Firewalla Gold not establishing Docker tunnel to Cloudflare

This is my docker cli command where I've tried to get around the system locking down 0.0.0.0:53, have also done all of the App things that I can find online but still get blocked when issuing this command.

sudo docker run --dns=8.8.8.8 -p 53:53/udp -p 53:53/tcp cloudflare/cloudflared:latest tunnel --no-autoupdate run --token

2026-06-11T22:57:25Z ERR edge discovery: error looking up Cloudflare edge IPs: the DNS query failed error="lookup _v2-origintunneld._tcp.argotunnel.com on 8.8.8.8:53: read udp 172.17.0.2:56092->8.8.8.8:53: i/o timeout" event=0
2026-06-11T22:57:25Z ERR Please try the following things to diagnose this issue: event=0
2026-06-11T22:57:25Z ERR 1. ensure that argotunnel.com is returning "origintunneld" service records. event=0
2026-06-11T22:57:25Z ERR Run your system's equivalent of: dig srv _origintunneld._tcp.argotunnel.com event=0
2026-06-11T22:57:25Z ERR 2. ensure that your DNS resolver is not returning compressed SRV records. event=0
2026-06-11T22:57:25Z ERR See GitHub issue https://github.com/golang/go/issues/27546 event=0
2026-06-11T22:57:25Z ERR For example, you could use Cloudflare's 1.1.1.1 as your resolver: event=0
2026-06-11T22:57:25Z ERR https://developers.cloudflare.com/1.1.1.1/setting-up-1.1.1.1/ event=0
2026-06-11T22:57:25Z INF Tunnel server stopped
2026-06-11T22:57:25Z ERR Initiating shutdown error="Could not lookup srv records on _v2-origintunneld._tcp.argotunnel.com: lookup _v2-origintunneld._tcp.argotunnel.com on 8.8.8.8:53: read udp 172.17.0.2:56092->8.8.8.8:53: i/o timeout"
2026-06-11T22:57:25Z INF Metrics server stopped
Could not lookup srv records on _v2-origintunneld._tcp.argotunnel.com: lookup _v2-origintunneld._tcp.argotunnel.com on 8.8.8.8:53: read udp 172.17.0.2:56092->8.8.8.8:53: i/o timeout

Firewalla is locking down 0.0.0.0:53 and stopping my docker cli command from starting the Cloudflared tunnel.

pi@Firewalla:~ (Firewalla) $ sudo lsof -i :53
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
zeek 3628248 root 17u IPv4 1770782322 0t0 UDP syn-142-196-228-232.res.spectrum.com:39749->one.one.one.one:domain
zeek 3628360 root 15u IPv4 1770782391 0t0 UDP syn-142-196-228-232.res.spectrum.com:50116->one.one.one.one:domain
zeek 3628423 root 15u IPv4 1770783221 0t0 UDP syn-142-196-228-232.res.spectrum.com:55131->one.one.one.one:domain
zeek 3628424 root 15u IPv4 1770782471 0t0 UDP syn-142-196-228-232.res.spectrum.com:51899->one.one.one.one:domain
dnsmasq 3856874 pi 5u IPv4 1772413745 0t0 UDP 192.168.0.1:domain
dnsmasq 3856874 pi 6u IPv4 1772413746 0t0 TCP 192.168.0.1:domain (LISTEN)
dnsmasq 3856875 pi 5u IPv4 1772417358 0t0 UDP 172.16.1.1:domain
dnsmasq 3856875 pi 6u IPv4 1772417359 0t0 TCP 172.16.1.1:domain (LISTEN)
dnsmasq 3856876 pi 5u IPv4 1772416160 0t0 UDP 192.168.10.1:domain
dnsmasq 3856876 pi 6u IPv4 1772416161 0t0 TCP 192.168.10.1:domain (LISTEN)
dnsmasq 3856877 pi 5u IPv4 1772414607 0t0 UDP 192.168.15.1:domain
dnsmasq 3856877 pi 6u IPv4 1772414608 0t0 TCP 192.168.15.1:domain (LISTEN)

pi@Firewalla:~ (Firewalla) $ sudo netstat -tulpn | grep :53
tcp 0 0 192.168.0.1:53   0.0.0.0:* LISTEN 3856874/dnsmasq
tcp 0 0 172.16.1.1:53   0.0.0.0:* LISTEN 3856875/dnsmasq
tcp 0 0 192.168.10.1:53   0.0.0.0:* LISTEN 3856876/dnsmasq
tcp 0 0 192.168.15.1:53   0.0.0.0:* LISTEN 3856877/dnsmasq
udp 0 0 192.168.0.1:53   0.0.0.0:* 3856874/dnsmasq
udp 0 0 172.16.1.1:53   0.0.0.0:* 3856875/dnsmasq
udp 0 0 192.168.10.1:53   0.0.0.0:* 3856876/dnsmasq
udp 0 0 192.168.15.1:53   0.0.0.0:* 3856877/dnsmasq
udp 0 0 0.0.0.0:5353   0.0.0.0:* 2917786/FireMain
udp 0 0 0.0.0.0:5353   0.0.0.0:* 3579588/avahi-daemo
udp6 0 0 :::5353 :::* 3579588/avahi-daemo
pi@Firewalla:~ (Firewalla) $

How can I get around this?

Firewalla Gold not establishing Docker tunnel to Cloudflare

Comments

Didn't find what you were looking for?