I'm gonna post this for feedback one more time to see if anyone else has opinions. We'd like to replace 0.0.0.0/0 as the "internet" gateway range with a collection of ranges that omits the standard private IP space. This is what it would look like: 0.0.0.0/5,8.0.0.0/7,11.0.0.0/8,12.0.0.0/6,16.0.0.0/4,32.0.0.0/3,64.0.0.0/2,128.0.0.0/3,160.0.0.0/5,168.0.0.0/6,172.0.0.0/12,172.32.0.0/11,172.64.0.0/10,172.128.0.0/9,173.0.0.0/8,174.0.0.0/7,176.0.0.0/4,192.0.0.0/9,192.128.0.0/11,192.160.0.0/13,192.169.0.0/16,192.170.0.0/15,192.172.0.0/14,192.176.0.0/12,192.192.0.0/10,193.0.0.0/8,194.0.0.0/7,196.0.0.0/6,200.0.0.0/5,208.0.0.0/4 We think this will do better at avoiding collisions, and in testing will work with the current setup. You can test it right now by just copy/pasting that range into the egress gateway ranges. This is also apparently what wireguard already does for Android by default. Let us know if you have any thoughts on this.