Domain Bypass

Domain bypass allows users to selectively route internet traffic for specific domains outside of a VPN connection. This feature provides flexibility in managing network traffic, optimizing performance, and maintaining access to certain resources that may be restricted or perform poorly when accessed through a VPN.

Understanding Domain Bypass Configuration

At its core, domain bypass is controlled through a configuration structure that specifies which domains should bypass the VPN. The addDnsRule method in the SessionConfig.Builder is used to configure the rules for the VPN session. This configuration typically includes three main components:

• TrafficRule.dns(): This creates a new DNS traffic rule.

• bypass(): This specifies that the DNS traffic for the specified domains should bypass the VPN. In other words, DNS requests for these domains will not be routed through the VPN tunnel.

• fromDomains(bypassDomains): This method takes a list of domains (bypassDomains) that should be bypassed.

The overall effect of this rule is that any DNS requests for *.domain1.com, domain2.net, and domain3.org will bypass the VPN and be resolved using the device's default DNS resolver.

UnifiedSdk sdk = UnifiedSdk.getInstance();

List<String> bypassDomains = new ArrayList<>();
bypassDomains.add("*.domain1.com");
bypassDomains.add("domain2.net");
bypassDomains.add("domain3.org");

sdk.getVpn().start(new SessionConfig.Builder()
    // ...
    .addDnsRule(TrafficRule.dns().bypass().fromDomains(bypassDomains))
    // ...
);

The configuration also supports wildcards. In the example, *.domain1.com means all subdomains of domain1.com will bypass the VPN, but domain1.com itself will not.