Hi friends. I want to route youtube traffic over vpn connection. Please help.
Thanks
Sent from my C6833 using Tapatalk
please help
What exactly are you struggling with? This has two parts, first identify Youtube traffic, and then route it the right way. The latter is easy, you know how to route something (specific address you know) to other than default gateway, or not?
To properly identify Youtube traffic might be more complicated. Reliable way should be to take Google’s prefixes (e.g. from here), add route to them via VPN and that’s it. The problem is, as far as I know, they don’t have any strictly for Youtube, so you have to route all their services via VPN.
Other possible way would to use the new tls-host matcher to add addresses to address list and route them dynamically over VPN. For this, you’d need to find domains used by Youtube. From quick look, I see youtube.com, ytimg.com, ggpht.com, googlevideo.com (and subdomains for all). There might be others and anything can change any time.
Matchers on the traffic likely will not work, as probably his OpenVPN client has a different internet address than his other connection so
he has to identify the youtube traffic BEFORE making the connection. This makes this different than classifying traffic for priority etc.
It is probably impossible. But that is also because I consider solutions only valid when they work perfectly, and there cannot be a perfectly
working solution for this. However, it is possible to try. E.g. setting up dynamic address lists for the domains you mention and routing traffic
for those addresses differently. But of course it will make mistakes.
Sorry, I forgot to describe this part in detail. Looking for tls hostnames can work, but not perfectly. First connection will always fail, because it will use default gateway first, but as soon as the hostname is matched and destination address added to list, following packets will be routed via VPN. It of course won’t end well for given connection. But next one to same IP address will work correctly. So it’s definitely not for perfectionists, but can be good enough for some people.
Dynamic address list based on hostnames is probably impossible, I see names like r3---sn-2gb7sn7k.googlevideo.com and something tells me that there’s going to be endless variants.
Yes, those names usually re-occur a couple of times but not very often. All in all it is likely best to say “cannot be done”.