FQDN IPv6 Split Tunneling (Windows only)
FQDN (Fully Qualified Domain Name) based split for IPv6 allows users to set up the allow or deny rules by directly specifying domain names. This feature simplifies the configuration process for rules to either ignore or allow tunnel cloud services.
FQDN split tunneling is supported for IPv4 across all platforms. For IPv6, it is supported on the Windows platform only. However, IPv6 FQDN split tunneling is not supported with traffic enforcement and split DNS filters.
All scenarios mentioned under FQDN resource and IPv4/IPv6 resources-based Split Tunneling are applicable for IPv6 FQDN split tunneling on Windows except for below mentioned scenarios.
|
S. No. |
IPv4 Include Policy |
IPv4 Exclude Policy |
IPv6 Include Policy |
IPv6 Exclude Policy |
FQDN Include Policy |
FQDN Exclude Policy |
Split DNS Behavior |
Client Behavior |
|---|---|---|---|---|---|---|---|---|
| 1 |
NA |
NA |
NA |
NA |
www.google.com |
NA |
NA |
Only www.google.com goes through the tunnel. All IPv4/IPv6 goes through the physical interface. |
| 2 |
1.1.1.0/24 |
NA |
NA |
NA |
www.google.com |
NA |
NA |
Except for 1.1.1.0/24 and www.google.com all other IPv4, IPv6 and FQDN will go through the physical interface. |
| 3 |
NA |
1.1.1.0/24 |
NA |
NA |
NA |
www.google.com |
NA |
Except for 1.1.1.0/24 and www.google.com all other IPv4,IPv6 and FQDN resource goes through the tunnel. |
| 4 |
NA |
1.1.1.0/24 |
NA |
NA |
www.google.com |
NA |
NA |
Except for 1.1.1.0/24 all other IPv4 resources goes through the tunnel. All the IPv6 traffic goes through the physical interface. Except for www.google.com all other FQDN resources goes through the physical interface. |