I have a complex Tailscale-based network setup that includes blocking all Google hostnames. Unfortunately RCS on iOS doesn’t work when sending photos.
I’ve scoured AT&T’s website and App Privacy Report on iOS (which doesn’t show DNS names for Messages, Phone apps) but I do know they switched to Google as their RCS provider at one point.
I’d like to set up a Tailscale App Connector using hostnames, but if they’re using IP addresses I can work with those as well (subnet routing).
Update: Resolved by allowlisting rcs-copper-us.googleapis.com specifically, but I also added all of telephony.goog to unblock rcs.telephony.goog. A simple tcpdump got me the DNS requests for those domains.
RCS is a whole can of worms. It’s presented like a carrier services (and carriers are in the mix, though often just for authentication), but it’s really a Google service. With Android, RCS connects directly to google’s mothership.
I believe on iOS those go to Apple’s servers which “peers” with google. Maybe search the RCS endpoint for Apple and see what comes up?
Good point, I’ll be on the lookout for that.
Sooo Google is getting a taste of all MMS pics now?
I found the domain names (edited the post) and essentially yes, it does route through their servers.