One of the challenging parts about picking a VPN (virtual private networking) – if you’re new to the market and technology – is understanding some of the terms that VPN services use and how they affect users. One of the more confusing terms thrown around is “split tunneling” which often makes new users pause. What is split tunneling, and why does it matter when you’re online?
Don’t worry: It’s not a difficult concept once you learn what split tunneling refers to! In fact, it’s all about having more control over how your VPN service operates when you use it. Here’s everything you need to know about the technology and why it could matter to you.
The Concept of VPN Tunneling
Before we get to split tunneling, lets talk about the VPN technology of tunneling: This is what enables a VPN to protect user information and privacy, so it’s core to the use of a VPN.
A “tunnel” is basically a route that the VPN creates to pass information back and forth online, inside the internet connection that someone is using. Inside this tunnel, everything has an extra layer of encryption managed by the VPN. Every packet of data sent through this tunnel is encrypted according to the protocols the VPN is using (there are many different types of encryption that the VPN can choose to use for this project, with newer protocols providing better protection ).
The tunnel itself is mostly a concept, while this encryption is what does all the work of protecting data as it journeys to and from destinations on the internet. This tunnel is useful because it’s very complete – it encrypts data from the moment it is sent. This means that ISPs (internet service providers) and others are unable to analyze this data or tell where exactly it’s coming from.
Of course, a VPN offers many additional services based on this encryption, such as the ability to choose which server your connection is using, but tunneling is the central purpose of a VPN and you need to understand it before we move on!
The Addition of Split Tunneling
Now we come to the concept of split tunneling. In a normal VPN tunnel, all the data you move online is encrypted, no matter what – that’s the point! A VPN makes great efforts to avoid data leaks from data that is accidentally not encrypted.
But in split tunneling, a portion of the data is moved aside and sent outside the tunnel. That means that it is not encrypted, and can be seen by ISPs, websites, etc. Meanwhile, the other data is still sent through the VPN tunnel and encrypted as usual. Your internet connection is essentially split between encrypted and unencrypted data.
How does the VPN choose which data doesn’t use the tunnel? Users tell it what to do. A VPN that enables split tunneling includes a number of options to choose what “types” of data or what sites should not use the VPN. This type of selection and rule-creation can become very complex if users want to dig into the details!
When Split Tunneling is Used
At first, split tunneling may sound very strange to users. After all, if the goal of a VPN is to protect privacy by masking an entire connection, doesn’t split tunneling ruin the whole concept?
Well, that depends on what you are using a VPN for. Those who want complete protection and anonymity probably won’t want to use split tunneling. But for other purposes, this option can be very useful. Here are a few examples of when split tunneling can come in handy for those who use VPNs in their everyday lives.
- Speed up whitelisted sites: A VPN protects privacy, but it can slow your internet connection down depending on how you use it. This is one reason many VPNs offer split tunneling. Surfshark’s split tunneling with Whitelister lets you target specific apps and websites for use outside of the VPN to help speed them up, without the need to constantly turn your VPN on and off based on what you’re doing.
- Using two regional services at the same time: Suppose you want a VPN to say your location is in Canada to access specific streaming content, but you also want access to content only available in the United States, preferably at the same time. Split tunneling allows you to seamlessly use two different server locations so that this can be done.
- Online banking: Online banking portals already have great protection, for obvious reasons, so there isn’t much that a VPN can add here. Additionally, online banking security may flag your connection if it looks like it’s coming from an unusual place, so a VPN may event cause additional problems here.
- LAN device setups: Some LAN setups won’t work with a VPN, so split tunneling allows for VPN use while maintaining access to the LAN, which can be handy in many business situations and some home setups (for example, you may not be able to access a network printer when you are on a full VPN).
Risks of Split Tunneling
Split tunneling is not without its risks. Websites and ISPs can track your activity, which you may want to avoid for privacy reasons. If using a VPN or specific sites are banned in your country, split tunneling can be dangerous because it may open up ways for the government to track you more easily. In some situations (although this isn’t common), using split tunneling may use up more data than only using a VPN, too.
Different Types of Split Tunneling
There are also a couple other types of split tunneling worth mentioning to help avoid confusion when choosing the right settings or understanding how tunneling works.
- Inverse Split Tunneling: Inverse split tunneling is a setup up where most of your internet data exists outside the VPN by default, and you choose a few services or devices where the VPN is activated. Depending on how much or how often you use a VPN, inverse split tunneling may be more useful for your than normal split tunneling, and you should look for VPNs that allow this.
IPv6 Dual Stacking: This is a bit more complicated, but essentially the internet is in the process of switching IP address protocols from IPv4 to IPv6. Unfortunately, that means that right now both address options are supported, and sometimes you can’t pick just one. To manage this – especially for businesses and developers – a unique type of split tunneling has been developed that allows users to use both IPv4 and IPv6 at the same time, bypassing any issues.
Enabling Split Tunneling on Your Device
First, you need to find a VPN, like Surfshark, that includes split tunneling options. There are many different ways to offer split tunneling, and each VPN offers its own tools for setting up the option and choosing what content or devices are split from the VPN tunnel.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.