Frequent IP changes with WARP+

It’s a fixed LTE cellular connection (AT&T Wireless Home Internet), and usually very stable. I disconnected and reconnected WARP, and am still bouncing between those same two IP’s, usually every minute or less.

AFAIN, this problem only happens with WARP+ UNLIMITED subscriptions. Probably a bug introduced a few weeks ago. I worked around this problem by switching to WARP FREE.

This problem caused quite a bit of trouble for my daily use of WARP+, such as being flagged as an insecure account due to frequent IP changes.

Although switching to WARP FREE temporarily solved the problem, I’m still a WARP+ UNLIMITED subscriber and hope this problem will be fixed soon.

1 Like

I was hoping that would be the answer, but I’m still looking for the solution. I tried WARP free, WARP+ Unlimited, and Zero Trust Gateway with WARP. They all have me bouncing back and forth with those same IP Addresses. I’ll put in a ticket and update when I get an answer.

Actually there is another bug.

When you get an IP in 104.16.0.0/12, even if you’re 100% sure you’re using WARP FREE, the https://cloudflare.com/cdn-cgi/trace will still output warp=plus.

This means that the problem will only be solved if you get an IP in 8.x.x.x.

I think you’re exactly right on that one. I used to always get 8.x.x.x IP’s, and never had a problem. Once my traffic was moved to the 104.16.0.0/12 block, this issue started. Thanks, aofei! I’ll add that to the support ticket, and will hopefully get a resolution.

A few days after I started this topic, someone else posted about similar issues, which helped me notice that IPv6 over WARP also no longer works for me.

I also did some more testing using reloads of /cdn-cgi/trace while connected using a Zero Trust account in the WARP client. Oddly, the output only shows warp=plus when using http/2. A few reloads later, I’m using http/3 and the output shows warp=off, with the same Cloudflare client IP address. I pasted the results of 3 reloads within 1 minute below.

I haven’t gotten a response to my ticket yet (#2466275), but I can see that it’s being updated in the background (the priority was lowered), and it looks like it was assigned to @cloonan.

The outputs from /cdn-cgi/trace below all happened within 1 minute. The items that keep changing between reloads are shown in bold:

Friday, June 3, 2022 10:23:46 PM GMT-05:00 DST

fl=15f203
h=3.fo
ip=104.28.234.77
ts=1654313026.687
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36
colo=DFW
http=http/2
loc=US
tls=TLSv1.3
sni=plaintext
warp=plus
gateway=off

Friday, June 3, 2022 10:24:09 PM GMT-05:00 DST

fl=15f203
h=3.fo
ip=104.28.234.77
ts=1654313049.256
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36
colo=DFW
http=http/3
loc=US
tls=TLSv1.3
sni=plaintext
warp=off
gateway=off

Friday, June 3, 2022 10:24:45 PM GMT-05:00 DST

fl=15f203
h=3.fo
ip=104.28.202.77
ts=1654313085.988
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36
colo=DFW
http=http/3
loc=US
tls=TLSv1.3
sni=plaintext
warp=off
gateway=off

Hi @user1291, I also have this issue, I’m still looking for the solution.

This issue only appears when use WARP+(Outbound IP is 104.x.x.x), the WARP free plan(Outbound IP is 8.x.x.x) is OK.

I’ve been affected by this issue when using Free, WARP+ Unlimited, and Gateway with Zero Trust.

I got a response to my ticket yesterday. It has been escalated to Engineering.

I’ll keep updating this topic as I get more information.

Any updates?

Things are moving forward. The tech support guy assigned to my ticket asked for logs from my WARP client, which I sent over the weekend, and he acknowledged receipt yesterday. My ticket is back with the Engineering Team, so it sounds like they’re interested in finding a resolution.

Thanks for the update. This seems to be a good trend.

Just a quick update to say there’s been no update on this bug or my ticket. The last contact with me was 11 days ago, and the ticket hasn’t been updated since. But it’s still open, and I’ll update this thread when I get a response.

Very sad to know that they didn’t take this bug seriously enough. Not even anyone from Cloudflare has replied in this thread. :frowning_face:

I just don’t understand. Isn’t this a critical bug? I mean, it almost made WARP unusable. In the worst case, every time a TCP connection is established will cause the IP to change once. Don’t the people at Cloudflare actually use WARP? Or are they using a special internal version?

Thanks for the update. Hopefully it will catch Cloudflare’s attention.

Hi @user1291,

Sorry to bother you, is there any update to your ticket? I just tested it again and the bug is still there.

It’s been almost three months since the bug was introduced. I’ve lost my patience. I just cancelled my WARP+ subscription and moved to Mullvad.net which is also $5/m (€1 ≈ $1 right now) but offers a more reliable service. Don’t get me wrong, WARP is still a great product and I’d love to back to it. But it seems that the WARP team isn’t very concerned about this product, which is very disappointing. :pensive:

Not a bother at all. There’s been no update, so I updated the ticket asking for status. I’m hoping I’ll hear back with some information fairly soon.

It is a bit frustrating. I have several clients evaluating Cloudflare Zero Trust and other solutions right now, and they’re holding off on a purchase decision because they’re concerned about issues in the WARP client. We’ll see what happens.

Hey user1291,

Saw your comment on my post a while ago about you creating a separate topic here.

IPv6 doesn’t work for me at all either, and here’s some data I collected below:

(Fixed Wireless connection on 5G, same issues even with a different ISP)
(On Zero Trust with Proxy, TLS decryption and AV inspection disabled)

fl=14f296
h=xenyth.net
ip=104.28.203.116
ts=1657984872.705
visit_scheme=http
uag=Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.5 Safari/605.1.15
colo=ORD
http=http/1.1
loc=US
tls=off
sni=off
warp=plus
gateway=off
fl=14f209
h=ishmeet.net
ip=104.28.235.115
ts=1657982747.052
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36
colo=ORD
http=http/2
loc=US
tls=TLSv1.3
sni=plaintext
warp=plus
gateway=off
fl=14f209
h=whatismyipaddress.com
ip=75.244.122.29
ts=1657982803.425
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36
colo=ORD
http=http/3
loc=US
tls=TLSv1.3
sni=plaintext
warp=plus
gateway=off

In short, HTTP/1.1 and HTTP/2 connections obfuscate my real IP address to websites proxied by Cloudflare, but the Cloudflare IP address I’m assigned constantly randomly switches between 104.28.235.115 and 104.28.235.116 (assuming @aofei is right about IP changes every time a TCP session gets established) …HTTP/3 connections on the other hand, don’t obfuscate my real IP address and actually still continue to show warp=plus and gateway=off.
See below.

fl=14f209
h=whatismyipaddress.com
ip=75.244.122.29
ts=1657982803.425
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36
colo=ORD
http=http/3
loc=US
tls=TLSv1.3
sni=plaintext
warp=plus
gateway=off

And yup, this has apparently been happening since I created my post.
Also, any updates to your ticket? Let us know!

Version 2022.7.174.0 - Windows 11 - Firefox 102.0.1

I have the same problem. Every 5 seconds the IP changes. I find this very annoying.

fl=17f283
h=cloudflare.com
ip=2405:b500:1a60:48::11:11b
ts=1658863517.549
visit_scheme=https
uag=Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0
colo=MIA
http=http/2
loc=CO
tls=TLSv1.3
sni=plaintext
warp=on
gateway=off