Have been combing through the forums and all I’m finding are unresolved threads about the fact that you can’t seem to tell plex which interface to bind to for external communications, which is problematic if you have an established VPN connection for other processes - That VPN will take over the default gateway and all internet -bound traffic and there’s no way to tell Plex to not use that interface.
While I have set up a custom URL for external access, and that works, every time the server checks for its connection, it does so on the utun0 interface instead of the bound interface specified in the config.
About the only other way to do this would be to have a comprehensive list of every IP the Plex server might access, and set up a route to override the default, and send it out the DG - but as soon as Plex adds/moves/changes one of those addresses, it breaks again.
For as common as asymmetric routing seems to be among Plex users, I’m a little surprised that this particular use case has still not been properly addressed despite the apparent hordes of users requesting it for many years.
PMS is a complex application with a number of interconnected components that open network connections; like most applications, it doesn’t provide a way to configure all of those components to bind to a specific local address. Like most applications, we assume that the route provided by the OS is suitable to reach the internet; we recommend that users configure their routing tables such that this assumption is accurate (this will be the default in nearly all cases).
If you need to configure routing for some applications in such a way that this assumption doesn’t hold, we recommend either isolating those applications in a network namespace (see ip-netns(8)), or configure rules specific to the relevant user accounts (see ip-rule(8), specifically the uidrange feature). If you must have the entire system configured this way, you can instead use either of those features to give the PMS process tree (or user account) normal routing.
Enumerating and excluding all of the IP addresses that Plex will contact doesn’t work. You can’t predict the IP addresses of any mobile or remote Plex clients.
There’s a “big hammer” way to get independent network namespaces -
Run the VPN and any “special routing” apps in a Docker/Container/Jail/VM
Run Plex in a different Docker/Container/Jail/VM (or computer)
