We are building a VPN type of application to split tunnel the traffic generated based on routes. The tunnel is implemented using the Packet Tunnel Provider.
The client application is responsible for tunneling the traffic based on host names. Hostname based applications are behind a private network and are not accessible from public internet. So, in order for us to tunnel the traffic based on host names, we are in a position to resolve the IP addresses locally on the client side, before tunneling the traffic. Please note that there are no custom / private DNS servers that can help us to resolve the IPs.
So essentially, we might have to resolve the DNS queries locally on the client for these specific set hostnames and then establish a connection to the remote endpoint in order to tunnel the traffic.
Given that, we are establishing a tun interface on the PacketTunnelProvider to tunnel the traffic and we make use of the existing tun interface to filter out the DNS packets and resolve the host names programmatically.
We were able to implement this and capture the DNS packets. We constructed the response packet for the DNS queries on the network extension [the response is set with default value Type: A (Host Address) (1)] and write it back to the packetflow. But post resolution the data packets are not flowing into the tun interface, instead we keep getting the DNS query packets on a loop. When decoding the DNS packet data using online tool, we were able to see the type of the queries is
Type: HTTPS (HTTPS Specific Service Endpoints) (65)
we tried to construct the response with the same type but while decoding the packet info it says the DNS response packet is malformed.
Is there any way to construct the response for the query of type
[HTTPS (HTTPS Specific Service Endpoints) (65)]
?.
Stacks that we are using is iOS[Swift] along with network extension and packet tunnel provider.
