Interaction between blocked and allowed domain names
A domain name consists of multiple levels, where a dot (.) separates each level. Consider the ‘cloud.openvpn.com
’ domain name:
.com
is the top-level domain (TLD).openvpn
is the second-level domaincloud
is the third-level or sub-domain
The domain name matching logic checks domain names from right to left, starting from the TLD. Therefore, if you are using both Block List and Allow List, be careful when you are filtering on both domain and subdomain names.
The table below shows two configurations of a domain and subdomain used in both the Allow List and Block List. The results for each configuration are different.
Config | Domain in Allow List | Domain in Block List | Result |
---|---|---|---|
A |
|
|
|
B |
|
|
|