diff --git a/readme.md b/readme.md
index 8f88426..d19490d 100644
--- a/readme.md
+++ b/readme.md
@@ -5,7 +5,11 @@ Another interesting thing about it is that, unless they're doing some super cust
 
 Thus, over the holidays I dug in to see how annoying it'd be to do. This implements a very basic VPN tunnel that sets DNS to go over 1.1.1.1, in a basic UI as a status bar menu app. Some screenshots are below. I probably won't be pursuing this further in lieu of working on other projects, so anyone out there should feel free to take this and extend it as they wish.
 
-Also, side note: you probably want a true VPN instead of this, but this isn't a bad approach either in the grand scheme of things. Probably one where doing your research is worthwhile. :)
+Also, side notes:
+
+- There are two types of on-demand VPNs, which this uses - Personal and Enterprise. By using `NETunnelProvider`, the VPN profile counts as an Enterprise one, which trumps Personal in cases where two might get loaded.
+- I wager CloudFlare probably goes much deeper than this, as some old documentation buried on Apple's site indicates that connections that use POSIX Sockets and `CFSocket` technically won't go through an on-demand VPN. If this is still true, I can't imagine they'd have overlooked it like this approach does.
+- You probably want a true VPN instead of this, but this isn't a bad approach either in the grand scheme of things. Probably one where doing your research is worthwhile. :)
 
 ## Screenshots
 ![Disconnected](https://github.com/ryanmcgrath/1.1.1.1-macOS/blob/master/screenshots/disconnected.png?raw=true)
@@ -18,6 +22,6 @@ This repo could also be used as scaffolding/reference for a nibless Swift Cocoa
 - It implements a working `UISwitch` replacement, using a slightly-modified [JSSwitch](https://github.com/juliensagot/JSSwitch).
 
 ## License, etc
-This is very much a "do-wtf-you-want-with-it" license. Code is as-is. I'd like to give props to [this list of TLDs by popmedic](https://gist.github.com/popmedic/cf9472aa8c2adda875a484c5a1c5da06), because compiling it myself would've been annoying.
+This is very much a "do-wtf-you-want-with-it" license. Code is as-is. I'd like to give props to [this list of TLDs by popmedic](https://gist.github.com/popmedic/cf9472aa8c2adda875a484c5a1c5da06), because compiling it myself would've been annoying. His code inspired some of the VPN portion as well; I spent enough time on it but couldn't come up with a better approach than his, so wound up just tweaking it slightly for my needs.
 
 Questions can be directed to [ryan@rymc.io](mailto:ryan@rymc.io) or [@ryanmcgrath on Twitter](https://twitter.com/ryanmcgrath).