Did more digging an this and looks like its dependent on order of PluginBundleIds array Sys logs when tunnel2 is launched. {"msg":"computing freshAuthorizationContext", "Client":"icom.testapp.testapp:", "ClientDictionary":"{\n BundleId = \"com.testapp.testapp\";\n BundlePath = \"\/private\/var\/containers\/Bundle\/Application\/777F64D2-D076-4B63-9AAD-A8DDA3C20A4E\/testapp.app\";\n Executable = \"\/private\/var\/containers\/Bundle\/Application\/777F64D2-D076-4B63-9AAD-A8DDA3C20A4E\/testapp.app\/testapp\";\n ExistsInLSDatabase = 1;\n InUseLevel = 5;\n PluginBundleIds = (\n \"com.testapp.testapp.cfcp\",\n \"com.testapp.testapp.cfdp\",\n \"com.testapp.testapp.tunnel2\",\n \"com.testapp.testapp.tunnel1\"\n );\n SuppressShowingInSettings = 1;\n}", "BigSwitch":1, "InUseLevel":{"type":"decode failure","raw value":5,"expected type":"Generic"}} com.apple.networkextension default 11145 2024-08-08 14:54:18.995142 -0700 neagent Looking for an extension with identifier com.testapp.testapp.tunnel2 and extension point com.apple.networkextension.packet-tunnel Sys logs when tunnel1 is launched com.apple.locationd.Core default 75 2024-08-08 15:03:57.357930 -0700 locationd {"msg":"computing freshAuthorizationContext", "Client":"icom.testapp.testapp:", "ClientDictionary":"{\n BundleId = \"com.testapp.testapp\";\n BundlePath = \"\/private\/var\/containers\/Bundle\/Application\/93129BC4-3C01-41DE-B51D-A55B2831988D\/testapp.app\";\n Executable = \"\/private\/var\/containers\/Bundle\/Application\/93129BC4-3C01-41DE-B51D-A55B2831988D\/testapp.app\/testapp\";\n ExistsInLSDatabase = 1;\n InUseLevel = 5;\n PluginBundleIds = (\n \"com.testapp.testapp.cfdp\",\n \"com.testapp.testapp.cfcp\",\n \"com.testapp.testapp.tunnel1\",\n \"com.testapp.testapp.tunnel2\"\n );\n SuppressShowingInSettings = 1;\n}", "BigSwitch":1, "InUseLevel":{"type":"decode failure","raw value":5,"expected type":"Generic"}} com.apple.networkextension default 11145 2024-08-08 15:04:11.909990 -0700 neagent Looking for an extension with identifier com.testapp.testapp.tunnel1 and extension point com.apple.networkextension.packet-tunnel Question now is , how can I ensure that tunnel1 is first items in the plugins folder of my ipa file? Any recommendation from your side?

Honestly, I’m a little surprised it’s seemingly random, but I can see how that might come about. What are your expectations from iOS implementation? Can you please explain OS preference behaviour? Further testing concluded that Tunnel2(newly created target) launch frequency is higher(7 out of 10) than Tunnel(old target). Any specific change we can make at target build settings to prefer Tunnel1 ?

Hi Quinn Looks like something is changed on iOS 17. Memory limit for Packet tunnel seems to be back to 15 Mb. Please see below logs where network extension is terminating at 12 Mb.Can you please check on your end if its a regression or new kind of restriction? com.apple.MemoryMonitor default 30 2023-11-05 22:27:13.606499 -0800 UserEventAgent kernel jetsam snapshot note received com.apple.xpc default 13177 2023-11-05 22:27:13.606503 -0800 com.apple.WebKit.Networking [0xc46648d20] activating connection: mach=true listener=false peer=false name=com.apple.trustd com.apple.xpc default 134 2023-11-05 22:27:13.606630 -0800 trustd [0xc7ca4bdc0] activating connection: mach=false listener=false peer=true name=com.apple.trustd.peer.0xc7ca4bdc0 com.apple.securityd default 134 2023-11-05 22:27:13.607994 -0800 trustd Leaf has invalid basic constraints com.apple.xpc default 13129 2023-11-05 22:27:13.609266 -0800 neagent [0xdcaa07ee0] invalidated on xpc_connection_cancel() default 2023-11-05 22:27:13.609347 -0800 kernel memorystatus: Looking for highwatermark kills. default 2023-11-05 22:27:13.609488 -0800 kernel memorystatus: Looking for highwatermark kills. com.apple.securityd default 134 2023-11-05 22:27:13.609518 -0800 trustd ocsp responder: (null) did not include status of requested cert com.apple.networkextension default 13130 2023-11-05 22:27:13.610271 -0800 tunnel [Extension com.test.test.tunnel]: Calling stopTunnelWithReason because: Stop command received default 2023-11-05 22:27:13.599524 -0800 kernel memorystatus: Looking for highwatermark kills. default 2023-11-05 22:27:13.599989 -0800 kernel memorystatus: killing process 13106 [nesessionmanager] in high band ? (140) - memorystatus_available_pages: 54696 default 2023-11-05 22:27:13.604593 -0800 kernel 233725.356 memorystatus: killing_highwater_process pid 13106 [nesessionmanager] (highwater 140) 12929KB - memorystatus_available_pages: 56673 compressor_size:126801 default 2023-11-05 22:27:13.609347 -0800 kernel memorystatus: Looking for highwatermark kills. default 2023-11-05 22:27:13.609488 -0800 kernel memorystatus: Looking for highwatermark kills. default 2023-11-05 22:27:13.758230 -0800 kernel nehelper[13175] Corpse allowed 1 of 5 default 2023-11-05 22:27:13.604593 -0800 kernel 233725.356 memorystatus: killing_highwater_process pid 13106 [nesessionmanager] (highwater 140) 12929KB - memorystatus_available_pages: 56673 compressor_size:126801 pid/13106 [nesessionmanage] default 1 2023-11-05 22:27:13.605747 -0800 launchd shutting down pid/13106 [nesessionmanage] default 1 2023-11-05 22:27:13.605778 -0800 launchd cleaning up user/501/com.apple.nesessionmanager [13106] default 1 2023-11-05 22:27:13.606004 -0800 launchd exited with exit reason (namespace: 1 code: 0x2) - JETSAM_REASON_MEMORY_HIGHWATER user/501/com.apple.nesessionmanager [13106] default 1 2023-11-05 22:27:13.606009 -0800 launchd process exited in a dirty state user/501/com.apple.nesessionmanager [13106] default 1 2023-11-05 22:27:13.606017 -0800 launchd service state: exited user/501/com.apple.nesessionmanager [13106] default 1 2023-11-05 22:27:13.606081 -0800 launchd internal event: EXITED, code = 0

Its iOS and will be distributed through iOS App Store