Domain route via VPN

This allows you to selectively route specific domains through the VPN tunnel while keeping all other traffic unaffected. This is the opposite of the Domain Bypass feature.

When you enable the "Domain route via VPN" option and specify a list of domains, only the network traffic from those domains will be sent through the VPN tunnel. All other domains will communicate normally, outside the VPN. This gives you fine-grained control over which domains use the VPN and which don't.

How it Works

Domain can be assigned to more than one DNS record and there is no way to take all addresses even for one domain name. For example, google uses a lot of CDN servers and when you open google.com with and without VPN traffic will go to different servers.

All requests to unknown resources start with domain resolving and SDK handles those DNS responses and if domain is in bypass list then SDK creates routes for addresses immediately.

SDK doesn't store any data about visited sites by user.

Domain route via VPN will not work if user uses any DNS protection methods like DNS-over-TLS. There is no way to resolve all IP addresses even for one domain.

Platform

For Apple, see Domain route via VPN

For Android, this feature is not currently supported.

For Windows, see Domain route via VPN