Passing Youtube traffic to OpenVPN

luniq · Oct 23, 2012, 10:37 AM

Hi guys,
It is my first post here :)
I am having problem using aliases to route all youtube traffic through openvpn, this is my Youtube alias list
youtube.com
googlevideo.com
In most page i couldnt get the video to load, the page load fine. I found that youtube have problem with multi wan which is the same problem that i am having right now. I'm guessing that there are more hostnames that should be put up there. Anyone has a better list of youtube hostnames? Or is there perhaps a better solution. I want to do this because a lot of music videos on youtube are blocked here in germany. I am a bit of a newbie with all this, just found this site 3 weeks ago so dont go too technical on me ;D

wallabybob · Oct 23, 2012, 8:33 PM

My name server returns a number of IP address for Youtube.com:

dig youtube.com

; <<>> DiG 9.6.-ESV-R5-P1 <<>> youtube.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18409
;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;youtube.com. IN A

;; ANSWER SECTION:
youtube.com. 299 IN A 74.125.237.110
youtube.com. 299 IN A 74.125.237.96
youtube.com. 299 IN A 74.125.237.97
youtube.com. 299 IN A 74.125.237.105
youtube.com. 299 IN A 74.125.237.103
youtube.com. 299 IN A 74.125.237.102
youtube.com. 299 IN A 74.125.237.104
youtube.com. 299 IN A 74.125.237.99
youtube.com. 299 IN A 74.125.237.98
youtube.com. 299 IN A 74.125.237.100
youtube.com. 299 IN A 74.125.237.101

;; Query time: 213 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Oct 24 06:12:37 2012
;; MSG SIZE rcvd: 205

It is possible your alias translated into only one of those IP addresses. It might be more effective to make your alias a subnet rather than IP address.

In what context did you use your alias? Maybe you should have a static route so your traffic to the youtube subnet goes over your VPN.

luniq · Oct 30, 2012, 6:45 PM

I have found a better solution for this problem, using squid instead of firewall rule. I did get success using firewall rules but I have to include every google and youtube ips I found in arin, not an ideal solution for me. Now I have set squid to use gateway of the vpn and firefox add on foxyproxy only to use the proxy for youtube and it works without a hitch :)

Here is how i do it if anyone needs to know
add this rule to floating rules
interface : vpn interface
direction : out
protocol : tcp/udp
source : any
destination : any
destination port : squid port
gateway : vpn gateway

in proxy server general setting
interface : lan and loopback
custom option : tcp_outgoing_address 127.0.0.1;

and you are good to go, set your browser to use the proxy and every traffic to the proxy will go through vpn gateway
I didnt make this soution but found it here in this forum, it is the same setting with proxy for multi wan.