@sameersarkar-tcl You may wish to inspect the Compose file used in the example to understand how to make the systemd dbus socket and tun device available to ziti-edge-tunnel (the Linux tunneler) when it is running in a privileged container for the purpose of providing DNS and IP routes.
In use case 2’s private network with a Docker network I can see the direction of the arrows are pointing from the Docker router tunneler to two different applications. Are those applications in host 1, host 2 also in a Docker network (bridge network?), or are those “hosts” per se?
Will you share some details about how you are running the Docker router tunneler shown there in the private network for use case 2? It’s clear that you want to publish the app 1, app 2 with Ziti, and I know there are some advantages to having a router near your application. If you decide it’s not necessary to have a router in the end then I can recommend a simplified tunneler configuration that you could use to publish / host / bind app 1, app 2 in the private network.
Here is a simplified example of using the old Linux tunneler to provide hosting only (no DNS, no IP route).
$ wget https://github.com/openziti/ziti/raw/main/ziti-tunnel/docker/docker-compose.yml
$ NF_REG_NAME=1ALinuxTunneler3 docker-compose up ziti-host
Note that this is a different file that is also named docker-compose.yml just like the previous example which was for a different use case involving DNS and IP routes.