1. Symptoms that mean split routing, not “Blizzard is down”
Frustrated players open Downdetector or regional forums first. Clash users should listen for a sharper silhouette: the Battle.net window paints chrome and news tiles, yet authenticating to a Blizzard account never completes, the credential panel spins, or a previously valid session cannot refresh. At the same time, ordinary HTTPS in Edge or Chrome might still show battle.net without drama. That asymmetry is the hallmark of partial routing—only some of Blizzard’s many hostnames reach the same internet path your rules intend.
Update-shaped pain is just as specific. A progress bar that never leaves initializing, patch downloads that sit at zero percent, or a background Battle.net self-update that cannot finish all track with the same class of bug. Sometimes bytes do move, but slowly enough that the UI times out. Before you attribute that to peering, check whether a sibling hostname in the same minute shows PROXY while your chunk host shows DIRECT in the Mihomo connection table. Coherence beats raw megabits per second when TLS session continuity and manifest parsing are in play.
Finally, a blunt “turn everything through one node” test can be informative but noisy. If global proxy makes the symptom vanish, you have strong evidence that a narrow rule, keyword catch, or DNS mismatch—not Blizzard’s data center—was the culprit. Your goal is to reproduce that success with a maintained Clash split that does not send unrelated home traffic through an overseas exit. If editing YAML is still unfamiliar, read our subscription import tutorial so you can append custom rules without invalidating the whole profile.
2. A Windows-first checklist before you cycle nodes
Exchanging server regions feels decisive, yet it wastes time when Battle.net.exe never hit Clash in the first place. Run through this sequence on Windows, keeping your client’s live connection view open the entire time.
- Decide whether you rely on system proxy or TUN mode, then confirm the Battle.net process and any helper you see in Task Manager actually inherit the intended path. Some game stacks ignore manual proxy for subprocesses; evidence belongs in the log, not in assumptions.
- Reproduce the login spinner or stuck update once, then read the policy column per remote hostname. Stray
DIRECTrows that sit next to Blizzard peers are the most common single bug in community configs. - Audit DNS: whether upstreams resolve consistently, what
fake-ipis doing, and whether school or office resolvers special-case Blizzard CDN names. - Expand split rules to include storefront, license, and download edges you can actually see in the capture, not just
battle.neton paper. - After routing is coherent, pick stable exit nodes for interactive login and avoid aggressive per-request failover that breaks long-lived sessions.
For port collisions, failed starts, and corrupted caches, also keep the general Clash troubleshooting guide nearby. The sections below cover desktop Battle.net fan-out, where a missing suffix mimics a platform outage.
3. Why Battle.net breaks when only the apex is proxied
Blizzard’s ecosystem deliberately isolates product surfaces, entitlement checks, and payload delivery. The Battle.net client wraps embedded views, JSON-driven status calls, and background maintenance channels. Blizzard may serve small HTTPS API calls from one label family while large installers or differential patches land on Blizzard CDN or partner edges with different certificate subjects. A profile that only proxies a memorable apex while a subscription rule file sends “lookalike CDN” names to DIRECT can strand half of the app without obvious errors—because the failure is policy incoherence, not packet loss on one hop.
Login and token refresh are especially sensitive. OAuth-style flows and cookie jars expect a stable view of geography and SNI. If your rules split the web view to one exit and the refresh channel to another, you can get endless spinners with no friendly HTTP error string. Battle.net Windows also updates itself: new builds may add hostnames. “It worked last patch Tuesday” is not proof that the network is fine; it may simply mean the old YAML is incomplete for today’s build.
Game installs add another wrinkle. Some titles use dedicated download managers or P2P-adjacent pieces that the base launcher spawns. If those executables have different effective proxy awareness than the main UI, the symptom looks like a title-specific update failure even when the real bug is a helper bypass. Always separate “which EXE is actually connecting” from “what I think my blanket rule covers.”
Regional and licensing signals matter too. A mixed profile that Clash routes to different jurisdictions can produce contradictory Blizzard catalog responses: the account thinks it is in one place while the CDN thinks another. If you use geo splits for other apps, be explicit that game launchers are not a safe place to leave ambiguous keyword rules. Prefer suffix lists you can defend from logs.
Finally, remember that the word “CDN” is not a single hostname. Blizzard CDN in practice may span multiple providers and regional mirrors over time. Treat any static blog list as a starting hypothesis, not a contract, and re-collect after major holidays when traffic patterns shift and CDNs re-balance.
4. System proxy versus TUN for Battle.net on Windows
System proxy is the lighter option when the OS stack and the launcher both honor the same table and nothing on the host fights the setting. The familiar failure is browser-like: the first HTTPS request works, a secondary process ignores the proxy, and embedded content loads partially while authentication loops.
TUN mode deepens capture so fewer executables can silently skip Clash. The trade is operational: virtual adapters, UAC prompts, and occasional conflict with other VPN-class products. If you have already read our TUN mode guide, re-run the experiment while filtering the connection log for Battle and Blizzard substrings. TUN is not mandatory for every household; it is the correct lever when evidence shows a stubborn helper that bypasses the Windows proxy key despite correct YAML.
Regardless of mode, confirm the GUI is applying the same profile you edited. Parallel configs create phantom “Clash regressed” stories that are actually a mis-selected snapshot file.
5. DNS, fake-ip, and resolver conflicts for Blizzard
Clash’s fake-ip mode returns synthetic answers quickly, but it marries the resolver to rule evaluation. When your upstream DNS and the rule engine interpret a Battle.net label differently, you can see repeated TLS handshakes, half-rendered store views, and account panels that never leave loading.
Mitigation is two-pronged. First, make sure upstreams you configured are reachable on the same policy path you use for day-to-day browsing, and that intermittent failures are not stranding international Blizzard names. Second, where documentation for your specific Mihomo-compatible core allows, consider targeted nameserver-policy style tuning for suffixes you see repeatedly. Always verify key names and semantics against the manual bundled with your build—stale community snippets are a frequent source of self-inflicted update failure stories.
Split-horizon environments deserve extra caution. If the corporate resolver rewrites a public Blizzard CDN name to a middlebox while Clash forces a public resolver, you may fetch two different answers for the same string. The symptom is “randomly broken Battle.net” until you line up resolver choice with the rule set.
6. How to collect Blizzard hostnames you can defend in a support ticket
Static posts decay. Build a new inventory any time the client updates, your subscription reorders geo rules, or a seasonal event changes traffic mix.
On Windows, open your Mihomo-powered client’s live connection list and reproduce the login spinner or the stuck update. When available, group by process name: Battle.net.exe, Agent.exe, and any child you recognize from Task Manager. Copy every remote hostname in the window of failure, including short bursts you might otherwise dismiss.
Cross-check with Resource Monitor. If a process shows sustained remote endpoints there but the same labels never reach Clash, you still have a visibility or bypass problem, not a missing suffix guess. For browser-only comparisons, log in to account.battle.net in a clean profile if you need a second signal—but prefer launcher-native evidence when the bug is in the app.
When you hand your notes to a forum or a friend, include the date and the client build. You will be grateful for that line when a Blizzard CDN cutover invalidates a clever YAML you wrote months earlier.
7. Domain buckets from account shell to Blizzard CDN
Group hosts for readability, then treat the table as a hypothesis, not a permanent contract. Verify every suffix with your own capture before you paste it into a production file.
| Bucket | Common patterns | Routing note |
|---|---|---|
| Blizzard account and product web | blizzard.com, account.battle.net, region storefront and news hosts your log shows | Auth loops when this plane disagrees with launcher APIs. |
| Battle.net app services | battle.net and subdomains used for client status, entitlements, and social surfaces | Often under-covered when users only add one apex line. |
| Agent and update plane | Subdomains or hosts tied to the Battle.net “agent” service that manages updates (names vary by build) | Update failure and stuck maintenance when split from other buckets. |
| Blizzard CDN and large objects | Versioned static paths, game archives, and edges your capture labels as high throughput | May be candidates for a dedicated PROXY or DIRECT plan; if you choose, document the rationale. |
| Title-specific fetches | Per-game download endpoints beyond the base launcher, including repair tools | Do not assume one suffix covers every Blizzard title you own. |
If you see a third-party CDN brand in a certificate, resist generic keyword rules for that vendor class unless logs prove the pattern is both required and low-risk. Over-broad keyword lines steer unrelated sites through the wrong policy group. Prefer explicit suffixes from your list, then widen slowly.
8. Example rules: coverage and clean ordering
The fragments below show steering to a group named PROXY. Replace that name with the label your profile really uses, and place these lines before large subscription bundles that return DIRECT for “domestic” CDNs that Blizzard may still use.
# Example only — replace PROXY; verify every suffix in your own Mihomo log
rules:
- DOMAIN-SUFFIX,battle.net,PROXY
- DOMAIN-SUFFIX,blizzard.com,PROXYAdd more DOMAIN or DOMAIN-SUFFIX lines for any extra hosts your own log shows; avoid inventing TLDs you have not seen in captures.
After baseline coverage, add DOMAIN-SUFFIX or DOMAIN lines for one-off hostnames you captured during failed logins or fat downloads. Reserve DOMAIN-KEYWORD for patterns you cannot safely enumerate, because substring matches are powerful and easy to overfit. If a regional China-specific Battle.net host appears in your environment, treat it as its own line rather than smuggling a guess into a broad keyword that might steer unrelated traffic.
When a subscription injects aggressive geo Clash split files, keep a user section with precedence you control. Duplicate the critical Blizzard rows there if provider merges would otherwise clobber you during each refresh.
9. When to split chunk traffic from the login shell
Some networks want small interactive HTTPS on a privacy-conscious node while large patch pulls favor a different hop or a domestic edge. That can work, but only as a conscious carve-out, not as an accident from stale DIRECT rules. When experimenting, clone groups—such as PROXY_LOGIN and PROXY_CDN—and document why each exists.
Aggressive auto-switching on long flows can still starve handshakes if the same pool backs both. If only login misbehaves while a multi-gig patch races along, re-open the log: you very likely have a Blizzard account hostname still on the wrong row.
Disk, antivirus, and on-access scanning deserve a real mention. A nearly full system drive or a scanner that pins temporary EXE files during write can mimic a network stall at 0%. If Resource Monitor shows healthy disk work while the UI claims no progress, investigate storage before you rewrite DNS again.
10. Node strategy: stable sessions beat vanity ping
Battle.net and Blizzard account flows are not synthetic speed tests. A node that shows excellent RTT but disconnects every few minutes is poisonous for long TLS sessions. Pin interactive work to providers that hold steady, reduce flappy per-request failover on auth-related destinations, and avoid stacking two tunnel products that re-encapsulate the same 443 stream.
If you are comparing transports under loss, read Shadowsocks vs Trojan vs Hysteria2 for a protocol-level view. The point is to align transport behavior with your actual packet loss profile, not to chase leaderboard metrics unrelated to Battle.net’s handshakes.
UDP is not the headline for basic launcher duties the way it is for some voice stacks, but certain titles may add realtime-adjacent checks when you are already in-game. If you later see new UDP rows, revisit the same pattern: read the policy column, decide whether TUN is capturing the socket class you think it is, and document outcomes instead of pasting global UDP DIRECT shortcuts without evidence.
11. GUI workflow: the connection log is authoritative
Desktop clients like Clash Verge Rev show live tables alongside DNS and rule panes. When Battle.net misfires, filter for blizz, battle, and process names you trust, then read the policy column. Anything critical that shows DIRECT while siblings show PROXY is your next edit—not the server city.
If the first-run experience is still opaque, use the Clash Verge Rev setup guide to confirm local ports, subscription loading, and profile selection before you chase Blizzard ghosts. When you ask others for help, post hostname and policy pairs with redactions for secrets—ping charts without domains rarely resolve disputes.
12. How this differs from Steam, Epic, and Rockstar guides
Our Steam CDN article is tuned to Valve’s depot, Workshop, and store graph. Epic’s guide covers online services and Unreal-touched hostnames, while Rockstar’s split tracks Social Club and platform download edges. All share the same Clash split philosophy—Blizzard simply publishes a different Battle.net and Blizzard CDN map you must re-verify against your own traces.
Enterprise security stacks can still break Battle.net with TLS inspection even when a home profile is “perfect.” If only Blizzard domains fail while unrelated HTTPS is fine, escalate with connection logs, not with another random rule paste.
13. Overlays, antivirus, and split VPN layers
Third-party “game optimizers” and HTTPS-inspecting security suites can reorder traffic in ways your proxy never sees. Pause them briefly in a controlled test. Two competing VPN products on one machine is a common recipe for routes that look like software bugs. If you also run WSL2 for Linux tooling, keep in mind that Linux-side curl tests do not prove what Battle.net.exe is doing in Win32 space.
14. Open source, docs, and install hygiene
If you want to read upstream code, file issues, or follow protocol discussions, the community documentation pages linked from the main site are the right long-form references. For obtaining maintained desktop clients with Mihomo features, follow this site’s download flow; treat GitHub releases as a transparency and engineering channel, not the primary user-facing install story—consistent with our broader guidance on Battle.net and general Clash use.
15. Close with evidence, not superstition
Login spinner and update failure on Battle.net Windows are maddening because the client still looks official even when the path is split. Use every frozen bar as a prompt: open the log, read policy rows for each remote name, and reconcile DNS with the hostnames the launcher really dialed. Coherent Blizzard and Blizzard CDN coverage is the mechanical layer; a stable Battle.net proxy plan is the polish once the graph is honest.
Against blind global toggles, a modern Mihomo-integrated Clash client keeps evidence on screen and tames the YAML changes that Blizzard quietly requires after each client refresh. → Download Clash for free and experience the difference