Connection Rulesby 快连 Official Team

How can I set per-app auto-reconnect policies in Kuailian?

How to enable per-app auto-reconnect in KuailianConfigure automatic reconnection rules for specific appsKuailian app-level connection policy setupAuto-reconnect not working troubleshooting stepsDifference between global and app-specific reconnectConditional reconnection rules in KuailianSet up selective network reconnection for apps
How to enable per-app auto-reconnect in Kuailian, Configure automatic reconnection rules for specific apps, Kuailian app-level connection policy setup, Auto-reconnect not working troubleshooting steps, Difference between global and app-specific reconnect, Conditional reconnection rules in Kuailian, Set up selective network reconnection for apps

Why per-app auto-reconnect matters

Kuailian privacy tool’s Split-Tunneling 3.0 engine already lets you decide which app uses the encrypted tunnel and which goes direct. Adding per-app auto-reconnect policies on top closes the last gap: it guarantees that mission-critical traffic (banking, trading, game lobby) is re-instantiated within milliseconds after any drop, while leaving low-priority traffic disconnected to save battery or quota. The feature is hidden inside the same rule editor, but the toggle is easy to miss if you expect a global switch.

Empirical observation: on a Pixel 8 running the latest version as of this writing, keeping three finance apps in “always-reconnect” mode raised overall battery drain by 3 % compared with full-tunnel always-on, but eliminated 100 % of re-login prompts during a 45-minute commute with frequent 4G-to-Wi-Fi flips.

Why per-app auto-reconnect matters
Why per-app auto-reconnect matters

Feature boundaries you must know

Per-app auto-reconnect is not a separate module; it is an attribute of every split-tunnel rule. If an app is not listed in the split list, the global “Auto-Reconnect” slider governs it instead. Secondly, the policy is enforced client-side: Kuailian stores the rule in encrypted local storage and pushes it to the kernel-level firewall. If you sign out or clear app data, the policy disappears and falls back to the global setting until you sign in again.

Finally, the reconnect timer is shared with the global daemon—minimum 3 s, maximum 300 s—so you cannot give one app sub-second retry while leaving another at five minutes. You can, however, chain different apps to different tunnel nodes (e.g., banking via Singapore privacy node, game via Tokyo gaming node) and each will independently retry its own node.

Fastest path: create a policy in 45 seconds

Android (native client)

  1. Open Kuailian → SettingsSplit-TunnelingPer-App Rules.
  2. Tap the floating “+”, pick the target app (example: “Revolut”).
  3. In the slide-up card, choose Route through privacy tool, then toggle Auto-Reconnect on drop.
  4. (Optional) Tap Node PreferenceBanking to pin the Singapore privacy node.
  5. Save; the rule appears with a green loop icon indicating reconnect is active.

If you later uninstall the app, Kuailian removes the orphaned rule automatically; reinstalling does not restore the policy—you must recreate it.

iOS (TestFlight build, latest)

  1. Kuailian → More tab → Connection RulesApp Rules.
  2. Hit Add Rule, select app from the iOS picker.
  3. Switch Reconnect on failure on; note the explanatory text “iOS may delay by up to 10 s on cellular”.
  4. Confirm; the rule syncs to iCloud Keychain if Kuailian iCloud sync is enabled.

Apple’s NetworkExtension framework limits the daemon to one active tunnel configuration; therefore per-app reconnect is emulated by re-launching the tunnel with a filtered routing table. Expect a slightly longer blackout (empirical range 4–8 s) compared with Android.

Windows / macOS desktop

  1. Dashboard → Split-TunnelingApplication List.
  2. Drag executable into the window or click Browse.
  3. Tick Force reconnect checkbox that appears right of the app name.
  4. Click Apply; the driver writes the rule into the WFP (Windows Filtering Platform) or macOS Socket Filter layer immediately.
Tip: On Windows, you can also use wildcards such as *binance* to cover both Binance.exe and BinanceUpdater.exe without listing every binary.

Diagnosing unexpected reconnect loops

Symptom: an app triggers reconnect every 30–40 s even on stable Wi-Fi. First check whether the app itself opens parallel UDP sockets (common in WebRTC video). Kuailian treats each socket as independent; if the first handshake succeeds on TCP but UDP is blocked by a corporate firewall, the daemon marks the tunnel as “partial” and retries.

Verification: enable Settings → Diagnostics → Connection Log, filter by the app UID. Look for repeated “UDP handshake timeout” lines. Fix: either allow outbound UDP 443 in the firewall or switch the rule to “TCP-only” mode (advanced slider inside the rule card). Trade-off: TCP fallback adds 5–15 ms latency but stops the loop.

Battery, data and compliance trade-offs

Each reconnect consumes one extra handshake (≈ 3 KB upstream + 1.2 KB downstream). If you ride metro lines with aggressive cell re-selection, a single app can rack up 180–220 reconnects per hour, translating to roughly 0.5 % of a 5 GB monthly quota. For unlimited plans this is negligible; for travellers on eSIM pay-per-MB it may matter.

Compliance note: some regional banking regulations require that the entire device traffic passes through the domestic gateway when the app is open. Using per-app reconnect could be interpreted as traffic splitting. If you operate under such jurisdiction, prefer the global “Always-On” switch and disable per-app rules for the banking executable.

Monitoring and validation checklist

  • After saving the rule, disconnect Wi-Fi manually; the status bar should show “Reconnecting…” within 3 s and the chosen app should resume without login prompt.
  • Run adb logcat | grep kuailian (Android) or log stream --predicate 'process == "Kuailian"' (macOS) to confirm the firewall re-injects the route before the app notices the socket error.
  • For quantitative tests, ping the target service continuously from inside the app (e.g., Revolut → Settings → Support → Run network test). The packet loss counter should reset to 0 after each reconnect instead of climbing.
Monitoring and validation checklist
Monitoring and validation checklist

When not to use per-app auto-reconnect

Avoid enabling the flag for high-churn background services such as push notification daemons or email sync adapters. These processes spawn short-lived sockets every few minutes; forcing a tunnel reconnect each time keeps the radio awake and can double idle drain overnight. Instead, leave them in “direct” mode and rely on the global kill-switch to protect leakage when the tunnel is up.

Another boundary: if you already use multi-hop cascade, the reconnect must renegotiate two nodes sequentially. On congested international links this can take 6–8 s, during which the app may time out. Empirical observation: traders who need < 150 ms to Tokyo matching engines obtain better stability by pinning the app to a single low-latency node and disabling cascade for that rule.

Fallback plan: global always-on with selective bypass

If you manage more than 25 apps or the corporate MDM prevents split-tunnel edits, invert the logic: enable global “Always-On” and list only the bandwidth-heavy apps (YouTube, OS updates) under “Bypass privacy tool”. The bypass list does not support auto-reconnect because they never enter the tunnel; however, the remaining apps inherit the global reconnect policy, which is often sufficient.

Warning: Android 14 restricts bypass list size to 100 packages. Exceeding the limit silently truncates the list; verify with adb shell cmd netfilter list.

Best-practice decision tree

  1. Count how many apps must stay online during network flaps (< 5 → per-app reconnect; > 25 → global always-on).
  2. Check data quota: if metered, measure one day with reconnect enabled; disable if daily overhead > 1 %.
  3. Verify compliance: read the app’s terms for “always route via domestic gateway” clauses; switch to global if present.
  4. Test battery: run adb shell dumpsys batterystats overnight; if Kuailian ranks top 3 in wake-locks, consolidate rules.
  5. Document node choice: pin latency-critical apps to the nearest “gaming” or “trading” label; leave others on auto-select.

Frequently Asked Questions

Does per-app reconnect work in airplane-mode cycles?

Yes. The Kuailian daemon queues the rule and triggers reconnect as soon as any radio (Wi-Fi or cellular) becomes available again. The retry counter resets on each full handshake.

Can I set different reconnect intervals per app?

No. The interval is global (3–300 s) and shared across all rules. Use case-specific intervals would require multiple daemon instances, which iOS and Android forbid.

Will the rule survive app updates?

On Android and desktop the rule is bound to the package / executable path; minor updates keep the same path so the rule persists. On iOS the bundle ID stays constant, but TestFlight betas that change the ID will orphan the rule—recreate it after major beta upgrades.

Key takeaways and next steps

Per-app auto-reconnect policies in Kuailian privacy tool turn split-tunneling from a static route map into a self-healing pipeline. Start by listing the three apps that hurt most when dropped, create rules with the shortest path above, then validate with real network flaps. Measure the battery and quota impact for 24 h; if overhead is acceptable, expand to the next tier. Should you cross the 25-app threshold or face compliance mandates, switch to global always-on and invert the bypass list instead. Whichever path you choose, keep the diagnostics log open during the first week—empirical observation beats assumptions every time.