For those who run into this issue - Apple standard command line tool
dsconfigad
and option -restrictDDNS allow to control interfaces used for DDNS.
No other alternatives, as far as I could find.
Post
Replies
Boosts
Views
Activity
"Me too". The real question is what's expected behavior if host app is never launched. Let's say it's pushed by MDM with VPN config and extension doesn't really need the hosting app - it's all pre-configured by MDM and started by iOS as VPN on demand. Is MetricKit expected to function in such scenario? Is it going to start the host app in background once per day?
Matt,
Feedback ID FB8883832
Matt,
We are concerned with potential interoperability issues when there are multiple NEDNSProxyProvider from different vendors running on the same macOS system. From the way it's described I'd conclude that potentially they cannot co-exist. Is that so?
Regarding NETransparentProxyProvider - thank you for clarifying, this is good to know!
Regards,
Andrey
Ok, FB9000160.
Nice!
Same thing on Big Sur - "preparing" has it, "ready" and after no more.
It also works in path_changed_handler block - kind of makes sense, I can stash it away there.
In my case this is a UDP connection, so this can be done without actually sending any packets.
Thank you, Quinn!
Still spotty though, in case of a route pointing at VPN interface doesn't ever return anything. I'd expect it to work like
route -n get IP
So gateway output points at your next hop.
Having exactly same issue - cannot install com.apple.webcontent-filter from .mobileconfig file (system throws an error "Profile installation failed." "The ‘VPN Service’ payload could not be installed. The VPN service could not be created."
The config is essentially identical to the OP.
In the console I get this
CPProfileManager.installProfile returning error -319 (The ‘VPN Service’ payload could not be installed. The VPN service could not be created.)
CPProfileManager.installProfile for user 'zandrey' returning = -319 (INSTALL FAILED)
I'll answer my own question. Profile needs system scope defined like this. It's at the same level with PayloadContent key.
<key>PayloadScope</key>
<string>System</string>