← Back to context

Comment by ameshkov

2 hours ago

Actually, no, we don't resolve them. We scan the incoming ClientHello before making a decision on where to route the connections. If the connection should be bypassed we make a connection by ourselves and proxy traffic. Implementing it that way requires having a TCP stack right in the client.

1 comment

ameshkov

Reply
eptcyka  2 minutes ago

Unfortunately, I am no stranger to embedding a whole userspace networking stack into a VPN client either.