Hi, this is my first post and I hope you can help me. First of all... thank you for all the useful information you write here guys : ) Well... my problem is very weird. Let me explain... I have a router on which I used to have DD-WRT until some days ago. I had my openvpn and everything worked fine. Just used the policies (in GUI) in order to make only some clients go through the VPN and Netflix had no problems whatsoever. Now for some reasons I've been using Tomato (1.28.0000 -3.5-140 K26ARM USB AIO-64K) and can't make it work anymore. Well... if I let everything go through the VPN, it works. If I use the routing policy only for one client (or for Netflix domains or both), I can access the American list... but when I start playing the movie, I see the famous problem... I don't have my ISP's DNS servers stored... I tried to set for instance 184.108.40.206 directly on my Mac but nothing changed. If I make a traceroute on port 53 using nmap... I do use the VPN! I can see it! If I do a dns leak test... it looks fine... I know that there are a lot of complicated things you guys talk about here (ipset, scripts and so on) but in this case I really think it is about one stupid rule but I don't understand what it is... I would like to make Netflix work on some specific clients... and if I could make it work on any client just using the domain instead of the IP, that'd be much better also XD Now... of course I'm going to have a look at your previous solutions (thank you Eibgrad for all your suggestions) but I really hope you can suggest something simple because this thing is really weird XD thanks p.s. I flushed the DNS cache on my Mac and tried to use an American DNS directly on my Mac (like 220.127.116.11) p.p.s. in my case, it doesn't even work if I set the VPN on my computer directly... and not even setting the internal 10.x.x.x vpn DNS works... (I told Tunnelblick to make everything go through the vpn but it doesn't work). It only works if I let everything from every client go through the vpn (when it's on Tomato) So: what is it that has been leaked? Because I don't know if it's really a DNS query!!!