Please let me know if this community doesn’t allow tech-support type of questions, I couldn’t find a decently populated community on lemmy for this sort of question and I don’t want to go crawling back to Reddit to ask.
Anyway, I have used iCloud Private Relay since it became available on WiFi with Macbook Pro. It works fine as expected, unless I enable my VPN, which is understandable.
Today, I bought a bunch of ethernet cables and a TP-Link semi-managed network switch (TL-SG108E, it has some configuration options but works out of the box as an unmanaged switch) with the intention of upgrading my network so things like the PS5, my home server, and my Macbook dock have wired connections.
Upon getting everything set up, I realized the Macbook was still using the WiFi, so I disabled WiFi, and lo’ and behold, no internet. Strangely, I can ping everything on my network fine, and access all my self-hosted stuff. I just can’t get out of my network. Figured it might be something with my Pihole. Or, worse case scenario, a dud switch.
Bunch of bullshitting later with no success, I, on a hunch, went into my iCloud settings and disabled private relay, and immediately I have internet access. Everything is working as it should.
So… am I missing something? Why would the sole change of plugging my Macbook into a switch via ethernet break private relay? For that matter - what is private relay doing that could possibly break internet access? If it works on WiFi, I can’t figure out what switching to a wired connection, or the introduction of a switch, could do to cause it stop working.
Lastly, any advice to get it working again? Some configuration somewhere I’m overlooking?
It sounds like the switch is doing some type of management or traffic shaping that is breaking your internet connection. I know you said if it works out of the box as a dumb switch with no configuration but it seems obvious that it is doing something. Wi-Fi would bypass the switch unless you have a wireless access point plugged into the switch. My understanding is that Private Relay is basically Tor but through Cloudflare and other providers that Apple uses so it might be a good idea to Google Tor internet issues with a managed switch and see if anything there is applicable.
I’d also check through the settings of the switch and disable any settings you can that impact traffic flow in any way. If you have an actual dumb, unmanaged switch you can switch in, I’d try that too. Even if you have to buy one, they’re fairly cheap and can be a good tool to have in your back pocket to troubleshoot network issues.
No that’s not how it works.
Your traffic is routed directly to a server run by Apple using the masque proxy technique. The data you send and the routing information is encrypted and Apple can’t see the contents as they don’t have the decryption key.
Apple scrubs your data and routing info of anything that could identify you, then passes it on to CloudFlare (or a similar provider). Cloudlfare is able to decrypt the routing information, and if it’s an unencrypted network request (rare these days) Clouflare can also see the data. But Cloudflare can’t link it to you (unless it’s unencrypted). Cloudflare sends the request on to the destination server. Then it all happens in reverse.