From 32c2c8f35e5768d6b36fa47f96ad5afe2cb4b252 Mon Sep 17 00:00:00 2001 From: kokolocomotion1 Date: Wed, 14 May 2025 08:51:42 -0500 Subject: [PATCH 1/3] Create 2025-04-12-warp-ga-linux.mdx Release notes for client version 2025.4.929.0 Linux GA release --- .../2025-04-12-warp-ga-linux.mdx | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 src/content/changelog/zero-trust-warp/2025-04-12-warp-ga-linux.mdx diff --git a/src/content/changelog/zero-trust-warp/2025-04-12-warp-ga-linux.mdx b/src/content/changelog/zero-trust-warp/2025-04-12-warp-ga-linux.mdx new file mode 100644 index 000000000000000..7f02412b75e98f4 --- /dev/null +++ b/src/content/changelog/zero-trust-warp/2025-04-12-warp-ga-linux.mdx @@ -0,0 +1,22 @@ +--- +title: WARP client for Linux (version 2025.4.929.0) +description: WARP client for Linux (version 2025.4.929.0) +date: 2025-05-12T11:00:00Z +--- + +A new GA release for the Linux WARP client is now available on the [Stable release downloads page](/cloudflare-one/connections/connect-devices/warp/download-warp/). This release contains two significant changes all customers should be aware of: + +1. All DNS traffic now flows inside the WARP tunnel. Customers are no longer required to configure their local Firewall rules to allow our DoH IP Address or domains. +2. When using MASQUE, the connection will fall back to HTTP/2 (TCP) when we detect that HTTP/3 traffic is blocked. This allows for a much more reliable connection on some public WiFi networks. + +**Changes and improvements** + +- Fixed an issue where the managed network policies could incorrectly report network location beacons as missing. +- Improved DEX Test Error reporting. +- Fixed an issue causing client notifications to fail in IPv6 only environments which prevented the client from receiving configuration changes to settings like device profile. +- Added a TCP fallback for the MASQUE tunnel protocol to improve connectivity on networks that block UDP or http/3 specifically. +- Added new IPs for Client Orchestration API for operations like tunnel connectivity checks. If your organization uses a firewall or other policies you will need to exempt these IPs. +- Fixed an issue where frequent network changes could cause WARP to become unresponsive. +- DNS over HTTPS traffic is now included in the WARP tunnel by default. +- Improvement for WARP to check if tunnel connectivity fails or times out at device wake before attempting to reconnect. +- Fixed an issue causing WARP connection disruptions after network changes. From f0294955e827c5b56e04cc65f480627b4bff2f26 Mon Sep 17 00:00:00 2001 From: kokolocomotion1 Date: Wed, 14 May 2025 08:59:59 -0500 Subject: [PATCH 2/3] Update 2025-04-12-warp-ga-linux.mdx added URL for DoH IP address or domain call out --- .../changelog/zero-trust-warp/2025-04-12-warp-ga-linux.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/content/changelog/zero-trust-warp/2025-04-12-warp-ga-linux.mdx b/src/content/changelog/zero-trust-warp/2025-04-12-warp-ga-linux.mdx index 7f02412b75e98f4..89fe5f6c1d86a0e 100644 --- a/src/content/changelog/zero-trust-warp/2025-04-12-warp-ga-linux.mdx +++ b/src/content/changelog/zero-trust-warp/2025-04-12-warp-ga-linux.mdx @@ -6,7 +6,7 @@ date: 2025-05-12T11:00:00Z A new GA release for the Linux WARP client is now available on the [Stable release downloads page](/cloudflare-one/connections/connect-devices/warp/download-warp/). This release contains two significant changes all customers should be aware of: -1. All DNS traffic now flows inside the WARP tunnel. Customers are no longer required to configure their local Firewall rules to allow our DoH IP Address or domains. +1. All DNS traffic now flows inside the WARP tunnel. Customers are no longer required to configure their local Firewall rules to allow our [DoH IP Address or domains](/cloudflare-one/connections/connect-devices/warp/deployment/firewall/#doh-ip). 2. When using MASQUE, the connection will fall back to HTTP/2 (TCP) when we detect that HTTP/3 traffic is blocked. This allows for a much more reliable connection on some public WiFi networks. **Changes and improvements** From 30a52340b9b731307762933c8edcb7c051773791 Mon Sep 17 00:00:00 2001 From: kokolocomotion1 Date: Wed, 14 May 2025 09:33:46 -0500 Subject: [PATCH 3/3] Update and rename 2025-04-12-warp-ga-linux.mdx to 2025-05-12-warp-ga-linux.mdx added URL for a note reference --- ...025-04-12-warp-ga-linux.mdx => 2025-05-12-warp-ga-linux.mdx} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename src/content/changelog/zero-trust-warp/{2025-04-12-warp-ga-linux.mdx => 2025-05-12-warp-ga-linux.mdx} (87%) diff --git a/src/content/changelog/zero-trust-warp/2025-04-12-warp-ga-linux.mdx b/src/content/changelog/zero-trust-warp/2025-05-12-warp-ga-linux.mdx similarity index 87% rename from src/content/changelog/zero-trust-warp/2025-04-12-warp-ga-linux.mdx rename to src/content/changelog/zero-trust-warp/2025-05-12-warp-ga-linux.mdx index 89fe5f6c1d86a0e..aa047ef42a492a8 100644 --- a/src/content/changelog/zero-trust-warp/2025-04-12-warp-ga-linux.mdx +++ b/src/content/changelog/zero-trust-warp/2025-05-12-warp-ga-linux.mdx @@ -15,7 +15,7 @@ A new GA release for the Linux WARP client is now available on the [Stable relea - Improved DEX Test Error reporting. - Fixed an issue causing client notifications to fail in IPv6 only environments which prevented the client from receiving configuration changes to settings like device profile. - Added a TCP fallback for the MASQUE tunnel protocol to improve connectivity on networks that block UDP or http/3 specifically. -- Added new IPs for Client Orchestration API for operations like tunnel connectivity checks. If your organization uses a firewall or other policies you will need to exempt these IPs. +- Added new IP addresses for [tunnel connectivity checks](/cloudflare-one/connections/connect-devices/warp/deployment/firewall/#connectivity-check). If your organization uses a firewall or other policies you will need to exempt these IPs. - Fixed an issue where frequent network changes could cause WARP to become unresponsive. - DNS over HTTPS traffic is now included in the WARP tunnel by default. - Improvement for WARP to check if tunnel connectivity fails or times out at device wake before attempting to reconnect.