diff --git a/Tun/PacketTunnelProvider.swift b/Tun/PacketTunnelProvider.swift
index 4474be6..6629664 100644
--- a/Tun/PacketTunnelProvider.swift
+++ b/Tun/PacketTunnelProvider.swift
@@ -23,7 +23,7 @@ class PacketTunnelProvider: NEPacketTunnelProvider {
         SDLLogger.shared.log("NE read message: \(msg ?? "failed")")
         
         DarwinNotificationCenter.shared.post(.vpnStatusChanged)
-        
+
         // host: "192.168.0.101", port: 1265
         guard let options, let config = SDLConfiguration.parse(options: options) else {
             completionHandler(TunnelError.invalidConfiguration)
diff --git a/Tun/Punchnet/Actors/SDLContextActor.swift b/Tun/Punchnet/Actors/SDLContextActor.swift
index 7311949..def9d67 100644
--- a/Tun/Punchnet/Actors/SDLContextActor.swift
+++ b/Tun/Punchnet/Actors/SDLContextActor.swift
@@ -794,10 +794,8 @@ actor SDLContextActor {
         let ipv4Settings = NEIPv4Settings(addresses: [networkAddress.ipAddress], subnetMasks: [networkAddress.maskAddress])
         // 设置路由表
         ipv4Settings.includedRoutes = routes
-        // TODO 要排除的路由表
-        ipv4Settings.excludedRoutes = [
-            
-        ]
+        // 配置要排除的路由
+        ipv4Settings.excludedRoutes = self.getIpv4ExcludeRoutes()
         
         networkSettings.ipv4Settings = ipv4Settings
         // 网卡配置设置必须成功
@@ -830,6 +828,28 @@ actor SDLContextActor {
         }
     }
     
+    private func getIpv4ExcludeRoutes() -> [NEIPv4Route] {
+        // 要排除的路由表
+        let dnsServers = SDLUtil.getMacOSSystemDnsServers()
+        var ipv4DnsServers = dnsServers.filter {!$0.contains(":")}
+        
+        // 增加常见的dns服务
+        let commonDnsServers = [
+            "8.8.8.8",
+            "8.8.4.4",
+            "223.5.5.5",
+            "223.6.6.6",
+            "114.114.114.114"
+        ]
+        for ip in commonDnsServers {
+            if !ipv4DnsServers.contains(ip) {
+                ipv4DnsServers.append(ip)
+            }
+        }
+        
+        return ipv4DnsServers.map { NEIPv4Route(destinationAddress: $0, subnetMask: "255.255.255.255") }
+    }
+    
     deinit {
         self.udpHole = nil
         self.dnsClient = nil
diff --git a/Tun/Punchnet/SDLUtil.swift b/Tun/Punchnet/SDLUtil.swift
index 5836b0a..a5df685 100644
--- a/Tun/Punchnet/SDLUtil.swift
+++ b/Tun/Punchnet/SDLUtil.swift
@@ -6,6 +6,7 @@
 //
 
 import Foundation
+import SystemConfiguration
 
 struct SDLUtil {
     
@@ -63,5 +64,17 @@ struct SDLUtil {
         
         return bytes.map { String(format: "%02X", $0) }.joined(separator: ":").lowercased()
     }
+    
+    public static func getMacOSSystemDnsServers() -> [String] {
+        var results = [String]()
+        
+        // 获取全局 DNS 配置
+        if let dict = SCDynamicStoreCopyValue(nil, "State:/Network/Global/DNS" as CFString) as? [String: Any] {
+            if let servers = dict["ServerAddresses"] as? [String] {
+                results = servers
+            }
+        }
+        return results
+    }
 
 }