# general-discussions
- l
Leo
05/27/2023, 7:59 PMThat depends on your code, you have full freedom - d
DvidPi
05/27/2023, 8:46 PMIs it possible to use a public host name in zero trust to route a UDP host? - d
DvidPi
05/27/2023, 8:46 PMI have a service on 19132 over UDP and I would like to route it to my domain - e
Erisa | Support Engineer
05/27/2023, 8:47 PM?tunnel-tcp - h
Helpflare
05/27/2023, 8:47 PMCloudflare Tunnels use Cloudflare's proxy, which only supports proxying HTTP Traffic. If you want to use non-http applications over your tunnel, Cloudflare has a few other options: For a few specific protocols such as SSH, RDP, and SMB, Cloudflare has guides on how to set them up with Tunnels and Cloudflare Access: For Arbitrary TCP like Minecraft, MySQL, and any other application, Cloudflare has a guide on how to get it working with `cloudflared`: Please note for all of these except SSH and VNC which can be browser-rendered, you will either need to use
(Cloudflare's tunnel daemon) on the client machine running in the background or Private Networking with WARP, and have WARP installed on the client machine logged into your Zero Trust Team.cloudflared - e
Erisa | Support Engineer
05/27/2023, 8:47 PMthis but for udp instead (its the same) - d
DvidPi
05/27/2023, 8:47 PMThanks! - d
DvidPi
05/27/2023, 8:48 PMWait, so just swap tcp:// with udp:// ? - e
Erisa | Support Engineer
05/27/2023, 8:49 PMErr - e
Erisa | Support Engineer
05/27/2023, 8:49 PMHang on actually - e
Erisa | Support Engineer
05/27/2023, 8:50 PMAh okay sorry I was wrong, only Private Networking (clients have to connect using the WARP client) supports UDP - e
Erisa | Support Engineer
05/27/2023, 8:50 PMGetting ahead of myself, thought that plain ZT would support it by now - d
DvidPi
05/27/2023, 8:50 PMSo everyone that would want to join would have to use WARP? - e
Erisa | Support Engineer
05/27/2023, 8:50 PM - d
dave
05/27/2023, 8:51 PMoh wow, is WAF rate limiting per CF Worker not even in the enterprise plan by default lol? - d
DvidPi
05/27/2023, 8:51 PMAlright then.. I'll run java through zero trust and bedrock with an SRV record then... Don't want to put players through this hassle. - e
Erisa | Support Engineer
05/27/2023, 8:54 PMHmm do you mean like RL based on
header?cf-worker - d
dave
05/27/2023, 8:54 PMyeah - e
Erisa | Support Engineer
05/27/2023, 8:54 PMYou'd need Advanced Rate Limiting - d
dave
05/27/2023, 8:55 PMoh dang lol - e
Erisa | Support Engineer
05/27/2023, 8:55 PMwhich can vary counting based on headers - c
Chaika
05/27/2023, 8:55 PMshould I update that tag to include something about arbitrary udp? Might be a good idea - d
dave
05/27/2023, 8:55 PMthanks! - e
Erisa | Support Engineer
05/27/2023, 8:55 PMyes please - e
Erisa | Support Engineer
05/27/2023, 8:55 PMor make a tag ?tunnel-udp - c
Chaika
05/27/2023, 8:55 PMthere's a table here with all of the various features and plan levels: https://developers.cloudflare.com/waf/rate-limiting-rules/ - d
dave
05/27/2023, 8:56 PMAre my own Workers impacted by our own WAF? - e
Erisa | Support Engineer
05/27/2023, 8:57 PMmost likely, unless you add logic to exclude them - d
dave
05/27/2023, 8:57 PMCopy codecf.worker.upstream_zone in {"aimoda.workers.dev" "ai.moda"}