Policy Based Routing - DD-WRT

Solution 1:

Yes, I have an identical problem, and for exactly the same reason, lol. It would be much easier to use two routers, but alas, here we go.

1. Create a virtual interface of type macvlan on eth0, the gateway to the internet of your router.

2. Configure your OpenVPN client configuration to use the route-noexec option in the client.conf. According to the manual,

--route-noexec Don't add or remove routes automatically. Instead pass routes to --route-up script using environmental variables.

3. Setup a table for routing, which you will configure just like your OpenVPN would have configured it, except that you use the macvlan interface instead of eth0.

4. Configure the default routing table just like you would if there were no OpenVPN.

5. Setup the rules for choosing the routing table so that some pcs with fixed IPs use the routing table with OpenVPN, while the unspecified pc uses the default routing table.

You will have to use a macvlan virtual interface which is nothing but another address for your WAN interface, except it is endowed with a (fake) MAC address so that all traffic, including ARP, can be separated between eth0 and macvlan.

You can find a good intro to macvlans here, while in this OpenVPN forum post, which deals with a problem identical to yours, they suggest a good link, here, explaining source based routing.