Routing Pandora traffic around my VPN

[goffredo]

Hello,

I am using DD-WRT firmware and have configured its OpenVPN Client to point to a VPN server that I use. I'd like for my Pandora network traffic NOT to go through the VPN, and instead just go out to the normal internet provided by my ISP.

So I did a bit of googling and discovered the DD-WRT forum had a post detailing how to configure DD-WRT's OpenVPN client to route certain services' IP traffic (whatismyip, pandora, netflix, hulu, etc) around the VPN by using routing entries. Makes sense, but I can't quite follow the routing syntax -- it seems exactly backwards to me -- and wanted to ask for help understanding how it works, rather than blindly paste it into my OpenVPN settings. I hope this question isn't too green for this forum.

Here is an extract from the DD-WRT forum post in question:

Code: Select all

###
### OpenVPN common configuration
###
route-nopull
route 74.122.122.231 255.255.255.255 net_gateway

###
### OpenVPN routes
###

# whatismyip.org
route 98.207.0.0 255.255.0.0 vpn_gateway

# pandora.com
route 208.85.40.0 255.255.248.0 vpn_gateway 

Then there are additional routing entries for netflix and so forth, but I have truncated this to focus on the simple Pandora example. For the sake of discussion, let's say my ISP-assigned IP address is 24.186.146.247 and my VPN server is 74.122.122.231.

Code: Select all

route-nopull

As I understand it, this is configuring my OpenVPN Client to ignore any routing entries that my paid VPN service's VPN server might push down to me. I can't think of why I would want to do this, and would be tempted to omit this directive. I am trusting that my VPN service is doing the right thing and I don't want to mess with this.

Code: Select all

route 74.122.122.231 255.255.255.255 net_gateway

This seems to be saying to take packets directed to my VPN server (74.122.122.231) -- masking nothing out -- and forward them to my net_gateway! Wouldn't this be my ISP? Sending VPN traffic to my ISP seems like the exact opposite of what I want to do -- VPN traffic should go to my VPN server to handle, no?

Code: Select all

route 208.85.40.0 255.255.248.0 vpn_gateway

And here we are routing traffic directed to Pandora (between 208.85.40.1 - 208.85.47.254) to vpn_gateway. Sending all Pandora traffic through the VPN again seems like the exact opposite of what I want to do! Pandora traffic should go to my ISP and not to the VPN server, no?

[TinCanTech]

Probably that thread looks wrong because it is not doing what you want.

All you need do is add this to your client config:

Code: Select all

# pandora.com
route ip-add netmask net_gateway

Where ip-add netmask is what ever you think pandora.com is .. net_gateway is parsed by openvpn and is set to your local default gateway. So the IP range you define will not be routed via the VPN.

See --route in the manual.

[goffredo]

route ip-add netmask net_gateway[/code]Where ip-add netmask is what ever you think pandora.com is .. net_gateway is parsed by openvpn and is set to your local default gateway. So the IP range you define will not be routed via the VPN.

Thank you so much! That makes total sense to forward Pandora "stuff" to net_gateway, so it doesn't go to thru the VPN tunnel. I guess I misunderstood what that post on the DD-WRT forum was trying to do.