2
1
I'm using Tunnelblick for Mac, and I was wondering if it's possible to only limit VPN traffic to be routed for certain domains / or if there's a different way to limit it. It slows down the rest of my connections pretty bad, but I feel like it shouldn't just be an all or nothing solution.
MrMaksimize
Posted 2011-05-10T14:40:26.840
Reputation: 121
2
VPN connections are located at the IP or TCP layer of the network stack. Domains are located at the application level. In consequence a VPN client such as tunnelblick cannot limit the traffic based on domains, as that concept is meaningless at the network level where tunnelblick works.
In order to do this you would have to look into using proxies, which can inspect the packets at the application layer and then make decisions on how to handle them.
Generally a slowdown would indicate that too much traffic is flowing over the VPN connection. This can happen if the VPN server is configured to route all traffic through the VPN instead of just the networks that you connect to. If you can post your routing table here, while connected to the VPN, then I can tell you more.
wolfgangsz
Posted 2011-05-10T14:40:26.840
Reputation: 229
0
the limitation should be done as network routes, and your administrator should mention the subnets that should be routed via the VPN connection in the server's configuration.
You can always change your the routing table using the route command.
smintz
Posted 2011-05-10T14:40:26.840
Reputation: 1 086
0
VPN access are amid at the IP or TCP band of the arrangement stack.
Domains are amid at the appliance level. In aftereffect a VPN applicant such as tunnelblick cannot absolute the cartage based on domains, as that concept is absurd at the arrangement akin area tunnelblick works.
In adjustment to do this you would accept to attending into appliance proxies, which can audit the packets at the appliance band and again accomplish decisions on how to handle them.
pure vpn
Posted 2011-05-10T14:40:26.840
Reputation: 1
-1
I don't believe there is a built-in mechanism in tunnelblick for doing this. You may be able to achieve some rate limiting using 'ipfw' using the destination networks to distinguish between VPNs or globally on VPN traffic. eg throttle bandwidth with ipfw
There is also an app called Speed Limit which may be of some use though I haven't used it for VPN traffic before.
Martin
Posted 2011-05-10T14:40:26.840
Reputation: 101
lol wolfie how do I get you the routing table? not sure what the command is.. :) – MrMaksimize – 2011-05-10T16:42:12.263
A command to view your route table is
netstat -r -n, the command to manipulate the table isroute. – Zoredache – 2011-05-10T16:55:53.957