bypass VPN for "login" sites. Is this feasible?

[trustissues 2]

I'm trying to bypass the VPN for popular "login" sites (personal banking, popular e-mail, etc), in order to "keep up appearances" I guess in case someone was interested in my browsing habits. This way those sites would not know I am connecting through a VPN nor should I have to to use them under normal circumstances.

 

Anyways, I've already gone through the trouble of allowing opendns to pre-connection, allowing these IP address connections through firewall (iptables), and even adding them to routing table to force through wlan instead of tun+ when connected, and can get it working with relative simplicity at this point. I find the IP address by using "host planejanesite.com" command.

 

The problem is that these sites seem to access just more than the one or two IP addresses for the login page. For each one I'm noticing about 5 or 6 and even sometimes many many more connections when using the session. I guess maybe I thought this would be simple enough, but am now wondering if it is even OK to tunnel all these addresses to the plain network? I'm assuming there are many tracking sites or other 3-rd party sites the service uses that being requested, even though I have ghostscript and addblock+ running. 

 

Do you think it's better to allow all connections these sites invoke, create separate browser or user-login to tunnel through somehow, or just log-off VPN completely when planning on using them.

 

IE - say I login to my bank, but the bank seems to have a service that displays or gives them information so they can run their site effectively from a user perspective (or just add-track maybe I am niaeeve). So I tunnel the banking website address through wlan, but then when connected to vpn the site will actually be connecting to other 3rd parties, and those would be routed through the vpn not wlan as I intend for the banking site. So essentailly your bank is direct connection but their 3rd parties could know you are accessing through VPN. I guess ISP knows you are connected to VPN anyways so does it really even matter that they invoke some access to VPN network?