App Routing
App1 Routing is defined as follows:
App Routing is a feature that allows users to route specific apps to different interfaces by matching the app’s domains and IP ranges.
Currently MintFlow NetStack support the following Routing Criteria:
-
CIDR
This is plain CIDR route, such as 0.0.0.0/0, 1.1.1.1/32 which match a IP range or Host. 0.0.0.0/0 is the default route and must be have routes configured.
-
Domain Set
This is a set where users can add the various domains of a SaaS application or app (like Netflix) and route all traffic related to that set to an interface.
-
CIDR Set
This is a set where users can add the various IP ranges of a SaaS application or app (like Netflix) and route all traffic related to that set to an interface.
-
DNS fallback
This is a special route which is used only when App Routing is enabled, it’s used to specify which DNS server should be used when iOS apps query a domain that is not present in any of configured Domain Sets.
-
VPN DNS Server Domains
Added in 1.9.0. This is a reserved rule type, written as
VPN-DNS-SERVER-DOMAINS,<L3VPN|L4PROXY>,<target>. It is required when VPN DNS uses an encrypted DoT/DoH server with a domain name, such astls://p2.freedns.controld.com. MintFlow uses this rule to route the bootstrap DNS traffic for resolving the encrypted VPN DNS server domain through the selected VPN or proxy.
In the future, if we add a DPI engine to the app, we may route apps based on DPI results.
-
An App can be a iOS App, or a plain WebSite, or a SAAS application. ↩