I'm curious as how a machine falls into a particular network segment.
I'm working with a client whose LAN IP range could potentially conflict with consumer IP ranges, which would result in some policy failures. To get around that, instead of using the LAN IP range for the network segment, we're using the WAN IP, which machines report as their IP address as the JSS lives in AWS.
We ran into an issue though where users on a Guest network were experiencing policy failures as the local distribution point isn't available on the Guest network (nor should it be) and a Cloud Distribution Point can't be used for failover.
Given that policy execution is alphabetical, we tried adding a network segment for the Guest IP range, assigning it the CDP as its default DP, and ensuring that it came before the Network Segment using the WAN IP. It worked, which is great, but it called into question what takes precedence.
Does IP or Reported IP take priority? Is it an alphabetical check against the Network Segments list to see which gets a hit first using both IP and Reported IP or is it something else entirely?