As @TheLumberjack mentioned that 0.0.0.0/0 service should accomplish to divert all traffic to ziti tunnel. We also exclude fabric routes from that so the fabric tunnels don’t get sucked into the tunnel like vpn would. I did not test this service myself. But before we had this type of service, I configured all public prefixes to cover all internet to steer traffic into the ziti tunnel, which essentially equaled to 0.0.0.0/0.
Additionally related to what Clint mentioned as well, if I wanted to watch a specific tv streaming service like sling tv I created a service with wildcard to capture traffic destined to sling ie *.slingtv.com The trick is to find all urls this streaming service is trying to reach.
1 Like