Question: iOS11 VPN Routing
I have seen a few articles or posts detailing the different VPN types, how and why they are used, and the options that are available. But nothing really pertaining to my specific question and I am having trouble finding any documentation on this specific matter.
In short, regardless of the VPN application or manual configuration I have configured, it appears some Apple related traffic and DNS queries are split-tunneling my active VPN session established. I am curious to why?
- I have tested a wide range of third party VPN apps in my testing: IPA, Hotspot Shield, Betternet, TunnelBear, Checkpoint the list can go on...
- I have also setup my own test VPN servers to test: IKEv2, IPsec, and L2TP
- Regardless of the method, and regardless of the "Send All Traffic" option you have the ability to configure for certain VPN types, DNS quires and Apple specific traffic ignores the current established tunnel.
- From the below knowledge base article: it appears the primary traffic is both
- TCP\5223 - Apples Push Notification Services
- UDP\16384–16387 - RTP - Real-Time Transport Protocol (RTP) - which is used in facetime/gamecenter
TCP and UDP ports used by Apple software products - Apple Support
In short... has anyone else seen this? And why is this the default behavior?