Cloudflare, with its Autonomous System Number (ASN) 13335, serves as a key third-party partner for Apple’s iCloud Private Relay feature. iCloud Private Relay is designed to enhance user privacy by routing internet traffic in Safari through two separate relays: the first one operated by Apple and the second by a third party like Cloudflare. The service uses encryption and modern transport mechanisms to relay internet traffic. Initially, the user’s original IP address is only visible to the access network (such as your home ISP or the coffee shop you’re in) and the first Apple-operated relay. However, the server or website name remains encrypted and invisible to these parties. The first relay then hands off the encrypted data to the second relay, in this case, Cloudflare. Cloudflare’s role is unique in that it can only see that it’s receiving traffic from a Private Relay user without knowing the specifics of who or their client IP address.
Cloudflare’s infrastructure is well-suited for this role due to its extensive, fast global network that ensures quick and reliable traffic routing irrespective of user location. Moreover, Cloudflare was a primary partner in Apple’s effort to standardize a potentially game-changing element of Private Relay: its in-browser use of Oblivious DNS-over-HTTPS (ODoH). An ASN like 13335 serves as a unique identifier for Cloudflare’s autonomous system on the internet, which is a collection of connected Internet Protocol (IP) routing prefixes controlled by Cloudflare. This ASN is directly related to iCloud Private Relay through Cloudflare’s role as the second relay in the system, contributing to DDoS mitigation, Internet security services, and distributed domain name server services.