You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In addition to scenarios described, VPNs can use DNS for making routing decisions. So there is a scenario where VPNs need to introspect DNS traffic on both the public and private interfaces in order to make a routing decisions of that traffic. It is unclear how that capability will continue to function. (split include / split exclude based on domains) - also known as dynamic split tunneling.
The text was updated successfully, but these errors were encountered:
Yes I can see that dynamic split tunneling could be a problem if DNS is encrypted, unless the relevant code is running on the endpoint and has the ability to see the DNS queries before they are encrypted. But I'll close the case for now as draft -01 is simplified and doesn't now consider VPNs.
In addition to scenarios described, VPNs can use DNS for making routing decisions. So there is a scenario where VPNs need to introspect DNS traffic on both the public and private interfaces in order to make a routing decisions of that traffic. It is unclear how that capability will continue to function. (split include / split exclude based on domains) - also known as dynamic split tunneling.
The text was updated successfully, but these errors were encountered: