Configuring Split VPN Tunnel Explaination

Issues related to configuring your network
Post Reply
gw1500se
Posts: 222
Joined: 2012/05/07 13:53:35

Configuring Split VPN Tunnel Explaination

Post by gw1500se » 2018/09/14 14:29:25

I am planning to set up a split VPN tunnel and found this article. Unfortunately it does not really explain how/why it works. Can someone more savvy than me with Linux networking explain what each of the config statements do? I want to run only qBittorrent over the VPN but I don't see how that is accomplished. That is, how do these statements know what traffic to route over which split? TIA.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Configuring Split VPN Tunnel Explaination

Post by TrevorH » 2018/09/14 16:01:26

Split tunnelling really just works by adding routes that go via the tunnel and leaving the default route set to your normal gateway. Thus traffic for the destinations covered by the more explicit routes go via the tunnel and those that are not go via the default.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

gw1500se
Posts: 222
Joined: 2012/05/07 13:53:35

Re: Configuring Split VPN Tunnel Explaination

Post by gw1500se » 2018/09/14 17:10:31

Thanks for the reply. That is where I am missing the concept. Does that mean I have to know the destination IP of anything I want to go through the VPN or is it the other way around? The name of the table (novpn) seems to imply I need to list all the IPs that DO NOT go though the VPN. Yet it is the other way around that makes more sense.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Configuring Split VPN Tunnel Explaination

Post by TrevorH » 2018/09/14 18:41:36

Well I guess you could do it the other way round. Set the default route to go via the VPN and add static routes for the things you want to go direct to. But I suspect that might end up with some odd results as many sites may discriminate against dodgy VPN ip addresses and refuse to serve content to them.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

gw1500se
Posts: 222
Joined: 2012/05/07 13:53:35

Re: Configuring Split VPN Tunnel Explaination

Post by gw1500se » 2018/09/15 11:56:59

Sorry if I seem dense but I still don't understand what goes into "novpn." Is it the IPs of those things I want to go through the VPN or those things I DON'T want to go through the VPN. Again, I only want the IPs of qBittirrent to use the VPN. BTW, I have tried to find documentation on the 'table' keyword but cannot find anything. Thanks.

Post Reply