How to route specific traffic through OpenVPN?

2

I'm running a server at home with rtorrent and apache2. I would like to route my rtorrent traffic via OpenVPN and since im kinda new to OpenVPN and iptables i would like to have a user friendly guide.

What i've tried: I've been googling for 2 days on the subject but i havent found anything that could help me. I have tested the tunnel with openvpn and it routes my ip correct but heres the problem. Since i run a apache2 server it stops working (of course) when the tunnel is active.

What i want: I want the tunnel to be active but not to be default and that only rtorrent traffic should pass through it and last but not least that rtorrent ONLY should connect over VPN.

Anyone up for the task of teaching me?

junkyhlm

Posted 2012-12-12T09:38:24.703

Reputation: 89

Answers

1

I've managed to solve this with two main steps:

  1. Choose a service provider that uses TUN interface.
  2. A little bit more table routing

The Table routing

I've read the most useful howto over at http://lartc.org/howto/ and followed the provided steps there.

My setup is now two physical nic (eth0 and eth1) divided over three tables (main, T1 and T2). T1(eth1) routes the default stuff (apache2, ssh etc.) and T2(eth0) is just for rtorrent connections.

It works like a charm. So if you have the same issue read up over at lartc.org and the problem will be solved.

Note

I have not tried this config with TAP interface so I cannot say if it works or not.

junkyhlm

Posted 2012-12-12T09:38:24.703

Reputation: 89

0

It's an "advanced routing" issue.

These articles should help:

http://kindlund.wordpress.com/2007/11/19/configuring-multiple-default-routes-in-linux/

http://www.rjsystems.nl/en/2100-adv-routing.php

So basically you need to configure two routing tables, both with its own default route, and the rules that speficy which traffic uses which routing table.

In your case, you specify so that by default traffic uses the "normal" route, and "vpn" traffic coming from/to the vpn interface uses the "vpn" route. Then at rtorrent startup bind to an ip address that is with the vpn interface with the -b option.

You'll need to do the route table juggling each time after establishing the vpn.

If/when you get it working, be sure to leave the exact commands you used here!

Viljo Viitanen

Posted 2012-12-12T09:38:24.703

Reputation: 193

I've been trying and trying. I dont seem to have the technical knowledge to get this to work. I've posten the question on SU to. Hopefully someone can help me. – junkyhlm – 2012-12-21T08:03:33.703

I think i've got a workaround using two NIC's,the wordpress guide you mentioned and binding openvpn to the other NIC. I'm going to test this tonight and will post here if i'll succeeed. – junkyhlm – 2013-01-08T09:02:06.923

yesterday's fix did not work. I wasn't able to setup a vlan om the same subnet as my ethernet. so i'm back to square one. The good part is that i'm now quite good at create advanced routing tables :) – junkyhlm – 2013-01-09T14:13:17.407

Asked: 2012-12-12T09:38:24.703

Viewed: 6 111 times

Active: 2013-01-24T15:20:31.250