i’d like to know how doable this might be, separating the host and one container. i have only one interface and only one gateway on that LAN. so i need to share. the host runs openvpn and the default route is through that one tunnel with the remote end routed directly for obvious reasons. i want to have the container default route to the local gateway so it does not use the vpn at all. this means both the host and container will use that interface and the local gateway.
i’m not opposed to using different IP addresses, but doing that will mean doing NAT somewhere since the wifi interface only gives one IP and enforces that.
i’m also thinking about a 2nd container running another openvpn to tunnel private IPs from an AWS EC2 VPC.
the existing tunnel is vtap over UDP on an obscure port.