Instead, a new entry is pushed on row above it and simply gets precedence this way. Note, that the MB could have easily accessed the public internet by simply using the data provided by DHCP! In the MB's routing table the default gateway is not replaced when connecting to a VPN. There was not a single packet that did not follow the rules in the MB's routing table and thus did not use the VPN tunnel. Result: The only traffic not routed through the VPN were: DHCP, ARP and IPv6 Neighbor/Router-Advertisement/Solicitation. I conducted this experiment for 48 hours, used Apple's own apps, installed some from the App Store and otherwise did just work on my MB. All VPNs were first set up to route all traffic through the VPN, and afterwards as a split tunnel, with Apple's IPs routed through the tunnel.įurthermore, I separately captured any single ethernet frame on the bridge, which did not use the VPN tunnel. On my MB I created a VPN tunnel to yet another machine on my LAN and tested all three major VPN implementations: IPSec (Cisco Anyconnect), OpenVPN and Wireguard. Such a frame would still be visible on the bridge. Additionally I ran Wireshark on the MB in order to check, whether the kernel might hide some ethernet frame from Wireshark. I ran tcpdump on the bridge and captured every single ethernet frame that was spit out by the MB. Wifi und Bluetooth were both switched off. The two NICs were bridged together and the second one was connected to my LAN in such a way, that the MB could access the internet (both via IPv4 and IPv6) without any packet being dropped. My MacbookPro Late 2016 with Big Sur was connected via Ethernet to another PC with two NICs, running Debian Buster. Well, I couldn't understand how this could even work in theory and none of the people spreading the FUD did explain anything, so I created a test setup. The most famous ones were Your Computer Isn't Yours and Apple apps on macOS Big Sur bypass firewall and VPN connections. Introduction: A lot of posts in the past claimed, that the new macOS Big Sur would be able to bypass VPNs for Apple's own products. Packets do, what the routing table says they should do. I did some experiments to determine, whether macOS Big Sur is able to bypass VPNs as claimed a lot right now.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |