the provided key in the environment and you are done. I also don't have ipv6 but it is not required and if I remember correctly I did not have to specify any endpoints, just the key.
f311a
5 hours ago
We spent 3 days trying to properly integrate their tunnels to our internal network. I took us 3 hours to integrate tailscale.
Tunnels are poorly documented.
linsomniac
17 minutes ago
>Tunnels are poorly documented.
I'd tend to agree with that, but I was able to find some youtube videos of people setting them up. It was still a little bit of a challenge though because they have moved the menus all around in the last few months, so even the most recent videos I could fine were pointing to locations that didn't exist and I had to go hunting for them.
I would have preferred to just use tailscale for this, but we are using headscale and want to make a service available to our sister company, that doesn't have e-mails in our Google Workgroup where we have the OIDC for auth, so they can't be part of our tailnet without buying them logins or setting up accounts in keycloak or similar.
stingraycharles
6 hours ago
We're using Cloudflare Zero Trust quite extensively, and I find them quite easy to use. Works perfectly from AWS as well, all their endpoints have both IPv4 and IPv6 IPs.
linsomniac
19 minutes ago
Maybe the tunnel they provisioned for me was just broken, because:
$ host -t A 9c8855f1-e47f-47bf-9e0e-66938be0f076.cfargotunnel.com
9c8855f1-e47f-47bf-9e0e-66938be0f076.cfargotunnel.com has no A record
$ host -t AAAA 9c8855f1-e47f-47bf-9e0e-66938be0f076.cfargotunnel.com
9c8855f1-e47f-47bf-9e0e-66938be0f076.cfargotunnel.com has IPv6 address fd10:aec2:5dae::
$ telnet -6 9c8855f1-e47f-47bf-9e0e-66938be0f076.cfargotunnel.com 443
Trying fd10:aec2:5dae::...
telnet: Unable to connect to remote host: Connection timed out
watermelon0
9 hours ago
Haven't used Cloudflare in a while, but in the past you needed $200/month Business plan to be able to use subdomains of an existing domain with DNS hosted elsewhere.
h33t-l4x0r
4 hours ago
Nah, I'm free tier. I register domains through them and I think I pay around $10/month for R2 storage. All kinds of other freebies come on that tier, D1 databases (sqlite), Workers (think Lambda)
pyeri
6 hours ago
localtunnel[1] is one good option, at least for now.
letmetweakit
5 hours ago
I don't really get how the developer can run the project free of charge without monetization options. Does this solely rely on donors?
pyeri
4 hours ago
Tunneling isn't that big of a toll on resource, it doesn't require storage/disk space nor compute power (CPU chips), all it needs is ingress/egress (spare bandwidth). A non-profit or decent business in telco can easily offer it, consider that many hosting companies offer entire package in free tier today (compute + disk + egress).
For several years, ngrok was practically free, only recently they've started monetizing once it gained popularity.
mrasong
6 hours ago
Gotta say, this is amazing, exactly what I needed.
noir_lord
3 hours ago
I use it with a separate docker compose project so everything lives inside that (with traefik) and it's been utterly bulletproof for years - took a little puzzling out to start with but otherwise no drama and lets me do foo-whatever.mydomain.co.uk and route publically which is fantastic for local dev stuff or where I want to test something on iphone/android easily or share it - keeps all that stuff out of my "stack" for dev projects which makes for a very fast spinup if I want to test something.
csomar
8 hours ago
That really sums up the cloudflare experience and this is from someone heavily invested in their workers platform. They have lots of products and keep pumping more but except for DNS, most of them are half assed with weak maintenance/support.
CuriouslyC
3 hours ago
That's not a fair take. I will give Cloudflare a lot of shit for some of their products, but some of their products are 100% best in class. For instance, R2 is just better than S3, and KV is better than AWS/GCP options. The pricing is better, it's multi-region by default and there's less ops overhead.
linsomniac
4 minutes ago
This is good to know. I haven't used R2, it's been on my radar but I haven't taken the steps to start using it. Partly because my experience with the rest of Cloudflare has been middling to poor. I'd love to save on our S3 bill, which is substantial, but it's going to take significant development to get there and it's an unknown how much it'll actually save. There are too many stories of people getting called by enterprise sales when their usage crosses some line in the sand that only the sales people know.
csomar
an hour ago
I agree with R2 but KV is un-realiable. I said DNS but I meant CDN which R2 kind of falls into. Cloudflare is good in moving lots of data but most of their other products are not polished. It doesn't mean that they are not exceptional products. I have deployed a wasm-worker 5 years ago and it is still up and running to this day. I don't think a server would have survived or any other product from any other provider would have guaranteed such backward compatibility.
Eikon
3 hours ago
R2 is very high latency with huge variance, definitely lower quality than S3.
In my experience even backblaze b2 performs (way) better.
Their community forums are full of such reports.
KV is so expensive that it’s barely usable, and like R2, is very slow.
theultdev
2 hours ago
Slightly higher latency. I've seen about 20-30% increase from S3 to R2. But the bill is magnitudes lower.
Agree with the KV point, Upstash is the same. But I just use dragonflydb on a single VM. No point paying for transactions.
Hell, S3 could have 20ms latency and it wouldn't matter since I can't afford it.
