Jun 6, 2014

Set routes to bypass some network traffics through Network Interface instead of VPN

I frequently need to connect to Lab machines via VPN (Virtual Private Network), but have to visit specific sites and use some services with enough bandwidth.
Routing net traffics through VPN and net card
For example, I use hinet.net ADSL at home and connect to LAB with VPN. I'd like to watch online TV from hichannel.hinet.net while using VPN. As we know that all network traffics are routed through VPN (the network qualify of my organization is really bad) then routed to hinet.net. Obviously, the qualify of TV streaming service gets worse through VPN. How can I work with VPN and enjoy smooth streaming services simultaneously? Just do following processes:
  1. Run CMD.EXE as Administrator
  2. C:\WINDOWS\system32>route add 202.39.0.0 mask 255.255.0.0 192.168.0.1 if 3 metric 50
Of course, you must apply root (administrator) permission to change routing table of your Windows host. Then, check the IP addresses of your target website services. In this example, I connected to hichannel.hinet.net and get its IP address (202.39.224.10) with "C:\> nslookup hichannel.hinet.net". When you are connecting to a website, a complete page service may send many requests to several sites at the same time. How to check?
  1. Press F12 in your browser (workable for Chrome and IE).
  2. Click/Monitor the Network requests to summarize connected hosts.
Analyze the HTTP traffics of a page request.
In this case, I found that "p8u.hinet.net" serves the streaming service and its IP is 202.39.225.216. Therefore, the target IPs are represented with a class B domain (202.39.0.0 mask 255.255.0.0).

My Wi-Fi net card get IP from Wi-Fi Access Point with gateway IP set to 192.168.0.1. That is the live streaming service should be routed through this gateway connected by Wi-Fi net card (if 3). "if" means "InterFace card" and "3" is the card number in my host at this time. The card number may be changed after reboot!
Intel(R) Dual Band Wireless-N 7260: IF number (3)
Finally, metric 50 is the routing priority number. Basically, you should route "intra IPs" with higher priority through VPN and route "public IPs" through net card with higher priority.

I wrote aforementioned routing command as a myroute.bat file, just execute the BAT as Administrator while I want to escape from connected VPN.
Posted by at
Labels: , , , ,

No comments :

Post a Comment

Subscribe to: Post Comments ( Atom )