same principles... all they really mean in your situation is a predictable internal endpoint without separate host. ( extend the loopback principle -> stable whether the vpn is up or down )... netns would need a few more commands...
but for leaks you have to setup either;
assuming no-pull ( the best imho... )
pbr mark > table > vpn > end
route lookup > table > vpn > end
up - down = add route from src to vpn - add blackhole from src to oblivion
where your getting stuck is looking at it from an app perspective and not a route perspective from the client...
what you have done so far... has missed the final link... which is, when traffic from the "transmission bound ip" does not find the default route....