Skip to content
Cloudflare for Teams
Visit Cloudflare for Teams on GitHub
Set theme to dark (⇧+D)

Load balancers

Before you start
1. Create a Tunnel
2. Configure the Tunnel
3. Create a Load Balancer pool in Cloudflare

Route traffic from the dashboard

When you create a Tunnel, Cloudflare generates a subdomain of with the UUID of the created Tunnel. You can treat that subdomain as if it were an origin target in the Cloudflare dashboard.

Unlike publicly routable IP addresses, the subdomain will only proxy traffic for a DNS record or a Load Balancer pool in the same Cloudflare account. If someone discovers your subdomain UUID, they will not be able to create a DNS record in another account or system to proxy traffic to the address.

To add a Cloudflare Tunnel connection to a Cloudflare Load Balancer pool:

  1. Navigate to the Load Balancer page in the Cloudflare dashboard.
  2. Create or edit an existing Origin Pool. Add the Tunnel subdomain as an Origin Address.
  3. Click Save.

Route traffic from the command line

You can add Cloudflare Tunnel to an existing load Balancer pool directly from cloudflared. The result is the same as creation from the dashboard above.

To do so, run the following command:

$ cloudflared tunnel route lb <tunnel ID or NAME> <load balancer name> <load balancer pool>

Note: this command requires the cert.pem file.

Optional: Configure additional Cloudflare settings

The application will default to the Cloudflare settings of the hostname in your account that includes the Cloudflare Tunnel Load Balancer records, including cache rules and firewall policies. You can changes these settings for your hostname in Cloudflare's dashboard.