includeAllNetworks and in-tunnel networking

Question

Created 12h

Replies 3

Boosts 0

Participants 3

This post is from the WWDC26 Networking Q&A.

There are cases where our VPN app would like to be able to send traffic inside the tunnel. It seems that when includeAllNetworks is set to true, there is no way to create a network socket (regardless of API, we've tried the unix socket API, Network framework by specifying the network interface and the deprecated Network Extension famework createTCPConnectionThroughTunnel) that works. Are there any plans to relieve us from having to ship a user space networking stack just to send some packets inside the tunnel from the packet tunnel process?

Answer 1

asaxionis OP

11h

Hey! Out of curiosity, what kind of “traffic” are you trying to send through the ”tunnel”?

Answer 2

Engineer OP

Apple

11h

Thankyou for the use case. Please file a feedback, we will consider to extend that capability.

Answer 3

emilsp OP

10h

Feedback has been filed - FB16748087. The reason I'm asking here is because just going by API documentation, there is nothing to suggest that using in-tunnel connections with includeAllNetworks wouldn't work.

Hey! Out of curiosity, what kind of “traffic” are you trying to send through the ”tunnel”?

When our app establishes a VPN connection, our tunnel process must negotiate extra configuration that will then be used to actually relay user traffic.