Cloudflare Docs
Magic WAN
Edit this page on GitHub
Set theme to dark (⇧+D)


Review the definitions for terms used across Cloudflare’s Magic WAN documentation.

anycastAnycast is a network addressing and routing method in which incoming requests can be routed to a variety of different locations. Anycast typically routes incoming traffic to the nearest data center with the capacity to process the request efficiently.
autonomous system numbers (ASNs)A large network or group of networks that has a unified routing policy. Every computer or device that connects to the Internet is connected to an autonomous system.
data packetA data packet is a unit of data consisting of user and control information. Information in a network is broken down into packets, that might follow different paths to their final destination.
equal-cost multi-path routingA technique that uses hashes calculated from packet data to determine the route chosen.
GRE tunnelStands for generic routing encapsulation. It is a protocol wrapping one data packet within another type of data packet. This is useful for enabling protocols that are not normally supported by a network.
ICMPInternet Control Message Protocol (ICMP) is used by network devices to send error messages and other operational information. ICMP is useful for diagnostic purposes, for example.
Internet key exchange (IKE)The protocol Cloudflare uses to create the IPsec tunnel between Magic WAN and the customer’s device.
IPsec tunnelStands for Internet Protocol secure. It is a group of protocols for securing connections between devices, by encrypting IP packets.
maximum segment size (MSS)MSS limits the size of packets, or small chunks of data, that travel across a network, such as the Internet.
on-rampRefers to a way of connecting a business network to Cloudflare. Examples of on-ramps, or ways to connect to Cloudflare, are Anycast GRE tunnels, Anycast IPsec tunnels, Cloudflare Network Interconnect (CNI), Cloudflare Tunnel, and WARP.
policy-based routingPolicy-based routing (PBR) is a technique used to make routing decisions based on policies set by your administrador.

A number that identifies the network portion of an IP address. It tells devices if an IP address is on the same network or not. It is shown as a number after a slash (for example, /31) at the end of the IP address.

Using an analogy, the prefix is like a street address. If an IP is in the same street, it belongs to the same network of devices.

static routeA fixed configuration to route traffic through Anycast tunnels from Cloudflare global network to the customer’s locations.
subnetAlso known as subnetwork. It refers to a network that is part of another network.
time-to-live (TTL)The duration for which a cached copy of a resource is considered valid before it needs to be refreshed or revalidated.
traffic steeringCloudflare evaluates your route’s health and steers traffic according to priorities defined by you and / or tunnel health.
tunnel health-checkA probe sent by Cloudflare to check for tunnel health. If a tunnel is not considered healthy, Cloudflare reroutes traffic to one that is considered healthy.
WANStands for Wide Area Network. It refers to a computer network that connects groups of computers over large distances. WANs are often used by businesses to connect their office networks. The objective is to make each of the local area networks (LANs) be remotely connected and accessible.