Skip to content

[ZT] Fix WARP macOS/Linux release notes #22439

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
May 14, 2025
Merged

[ZT] Fix WARP macOS/Linux release notes #22439

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
9416e4d
macos edits
ranbel May 14, 2025
d17ef79
linux edits
ranbel May 14, 2025
6804462
fix tense
ranbel May 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 4 additions & 7 deletions src/content/warp-releases/linux/ga/2025.4.929.0.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,7 @@ releaseNotes: >-
of:

1. All DNS traffic now flows inside the WARP tunnel. Customers are no longer
required to configure their local Firewall rules to allow our DoH IP Address
or domains.
required to configure their local firewall rules to allow our [DoH IP addresses and domains](/cloudflare-one/connections/connect-devices/warp/deployment/firewall/#doh-ip).

2. When using MASQUE, the connection will fall back to HTTP/2 (TCP) when we
detect that HTTP/3 traffic is blocked. This allows for a much more reliable
Expand All @@ -16,18 +15,16 @@ releaseNotes: >-
- Fixed an issue where the managed network policies could incorrectly report
network location beacons as missing.

- Improved DEX Test Error reporting.
- Improved DEX test error reporting.

- Fixed an issue causing client notifications to fail in IPv6 only
environments which prevented the client from receiving configuration changes
to settings like device profile.

- Added a TCP fallback for the MASQUE tunnel protocol to improve connectivity
on networks that block UDP or http/3 specifically.
on networks that block UDP or HTTP/3 specifically.

- Added new IPs for Client Orchestration API for operations like tunnel
connectivity checks. If your organization uses a firewall or other policies
you will need to exempt these IPs.
- Added new IP addresses for [tunnel connectivity checks](/cloudflare-one/connections/connect-devices/warp/deployment/firewall/#connectivity-checks). If your organization uses a firewall or other policies you will need to exempt these IPs.

- Fixed an issue where frequent network changes could cause WARP to become
unresponsive.
Expand Down
9 changes: 4 additions & 5 deletions src/content/warp-releases/macos/ga/2025.4.929.0.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,19 +1,18 @@
releaseNotes: |-
This release contains two significant changes all customers should be aware of:
1. All DNS traffic now flows inside the WARP tunnel. Customers are no longer required to configure their local Firewall rules to allow our [DoH IP Address or domains](https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/deployment/firewall/#doh-ip).
1. All DNS traffic now flows inside the WARP tunnel. Customers are no longer required to configure their local firewall rules to allow our [DoH IP addresses and domains](/cloudflare-one/connections/connect-devices/warp/deployment/firewall/#doh-ip).
2. When using MASQUE, the connection will fall back to HTTP/2 (TCP) when we detect that HTTP/3 traffic is blocked. This allows for a much more reliable connection on some public WiFi networks.


**Changes and improvements**
- Fixed an issue where the managed network policies could incorrectly report network location beacons as missing.
- Improved DEX Test Error reporting.
- Improved DEX test error reporting.
- Fixed an issue causing client notifications to fail in IPv6 only environments which prevented the client from receiving configuration changes to settings like device profile.
- Improved captive portal detection.
- Added a TCP fallback for the MASQUE tunnel protocol to improve connectivity on networks that block UDP or http/3 specifically.
- Added new [IPs for Client Orchestration API](https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/deployment/firewall/#connectivity-check) for operations like tunnel connectivity checks. If your organization uses a firewall or other policies you will need to exempt these IPs.
- Added a TCP fallback for the MASQUE tunnel protocol to improve connectivity on networks that block UDP or HTTP/3 specifically.
- Added new IP addresses for [tunnel connectivity checks](/cloudflare-one/connections/connect-devices/warp/deployment/firewall/#connectivity-checks). If your organization uses a firewall or other policies you will need to exempt these IPs.
- DNS over HTTPS traffic is now included in the WARP tunnel by default.
- Improved the error message displayed in the client GUI when the rate limit for entering an incorrect admin override code is met.
- Added a [Collect Captive Portal Diag](https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-settings/captive-portals/#get-captive-portal-logs) button in the client GUI to make it easier for users to collect captive portal debugging diagnostics.
- Improved handling of non-SLAAC IPv6 interface addresses for better connectivity in IPv6 only environments.
- Fixed an issue where frequent network changes could cause WARP to become unresponsive.
- Improvement for WARP to check if tunnel connectivity fails or times out at device wake before attempting to reconnect.
Expand Down