NEDNSProxy* and NETransparentProxy* APIs

Question

Created Mar ’21

Replies 1

Boosts 0

Participants 2

It seems like whatever NEDNSProxy* does NETransparentProxy* API can also do as a superset.
Is there something specific about NEDNSProxy* that makes it preferred type of extension over more generic NETransparentProxy*? The question is more about Apple's intentions when separating DNS into a separate type of a Network Extension.

Boost

Answer 1

Systems Engineer OP

Apple

Mar ’21

NEDNSProxyProvider is a great API for handling DNS only flows. An example of this is that you only have to start the provider and you should receive all DNS traffic to start proxying the flows. On other providers you need to specify the rules around the flows your provider will receive. NETransparentProxyProvider on the other hand gives you the flexibility to target specific UDP flows, UDP flows only, or UDP and TCP flows. So, if the question is, why use NEDNSProxyProvider, then it's because you are concerned about handling DNS flows only.

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com

0