Hi,
I would like to confirm if the matchDomains property in NERelayManager operates exclusively at the application layer. Specifically, it seems that adding IPv4 addresses or IPv4 CIDR blocks to the matchDomains list does not work, as the relay manager appears unable to match them.
Relay Configuration
For example, I tried adding the following IPv4 patterns to the matchDomains list:
- 11.22.33.44
- 11.22..
- 11.22.*
In this configuration, I expected traffic to be routed to the relay server as defined by the matchDomains entries. However, the relay manager did not handle these IPv4 patterns as anticipated.
On the other hand, when using only the excludedDomains property, the desired IPv4 traffic is successfully routed to the relay server as expected.
Purpose of Forwarding IPv4 to the Relay Server
The primary reason for forwarding IPv4 traffic to the relay server is to address cases where certain applications—such as those developed with Flutter or React Native—use their own custom network stack. These custom network stacks often do not respect the relay configuration. As a result, even when these applications use domains that are matched by the relay manager’s matchDomains, their TCP connections to DNS-resolved IPv4 addresses bypass the relay server and connect directly to the IPv4 server.
This behavior makes it critical to enable IPv4 matching to ensure all traffic, regardless of the application’s network stack implementation, is routed through the relay server.
Questions
- Can IPv4 addresses or IPv4 CIDR blocks be used with matchDomains?
- If not, is there an alternative method to enable IPv4 matching while keeping matchDomains enabled?
Thank you for your assistance.