Cloud flare + WARP

Anyone got more info on their new ‘warp’ feature?

It’s just out so perhaps there’s no tests yet. I’m wondering what if any benefit it gives to end users.


Nope, what is it? A No-log, accelerated DNS only? Or a vpn?

It’s a wireguard VPN.

1 Like

Where’s this info from?

I’ve been having a quick look but haven’t got much apart from this

Suggests that part of it is technology from Neumob?

Ultimately, the Neumob software is easily extended to operate as a ‘VPN’ for mobile devices that can secure and accelerate all HTTP traffic from a mobile device (including normal web browsing and app API calls). Most VPN software, frankly, is awful. Using a VPN feels like a step backwards to the dial up era of obscure error messages, slow downs, and clunky software. It really doesn’t have to be that way."

Accelerated DNS and warp is some sort of accelerated web thingy

1 Like

Warp is the VPN for people who don’t know what V.P.N. stands for.


…While Making It Faster and More Reliable

Security is table stakes. What really distinguishes Warp is performance and reliability. While other VPNs slow down the Internet, Warp incorporates all the work that the team from Neumob has done to improve mobile Internet performance. We’ve built Warp around a UDP-based protocol that is optimized for the mobile Internet. We also leveraged Cloudflare’s massive global network, allowing Warp to connect with servers within milliseconds of most the world’s Internet users. With our network’s direct peering connections and uncongested paths we can deliver a great experience around the world. Our tests have shown that Warp will often significantly increase Internet performance. Generally, the worse your network connection the better Warp should make your performance.

It looks like a typical marketing BS.

VPN with a mobile application under the banner of their NS.
Logical that udp traffic will be faster by nature than tcp. But these statements are probably vs other vpn services. Somehow it’s hard to magically speed up traffic compared to native ISP traffic.
There are no miracles. You can theoretically play in optimizing routes and getting to cdn as soon as possible but … Each additional layer and additional hop will always be 99% slower than native traffic.

Yes, if we compare it to other vpn services then we can discuss theoretical acceleration. With this infrastructure that cloudflare has, you can build a pretty good support core for vpn traffic. Compared to many commercial vpn offers, it may actually be faster in some situations, although I’m not sure about these claims by 30%. Rather, I would say that on average statistically it will not exceed 5-10%.

Everything will depend on the actual routing. Where is the entry point and where is the exit point, what happens along the way.

I don’t see any magic in this wonderful software. Udp instead of tcp, other vpn have this too.
Wireguard instead of openvpn … yes it is faster and lighter but still somehow so little tested and some are not yet 100% convinced of it.
The only key advantage over other vpn offers is the infrastructure that has Cloudflare and in some cases it can cause faster access to network resources.

At the end of the day, another vpn for those who can afford it.

Where does WireGuard come into this?

“We also knew it was critical that we ensure Warp doesn’t meaningfully increase your battery usage. We built Warp around WireGuard, a modern, efficient VPN protocol that is much more efficient than legacy VPN protocols.”

Cloudflare’s “Warp” application is based on WireGuard instead of OpenVPN to create a tunnel.


The New Cloudflare VPN: What It Is And Is Not

There’s been some talk around the Internet about the recently launched Cloudflare VPN, which claims to be a stronger, more modern VPN – namely because it’s built on the WireGuard protocol. It’s true that as an open source project, WireGuard is doing some exciting things. But the way in which it’s being compared to the OpenVPN protocol isn’t quite painting the whole picture. The OpenVPN project has grown over two decades, and the maturity and functionality of the protocol reflects that.

This article in particular compares WireGuard to OpenVPN and claims that the overall source code of OpenVPN is closer to 600,000 lines of code, which is an enormous amount — and an unfair comparison. The open source OpenVPN version is about 70,000 lines of codes, which includes support for two different cryptographic libraries; which means you are not bound to OpenSSL cryptographic library alone. It adds much more advanced authentication possibilities, like username/password, two factor authentication, certificate-based authentication, and a flexible plug-in and scripting interface for much more advanced integrations.

WireGuard as it is today has a much smaller set of authentication methods and has much more reduced integration interfaces compared to OpenVPN. This is one of the reasons why OpenVPNs code base is more comprehensive. This does not mean WireGuard is not fully featured as a VPN solution alone, but for more demanding VPN users this can a big concern for their setup.

OpenSSL code is also widely used in a lot of applications on the Internet, not only for OpenVPN. The vast majority of web sites use the same OpenSSL code base. In addition, OSTIF — who arranged one of the third party code audits of OpenVPN in 2017 — has also ensured OpenSSL has gone through a similar code audit. OpenVPN’s audit proves its security and effectiveness, and it’s been used by major enterprises because it’s known to have the highest level of security. The WireGuard code base Cloudflare uses for its Warp service is too fresh to have had a chance the be audited by independent third-party reviewers.

Most importantly, since both OpenVPN and WireGuard are open source projects, they are both focused on collaboration. Developers from both projects are discussing challenges related to providing solid and efficient open source based VPN solutions. We are all interested in ensuring that end users have the best solutions at hand, which can only be truly achieved by working in the open and collaborating together. We believe in open source development, which is about connecting and creating solutions together — so when the article pits these projects against each other, it misses the point of what open source is all about: collaboration and sharing. Yes, the WireGuard and OpenVPN open source projects can be seen as competitors, but both projects can also build on each others’ innovation. Which is why OpenVPN welcomes new projects like WireGuard: we each have independent and different goals based on our users’ demands, but that doesn’t mean we need to compete.

OpenVPN, Inc. is committed to improving the performance of OpenVPN. OpenVPN, Inc. has also spent time implementing the third generation OpenVPN code base, making it easier to implement the OpenVPN protocol in a lot more products than before — as well as further improving the overall performance and speed.

The Cloudflare VPN might have a lot of flash now — and it is an interesting product. The challenge is simply that their new VPN service is fairly restricted in what it can provide in additional features. While protecting the Internet traffic on various hot-spots and insecure networks is a valid use case, we are concerned Cloudflare’s reimplementation of the WireGuard code has not reached maturity yet.


Btw, on an unrelated issue: I see that Jason actually made the pull
request to have wireguard included in the kernel.

Can I just once again state my love for it and hope it gets merged
soon? Maybe the code isn’t perfect, but I’ve skimmed it, and compared
to the horrors that are OpenVPN and IPSec, it’s a work of art.


1 Like

So what WARP really is at the end of the day? A service integrated into Just a VPN? To be honest there were too many words and nothing straight to the point that explains what it is and what it does. Still interesting to see.

This is the VPN service belonging to cloudflare under the name “Warp” with the target group of mobile users.

It’s simply an application called “Warp” which creates a VPN tunnel and uses, among others, wireguard.
And thanks to the extensive backbone network and many uplinks / peers up to IX and Tier1 ISP and its own CDN network, cloudflare can have better access times to some network resources in such situations compared to other VPN services on the market.


I didn’t see this point, thanks.

It will be nice to see some good testing done just to see how much of any improvement it might bring.

Being more accurate…

The application is called “” the same as the address of the NS server. At first, the application only provided secure dns. And now under the name “ WARP” / “ with Warp” / “ + Warp” the application provides VPN and of course also dns which is rather obvious.

Overall, it’s a strange approach to names …

1 Like

Tests of WARP itself will depend heavily on your place, your mobile internet and where and how you test. The results of different people can vary significantly.

I have been waiting on this…

On a stable tested Wi-fi connection you should be able to get results that can show either no significant change or a something notable.

I’m giving it a try and it only gives you a VPN if you pay for it or refer to other people. Enabling it didn’t change my IP address like a VPN would. They’re really unclear on that in my opinion. Also, luckly, I can just set their DNS system wide.

Probably. Although this is how they try to advertise it sounds like the main recipient would be a GSM user.
Personally, I’m not planning any tests but if you have access to it, do it and let us know.