Relay

If true, the device allows the relay to failover to the default system DNS resolver.

A list of domain strings to exclude from routing through the servers in Relays. Any connection that matches a domain in the list exactly or is a subdomain of the listed domain won’t use the relay server.

A list of Fully Qualified Domain Names (FQDNs) to exclude from routing through the servers contained in Relays. Any connection that matches an FQDN in the list exactly won’t use the relay server. When MatchDomains is also present, any FQDN listed in the list should be a subdomain of at least one MatchDomain value, otherwise it will not have any effect.

A list of domain strings that the system uses to determine which connection to route through the servers in Relays.

Any connection that matches a domain in the list exactly or is a subdomain of the listed domain uses the relay servers, unless it matches a domain in ExcludedDomains.

If this list and MatchFQDNs are empty, the system routes traffic to all domains to the relay servers, except those that match an excluded domain or excluded FQDN.

A list of Fully Qualified Domain Names (FQDNs) to be routed through the servers contained in Relays. Any connection that matches an FQDN in the list exactly uses the relay servers. If this list and MatchDomains are empty, the system routes traffic to all domains to the relay servers, except those that match an excluded domain or excluded FQDN.

An array of dictionaries that describe one or more relay servers that the system can chain together.

A globally unique identifier for this relay configuration. The system uses this UUID to route managed apps through the servers in Relays. This key is required for user enrollment.

If true, the device allows the user to disable this network relay configuration.