A couple of weeks have passed since my original post, but I am still in search of a solution.
If I have an OpenVPN tunnel running and "Redirect Internet traffic" set, all traffic from all VLANs goes down the tunnel as I would expect.
How can I cause traffic from one (or more) VLANs to go direct to the Internet though, NOT down the tunnel?
Or in the reverse situation, if Redirect is NOT set, so traffic does go directly to the Internet, how can I cause traffic from one VLAN only to be redirected to the tunnel?
I have come very close to getting this working using iproute2 and dual routing tables, but whatever I do seems to break the client DHCP on the VLAN.