Cloudflare Docs

System requirements

cloudflared is lightweight enough to run on a Raspberry Pi or a data center server. Tunnel throughput is primarily limited by the number of ports configured in system software, not hardware.

Baseline recommendations

Run a cloudflared replica on two dedicated hosts per location with a minimum of 4 GB RAM and 4 CPU cores. Allocate 50,000 ports per host.

Port configuration

To increase the number of ports available to cloudflared on Linux:

If your machine has a /etc/sysctl.d/ directory:

Terminal window
echo 'net.ipv4.ip_local_port_range = 11000 60999' | sudo tee -a /etc/sysctl.d/99-cloudflared.conf
sudo sysctl -p /etc/sysctl.d/99-cloudflared.conf

Otherwise:

Terminal window
echo 'net.ipv4.ip_local_port_range = 11000 60999' | sudo tee -a /etc/sysctl.conf
sudo sysctl -p /etc/sysctl.conf

ulimits (Linux and macOS)

On Linux and macOS, ulimit settings determine the system resources available to a logged-in user. We recommend configuring the following ulimits on the cloudflared server:

ulimitDescriptionValue
-nMaximum number of open files or file descriptors≥ 70,000

To view your current ulimits, open a terminal and run:

Terminal window
ulimit -a

To set the open files ulimit:

Terminal window
ulimit -n 70000

The command above sets the open files limit only for the current terminal session and will not persist after a reboot or new login. To apply this limit permanently, configure it using the persistent method appropriate for your operating system.

Capacity calculator

To estimate tunnel capacity requirements for your deployment:

  1. Use the metrics endpoint to measure cloudflared_tcp_total_sessions and cloudflared_udp_total_sessions.
  2. Compute the average TCP requests per second by dividing cloudflared_tcp_total_sessions by total time.
  3. Compute the average Non-DNS UDP requests per second by dividing cloudflared_udp_total_sessions by total time.
  4. Input TCP requests per second and Non-DNS UDP requests per second into the calculator below. (You can leave Private DNS requests per second as 0 unless you are using the tunnel for private network access.)

System configuration





Metrics




Result




This calculator is for informational purposes only and all results are estimates.

To increase tunnel capacity, add identical hosts running cloudflared replicas.