CD
Cloudflare Developers7mo ago
Bot Mhann

Warp CLI mode question.

I have the following options for mode in warp CLI: [possible values: warp, doh, warp+doh, dot, warp+dot, proxy, tunnel_only] I am using warp on my AWS EC2 instance to host a discord bot. The instance only has an IPv6, and to work with Discord it needs IPv4. The current mode is warp. Is this the best mode for what I am doing?
5 Replies
Chaika
Chaika7mo ago
warp
Is the Wireguard VPN, and I believe as well is simply just tunneling DNS over wireguard to CF's 1.1.1.1
DoH (DNS over HTTPS)
Takes your local DNS and does it over HTTPS, nice and secure. Isn't a vpn/doesn't touch actual traffic
warp+doh
Is the Wireguard VPN + doing dns over https
DoT (DNS over TLS)
Takes your local DNS and does it over Encrypted DoT nice and secure. Isn't a vpn/doesn't touch actual traffic
warp+dot
I bet you can guess this one
proxy
Wireguard Proxy but exposed via a local (I believe SOCKS) endpoint that you can configure in applications
tunnel_only
I think this is the new warp connector stuff that can replace cloudflared
The instance only has an IPv6, and to work with Discord it needs IPv4. The current mode is warp. Is this the best mode for what I am doing?
So the only thing that really matters if you're using a mode that is using the wireguard vpn, warp should be fine, rest won't change anything that matters to you
Chaika
Chaika7mo ago
some docs here: https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-modes/
Cloudflare Docs
WARP modes · Cloudflare Zero Trust docs
You can deploy the WARP client in different modes to control the types of traffic sent to Cloudflare Gateway. The WARP mode determines which Zero …
Bot Mhann
Bot MhannOP7mo ago
Thanks @Chaika ! As a follow up @Chaika can I have warp only process requests sent to a specific site https://discord.com/api/ I didn't see an include mode option in warp-cli. If this is not possible, can I exclude a specific application from using warp (in Ubuntu)? Not sure if that last part is more of an Ubuntu question. Thanks!
Chaika
Chaika7mo ago
Well it would have to be on the entire hostname for that, for example all discord.com traffic, not just discord.com/api/. If you were using warp-cli logged into your Zero Trust Team it should all be configured from the dashboard. If you're using standalone, then apparently there is commands like warp-cli add-excluded-route 172.24.0.0/16 warp-cli add-included-route 172.24.0.0/16 Might be hidden or something? Not sure as of I don't use warp-cli on linux, I know it is different then normal warp though
Bot Mhann
Bot MhannOP7mo ago
Thanks! Chaika, I'll check that out!
Want results from more Discord servers?
Add your server