9c37af10c0
- Fixed 104 broken references in 59 files - Consolidated 40+ duplicate status files - Archived duplicates to reports/archive/duplicates/ - Created scripts for reference fixing and consolidation - Updated content inconsistency reports All optional cleanup tasks complete.
5.0 KiB
Cloudflare Routing Master Reference
Navigation: Home > Network > Cloudflare Routing Master
Last Updated: 2025-01-20
Document Version: 1.0
Status: 🟢 Active Documentation
Overview
This is the authoritative reference for Cloudflare tunnel routing architecture. All routing decisions, domain mappings, and tunnel configurations are documented here.
Note: This document consolidates routing information from multiple sources. For specific setup procedures, see the related documents below.
Architecture Overview
Internet → Cloudflare → cloudflared (VMID 102) → Routing Decision
├─ HTTP RPC → Central Nginx (VMID 105) → RPC Nodes
└─ WebSocket RPC → Direct to RPC Nodes
Routing Rules
HTTP Endpoints (via Central Nginx)
All HTTP endpoints route through the central Nginx on VMID 105 (192.168.11.21:80):
| Domain | Cloudflare Tunnel → | Central Nginx → | Final Destination |
|---|---|---|---|
explorer.d-bis.org |
http://192.168.11.21:80 |
http://192.168.11.140:80 |
Blockscout |
rpc-http-pub.d-bis.org |
http://192.168.11.21:80 |
https://192.168.11.252:443 |
RPC Public (HTTP) |
rpc-http-prv.d-bis.org |
http://192.168.11.21:80 |
https://192.168.11.251:443 |
RPC Private (HTTP) |
dbis-admin.d-bis.org |
http://192.168.11.21:80 |
http://192.168.11.130:80 |
DBIS Frontend |
dbis-api.d-bis.org |
http://192.168.11.21:80 |
http://192.168.11.150:3000 |
DBIS API Primary |
dbis-api-2.d-bis.org |
http://192.168.11.21:80 |
http://192.168.11.151:3000 |
DBIS API Secondary |
mim4u.org |
http://192.168.11.21:80 |
http://192.168.11.19:80 |
Miracles In Motion |
www.mim4u.org |
http://192.168.11.21:80 |
301 Redirect → mim4u.org |
Redirects to non-www |
WebSocket Endpoints (Direct Routing)
WebSocket endpoints route directly to RPC nodes, bypassing the central Nginx:
| Domain | Cloudflare Tunnel → | Direct to RPC Node → | Final Destination |
|---|---|---|---|
rpc-ws-pub.d-bis.org |
wss://192.168.11.252:443 |
wss://192.168.11.252:443 |
127.0.0.1:8546 (WebSocket) |
rpc-ws-prv.d-bis.org |
wss://192.168.11.251:443 |
wss://192.168.11.251:443 |
127.0.0.1:8546 (WebSocket) |
Why Direct Routing for WebSockets?
- WebSocket connections require persistent connections and protocol upgrades
- Direct routing reduces latency and connection overhead
- RPC nodes handle WebSocket connections efficiently on their own Nginx instances
Cloudflare Tunnel Configuration
Tunnel: rpc-http-pub.d-bis.org (Tunnel ID: 10ab22da-8ea3-4e2e-a896-27ece2211a05)
Location: VMID 102 (cloudflared container)
Configuration: See CLOUDFLARE_TUNNEL_ROUTING_ARCHITECTURE.md for complete tunnel configuration.
Central Nginx Configuration
Nginx Proxy Manager (VMID 105)
IP Address: 192.168.11.21
Configuration File: /data/nginx/custom/http.conf
Status: Active and running
Services Configured: See CENTRAL_NGINX_ROUTING_SETUP.md for complete configuration.
Related Documentation
Setup Guides
- ../04-configuration/cloudflare/CLOUDFLARE_ZERO_TRUST_GUIDE.md ⭐⭐⭐ - Complete Cloudflare Zero Trust setup
- ../04-configuration/cloudflare/CLOUDFLARE_TUNNEL_INSTALLATION.md ⭐⭐ - Tunnel installation procedures
- ../04-configuration/cloudflare/CLOUDFLARE_DNS_TO_CONTAINERS.md ⭐⭐⭐ - DNS mapping to containers
Architecture Documents
- CLOUDFLARE_TUNNEL_ROUTING_ARCHITECTURE.md ⭐⭐⭐ - Detailed tunnel routing architecture
- CENTRAL_NGINX_ROUTING_SETUP.md ⭐⭐⭐ - Central Nginx routing configuration
- CLOUDFLARE_NGINX_INTEGRATION.md ⭐⭐ - Cloudflare + NGINX integration
- NGINX_ARCHITECTURE_RPC.md ⭐⭐ - NGINX architecture for RPC
Domain and DNS
- ../02-architecture/DOMAIN_STRUCTURE.md ⭐⭐ - Domain structure reference
- ../04-configuration/RPC_DNS_CONFIGURATION.md - RPC DNS configuration
- ../04-configuration/cloudflare/CLOUDFLARE_DNS_SPECIFIC_SERVICES.md ⭐⭐⭐ - Service-specific DNS configuration
Last Updated: 2025-01-20
Document Version: 1.0
Review Cycle: Quarterly