Cloudflare Warp / Masque
[!NOTE] This document is partially generated by AI.
Cloudflare Warp (based on the Masque/QUIC protocol) is a service that provides a secure and fast connection to the internet. In yuhaiin, it is supported as an outbound protocol.
Network Support
Section titled “Network Support”- TCP: Supported (Tunneled through Masque).
- UDP: Supported (Tunneled through Masque).
- NAT Type: Full-Cone NAT.
Outbound Configuration
Section titled “Outbound Configuration”The cloudflare_warp_masque block provides connectivity to Cloudflare’s privacy network.
Configuration Fields
Section titled “Configuration Fields”private_key(string): Your Cloudflare account’s private key (WireGuard format).endpoint(string): The address and port of the Cloudflare edge server (e.g.,engage.cloudflareclient.com:2408).endpoint_public_key(string): The public key of the Cloudflare endpoint.local_addresses(string array): The internal IP addresses (IPv4 and/or IPv6) assigned to your Cloudflare account.mtu(int): Maximum Transmission Unit used for the tunnel packets.
Example Configuration
Section titled “Example Configuration”{ "name": "Cloudflare-Warp-Out", "protocols": [ { "cloudflare_warp_masque": { "private_key": "YOUR_PRIVATE_KEY", "endpoint": "162.159.192.1:2408", "endpoint_public_key": "bmXOC+F1FxEMF9dyiK2H5/1SUtzH0JuVo51h2wPfgyo=", "local_addresses": ["172.16.0.2/32"] } } ]}Developer Details
Section titled “Developer Details”MASQUE Protocol
Section titled “MASQUE Protocol”This implementation uses MASQUE (Multiprocessed Application Shaper for QUIC Extensions) to encapsulate traffic. Unlike standard WireGuard, this can wrap data in QUIC streams, which can be more resilient to network environments where raw UDP is blocked or throttled.
Connectivity
Section titled “Connectivity”When used as an outbound, yuhaiin routes all traffic passing through this protocol through the encrypted Cloudflare tunnel, effectively masking your source IP.