First things first: thank you for this amazing tool!!! I'been trying to make selective routing work for ages without success. However, I cannot get VPN Bypass to work just yet.
My goal is to have all traffic go through the VPN at all times but for specified domains. At the minute Netflix is the only one I would like/need to work.
Now, I can traceroute and see that the traffic toward Netflix is correctly going out of the VPN tunnel BUT Netflix somehow still complains about proxy error when I try to play something. I'm not sure what Netflix catches to see my traffic still as a VPN when it is actually going via my ISP. I'd be grateful if you could help me
Here's my config:
Luci App VPN Bypass is basically emtpy but for the domain field:
Here's DNSMasq config. External DNS per domain was setup just in case Netflix would complain about the VPN just because of the Mullvad DNS IP. No luck; the other two sites are to check data of the traffic. I'll remove them eventually.
root@lede-wyn:config# cat dhcp config dnsmasq option domainneeded '1' option localise_queries '1' option rebind_protection '1' option rebind_localhost '1' option local '/lan/' option domain 'lan' option expandhosts '1' option authoritative '1' option readethers '1' option nonwildcard '0' option localservice '1' option dnssec '1' option leasefile '/tmp/dhcp.leases' option resolvfile '/tmp/resolv.conf.auto' list ipset '/ipleak.net/ipx.ac/netflix.com/vpnbypass' list server '/ipleak.net/126.96.36.199' list server '/ipx.ac/188.8.131.52' list server '/netflix.com/184.108.40.206' list server '/ipleak.net/220.127.116.11' list server '/ipx.ac/18.104.22.168' list server '/netflix.com/22.214.171.124' config dhcp 'lan' option interface 'lan' option start '100' option limit '150' option leasetime '12h' option ra 'server' option dhcpv6 'server' option ra_management '1' config dhcp 'wan' option interface 'wan' option ignore '1' config odhcpd 'odhcpd' option maindhcp '0' option leasefile '/tmp/hosts/odhcpd' option leasetrigger '/usr/sbin/odhcpd-update'
I use Mullvad VPN and it forces the DNS to be the one provided by them within their VPN network/tunnel. The way it does this, is by a vpn.up script that moves /tmp/resolv.con.auto and replaces it with one containing their DNS only:
root@lede-wyn:config# for i in $(ls /tmp/resolv.conf*); do echo $i; cat $i; echo; done /tmp/resolv.conf.auto nameserver 10.8.0.1 /tmp/resolv.conf.auto.hold # Interface wan nameserver 126.96.36.199 nameserver 188.8.131.52
Also, firewall routing is: lan -->> vpn -->> wan.
I tried to solve this mystery by myself without luck. I hope the forum would enlighten me
Please and thank you